1d677bfe2SMiquel Raynal // SPDX-License-Identifier: GPL-2.0+ 2d677bfe2SMiquel Raynal /* 3d677bfe2SMiquel Raynal * Copyright (c) 2013 The Chromium OS Authors. 4d677bfe2SMiquel Raynal */ 5d677bfe2SMiquel Raynal 6d677bfe2SMiquel Raynal #include <common.h> 7d677bfe2SMiquel Raynal #include <malloc.h> 8d677bfe2SMiquel Raynal #include <asm/unaligned.h> 9d677bfe2SMiquel Raynal #include <tpm-common.h> 10d677bfe2SMiquel Raynal #include <tpm-v1.h> 11d677bfe2SMiquel Raynal #include "tpm-user-utils.h" 12d677bfe2SMiquel Raynal 13d677bfe2SMiquel Raynal static int do_tpm_startup(cmd_tbl_t *cmdtp, int flag, int argc, 14d677bfe2SMiquel Raynal char * const argv[]) 15d677bfe2SMiquel Raynal { 16d677bfe2SMiquel Raynal enum tpm_startup_type mode; 17d677bfe2SMiquel Raynal 18d677bfe2SMiquel Raynal if (argc != 2) 19d677bfe2SMiquel Raynal return CMD_RET_USAGE; 20d677bfe2SMiquel Raynal if (!strcasecmp("TPM_ST_CLEAR", argv[1])) { 21d677bfe2SMiquel Raynal mode = TPM_ST_CLEAR; 22d677bfe2SMiquel Raynal } else if (!strcasecmp("TPM_ST_STATE", argv[1])) { 23d677bfe2SMiquel Raynal mode = TPM_ST_STATE; 24d677bfe2SMiquel Raynal } else if (!strcasecmp("TPM_ST_DEACTIVATED", argv[1])) { 25d677bfe2SMiquel Raynal mode = TPM_ST_DEACTIVATED; 26d677bfe2SMiquel Raynal } else { 27d677bfe2SMiquel Raynal printf("Couldn't recognize mode string: %s\n", argv[1]); 28d677bfe2SMiquel Raynal return CMD_RET_FAILURE; 29d677bfe2SMiquel Raynal } 30d677bfe2SMiquel Raynal 31d677bfe2SMiquel Raynal return report_return_code(tpm_startup(mode)); 32d677bfe2SMiquel Raynal } 33d677bfe2SMiquel Raynal 34d677bfe2SMiquel Raynal static int do_tpm_nv_define_space(cmd_tbl_t *cmdtp, int flag, int argc, 35d677bfe2SMiquel Raynal char * const argv[]) 36d677bfe2SMiquel Raynal { 37d677bfe2SMiquel Raynal u32 index, perm, size; 38d677bfe2SMiquel Raynal 39d677bfe2SMiquel Raynal if (argc != 4) 40d677bfe2SMiquel Raynal return CMD_RET_USAGE; 41d677bfe2SMiquel Raynal index = simple_strtoul(argv[1], NULL, 0); 42d677bfe2SMiquel Raynal perm = simple_strtoul(argv[2], NULL, 0); 43d677bfe2SMiquel Raynal size = simple_strtoul(argv[3], NULL, 0); 44d677bfe2SMiquel Raynal 45d677bfe2SMiquel Raynal return report_return_code(tpm_nv_define_space(index, perm, size)); 46d677bfe2SMiquel Raynal } 47d677bfe2SMiquel Raynal 48d677bfe2SMiquel Raynal static int do_tpm_nv_read_value(cmd_tbl_t *cmdtp, int flag, int argc, 49d677bfe2SMiquel Raynal char * const argv[]) 50d677bfe2SMiquel Raynal { 51d677bfe2SMiquel Raynal u32 index, count, rc; 52d677bfe2SMiquel Raynal void *data; 53d677bfe2SMiquel Raynal 54d677bfe2SMiquel Raynal if (argc != 4) 55d677bfe2SMiquel Raynal return CMD_RET_USAGE; 56d677bfe2SMiquel Raynal index = simple_strtoul(argv[1], NULL, 0); 57d677bfe2SMiquel Raynal data = (void *)simple_strtoul(argv[2], NULL, 0); 58d677bfe2SMiquel Raynal count = simple_strtoul(argv[3], NULL, 0); 59d677bfe2SMiquel Raynal 60d677bfe2SMiquel Raynal rc = tpm_nv_read_value(index, data, count); 61d677bfe2SMiquel Raynal if (!rc) { 62d677bfe2SMiquel Raynal puts("area content:\n"); 63d677bfe2SMiquel Raynal print_byte_string(data, count); 64d677bfe2SMiquel Raynal } 65d677bfe2SMiquel Raynal 66d677bfe2SMiquel Raynal return report_return_code(rc); 67d677bfe2SMiquel Raynal } 68d677bfe2SMiquel Raynal 69d677bfe2SMiquel Raynal static int do_tpm_nv_write_value(cmd_tbl_t *cmdtp, int flag, int argc, 70d677bfe2SMiquel Raynal char * const argv[]) 71d677bfe2SMiquel Raynal { 72d677bfe2SMiquel Raynal u32 index, rc; 73d677bfe2SMiquel Raynal size_t count; 74d677bfe2SMiquel Raynal void *data; 75d677bfe2SMiquel Raynal 76d677bfe2SMiquel Raynal if (argc != 3) 77d677bfe2SMiquel Raynal return CMD_RET_USAGE; 78d677bfe2SMiquel Raynal index = simple_strtoul(argv[1], NULL, 0); 79d677bfe2SMiquel Raynal data = parse_byte_string(argv[2], NULL, &count); 80d677bfe2SMiquel Raynal if (!data) { 81d677bfe2SMiquel Raynal printf("Couldn't parse byte string %s\n", argv[2]); 82d677bfe2SMiquel Raynal return CMD_RET_FAILURE; 83d677bfe2SMiquel Raynal } 84d677bfe2SMiquel Raynal 85d677bfe2SMiquel Raynal rc = tpm_nv_write_value(index, data, count); 86d677bfe2SMiquel Raynal free(data); 87d677bfe2SMiquel Raynal 88d677bfe2SMiquel Raynal return report_return_code(rc); 89d677bfe2SMiquel Raynal } 90d677bfe2SMiquel Raynal 91d677bfe2SMiquel Raynal static int do_tpm_extend(cmd_tbl_t *cmdtp, int flag, int argc, 92d677bfe2SMiquel Raynal char * const argv[]) 93d677bfe2SMiquel Raynal { 94d677bfe2SMiquel Raynal u32 index, rc; 95d677bfe2SMiquel Raynal u8 in_digest[20], out_digest[20]; 96d677bfe2SMiquel Raynal 97d677bfe2SMiquel Raynal if (argc != 3) 98d677bfe2SMiquel Raynal return CMD_RET_USAGE; 99d677bfe2SMiquel Raynal index = simple_strtoul(argv[1], NULL, 0); 100d677bfe2SMiquel Raynal if (!parse_byte_string(argv[2], in_digest, NULL)) { 101d677bfe2SMiquel Raynal printf("Couldn't parse byte string %s\n", argv[2]); 102d677bfe2SMiquel Raynal return CMD_RET_FAILURE; 103d677bfe2SMiquel Raynal } 104d677bfe2SMiquel Raynal 105d677bfe2SMiquel Raynal rc = tpm_extend(index, in_digest, out_digest); 106d677bfe2SMiquel Raynal if (!rc) { 107d677bfe2SMiquel Raynal puts("PCR value after execution of the command:\n"); 108d677bfe2SMiquel Raynal print_byte_string(out_digest, sizeof(out_digest)); 109d677bfe2SMiquel Raynal } 110d677bfe2SMiquel Raynal 111d677bfe2SMiquel Raynal return report_return_code(rc); 112d677bfe2SMiquel Raynal } 113d677bfe2SMiquel Raynal 114d677bfe2SMiquel Raynal static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag, int argc, 115d677bfe2SMiquel Raynal char * const argv[]) 116d677bfe2SMiquel Raynal { 117d677bfe2SMiquel Raynal u32 index, count, rc; 118d677bfe2SMiquel Raynal void *data; 119d677bfe2SMiquel Raynal 120d677bfe2SMiquel Raynal if (argc != 4) 121d677bfe2SMiquel Raynal return CMD_RET_USAGE; 122d677bfe2SMiquel Raynal index = simple_strtoul(argv[1], NULL, 0); 123d677bfe2SMiquel Raynal data = (void *)simple_strtoul(argv[2], NULL, 0); 124d677bfe2SMiquel Raynal count = simple_strtoul(argv[3], NULL, 0); 125d677bfe2SMiquel Raynal 126d677bfe2SMiquel Raynal rc = tpm_pcr_read(index, data, count); 127d677bfe2SMiquel Raynal if (!rc) { 128d677bfe2SMiquel Raynal puts("Named PCR content:\n"); 129d677bfe2SMiquel Raynal print_byte_string(data, count); 130d677bfe2SMiquel Raynal } 131d677bfe2SMiquel Raynal 132d677bfe2SMiquel Raynal return report_return_code(rc); 133d677bfe2SMiquel Raynal } 134d677bfe2SMiquel Raynal 135d677bfe2SMiquel Raynal static int do_tpm_tsc_physical_presence(cmd_tbl_t *cmdtp, int flag, int argc, 136d677bfe2SMiquel Raynal char * const argv[]) 137d677bfe2SMiquel Raynal { 138d677bfe2SMiquel Raynal u16 presence; 139d677bfe2SMiquel Raynal 140d677bfe2SMiquel Raynal if (argc != 2) 141d677bfe2SMiquel Raynal return CMD_RET_USAGE; 142d677bfe2SMiquel Raynal presence = (u16)simple_strtoul(argv[1], NULL, 0); 143d677bfe2SMiquel Raynal 144d677bfe2SMiquel Raynal return report_return_code(tpm_tsc_physical_presence(presence)); 145d677bfe2SMiquel Raynal } 146d677bfe2SMiquel Raynal 147d677bfe2SMiquel Raynal static int do_tpm_read_pubek(cmd_tbl_t *cmdtp, int flag, int argc, 148d677bfe2SMiquel Raynal char * const argv[]) 149d677bfe2SMiquel Raynal { 150d677bfe2SMiquel Raynal u32 count, rc; 151d677bfe2SMiquel Raynal void *data; 152d677bfe2SMiquel Raynal 153d677bfe2SMiquel Raynal if (argc != 3) 154d677bfe2SMiquel Raynal return CMD_RET_USAGE; 155d677bfe2SMiquel Raynal data = (void *)simple_strtoul(argv[1], NULL, 0); 156d677bfe2SMiquel Raynal count = simple_strtoul(argv[2], NULL, 0); 157d677bfe2SMiquel Raynal 158d677bfe2SMiquel Raynal rc = tpm_read_pubek(data, count); 159d677bfe2SMiquel Raynal if (!rc) { 160d677bfe2SMiquel Raynal puts("pubek value:\n"); 161d677bfe2SMiquel Raynal print_byte_string(data, count); 162d677bfe2SMiquel Raynal } 163d677bfe2SMiquel Raynal 164d677bfe2SMiquel Raynal return report_return_code(rc); 165d677bfe2SMiquel Raynal } 166d677bfe2SMiquel Raynal 167d677bfe2SMiquel Raynal static int do_tpm_physical_set_deactivated(cmd_tbl_t *cmdtp, int flag, int argc, 168d677bfe2SMiquel Raynal char * const argv[]) 169d677bfe2SMiquel Raynal { 170d677bfe2SMiquel Raynal u8 state; 171d677bfe2SMiquel Raynal 172d677bfe2SMiquel Raynal if (argc != 2) 173d677bfe2SMiquel Raynal return CMD_RET_USAGE; 174d677bfe2SMiquel Raynal state = (u8)simple_strtoul(argv[1], NULL, 0); 175d677bfe2SMiquel Raynal 176d677bfe2SMiquel Raynal return report_return_code(tpm_physical_set_deactivated(state)); 177d677bfe2SMiquel Raynal } 178d677bfe2SMiquel Raynal 179d677bfe2SMiquel Raynal static int do_tpm_get_capability(cmd_tbl_t *cmdtp, int flag, int argc, 180d677bfe2SMiquel Raynal char * const argv[]) 181d677bfe2SMiquel Raynal { 182d677bfe2SMiquel Raynal u32 cap_area, sub_cap, rc; 183d677bfe2SMiquel Raynal void *cap; 184d677bfe2SMiquel Raynal size_t count; 185d677bfe2SMiquel Raynal 186d677bfe2SMiquel Raynal if (argc != 5) 187d677bfe2SMiquel Raynal return CMD_RET_USAGE; 188d677bfe2SMiquel Raynal cap_area = simple_strtoul(argv[1], NULL, 0); 189d677bfe2SMiquel Raynal sub_cap = simple_strtoul(argv[2], NULL, 0); 190d677bfe2SMiquel Raynal cap = (void *)simple_strtoul(argv[3], NULL, 0); 191d677bfe2SMiquel Raynal count = simple_strtoul(argv[4], NULL, 0); 192d677bfe2SMiquel Raynal 193d677bfe2SMiquel Raynal rc = tpm_get_capability(cap_area, sub_cap, cap, count); 194d677bfe2SMiquel Raynal if (!rc) { 195d677bfe2SMiquel Raynal puts("capability information:\n"); 196d677bfe2SMiquel Raynal print_byte_string(cap, count); 197d677bfe2SMiquel Raynal } 198d677bfe2SMiquel Raynal 199d677bfe2SMiquel Raynal return report_return_code(rc); 200d677bfe2SMiquel Raynal } 201d677bfe2SMiquel Raynal 202d677bfe2SMiquel Raynal static int do_tpm_raw_transfer(cmd_tbl_t *cmdtp, int flag, int argc, 203d677bfe2SMiquel Raynal char * const argv[]) 204d677bfe2SMiquel Raynal { 205d677bfe2SMiquel Raynal struct udevice *dev; 206d677bfe2SMiquel Raynal void *command; 207d677bfe2SMiquel Raynal u8 response[1024]; 208d677bfe2SMiquel Raynal size_t count, response_length = sizeof(response); 209d677bfe2SMiquel Raynal u32 rc; 210d677bfe2SMiquel Raynal 211d677bfe2SMiquel Raynal command = parse_byte_string(argv[1], NULL, &count); 212d677bfe2SMiquel Raynal if (!command) { 213d677bfe2SMiquel Raynal printf("Couldn't parse byte string %s\n", argv[1]); 214d677bfe2SMiquel Raynal return CMD_RET_FAILURE; 215d677bfe2SMiquel Raynal } 216d677bfe2SMiquel Raynal 217d677bfe2SMiquel Raynal rc = get_tpm(&dev); 218d677bfe2SMiquel Raynal if (rc) 219d677bfe2SMiquel Raynal return rc; 220d677bfe2SMiquel Raynal 221d677bfe2SMiquel Raynal rc = tpm_xfer(dev, command, count, response, &response_length); 222d677bfe2SMiquel Raynal free(command); 223d677bfe2SMiquel Raynal if (!rc) { 224d677bfe2SMiquel Raynal puts("tpm response:\n"); 225d677bfe2SMiquel Raynal print_byte_string(response, response_length); 226d677bfe2SMiquel Raynal } 227d677bfe2SMiquel Raynal 228d677bfe2SMiquel Raynal return report_return_code(rc); 229d677bfe2SMiquel Raynal } 230d677bfe2SMiquel Raynal 231d677bfe2SMiquel Raynal static int do_tpm_nv_define(cmd_tbl_t *cmdtp, int flag, int argc, 232d677bfe2SMiquel Raynal char * const argv[]) 233d677bfe2SMiquel Raynal { 234d677bfe2SMiquel Raynal u32 index, perm, size; 235d677bfe2SMiquel Raynal 236d677bfe2SMiquel Raynal if (argc != 4) 237d677bfe2SMiquel Raynal return CMD_RET_USAGE; 238d677bfe2SMiquel Raynal size = type_string_get_space_size(argv[1]); 239d677bfe2SMiquel Raynal if (!size) { 240d677bfe2SMiquel Raynal printf("Couldn't parse arguments\n"); 241d677bfe2SMiquel Raynal return CMD_RET_USAGE; 242d677bfe2SMiquel Raynal } 243d677bfe2SMiquel Raynal index = simple_strtoul(argv[2], NULL, 0); 244d677bfe2SMiquel Raynal perm = simple_strtoul(argv[3], NULL, 0); 245d677bfe2SMiquel Raynal 246d677bfe2SMiquel Raynal return report_return_code(tpm_nv_define_space(index, perm, size)); 247d677bfe2SMiquel Raynal } 248d677bfe2SMiquel Raynal 249d677bfe2SMiquel Raynal static int do_tpm_nv_read(cmd_tbl_t *cmdtp, int flag, int argc, 250d677bfe2SMiquel Raynal char * const argv[]) 251d677bfe2SMiquel Raynal { 252d677bfe2SMiquel Raynal u32 index, count, err; 253d677bfe2SMiquel Raynal void *data; 254d677bfe2SMiquel Raynal 255d677bfe2SMiquel Raynal if (argc < 3) 256d677bfe2SMiquel Raynal return CMD_RET_USAGE; 257d677bfe2SMiquel Raynal if (argc != 3 + type_string_get_num_values(argv[1])) 258d677bfe2SMiquel Raynal return CMD_RET_USAGE; 259d677bfe2SMiquel Raynal index = simple_strtoul(argv[2], NULL, 0); 260d677bfe2SMiquel Raynal data = type_string_alloc(argv[1], &count); 261d677bfe2SMiquel Raynal if (!data) { 262d677bfe2SMiquel Raynal printf("Couldn't parse arguments\n"); 263d677bfe2SMiquel Raynal return CMD_RET_USAGE; 264d677bfe2SMiquel Raynal } 265d677bfe2SMiquel Raynal 266d677bfe2SMiquel Raynal err = tpm_nv_read_value(index, data, count); 267d677bfe2SMiquel Raynal if (!err) { 268d677bfe2SMiquel Raynal if (type_string_write_vars(argv[1], data, argv + 3)) { 269d677bfe2SMiquel Raynal printf("Couldn't write to variables\n"); 270d677bfe2SMiquel Raynal err = ~0; 271d677bfe2SMiquel Raynal } 272d677bfe2SMiquel Raynal } 273d677bfe2SMiquel Raynal free(data); 274d677bfe2SMiquel Raynal 275d677bfe2SMiquel Raynal return report_return_code(err); 276d677bfe2SMiquel Raynal } 277d677bfe2SMiquel Raynal 278d677bfe2SMiquel Raynal static int do_tpm_nv_write(cmd_tbl_t *cmdtp, int flag, int argc, 279d677bfe2SMiquel Raynal char * const argv[]) 280d677bfe2SMiquel Raynal { 281d677bfe2SMiquel Raynal u32 index, count, err; 282d677bfe2SMiquel Raynal void *data; 283d677bfe2SMiquel Raynal 284d677bfe2SMiquel Raynal if (argc < 3) 285d677bfe2SMiquel Raynal return CMD_RET_USAGE; 286d677bfe2SMiquel Raynal if (argc != 3 + type_string_get_num_values(argv[1])) 287d677bfe2SMiquel Raynal return CMD_RET_USAGE; 288d677bfe2SMiquel Raynal index = simple_strtoul(argv[2], NULL, 0); 289d677bfe2SMiquel Raynal data = type_string_alloc(argv[1], &count); 290d677bfe2SMiquel Raynal if (!data) { 291d677bfe2SMiquel Raynal printf("Couldn't parse arguments\n"); 292d677bfe2SMiquel Raynal return CMD_RET_USAGE; 293d677bfe2SMiquel Raynal } 294d677bfe2SMiquel Raynal if (type_string_pack(argv[1], argv + 3, data)) { 295d677bfe2SMiquel Raynal printf("Couldn't parse arguments\n"); 296d677bfe2SMiquel Raynal free(data); 297d677bfe2SMiquel Raynal return CMD_RET_USAGE; 298d677bfe2SMiquel Raynal } 299d677bfe2SMiquel Raynal 300d677bfe2SMiquel Raynal err = tpm_nv_write_value(index, data, count); 301d677bfe2SMiquel Raynal free(data); 302d677bfe2SMiquel Raynal 303d677bfe2SMiquel Raynal return report_return_code(err); 304d677bfe2SMiquel Raynal } 305d677bfe2SMiquel Raynal 306d677bfe2SMiquel Raynal #ifdef CONFIG_TPM_AUTH_SESSIONS 307d677bfe2SMiquel Raynal 308d677bfe2SMiquel Raynal static int do_tpm_oiap(cmd_tbl_t *cmdtp, int flag, int argc, 309d677bfe2SMiquel Raynal char * const argv[]) 310d677bfe2SMiquel Raynal { 311d677bfe2SMiquel Raynal u32 auth_handle, err; 312d677bfe2SMiquel Raynal 313d677bfe2SMiquel Raynal err = tpm_oiap(&auth_handle); 314d677bfe2SMiquel Raynal 315d677bfe2SMiquel Raynal return report_return_code(err); 316d677bfe2SMiquel Raynal } 317d677bfe2SMiquel Raynal 318d677bfe2SMiquel Raynal #ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1 319d677bfe2SMiquel Raynal static int do_tpm_load_key_by_sha1(cmd_tbl_t *cmdtp, int flag, int argc, char * 320d677bfe2SMiquel Raynal const argv[]) 321d677bfe2SMiquel Raynal { 322d677bfe2SMiquel Raynal u32 parent_handle = 0; 323d677bfe2SMiquel Raynal u32 key_len, key_handle, err; 324d677bfe2SMiquel Raynal u8 usage_auth[DIGEST_LENGTH]; 325d677bfe2SMiquel Raynal u8 parent_hash[DIGEST_LENGTH]; 326d677bfe2SMiquel Raynal void *key; 327d677bfe2SMiquel Raynal 328d677bfe2SMiquel Raynal if (argc < 5) 329d677bfe2SMiquel Raynal return CMD_RET_USAGE; 330d677bfe2SMiquel Raynal 331d677bfe2SMiquel Raynal parse_byte_string(argv[1], parent_hash, NULL); 332d677bfe2SMiquel Raynal key = (void *)simple_strtoul(argv[2], NULL, 0); 333d677bfe2SMiquel Raynal key_len = simple_strtoul(argv[3], NULL, 0); 334d677bfe2SMiquel Raynal if (strlen(argv[4]) != 2 * DIGEST_LENGTH) 335d677bfe2SMiquel Raynal return CMD_RET_FAILURE; 336d677bfe2SMiquel Raynal parse_byte_string(argv[4], usage_auth, NULL); 337d677bfe2SMiquel Raynal 338d677bfe2SMiquel Raynal err = tpm_find_key_sha1(usage_auth, parent_hash, &parent_handle); 339d677bfe2SMiquel Raynal if (err) { 340d677bfe2SMiquel Raynal printf("Could not find matching parent key (err = %d)\n", err); 341d677bfe2SMiquel Raynal return CMD_RET_FAILURE; 342d677bfe2SMiquel Raynal } 343d677bfe2SMiquel Raynal 344d677bfe2SMiquel Raynal printf("Found parent key %08x\n", parent_handle); 345d677bfe2SMiquel Raynal 346d677bfe2SMiquel Raynal err = tpm_load_key2_oiap(parent_handle, key, key_len, usage_auth, 347d677bfe2SMiquel Raynal &key_handle); 348d677bfe2SMiquel Raynal if (!err) { 349d677bfe2SMiquel Raynal printf("Key handle is 0x%x\n", key_handle); 350d677bfe2SMiquel Raynal env_set_hex("key_handle", key_handle); 351d677bfe2SMiquel Raynal } 352d677bfe2SMiquel Raynal 353d677bfe2SMiquel Raynal return report_return_code(err); 354d677bfe2SMiquel Raynal } 355d677bfe2SMiquel Raynal #endif /* CONFIG_TPM_LOAD_KEY_BY_SHA1 */ 356d677bfe2SMiquel Raynal 357d677bfe2SMiquel Raynal static int do_tpm_load_key2_oiap(cmd_tbl_t *cmdtp, int flag, int argc, 358d677bfe2SMiquel Raynal char * const argv[]) 359d677bfe2SMiquel Raynal { 360d677bfe2SMiquel Raynal u32 parent_handle, key_len, key_handle, err; 361d677bfe2SMiquel Raynal u8 usage_auth[DIGEST_LENGTH]; 362d677bfe2SMiquel Raynal void *key; 363d677bfe2SMiquel Raynal 364d677bfe2SMiquel Raynal if (argc < 5) 365d677bfe2SMiquel Raynal return CMD_RET_USAGE; 366d677bfe2SMiquel Raynal 367d677bfe2SMiquel Raynal parent_handle = simple_strtoul(argv[1], NULL, 0); 368d677bfe2SMiquel Raynal key = (void *)simple_strtoul(argv[2], NULL, 0); 369d677bfe2SMiquel Raynal key_len = simple_strtoul(argv[3], NULL, 0); 370d677bfe2SMiquel Raynal if (strlen(argv[4]) != 2 * DIGEST_LENGTH) 371d677bfe2SMiquel Raynal return CMD_RET_FAILURE; 372d677bfe2SMiquel Raynal parse_byte_string(argv[4], usage_auth, NULL); 373d677bfe2SMiquel Raynal 374d677bfe2SMiquel Raynal err = tpm_load_key2_oiap(parent_handle, key, key_len, usage_auth, 375d677bfe2SMiquel Raynal &key_handle); 376d677bfe2SMiquel Raynal if (!err) 377d677bfe2SMiquel Raynal printf("Key handle is 0x%x\n", key_handle); 378d677bfe2SMiquel Raynal 379d677bfe2SMiquel Raynal return report_return_code(err); 380d677bfe2SMiquel Raynal } 381d677bfe2SMiquel Raynal 382d677bfe2SMiquel Raynal static int do_tpm_get_pub_key_oiap(cmd_tbl_t *cmdtp, int flag, int argc, 383d677bfe2SMiquel Raynal char * const argv[]) 384d677bfe2SMiquel Raynal { 385d677bfe2SMiquel Raynal u32 key_handle, err; 386d677bfe2SMiquel Raynal u8 usage_auth[DIGEST_LENGTH]; 387d677bfe2SMiquel Raynal u8 pub_key_buffer[TPM_PUBKEY_MAX_LENGTH]; 388d677bfe2SMiquel Raynal size_t pub_key_len = sizeof(pub_key_buffer); 389d677bfe2SMiquel Raynal 390d677bfe2SMiquel Raynal if (argc < 3) 391d677bfe2SMiquel Raynal return CMD_RET_USAGE; 392d677bfe2SMiquel Raynal 393d677bfe2SMiquel Raynal key_handle = simple_strtoul(argv[1], NULL, 0); 394d677bfe2SMiquel Raynal if (strlen(argv[2]) != 2 * DIGEST_LENGTH) 395d677bfe2SMiquel Raynal return CMD_RET_FAILURE; 396d677bfe2SMiquel Raynal parse_byte_string(argv[2], usage_auth, NULL); 397d677bfe2SMiquel Raynal 398d677bfe2SMiquel Raynal err = tpm_get_pub_key_oiap(key_handle, usage_auth, pub_key_buffer, 399d677bfe2SMiquel Raynal &pub_key_len); 400d677bfe2SMiquel Raynal if (!err) { 401d677bfe2SMiquel Raynal printf("dump of received pub key structure:\n"); 402d677bfe2SMiquel Raynal print_byte_string(pub_key_buffer, pub_key_len); 403d677bfe2SMiquel Raynal } 404d677bfe2SMiquel Raynal return report_return_code(err); 405d677bfe2SMiquel Raynal } 406d677bfe2SMiquel Raynal 407d677bfe2SMiquel Raynal TPM_COMMAND_NO_ARG(tpm_end_oiap) 408d677bfe2SMiquel Raynal 409d677bfe2SMiquel Raynal #endif /* CONFIG_TPM_AUTH_SESSIONS */ 410d677bfe2SMiquel Raynal 411d677bfe2SMiquel Raynal #ifdef CONFIG_TPM_FLUSH_RESOURCES 412d677bfe2SMiquel Raynal static int do_tpm_flush(cmd_tbl_t *cmdtp, int flag, int argc, 413d677bfe2SMiquel Raynal char * const argv[]) 414d677bfe2SMiquel Raynal { 415d677bfe2SMiquel Raynal int type = 0; 416d677bfe2SMiquel Raynal 417d677bfe2SMiquel Raynal if (argc != 3) 418d677bfe2SMiquel Raynal return CMD_RET_USAGE; 419d677bfe2SMiquel Raynal 420d677bfe2SMiquel Raynal if (!strcasecmp(argv[1], "key")) 421d677bfe2SMiquel Raynal type = TPM_RT_KEY; 422d677bfe2SMiquel Raynal else if (!strcasecmp(argv[1], "auth")) 423d677bfe2SMiquel Raynal type = TPM_RT_AUTH; 424d677bfe2SMiquel Raynal else if (!strcasecmp(argv[1], "hash")) 425d677bfe2SMiquel Raynal type = TPM_RT_HASH; 426d677bfe2SMiquel Raynal else if (!strcasecmp(argv[1], "trans")) 427d677bfe2SMiquel Raynal type = TPM_RT_TRANS; 428d677bfe2SMiquel Raynal else if (!strcasecmp(argv[1], "context")) 429d677bfe2SMiquel Raynal type = TPM_RT_CONTEXT; 430d677bfe2SMiquel Raynal else if (!strcasecmp(argv[1], "counter")) 431d677bfe2SMiquel Raynal type = TPM_RT_COUNTER; 432d677bfe2SMiquel Raynal else if (!strcasecmp(argv[1], "delegate")) 433d677bfe2SMiquel Raynal type = TPM_RT_DELEGATE; 434d677bfe2SMiquel Raynal else if (!strcasecmp(argv[1], "daa_tpm")) 435d677bfe2SMiquel Raynal type = TPM_RT_DAA_TPM; 436d677bfe2SMiquel Raynal else if (!strcasecmp(argv[1], "daa_v0")) 437d677bfe2SMiquel Raynal type = TPM_RT_DAA_V0; 438d677bfe2SMiquel Raynal else if (!strcasecmp(argv[1], "daa_v1")) 439d677bfe2SMiquel Raynal type = TPM_RT_DAA_V1; 440d677bfe2SMiquel Raynal 441d677bfe2SMiquel Raynal if (!type) { 442d677bfe2SMiquel Raynal printf("Resource type %s unknown.\n", argv[1]); 443d677bfe2SMiquel Raynal return -1; 444d677bfe2SMiquel Raynal } 445d677bfe2SMiquel Raynal 446d677bfe2SMiquel Raynal if (!strcasecmp(argv[2], "all")) { 447d677bfe2SMiquel Raynal u16 res_count; 448d677bfe2SMiquel Raynal u8 buf[288]; 449d677bfe2SMiquel Raynal u8 *ptr; 450d677bfe2SMiquel Raynal int err; 451d677bfe2SMiquel Raynal uint i; 452d677bfe2SMiquel Raynal 453d677bfe2SMiquel Raynal /* fetch list of already loaded resources in the TPM */ 454d677bfe2SMiquel Raynal err = tpm_get_capability(TPM_CAP_HANDLE, type, buf, 455d677bfe2SMiquel Raynal sizeof(buf)); 456d677bfe2SMiquel Raynal if (err) { 457d677bfe2SMiquel Raynal printf("tpm_get_capability returned error %d.\n", err); 458d677bfe2SMiquel Raynal return -1; 459d677bfe2SMiquel Raynal } 460d677bfe2SMiquel Raynal res_count = get_unaligned_be16(buf); 461d677bfe2SMiquel Raynal ptr = buf + 2; 462d677bfe2SMiquel Raynal for (i = 0; i < res_count; ++i, ptr += 4) 463d677bfe2SMiquel Raynal tpm_flush_specific(get_unaligned_be32(ptr), type); 464d677bfe2SMiquel Raynal } else { 465d677bfe2SMiquel Raynal u32 handle = simple_strtoul(argv[2], NULL, 0); 466d677bfe2SMiquel Raynal 467d677bfe2SMiquel Raynal if (!handle) { 468d677bfe2SMiquel Raynal printf("Illegal resource handle %s\n", argv[2]); 469d677bfe2SMiquel Raynal return -1; 470d677bfe2SMiquel Raynal } 471d677bfe2SMiquel Raynal tpm_flush_specific(cpu_to_be32(handle), type); 472d677bfe2SMiquel Raynal } 473d677bfe2SMiquel Raynal 474d677bfe2SMiquel Raynal return 0; 475d677bfe2SMiquel Raynal } 476d677bfe2SMiquel Raynal #endif /* CONFIG_TPM_FLUSH_RESOURCES */ 477d677bfe2SMiquel Raynal 478d677bfe2SMiquel Raynal #ifdef CONFIG_TPM_LIST_RESOURCES 479d677bfe2SMiquel Raynal static int do_tpm_list(cmd_tbl_t *cmdtp, int flag, int argc, 480d677bfe2SMiquel Raynal char * const argv[]) 481d677bfe2SMiquel Raynal { 482d677bfe2SMiquel Raynal int type = 0; 483d677bfe2SMiquel Raynal u16 res_count; 484d677bfe2SMiquel Raynal u8 buf[288]; 485d677bfe2SMiquel Raynal u8 *ptr; 486d677bfe2SMiquel Raynal int err; 487d677bfe2SMiquel Raynal uint i; 488d677bfe2SMiquel Raynal 489d677bfe2SMiquel Raynal if (argc != 2) 490d677bfe2SMiquel Raynal return CMD_RET_USAGE; 491d677bfe2SMiquel Raynal 492d677bfe2SMiquel Raynal if (!strcasecmp(argv[1], "key")) 493d677bfe2SMiquel Raynal type = TPM_RT_KEY; 494d677bfe2SMiquel Raynal else if (!strcasecmp(argv[1], "auth")) 495d677bfe2SMiquel Raynal type = TPM_RT_AUTH; 496d677bfe2SMiquel Raynal else if (!strcasecmp(argv[1], "hash")) 497d677bfe2SMiquel Raynal type = TPM_RT_HASH; 498d677bfe2SMiquel Raynal else if (!strcasecmp(argv[1], "trans")) 499d677bfe2SMiquel Raynal type = TPM_RT_TRANS; 500d677bfe2SMiquel Raynal else if (!strcasecmp(argv[1], "context")) 501d677bfe2SMiquel Raynal type = TPM_RT_CONTEXT; 502d677bfe2SMiquel Raynal else if (!strcasecmp(argv[1], "counter")) 503d677bfe2SMiquel Raynal type = TPM_RT_COUNTER; 504d677bfe2SMiquel Raynal else if (!strcasecmp(argv[1], "delegate")) 505d677bfe2SMiquel Raynal type = TPM_RT_DELEGATE; 506d677bfe2SMiquel Raynal else if (!strcasecmp(argv[1], "daa_tpm")) 507d677bfe2SMiquel Raynal type = TPM_RT_DAA_TPM; 508d677bfe2SMiquel Raynal else if (!strcasecmp(argv[1], "daa_v0")) 509d677bfe2SMiquel Raynal type = TPM_RT_DAA_V0; 510d677bfe2SMiquel Raynal else if (!strcasecmp(argv[1], "daa_v1")) 511d677bfe2SMiquel Raynal type = TPM_RT_DAA_V1; 512d677bfe2SMiquel Raynal 513d677bfe2SMiquel Raynal if (!type) { 514d677bfe2SMiquel Raynal printf("Resource type %s unknown.\n", argv[1]); 515d677bfe2SMiquel Raynal return -1; 516d677bfe2SMiquel Raynal } 517d677bfe2SMiquel Raynal 518d677bfe2SMiquel Raynal /* fetch list of already loaded resources in the TPM */ 519d677bfe2SMiquel Raynal err = tpm_get_capability(TPM_CAP_HANDLE, type, buf, 520d677bfe2SMiquel Raynal sizeof(buf)); 521d677bfe2SMiquel Raynal if (err) { 522d677bfe2SMiquel Raynal printf("tpm_get_capability returned error %d.\n", err); 523d677bfe2SMiquel Raynal return -1; 524d677bfe2SMiquel Raynal } 525d677bfe2SMiquel Raynal res_count = get_unaligned_be16(buf); 526d677bfe2SMiquel Raynal ptr = buf + 2; 527d677bfe2SMiquel Raynal 528d677bfe2SMiquel Raynal printf("Resources of type %s (%02x):\n", argv[1], type); 529d677bfe2SMiquel Raynal if (!res_count) { 530d677bfe2SMiquel Raynal puts("None\n"); 531d677bfe2SMiquel Raynal } else { 532d677bfe2SMiquel Raynal for (i = 0; i < res_count; ++i, ptr += 4) 533d677bfe2SMiquel Raynal printf("Index %d: %08x\n", i, get_unaligned_be32(ptr)); 534d677bfe2SMiquel Raynal } 535d677bfe2SMiquel Raynal 536d677bfe2SMiquel Raynal return 0; 537d677bfe2SMiquel Raynal } 538d677bfe2SMiquel Raynal #endif /* CONFIG_TPM_LIST_RESOURCES */ 539d677bfe2SMiquel Raynal 540d677bfe2SMiquel Raynal TPM_COMMAND_NO_ARG(tpm_self_test_full) 541d677bfe2SMiquel Raynal TPM_COMMAND_NO_ARG(tpm_continue_self_test) 542d677bfe2SMiquel Raynal TPM_COMMAND_NO_ARG(tpm_force_clear) 543d677bfe2SMiquel Raynal TPM_COMMAND_NO_ARG(tpm_physical_enable) 544d677bfe2SMiquel Raynal TPM_COMMAND_NO_ARG(tpm_physical_disable) 545d677bfe2SMiquel Raynal 546d677bfe2SMiquel Raynal static cmd_tbl_t tpm1_commands[] = { 547d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""), 548d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""), 549d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(startup, 0, 1, 550d677bfe2SMiquel Raynal do_tpm_startup, "", ""), 551d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(self_test_full, 0, 1, 552d677bfe2SMiquel Raynal do_tpm_self_test_full, "", ""), 553d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(continue_self_test, 0, 1, 554d677bfe2SMiquel Raynal do_tpm_continue_self_test, "", ""), 555d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(force_clear, 0, 1, 556d677bfe2SMiquel Raynal do_tpm_force_clear, "", ""), 557d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(physical_enable, 0, 1, 558d677bfe2SMiquel Raynal do_tpm_physical_enable, "", ""), 559d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(physical_disable, 0, 1, 560d677bfe2SMiquel Raynal do_tpm_physical_disable, "", ""), 561d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(nv_define_space, 0, 1, 562d677bfe2SMiquel Raynal do_tpm_nv_define_space, "", ""), 563d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(nv_read_value, 0, 1, 564d677bfe2SMiquel Raynal do_tpm_nv_read_value, "", ""), 565d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(nv_write_value, 0, 1, 566d677bfe2SMiquel Raynal do_tpm_nv_write_value, "", ""), 567d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(extend, 0, 1, 568d677bfe2SMiquel Raynal do_tpm_extend, "", ""), 569d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(pcr_read, 0, 1, 570d677bfe2SMiquel Raynal do_tpm_pcr_read, "", ""), 571d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(tsc_physical_presence, 0, 1, 572d677bfe2SMiquel Raynal do_tpm_tsc_physical_presence, "", ""), 573d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(read_pubek, 0, 1, 574d677bfe2SMiquel Raynal do_tpm_read_pubek, "", ""), 575d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(physical_set_deactivated, 0, 1, 576d677bfe2SMiquel Raynal do_tpm_physical_set_deactivated, "", ""), 577d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(get_capability, 0, 1, 578d677bfe2SMiquel Raynal do_tpm_get_capability, "", ""), 579d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(raw_transfer, 0, 1, 580d677bfe2SMiquel Raynal do_tpm_raw_transfer, "", ""), 581d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(nv_define, 0, 1, 582d677bfe2SMiquel Raynal do_tpm_nv_define, "", ""), 583d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(nv_read, 0, 1, 584d677bfe2SMiquel Raynal do_tpm_nv_read, "", ""), 585d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(nv_write, 0, 1, 586d677bfe2SMiquel Raynal do_tpm_nv_write, "", ""), 587d677bfe2SMiquel Raynal #ifdef CONFIG_TPM_AUTH_SESSIONS 588d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(oiap, 0, 1, 589d677bfe2SMiquel Raynal do_tpm_oiap, "", ""), 590d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(end_oiap, 0, 1, 591d677bfe2SMiquel Raynal do_tpm_end_oiap, "", ""), 592d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(load_key2_oiap, 0, 1, 593d677bfe2SMiquel Raynal do_tpm_load_key2_oiap, "", ""), 594d677bfe2SMiquel Raynal #ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1 595d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(load_key_by_sha1, 0, 1, 596d677bfe2SMiquel Raynal do_tpm_load_key_by_sha1, "", ""), 597d677bfe2SMiquel Raynal #endif /* CONFIG_TPM_LOAD_KEY_BY_SHA1 */ 598d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(get_pub_key_oiap, 0, 1, 599d677bfe2SMiquel Raynal do_tpm_get_pub_key_oiap, "", ""), 600d677bfe2SMiquel Raynal #endif /* CONFIG_TPM_AUTH_SESSIONS */ 601d677bfe2SMiquel Raynal #ifdef CONFIG_TPM_FLUSH_RESOURCES 602d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(flush, 0, 1, 603d677bfe2SMiquel Raynal do_tpm_flush, "", ""), 604d677bfe2SMiquel Raynal #endif /* CONFIG_TPM_FLUSH_RESOURCES */ 605d677bfe2SMiquel Raynal #ifdef CONFIG_TPM_LIST_RESOURCES 606d677bfe2SMiquel Raynal U_BOOT_CMD_MKENT(list, 0, 1, 607d677bfe2SMiquel Raynal do_tpm_list, "", ""), 608d677bfe2SMiquel Raynal #endif /* CONFIG_TPM_LIST_RESOURCES */ 609d677bfe2SMiquel Raynal }; 610d677bfe2SMiquel Raynal 611*2a2096eaSMiquel Raynal cmd_tbl_t *get_tpm1_commands(unsigned int *size) 612d677bfe2SMiquel Raynal { 613d677bfe2SMiquel Raynal *size = ARRAY_SIZE(tpm1_commands); 614d677bfe2SMiquel Raynal 615d677bfe2SMiquel Raynal return tpm1_commands; 616d677bfe2SMiquel Raynal } 617d677bfe2SMiquel Raynal 618d677bfe2SMiquel Raynal U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, 619d677bfe2SMiquel Raynal "Issue a TPMv1.x command", 620d677bfe2SMiquel Raynal "cmd args...\n" 621d677bfe2SMiquel Raynal " - Issue TPM command <cmd> with arguments <args...>.\n" 622d677bfe2SMiquel Raynal "Admin Startup and State Commands:\n" 623d677bfe2SMiquel Raynal " info - Show information about the TPM\n" 624d677bfe2SMiquel Raynal " init\n" 625d677bfe2SMiquel Raynal " - Put TPM into a state where it waits for 'startup' command.\n" 626d677bfe2SMiquel Raynal " startup mode\n" 627d677bfe2SMiquel Raynal " - Issue TPM_Starup command. <mode> is one of TPM_ST_CLEAR,\n" 628d677bfe2SMiquel Raynal " TPM_ST_STATE, and TPM_ST_DEACTIVATED.\n" 629d677bfe2SMiquel Raynal "Admin Testing Commands:\n" 630d677bfe2SMiquel Raynal " self_test_full\n" 631d677bfe2SMiquel Raynal " - Test all of the TPM capabilities.\n" 632d677bfe2SMiquel Raynal " continue_self_test\n" 633d677bfe2SMiquel Raynal " - Inform TPM that it should complete the self-test.\n" 634d677bfe2SMiquel Raynal "Admin Opt-in Commands:\n" 635d677bfe2SMiquel Raynal " physical_enable\n" 636d677bfe2SMiquel Raynal " - Set the PERMANENT disable flag to FALSE using physical presence as\n" 637d677bfe2SMiquel Raynal " authorization.\n" 638d677bfe2SMiquel Raynal " physical_disable\n" 639d677bfe2SMiquel Raynal " - Set the PERMANENT disable flag to TRUE using physical presence as\n" 640d677bfe2SMiquel Raynal " authorization.\n" 641d677bfe2SMiquel Raynal " physical_set_deactivated 0|1\n" 642d677bfe2SMiquel Raynal " - Set deactivated flag.\n" 643d677bfe2SMiquel Raynal "Admin Ownership Commands:\n" 644d677bfe2SMiquel Raynal " force_clear\n" 645d677bfe2SMiquel Raynal " - Issue TPM_ForceClear command.\n" 646d677bfe2SMiquel Raynal " tsc_physical_presence flags\n" 647d677bfe2SMiquel Raynal " - Set TPM device's Physical Presence flags to <flags>.\n" 648d677bfe2SMiquel Raynal "The Capability Commands:\n" 649d677bfe2SMiquel Raynal " get_capability cap_area sub_cap addr count\n" 650d677bfe2SMiquel Raynal " - Read <count> bytes of TPM capability indexed by <cap_area> and\n" 651d677bfe2SMiquel Raynal " <sub_cap> to memory address <addr>.\n" 652d677bfe2SMiquel Raynal #if defined(CONFIG_TPM_FLUSH_RESOURCES) || defined(CONFIG_TPM_LIST_RESOURCES) 653d677bfe2SMiquel Raynal "Resource management functions\n" 654d677bfe2SMiquel Raynal #endif 655d677bfe2SMiquel Raynal #ifdef CONFIG_TPM_FLUSH_RESOURCES 656d677bfe2SMiquel Raynal " flush resource_type id\n" 657d677bfe2SMiquel Raynal " - flushes a resource of type <resource_type> (may be one of key, auth,\n" 658d677bfe2SMiquel Raynal " hash, trans, context, counter, delegate, daa_tpm, daa_v0, daa_v1),\n" 659d677bfe2SMiquel Raynal " and id <id> from the TPM. Use an <id> of \"all\" to flush all\n" 660d677bfe2SMiquel Raynal " resources of that type.\n" 661d677bfe2SMiquel Raynal #endif /* CONFIG_TPM_FLUSH_RESOURCES */ 662d677bfe2SMiquel Raynal #ifdef CONFIG_TPM_LIST_RESOURCES 663d677bfe2SMiquel Raynal " list resource_type\n" 664d677bfe2SMiquel Raynal " - lists resources of type <resource_type> (may be one of key, auth,\n" 665d677bfe2SMiquel Raynal " hash, trans, context, counter, delegate, daa_tpm, daa_v0, daa_v1),\n" 666d677bfe2SMiquel Raynal " contained in the TPM.\n" 667d677bfe2SMiquel Raynal #endif /* CONFIG_TPM_LIST_RESOURCES */ 668d677bfe2SMiquel Raynal #ifdef CONFIG_TPM_AUTH_SESSIONS 669d677bfe2SMiquel Raynal "Storage functions\n" 670d677bfe2SMiquel Raynal " loadkey2_oiap parent_handle key_addr key_len usage_auth\n" 671d677bfe2SMiquel Raynal " - loads a key data from memory address <key_addr>, <key_len> bytes\n" 672d677bfe2SMiquel Raynal " into TPM using the parent key <parent_handle> with authorization\n" 673d677bfe2SMiquel Raynal " <usage_auth> (20 bytes hex string).\n" 674d677bfe2SMiquel Raynal #ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1 675d677bfe2SMiquel Raynal " load_key_by_sha1 parent_hash key_addr key_len usage_auth\n" 676d677bfe2SMiquel Raynal " - loads a key data from memory address <key_addr>, <key_len> bytes\n" 677d677bfe2SMiquel Raynal " into TPM using the parent hash <parent_hash> (20 bytes hex string)\n" 678d677bfe2SMiquel Raynal " with authorization <usage_auth> (20 bytes hex string).\n" 679d677bfe2SMiquel Raynal #endif /* CONFIG_TPM_LOAD_KEY_BY_SHA1 */ 680d677bfe2SMiquel Raynal " get_pub_key_oiap key_handle usage_auth\n" 681d677bfe2SMiquel Raynal " - get the public key portion of a loaded key <key_handle> using\n" 682d677bfe2SMiquel Raynal " authorization <usage auth> (20 bytes hex string)\n" 683d677bfe2SMiquel Raynal #endif /* CONFIG_TPM_AUTH_SESSIONS */ 684d677bfe2SMiquel Raynal "Endorsement Key Handling Commands:\n" 685d677bfe2SMiquel Raynal " read_pubek addr count\n" 686d677bfe2SMiquel Raynal " - Read <count> bytes of the public endorsement key to memory\n" 687d677bfe2SMiquel Raynal " address <addr>\n" 688d677bfe2SMiquel Raynal "Integrity Collection and Reporting Commands:\n" 689d677bfe2SMiquel Raynal " extend index digest_hex_string\n" 690d677bfe2SMiquel Raynal " - Add a new measurement to a PCR. Update PCR <index> with the 20-bytes\n" 691d677bfe2SMiquel Raynal " <digest_hex_string>\n" 692d677bfe2SMiquel Raynal " pcr_read index addr count\n" 693d677bfe2SMiquel Raynal " - Read <count> bytes from PCR <index> to memory address <addr>.\n" 694d677bfe2SMiquel Raynal #ifdef CONFIG_TPM_AUTH_SESSIONS 695d677bfe2SMiquel Raynal "Authorization Sessions\n" 696d677bfe2SMiquel Raynal " oiap\n" 697d677bfe2SMiquel Raynal " - setup an OIAP session\n" 698d677bfe2SMiquel Raynal " end_oiap\n" 699d677bfe2SMiquel Raynal " - terminates an active OIAP session\n" 700d677bfe2SMiquel Raynal #endif /* CONFIG_TPM_AUTH_SESSIONS */ 701d677bfe2SMiquel Raynal "Non-volatile Storage Commands:\n" 702d677bfe2SMiquel Raynal " nv_define_space index permission size\n" 703d677bfe2SMiquel Raynal " - Establish a space at index <index> with <permission> of <size> bytes.\n" 704d677bfe2SMiquel Raynal " nv_read_value index addr count\n" 705d677bfe2SMiquel Raynal " - Read <count> bytes from space <index> to memory address <addr>.\n" 706d677bfe2SMiquel Raynal " nv_write_value index addr count\n" 707d677bfe2SMiquel Raynal " - Write <count> bytes from memory address <addr> to space <index>.\n" 708d677bfe2SMiquel Raynal "Miscellaneous helper functions:\n" 709d677bfe2SMiquel Raynal " raw_transfer byte_string\n" 710d677bfe2SMiquel Raynal " - Send a byte string <byte_string> to TPM and print the response.\n" 711d677bfe2SMiquel Raynal " Non-volatile storage helper functions:\n" 712d677bfe2SMiquel Raynal " These helper functions treat a non-volatile space as a non-padded\n" 713d677bfe2SMiquel Raynal " sequence of integer values. These integer values are defined by a type\n" 714d677bfe2SMiquel Raynal " string, which is a text string of 'bwd' characters: 'b' means a 8-bit\n" 715d677bfe2SMiquel Raynal " value, 'w' 16-bit value, 'd' 32-bit value. All helper functions take\n" 716d677bfe2SMiquel Raynal " a type string as their first argument.\n" 717d677bfe2SMiquel Raynal " nv_define type_string index perm\n" 718d677bfe2SMiquel Raynal " - Define a space <index> with permission <perm>.\n" 719d677bfe2SMiquel Raynal " nv_read types_string index vars...\n" 720d677bfe2SMiquel Raynal " - Read from space <index> to environment variables <vars...>.\n" 721d677bfe2SMiquel Raynal " nv_write types_string index values...\n" 722d677bfe2SMiquel Raynal " - Write to space <index> from values <values...>.\n" 723d677bfe2SMiquel Raynal ); 724