[U-Boot] [PATCH 3/4] spi: ST33ZP24 SPI: Patch driver to support hash in locality 4
Jean-Luc BLANC
stmicroelectronics.tpm at gmail.com
Tue Apr 1 15:05:11 CEST 2014
Add the support of direct hash function in locality 4. hash_loc4()
command added in TPM command set.
Signed-off-by: Jean-Luc BLANC <jean-luc.blanc at st.com>
---
README | 4 ++++
common/cmd_tpm.c | 32 ++++++++++++++++++++++++++++++++
drivers/tpm/tpm_spi_stm_st33.c | 18 ++++++++++++++++++
include/tis.h | 11 ++++++++++-
include/tpm.h | 12 ++++++++++++
lib/tpm.c | 13 +++++++++++++
6 files changed, 89 insertions(+), 1 deletion(-)
diff --git a/README b/README
index ef66550..56c398a 100644
--- a/README
+++ b/README
@@ -1347,6 +1347,10 @@ The following options need to be configured:
TPM1_SPI_CS
Define SPI Chip Select ID connected to TPM
+ CONFIG_TPM_ST
+ Support additional hash in locality 4 command for
+ STMicroelectronics TPMs (SPI or I2C). Require CONFIG_CMD_TPM.
+
- USB Support:
At the moment only the UHCI host controller is
supported (PIP405, MIP405, MPC5200); define
diff --git a/common/cmd_tpm.c b/common/cmd_tpm.c
index 3085d34..7ca9257 100644
--- a/common/cmd_tpm.c
+++ b/common/cmd_tpm.c
@@ -334,6 +334,29 @@ static int do_tpm_extend(cmd_tbl_t *cmdtp, int flag,
return convert_return_code(rc);
}
+#ifdef CONFIG_TPM_ST
+static int do_tpm_hash_loc4(cmd_tbl_t *cmdtp, int flag,
+ int argc, char * const argv[])
+{
+ uint32_t rc;
+ size_t count;
+ void *data;
+
+ if (argc != 2)
+ return CMD_RET_USAGE;
+
+ data = parse_byte_string(argv[1], NULL, &count);
+ if (!data) {
+ printf("Couldn't parse byte string %s\n", argv[1]);
+ return CMD_RET_FAILURE;
+ }
+
+ rc = tpm_hash_loc4(data, count);
+ free(data);
+ return convert_return_code(rc);
+}
+#endif /* CONFIG_TPM_ST */
+
static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag,
int argc, char * const argv[])
{
@@ -650,6 +673,10 @@ static cmd_tbl_t tpm_commands[] = {
do_tpm_nv_write_value, "", ""),
U_BOOT_CMD_MKENT(extend, 0, 1,
do_tpm_extend, "", ""),
+#ifdef CONFIG_TPM_ST
+ U_BOOT_CMD_MKENT(hash_loc4, 0, 1,
+ do_tpm_hash_loc4, "", ""),
+#endif /* CONFIG_TPM_ST */
U_BOOT_CMD_MKENT(pcr_read, 0, 1,
do_tpm_pcr_read, "", ""),
#ifdef CONFIG_TPM_ST_2TPM
@@ -748,6 +775,11 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm,
" extend index digest_hex_string\n"
" - Add a new measurement to a PCR. Update PCR <index> with the 20-bytes\n"
" <digest_hex_string>\n"
+#ifdef CONFIG_TPM_ST
+" hash_loc4 digest_hex_string\n"
+" - Add a mesurement in PCR17. Update PCR 17 with the digest\n"
+" of <digest_hex_string>\n"
+#endif /* CONFIG_TPM_ST */
" pcr_read index addr count\n"
" - Read <count> bytes from PCR <index> to memory address <addr>.\n"
#ifdef CONFIG_TPM_AUTH_SESSIONS
diff --git a/drivers/tpm/tpm_spi_stm_st33.c b/drivers/tpm/tpm_spi_stm_st33.c
index d7b4d65..34746f2 100644
--- a/drivers/tpm/tpm_spi_stm_st33.c
+++ b/drivers/tpm/tpm_spi_stm_st33.c
@@ -668,6 +668,24 @@ int tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size,
} /* tis_sendrecv() */
/*
+ * tis_sendhashloc4() perform a hash in locality 4 in order to extend PCR17
+ * @param: sendbuf - buffer of the data to send
+ * @param: send_size size of the data to send
+ * @return: 0 on success or -TPM_DRIVER_ERR on failure.
+ */
+int tis_sendhashloc4(const uint8_t *sendbuf, size_t sbuf_size)
+{
+ int ret;
+
+ if (active_tpm->is_open == 0) {
+ printf("TPM not yet initialized, perform \"tpm init\" first\n");
+ return -TPM_DRIVER_ERR;
+ }
+ ret = tpm_stm_spi_send_hash(active_tpm, sendbuf, sbuf_size);
+ return ret;
+} /* tis_sendhashloc4() */
+
+/*
* tis_open() requests access to locality 0. After all commands have been
* completed the caller is supposed to call tis_close().
* @param: chip_number, the tpm chip to activate (0 or 1)
diff --git a/include/tis.h b/include/tis.h
index 40a1f86..f2b2df3 100644
--- a/include/tis.h
+++ b/include/tis.h
@@ -53,5 +53,14 @@ int tis_close(void);
*/
int tis_sendrecv(const uint8_t *sendbuf, size_t send_size, uint8_t *recvbuf,
size_t *recv_len);
-
+#ifdef CONFIG_TPM_ST
+/*
+ * tis_sendhashloc4() perform a hash in locality 4 in order to extend PCR17
+ * @param: sendbuf - buffer of the data to send
+ * @param: send_size size of the data to send
+ *
+ * @return: 0 on success or -TPM_DRIVER_ERR on failure.
+ */
+int tis_sendhashloc4(const uint8_t *sendbuf, size_t sbuf_size);
+#endif /* CONFIG_TPM_ST */
#endif /* __TIS_H */
diff --git a/include/tpm.h b/include/tpm.h
index b726142..90ae922 100644
--- a/include/tpm.h
+++ b/include/tpm.h
@@ -229,6 +229,18 @@ uint32_t tpm_nv_write_value(uint32_t index, const void *data, uint32_t length);
*/
uint32_t tpm_extend(uint32_t index, const void *in_digest, void *out_digest);
+#ifdef CONFIG_TPM_ST
+/**
+ * Issue a TPM hash in locality4 command.
+ *
+ * @param in_digest any size value representing the event to be
+ * recorded
+ * @param length length of data bytes of input buffer
+ * @return 0 if success, otherwise means an error occurs.
+ */
+uint32_t tpm_hash_loc4(const void *in_digest, uint32_t length);
+#endif /* CONFIG_TPM_ST */
+
/**
* Issue a TPM_PCRRead command.
*
diff --git a/lib/tpm.c b/lib/tpm.c
index bc8524e..ea574f4 100644
--- a/lib/tpm.c
+++ b/lib/tpm.c
@@ -431,6 +431,19 @@ uint32_t tpm_extend(uint32_t index, const void *in_digest, void *out_digest)
return 0;
}
+#ifdef CONFIG_TPM_ST
+uint32_t tpm_hash_loc4(const void *in_digest, uint32_t length)
+{
+ uint32_t err;
+
+ err = tis_sendhashloc4(in_digest, length);
+ if (err)
+ return err;
+
+ return 0;
+}
+#endif /* CONFIG_TPM_ST */
+
uint32_t tpm_pcr_read(uint32_t index, void *data, size_t count)
{
const uint8_t command[14] = {
--
1.7.9.5
More information about the U-Boot
mailing list