1/* SPDX-License-Identifier: GPL-2.0+ */
2/*
3 * Copyright (c) 2013 The Chromium OS Authors.
4 * Coypright (c) 2013 Guntermann & Drunck GmbH
5 */
6
7#ifndef __TPM_V1_H
8#define __TPM_V1_H
9
10#include <tpm-common.h>
11#include <linux/bitops.h>
12
13struct udevice;
14
15/* Useful constants */
16enum {
17	TPM_REQUEST_HEADER_LENGTH	= 10,
18	TPM_RESPONSE_HEADER_LENGTH	= 10,
19	PCR_DIGEST_LENGTH		= 20,
20	DIGEST_LENGTH			= 20,
21	TPM_REQUEST_AUTH_LENGTH		= 45,
22	TPM_RESPONSE_AUTH_LENGTH	= 41,
23	/* some max lengths, valid for RSA keys <= 2048 bits */
24	TPM_KEY12_MAX_LENGTH		= 618,
25	TPM_PUBKEY_MAX_LENGTH		= 288,
26};
27
28enum tpm_startup_type {
29	TPM_ST_CLEAR		= 0x0001,
30	TPM_ST_STATE		= 0x0002,
31	TPM_ST_DEACTIVATED	= 0x0003,
32};
33
34enum tpm_physical_presence {
35	TPM_PHYSICAL_PRESENCE_HW_DISABLE	= 0x0200,
36	TPM_PHYSICAL_PRESENCE_CMD_DISABLE	= 0x0100,
37	TPM_PHYSICAL_PRESENCE_LIFETIME_LOCK	= 0x0080,
38	TPM_PHYSICAL_PRESENCE_HW_ENABLE		= 0x0040,
39	TPM_PHYSICAL_PRESENCE_CMD_ENABLE	= 0x0020,
40	TPM_PHYSICAL_PRESENCE_NOTPRESENT	= 0x0010,
41	TPM_PHYSICAL_PRESENCE_PRESENT		= 0x0008,
42	TPM_PHYSICAL_PRESENCE_LOCK		= 0x0004,
43};
44
45enum tpm_nv_index {
46	TPM_NV_INDEX_LOCK	= 0xffffffff,
47	TPM_NV_INDEX_0		= 0x00000000,
48	TPM_NV_INDEX_DIR	= 0x10000001,
49};
50
51enum tpm_resource_type {
52	TPM_RT_KEY	= 0x00000001,
53	TPM_RT_AUTH	= 0x00000002,
54	TPM_RT_HASH	= 0x00000003,
55	TPM_RT_TRANS	= 0x00000004,
56	TPM_RT_CONTEXT	= 0x00000005,
57	TPM_RT_COUNTER	= 0x00000006,
58	TPM_RT_DELEGATE	= 0x00000007,
59	TPM_RT_DAA_TPM	= 0x00000008,
60	TPM_RT_DAA_V0	= 0x00000009,
61	TPM_RT_DAA_V1	= 0x0000000A,
62};
63
64enum tpm_capability_areas {
65	TPM_CAP_ORD		= 0x00000001,
66	TPM_CAP_ALG		= 0x00000002,
67	TPM_CAP_PID		= 0x00000003,
68	TPM_CAP_FLAG		= 0x00000004,
69	TPM_CAP_PROPERTY	= 0x00000005,
70	TPM_CAP_VERSION		= 0x00000006,
71	TPM_CAP_KEY_HANDLE	= 0x00000007,
72	TPM_CAP_CHECK_LOADED	= 0x00000008,
73	TPM_CAP_SYM_MODE	= 0x00000009,
74	TPM_CAP_KEY_STATUS	= 0x0000000C,
75	TPM_CAP_NV_LIST		= 0x0000000D,
76	TPM_CAP_MFR		= 0x00000010,
77	TPM_CAP_NV_INDEX	= 0x00000011,
78	TPM_CAP_TRANS_ALG	= 0x00000012,
79	TPM_CAP_HANDLE		= 0x00000014,
80	TPM_CAP_TRANS_ES	= 0x00000015,
81	TPM_CAP_AUTH_ENCRYPT	= 0x00000017,
82	TPM_CAP_SELECT_SIZE	= 0x00000018,
83	TPM_CAP_DA_LOGIC	= 0x00000019,
84	TPM_CAP_VERSION_VAL	= 0x0000001A,
85};
86
87enum tmp_cap_flag {
88	TPM_CAP_FLAG_PERMANENT	= 0x108,
89};
90
91#define TPM_TAG_PERMANENT_FLAGS		0x001f
92
93#define TPM_NV_PER_GLOBALLOCK		BIT(15)
94#define TPM_NV_PER_PPREAD		BIT(16)
95#define TPM_NV_PER_PPWRITE		BIT(0)
96#define TPM_NV_PER_READ_STCLEAR		BIT(31)
97#define TPM_NV_PER_WRITE_STCLEAR	BIT(14)
98#define TPM_NV_PER_WRITEDEFINE		BIT(13)
99#define TPM_NV_PER_WRITEALL		BIT(12)
100
101enum {
102	TPM_PUBEK_SIZE			= 256,
103};
104
105enum {
106	TPM_CMD_EXTEND			= 0x14,
107	TPM_CMD_GET_CAPABILITY		= 0x65,
108	TPM_CMD_NV_DEFINE_SPACE		= 0xcc,
109	TPM_CMD_NV_WRITE_VALUE		= 0xcd,
110	TPM_CMD_NV_READ_VALUE		= 0xcf,
111};
112
113/**
114 * TPM return codes as defined in the TCG Main specification
115 * (TPM Main Part 2 Structures; Specification version 1.2)
116 */
117enum tpm_return_code {
118	TPM_BASE	= 0x00000000,
119	TPM_NON_FATAL	= 0x00000800,
120	TPM_SUCCESS	= TPM_BASE,
121	/* TPM-defined fatal error codes */
122	TPM_AUTHFAIL			= TPM_BASE +  1,
123	TPM_BADINDEX			= TPM_BASE +  2,
124	TPM_BAD_PARAMETER		= TPM_BASE +  3,
125	TPM_AUDITFAILURE		= TPM_BASE +  4,
126	TPM_CLEAR_DISABLED		= TPM_BASE +  5,
127	TPM_DEACTIVATED			= TPM_BASE +  6,
128	TPM_DISABLED			= TPM_BASE +  7,
129	TPM_DISABLED_CMD		= TPM_BASE +  8,
130	TPM_FAIL			= TPM_BASE +  9,
131	TPM_BAD_ORDINAL			= TPM_BASE + 10,
132	TPM_INSTALL_DISABLED		= TPM_BASE + 11,
133	TPM_INVALID_KEYHANDLE		= TPM_BASE + 12,
134	TPM_KEYNOTFOUND			= TPM_BASE + 13,
135	TPM_INAPPROPRIATE_ENC		= TPM_BASE + 14,
136	TPM_MIGRATE_FAIL		= TPM_BASE + 15,
137	TPM_INVALID_PCR_INFO		= TPM_BASE + 16,
138	TPM_NOSPACE			= TPM_BASE + 17,
139	TPM_NOSRK			= TPM_BASE + 18,
140	TPM_NOTSEALED_BLOB		= TPM_BASE + 19,
141	TPM_OWNER_SET			= TPM_BASE + 20,
142	TPM_RESOURCES			= TPM_BASE + 21,
143	TPM_SHORTRANDOM			= TPM_BASE + 22,
144	TPM_SIZE			= TPM_BASE + 23,
145	TPM_WRONGPCRVAL			= TPM_BASE + 24,
146	TPM_BAD_PARAM_SIZE		= TPM_BASE + 25,
147	TPM_SHA_THREAD			= TPM_BASE + 26,
148	TPM_SHA_ERROR			= TPM_BASE + 27,
149	TPM_FAILEDSELFTEST		= TPM_BASE + 28,
150	TPM_AUTH2FAIL			= TPM_BASE + 29,
151	TPM_BADTAG			= TPM_BASE + 30,
152	TPM_IOERROR			= TPM_BASE + 31,
153	TPM_ENCRYPT_ERROR		= TPM_BASE + 32,
154	TPM_DECRYPT_ERROR		= TPM_BASE + 33,
155	TPM_INVALID_AUTHHANDLE		= TPM_BASE + 34,
156	TPM_NO_ENDORSEMENT		= TPM_BASE + 35,
157	TPM_INVALID_KEYUSAGE		= TPM_BASE + 36,
158	TPM_WRONG_ENTITYTYPE		= TPM_BASE + 37,
159	TPM_INVALID_POSTINIT		= TPM_BASE + 38,
160	TPM_INAPPROPRIATE_SIG		= TPM_BASE + 39,
161	TPM_BAD_KEY_PROPERTY		= TPM_BASE + 40,
162	TPM_BAD_MIGRATION		= TPM_BASE + 41,
163	TPM_BAD_SCHEME			= TPM_BASE + 42,
164	TPM_BAD_DATASIZE		= TPM_BASE + 43,
165	TPM_BAD_MODE			= TPM_BASE + 44,
166	TPM_BAD_PRESENCE		= TPM_BASE + 45,
167	TPM_BAD_VERSION			= TPM_BASE + 46,
168	TPM_NO_WRAP_TRANSPORT		= TPM_BASE + 47,
169	TPM_AUDITFAIL_UNSUCCESSFUL	= TPM_BASE + 48,
170	TPM_AUDITFAIL_SUCCESSFUL	= TPM_BASE + 49,
171	TPM_NOTRESETABLE		= TPM_BASE + 50,
172	TPM_NOTLOCAL			= TPM_BASE + 51,
173	TPM_BAD_TYPE			= TPM_BASE + 52,
174	TPM_INVALID_RESOURCE		= TPM_BASE + 53,
175	TPM_NOTFIPS			= TPM_BASE + 54,
176	TPM_INVALID_FAMILY		= TPM_BASE + 55,
177	TPM_NO_NV_PERMISSION		= TPM_BASE + 56,
178	TPM_REQUIRES_SIGN		= TPM_BASE + 57,
179	TPM_KEY_NOTSUPPORTED		= TPM_BASE + 58,
180	TPM_AUTH_CONFLICT		= TPM_BASE + 59,
181	TPM_AREA_LOCKED			= TPM_BASE + 60,
182	TPM_BAD_LOCALITY		= TPM_BASE + 61,
183	TPM_READ_ONLY			= TPM_BASE + 62,
184	TPM_PER_NOWRITE			= TPM_BASE + 63,
185	TPM_FAMILY_COUNT		= TPM_BASE + 64,
186	TPM_WRITE_LOCKED		= TPM_BASE + 65,
187	TPM_BAD_ATTRIBUTES		= TPM_BASE + 66,
188	TPM_INVALID_STRUCTURE		= TPM_BASE + 67,
189	TPM_KEY_OWNER_CONTROL		= TPM_BASE + 68,
190	TPM_BAD_COUNTER			= TPM_BASE + 69,
191	TPM_NOT_FULLWRITE		= TPM_BASE + 70,
192	TPM_CONTEXT_GAP			= TPM_BASE + 71,
193	TPM_MAXNVWRITES			= TPM_BASE + 72,
194	TPM_NOOPERATOR			= TPM_BASE + 73,
195	TPM_RESOURCEMISSING		= TPM_BASE + 74,
196	TPM_DELEGATE_LOCK		= TPM_BASE + 75,
197	TPM_DELEGATE_FAMILY		= TPM_BASE + 76,
198	TPM_DELEGATE_ADMIN		= TPM_BASE + 77,
199	TPM_TRANSPORT_NOTEXCLUSIVE	= TPM_BASE + 78,
200	TPM_OWNER_CONTROL		= TPM_BASE + 79,
201	TPM_DAA_RESOURCES		= TPM_BASE + 80,
202	TPM_DAA_INPUT_DATA0		= TPM_BASE + 81,
203	TPM_DAA_INPUT_DATA1		= TPM_BASE + 82,
204	TPM_DAA_ISSUER_SETTINGS		= TPM_BASE + 83,
205	TPM_DAA_TPM_SETTINGS		= TPM_BASE + 84,
206	TPM_DAA_STAGE			= TPM_BASE + 85,
207	TPM_DAA_ISSUER_VALIDITY		= TPM_BASE + 86,
208	TPM_DAA_WRONG_W			= TPM_BASE + 87,
209	TPM_BAD_HANDLE			= TPM_BASE + 88,
210	TPM_BAD_DELEGATE		= TPM_BASE + 89,
211	TPM_BADCONTEXT			= TPM_BASE + 90,
212	TPM_TOOMANYCONTEXTS		= TPM_BASE + 91,
213	TPM_MA_TICKET_SIGNATURE		= TPM_BASE + 92,
214	TPM_MA_DESTINATION		= TPM_BASE + 93,
215	TPM_MA_SOURCE			= TPM_BASE + 94,
216	TPM_MA_AUTHORITY		= TPM_BASE + 95,
217	TPM_PERMANENTEK			= TPM_BASE + 97,
218	TPM_BAD_SIGNATURE		= TPM_BASE + 98,
219	TPM_NOCONTEXTSPACE		= TPM_BASE + 99,
220	/* TPM-defined non-fatal errors */
221	TPM_RETRY		= TPM_BASE + TPM_NON_FATAL,
222	TPM_NEEDS_SELFTEST	= TPM_BASE + TPM_NON_FATAL + 1,
223	TPM_DOING_SELFTEST	= TPM_BASE + TPM_NON_FATAL + 2,
224	TPM_DEFEND_LOCK_RUNNING	= TPM_BASE + TPM_NON_FATAL + 3,
225};
226
227struct tpm_permanent_flags {
228	__be16	tag;
229	u8	disable;
230	u8	ownership;
231	u8	deactivated;
232	u8	read_pubek;
233	u8	disable_owner_clear;
234	u8	allow_maintenance;
235	u8	physical_presence_lifetime_lock;
236	u8	physical_presence_hw_enable;
237	u8	physical_presence_cmd_enable;
238	u8	cekp_used;
239	u8	tpm_post;
240	u8	tpm_post_lock;
241	u8	fips;
242	u8	operator;
243	u8	enable_revoke_ek;
244	u8	nv_locked;
245	u8	read_srk_pub;
246	u8	tpm_established;
247	u8	maintenance_done;
248	u8	disable_full_da_logic_info;
249} __packed;
250
251#define TPM_SHA1_160_HASH_LEN	0x14
252
253struct __packed tpm_composite_hash {
254	u8	digest[TPM_SHA1_160_HASH_LEN];
255};
256
257struct __packed tpm_pcr_selection {
258	__be16	size_of_select;
259	u8	pcr_select[3];	/* matches vboot's struct */
260};
261
262struct __packed tpm_pcr_info_short {
263	struct tpm_pcr_selection pcr_selection;
264	u8	locality_at_release;
265	struct tpm_composite_hash digest_at_release;
266};
267
268struct __packed tpm_nv_attributes {
269	__be16	tag;
270	__be32	attributes;
271};
272
273struct __packed tpm_nv_data_public {
274	__be16	tag;
275	__be32	nv_index;
276	struct tpm_pcr_info_short pcr_info_read;
277	struct tpm_pcr_info_short pcr_info_write;
278	struct tpm_nv_attributes permission;
279	u8	read_st_clear;
280	u8	write_st_clear;
281	u8	write_define;
282	__be32	data_size;
283};
284
285/**
286 * Issue a TPM_Startup command.
287 *
288 * @param dev		TPM device
289 * @param mode		TPM startup mode
290 * Return: return code of the operation
291 */
292u32 tpm1_startup(struct udevice *dev, enum tpm_startup_type mode);
293
294/**
295 * Issue a TPM_SelfTestFull command.
296 *
297 * @param dev		TPM device
298 * Return: return code of the operation
299 */
300u32 tpm1_self_test_full(struct udevice *dev);
301
302/**
303 * Issue a TPM_ContinueSelfTest command.
304 *
305 * @param dev		TPM device
306 * Return: return code of the operation
307 */
308u32 tpm1_continue_self_test(struct udevice *dev);
309
310/**
311 * Issue a TPM_NV_DefineSpace command.  The implementation is limited
312 * to specify TPM_NV_ATTRIBUTES and size of the area.  The area index
313 * could be one of the special value listed in enum tpm_nv_index.
314 *
315 * @param dev		TPM device
316 * @param index		index of the area
317 * @param perm		TPM_NV_ATTRIBUTES of the area
318 * @param size		size of the area
319 * Return: return code of the operation
320 */
321u32 tpm1_nv_define_space(struct udevice *dev, u32 index, u32 perm, u32 size);
322
323/**
324 * Issue a TPM_NV_ReadValue command.  This implementation is limited
325 * to read the area from offset 0.  The area index could be one of
326 * the special value listed in enum tpm_nv_index.
327 *
328 * @param dev		TPM device
329 * @param index		index of the area
330 * @param data		output buffer of the area contents
331 * @param count		size of output buffer
332 * Return: return code of the operation
333 */
334u32 tpm1_nv_read_value(struct udevice *dev, u32 index, void *data, u32 count);
335
336/**
337 * Issue a TPM_NV_WriteValue command.  This implementation is limited
338 * to write the area from offset 0.  The area index could be one of
339 * the special value listed in enum tpm_nv_index.
340 *
341 * @param dev		TPM device
342 * @param index		index of the area
343 * @param data		input buffer to be wrote to the area
344 * @param length	length of data bytes of input buffer
345 * Return: return code of the operation
346 */
347u32 tpm1_nv_write_value(struct udevice *dev, u32 index, const void *data,
348			u32 length);
349
350/**
351 * Issue a TPM_Extend command.
352 *
353 * @param dev		TPM device
354 * @param index		index of the PCR
355 * @param in_digest	160-bit value representing the event to be
356 *			recorded
357 * @param out_digest	160-bit PCR value after execution of the
358 *			command
359 * Return: return code of the operation
360 */
361u32 tpm1_extend(struct udevice *dev, u32 index, const void *in_digest,
362		void *out_digest);
363
364/**
365 * Issue a TPM_PCRRead command.
366 *
367 * @param dev		TPM device
368 * @param index		index of the PCR
369 * @param data		output buffer for contents of the named PCR
370 * @param count		size of output buffer
371 * Return: return code of the operation
372 */
373u32 tpm1_pcr_read(struct udevice *dev, u32 index, void *data, size_t count);
374
375/**
376 * Issue a TSC_PhysicalPresence command.  TPM physical presence flag
377 * is bit-wise OR'ed of flags listed in enum tpm_physical_presence.
378 *
379 * @param dev		TPM device
380 * @param presence	TPM physical presence flag
381 * Return: return code of the operation
382 */
383u32 tpm1_tsc_physical_presence(struct udevice *dev, u16 presence);
384
385/**
386 * Issue a TPM_ReadPubek command.
387 *
388 * @param dev		TPM device
389 * @param data		output buffer for the public endorsement key
390 * @param count		size of output buffer
391 * Return: return code of the operation
392 */
393u32 tpm1_read_pubek(struct udevice *dev, void *data, size_t count);
394
395/**
396 * Issue a TPM_ForceClear command.
397 *
398 * @param dev		TPM device
399 * Return: return code of the operation
400 */
401u32 tpm1_force_clear(struct udevice *dev);
402
403/**
404 * Issue a TPM_PhysicalEnable command.
405 *
406 * @param dev		TPM device
407 * Return: return code of the operation
408 */
409u32 tpm1_physical_enable(struct udevice *dev);
410
411/**
412 * Issue a TPM_PhysicalDisable command.
413 *
414 * @param dev		TPM device
415 * Return: return code of the operation
416 */
417u32 tpm1_physical_disable(struct udevice *dev);
418
419/**
420 * Issue a TPM_PhysicalSetDeactivated command.
421 *
422 * @param dev		TPM device
423 * @param state		boolean state of the deactivated flag
424 * Return: return code of the operation
425 */
426u32 tpm1_physical_set_deactivated(struct udevice *dev, u8 state);
427
428/**
429 * Issue a TPM_GetCapability command.  This implementation is limited
430 * to query sub_cap index that is 4-byte wide.
431 *
432 * @param dev		TPM device
433 * @param cap_area	partition of capabilities
434 * @param sub_cap	further definition of capability, which is
435 *			limited to be 4-byte wide
436 * @param cap		output buffer for capability information
437 * @param count		size of output buffer
438 * Return: return code of the operation
439 */
440u32 tpm1_get_capability(struct udevice *dev, u32 cap_area, u32 sub_cap,
441			void *cap, size_t count);
442
443/**
444 * Issue a TPM_FlushSpecific command for a AUTH resource.
445 *
446 * @param dev		TPM device
447 * @param auth_handle	handle of the auth session
448 * Return: return code of the operation
449 */
450u32 tpm1_terminate_auth_session(struct udevice *dev, u32 auth_handle);
451
452/**
453 * Issue a TPM_OIAP command to setup an object independent authorization
454 * session.
455 * Information about the session is stored internally.
456 * If there was already an OIAP session active it is terminated and a new
457 * session is set up.
458 *
459 * @param dev		TPM device
460 * @param auth_handle	pointer to the (new) auth handle or NULL.
461 * Return: return code of the operation
462 */
463u32 tpm1_oiap(struct udevice *dev, u32 *auth_handle);
464
465/**
466 * Ends an active OIAP session.
467 *
468 * @param dev		TPM device
469 * Return: return code of the operation
470 */
471u32 tpm1_end_oiap(struct udevice *dev);
472
473/**
474 * Issue a TPM_LoadKey2 (Auth1) command using an OIAP session for authenticating
475 * the usage of the parent key.
476 *
477 * @param dev		TPM device
478 * @param parent_handle	handle of the parent key.
479 * @param key		pointer to the key structure (TPM_KEY or TPM_KEY12).
480 * @param key_length	size of the key structure
481 * @param parent_key_usage_auth	usage auth for the parent key
482 * @param key_handle	pointer to the key handle
483 * Return: return code of the operation
484 */
485u32 tpm1_load_key2_oiap(struct udevice *dev, u32 parent_handle, const void *key,
486			size_t key_length, const void *parent_key_usage_auth,
487			u32 *key_handle);
488
489/**
490 * Issue a TPM_GetPubKey (Auth1) command using an OIAP session for
491 * authenticating the usage of the key.
492 *
493 * @param dev		TPM device
494 * @param key_handle	handle of the key
495 * @param usage_auth	usage auth for the key
496 * @param pubkey	pointer to the pub key buffer; may be NULL if the pubkey
497 *			should not be stored.
498 * @param pubkey_len	pointer to the pub key buffer len. On entry: the size of
499 *			the provided pubkey buffer. On successful exit: the size
500 *			of the stored TPM_PUBKEY structure (iff pubkey != NULL).
501 * Return: return code of the operation
502 */
503u32 tpm1_get_pub_key_oiap(struct udevice *dev, u32 key_handle,
504			  const void *usage_auth, void *pubkey,
505			  size_t *pubkey_len);
506
507/**
508 * Get the TPM permanent flags value
509 *
510 * @param dev		TPM device
511 * @param pflags	Place to put permanent flags
512 * Return: return code of the operation
513 */
514u32 tpm1_get_permanent_flags(struct udevice *dev,
515			     struct tpm_permanent_flags *pflags);
516
517/**
518 * Get the TPM permissions
519 *
520 * @param dev		TPM device
521 * @param perm		Returns permissions value
522 * Return: return code of the operation
523 */
524u32 tpm1_get_permissions(struct udevice *dev, u32 index, u32 *perm);
525
526/**
527 * Flush a resource with a given handle and type from the TPM
528 *
529 * @param dev		TPM device
530 * @param key_handle           handle of the resource
531 * @param resource_type                type of the resource
532 * Return: return code of the operation
533 */
534u32 tpm1_flush_specific(struct udevice *dev, u32 key_handle, u32 resource_type);
535
536#ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1
537/**
538 * Search for a key by usage AuthData and the hash of the parent's pub key.
539 *
540 * @param dev		TPM device
541 * @param auth	        Usage auth of the key to search for
542 * @param pubkey_digest	SHA1 hash of the pub key structure of the key
543 * @param[out] handle	The handle of the key (Non-null iff found)
544 * Return: 0 if key was found in TPM; != 0 if not.
545 */
546u32 tpm1_find_key_sha1(struct udevice *dev, const u8 auth[20],
547		       const u8 pubkey_digest[20], u32 *handle);
548#endif /* CONFIG_TPM_LOAD_KEY_BY_SHA1 */
549
550/**
551 * Read random bytes from the TPM RNG. The implementation deals with the fact
552 * that the TPM may legally return fewer bytes than requested by retrying
553 * until @p count bytes have been received.
554 *
555 * @param dev		TPM device
556 * @param data		output buffer for the random bytes
557 * @param count		size of output buffer
558 * Return: return code of the operation
559 */
560u32 tpm1_get_random(struct udevice *dev, void *data, u32 count);
561
562/**
563 * tpm_finalise_physical_presence() - Finalise physical presence
564 *
565 * @param dev		TPM device
566 * Return: return code of the operation (0 = success)
567 */
568u32 tpm1_finalise_physical_presence(struct udevice *dev);
569
570/**
571 * tpm_nv_enable_locking() - lock the non-volatile space
572 *
573 * @param dev		TPM device
574 * Return: return code of the operation (0 = success)
575 */
576u32 tpm1_nv_set_locked(struct udevice *dev);
577
578/**
579 * tpm_set_global_lock() - set the global lock
580 *
581 * @param dev		TPM device
582 * Return: return code of the operation (0 = success)
583 */
584u32 tpm_set_global_lock(struct udevice *dev);
585
586/**
587 * tpm_resume() - start up the TPM from resume (after suspend)
588 *
589 * @param dev		TPM device
590 * Return: return code of the operation (0 = success)
591 */
592u32 tpm1_resume(struct udevice *dev);
593
594/**
595 * tpm1_auto_start() - start up the TPM
596 *
597 * This does not do a self test.
598 *
599 * @dev		TPM device
600 * Return: TPM2_RC_SUCCESS, on success, or when the TPM returns
601 * TPM_INVALID_POSTINIT; TPM_FAILEDSELFTEST, if the TPM is in failure state
602 */
603u32 tpm1_auto_start(struct udevice *dev);
604
605#endif /* __TPM_V1_H */
606