Merge branch pull request #12 into aspeed-dev-v2019.04

Change-Id: I66c2fc09c21405c34f65d5be9e8c661e62bfae45

tpm: add support for TPMv2.x I2C chips

Add the tpm2_tis_i2c driver that should support any TPMv2 compliant
I2C chips, such as the NPCT75X chip.

Signed-off-by: Eddie James <eajames@linux.ibm.com>
Li

tpm: add support for TPMv2.x I2C chips

Add the tpm2_tis_i2c driver that should support any TPMv2 compliant
I2C chips, such as the NPCT75X chip.

Signed-off-by: Eddie James <eajames@linux.ibm.com>
Link: https://lore.kernel.org/r/20220513170715.43475-8-eajames@linux.ibm.com
Signed-off-by: Joel Stanley <joel@jms.id.au>

show more ...

tpm: make TPM_V2 be compiled by default

TPM_V1 was already compiled by default. Now that both can be compiled
at the same time, compiled them both by default.

Signed-off-by: Miquel Raynal <miquel.r

tpm: make TPM_V2 be compiled by default

TPM_V1 was already compiled by default. Now that both can be compiled
at the same time, compiled them both by default.

Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

show more ...

tpm: allow TPM v1 and v2 to be compiled at the same time

While there is probably no reason to do so in a real life situation, it
will allow to compile test both stacks with the same sandbox defconfi

tpm: allow TPM v1 and v2 to be compiled at the same time

While there is probably no reason to do so in a real life situation, it
will allow to compile test both stacks with the same sandbox defconfig.

As we cannot define two 'tpm' commands at the same time, the command for
TPM v1 is still called 'tpm' and the one for TPM v2 'tpm2'. While this
is the exact command name that must be written into eg. test files, any
user already using the TPM v2 stack can continue to do so by just writing
'tpm' because as long as TPM v1 support is not compiled, U-Boot prompt
will search for the closest command named after 'tpm'.

The command set can also be changed at runtime (not supported yet, but
ready to be), but as one can compile only either one stack or the other,
there is still one spot in the code where conditionals are used: to
retrieve the v1 or v2 command set.

Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
[trini: In sandbox_tpm2_fill_buf() use NULL not \0 to ensure NULL
terminated string due to LLVM warning]
Signed-off-by: Tom Rini <trini@konsulko.com>

show more ...

tpm: remove stale symbol in Kconfig

The TPM_DRIVER_SELECTED symbol was used in one of the initial series
about TPMv2 but its use has been dropped, making these selects
useless, remove them.

Signed-

tpm: remove stale symbol in Kconfig

The TPM_DRIVER_SELECTED symbol was used in one of the initial series
about TPMv2 but its use has been dropped, making these selects
useless, remove them.

Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

show more ...

tpm: compile Sandbox driver by default

When Sandbox and the TPM stack are both selected, compile Sandbox TPM
driver by default.

Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by:

tpm: compile Sandbox driver by default

When Sandbox and the TPM stack are both selected, compile Sandbox TPM
driver by default.

Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

show more ...

tpm: add a Sandbox TPMv2.x driver

This driver can emulate all the basic functionalities of a TPMv2.x
chip and should behave like them during regular testing.

Signed-off-by: Miquel Raynal <miquel.ra

tpm: add a Sandbox TPMv2.x driver

This driver can emulate all the basic functionalities of a TPMv2.x
chip and should behave like them during regular testing.

Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>

show more ...

tpm: add support for TPMv2.x SPI modules

Add the tpm2_tis_spi driver that should support any TPMv2 compliant
(SPI) module.

Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom

tpm: add support for TPMv2.x SPI modules

Add the tpm2_tis_spi driver that should support any TPMv2 compliant
(SPI) module.

Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

show more ...

tpm: disociate TPMv1.x specific and generic code

There are no changes in this commit but a new organization of the code
as follow.

* cmd/ directory:
> move existing code from cmd/tpm.c in c

tpm: disociate TPMv1.x specific and generic code

There are no changes in this commit but a new organization of the code
as follow.

* cmd/ directory:
> move existing code from cmd/tpm.c in cmd/tpm-common.c
> move specific code in cmd/tpm-v1.c
> create a specific header file with generic definitions for
commands only called cmd/tpm-user-utils.h

* lib/ directory:
> move existing code from lib/tpm.c in lib/tpm-common.c
> move specific code in lib/tpm-v1.c
> create a specific header file with generic definitions for
the library itself called lib/tpm-utils.h

* include/ directory:
> move existing code from include/tpm.h in include/tpm-common.h
> move specific code in include/tpm-v1.h

Code designated as 'common' is compiled if TPM are used. Code designated
as 'specific' is compiled only if the right specification has been
selected.

All files include tpm-common.h.
Files in cmd/ include tpm-user-utils.h.
Files in lib/ include tpm-utils.h.
Depending on the specification, files may include either (not both)
tpm-v1.h or tpm-v2.h.

Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
[trini: Fix a few more cases of tpm.h -> tpm-v1.h, some Kconfig logic]
Signed-off-by: Tom Rini <trini@konsulko.com>

show more ...

tpm: prepare introduction of TPMv2.x support in Kconfig

Because both major revisions are not compatible at all, let's make them
mutually exclusive in Kconfig. This way we will be sure, when using a

tpm: prepare introduction of TPMv2.x support in Kconfig

Because both major revisions are not compatible at all, let's make them
mutually exclusive in Kconfig. This way we will be sure, when using a
command or a library function that it is supported by the right
revision.

Current drivers are currently prefixed by "tpm_", we will prefix TPMv2.x
files by "tpm2_" to make the distinction without moving everything.

The Kconfig menu about TPM drivers is now divided into two sections, one
for each specification. Compliant drivers with one specification will
only show up if this specification _only_ has been selected, otherwise a
comment is displayed.

Once a driver is selected by the user, it selects automatically a
boolean value, that is needed in order to activate the TPM commands.
Selecting the TPM commands will automatically select the right
command/library files.

Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
[trini: Rework deps as TPM_V1 and TPM_V2 depend on TPM,
drop TPM_DRIVER_SELECTED]
Signed-off-by: Tom Rini <trini@konsulko.com>

show more ...

Merge git://git.denx.de/u-boot-dm

lib: tpm: Add command to list resources

It is sometimes convenient to know how many and/or which resources are
currently loaded into a TPG, e.g. to test is a flush operation succeeded.

Hence, we ad

lib: tpm: Add command to list resources

It is sometimes convenient to know how many and/or which resources are
currently loaded into a TPG, e.g. to test is a flush operation succeeded.

Hence, we add a command that lists the resources of a given type currently
loaded into the TPM.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Simon Glass <sjg@chromium.org>

show more ...

tpm: Add function to load keys via their parent's SHA1 hash

If we want to load a key into a TPM, we need to know the designated parent
key's handle, so that the TPM is able to insert the key at the

tpm: Add function to load keys via their parent's SHA1 hash

If we want to load a key into a TPM, we need to know the designated parent
key's handle, so that the TPM is able to insert the key at the correct place in
the key hierarchy.

However, if we want to load a key whose designated parent key we also
previously loaded ourselves, we first need to memorize this parent key's handle
(since the handles for the key are chosen at random when they are inserted into
the TPM). If we are, however, unable to do so, for example if the parent key is
loaded into the TPM during production, and its child key during the actual
boot, we must find a different mechanism to identify the parent key.

To solve this problem, we add a function that allows U-Boot to load a key into
the TPM using their designated parent key's SHA1 hash, and the corresponding
auth data.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Simon Glass <sjg@chromium.org>

show more ...

Merge git://www.denx.de/git/u-boot-marvell

lib: tpm: Add command to flush resources

This patch adds a function to the TPM library, which allows U-Boot to
flush resources, e.g. keys, from the TPM.

Signed-off-by: Mario Six <mario.six@gdsys.cc

lib: tpm: Add command to flush resources

This patch adds a function to the TPM library, which allows U-Boot to
flush resources, e.g. keys, from the TPM.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Stefan Roese <sr@denx.de>

show more ...

Merge branch 'master' of git://git.denx.de/u-boot-atmel

tpm: atmel_twi: Make compatible with DM I2C busses

Commit 302c5db ("dm: tpm: Add Driver Model support for tpm_atmel_twi
driver") converted the Atmel TWI TPM driver itself to driver model, but
kept t

tpm: atmel_twi: Make compatible with DM I2C busses

Commit 302c5db ("dm: tpm: Add Driver Model support for tpm_atmel_twi
driver") converted the Atmel TWI TPM driver itself to driver model, but
kept the legacy-style i2c_write/i2c_read calls.

Commit 3e7d940 ("dm: tpm: Every TPM drivers should depends on DM_TPM")
then made DM_I2C a dependency of the driver, effectively forcing users
to turn on CONFIG_DM_I2C_COMPAT to get it to work.

This patch adds the necessary dm_i2c_write/dm_i2c_read calls to make the
driver compatible with DM, but also keeps the legacy calls in ifdefs, so
that the driver is now compatible with both DM and non-DM setups.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Andreas Bießmann <andreas@biessmann.org>

show more ...

Merge git://git.denx.de/u-boot-dm

tpm: st33zp24: Add tpm st33zp24 spi support

Add support for TPM ST33ZP24 spi.

The ST33ZP24 does have a spi interface.
The transport protocol is proprietary.

For spi we are relying only on DM_SPI.

tpm: st33zp24: Add tpm st33zp24 spi support

Add support for TPM ST33ZP24 spi.

The ST33ZP24 does have a spi interface.
The transport protocol is proprietary.

For spi we are relying only on DM_SPI.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>

show more ...

tpm: st33zp24: Add tpm st33zp24 support with i2c

Add support for TPM ST33ZP24 family with i2c.

For i2c we are relying only on DM_I2C.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Chr

tpm: st33zp24: Add tpm st33zp24 support with i2c

Add support for TPM ST33ZP24 family with i2c.

For i2c we are relying only on DM_I2C.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>

show more ...

tpm: tpm_tis_lpc: fix typo

TPM_TIS_LPC is connected to the LPC bus, not I2C.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>

Merge branch 'master' of git://git.denx.de/u-boot

Merge git://git.denx.de/u-boot-dm

dm: tpm: Drop CONFIG_DM_TPM

Now that all TPM drivers use driver model, we can drop the special driver
model CONFIG option.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Christophe Ricard<

dm: tpm: Drop CONFIG_DM_TPM

Now that all TPM drivers use driver model, we can drop the special driver
model CONFIG option.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Christophe Ricard<christophe-h.ricard@st.com>

show more ...

dm: tpm: Every TPM drivers should depends on DM_TPM

Every TPM drivers should now depends on DM_TPM and not only TPM.

Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Tom R

dm: tpm: Every TPM drivers should depends on DM_TPM

Every TPM drivers should now depends on DM_TPM and not only TPM.

Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Acked-by: Simon Glass <sjg@chromium.org>

show more ...