[PATCH 08/10] tpm: Add the RNG child device

Sughosh Ganu sughosh.ganu at linaro.org
Fri Feb 25 07:41:54 CET 2022 

hello Heinrich,

On Fri, 25 Feb 2022 at 12:00, Heinrich Schuchardt <xypron.glpk at gmx.de> wrote:
>
> On 2/25/22 06:45, Sughosh Ganu wrote:
> > On Fri, 25 Feb 2022 at 00:21, Heinrich Schuchardt <xypron.glpk at gmx.de> wrote:
> >>
> >> On 2/24/22 19:05, Sughosh Ganu wrote:
> >>> The TPM device comes with the random number generator(RNG)
> >>> functionality which is built into the TPM device. Add logic to add the
> >>> RNG child device in the TPM uclass post probe callback.
> >>>
> >>> The RNG device can then be used to pass a set of random bytes to the
> >>> linux kernel, need for address space randomisation through the
> >>> EFI_RNG_PROTOCOL interface.
> >>>
> >>> Signed-off-by: Sughosh Ganu <sughosh.ganu at linaro.org>
> >>> ---
> >>>    drivers/tpm/tpm-uclass.c | 58 +++++++++++++++++++++++++++++++++++++---
> >>>    1 file changed, 54 insertions(+), 4 deletions(-)
> >>>
> >>> diff --git a/drivers/tpm/tpm-uclass.c b/drivers/tpm/tpm-uclass.c
> >>> index 8619da89d8..383cc7bc48 100644
> >>> --- a/drivers/tpm/tpm-uclass.c
> >>> +++ b/drivers/tpm/tpm-uclass.c
> >>> @@ -16,6 +16,11 @@
> >>>    #include <tpm-v2.h>
> >>>    #include "tpm_internal.h"
> >>>
> >>> +#include <dm/lists.h>
> >>> +
> >>> +#define TPM_RNG1_DRV_NAME    "tpm1-rng"
> >>> +#define TPM_RNG2_DRV_NAME    "tpm2-rng"
> >>> +
> >>>    bool is_tpm1(struct udevice *dev)
> >>>    {
> >>>        return IS_ENABLED(CONFIG_TPM_V1) && tpm_get_version(dev) == TPM_V1;
> >>> @@ -147,12 +152,57 @@ int tpm_xfer(struct udevice *dev, const uint8_t *sendbuf, size_t send_size,
> >>>        return 0;
> >>>    }
> >>>
> >>> +#if IS_ENABLED(CONFIG_TPM)
> >>
> >> This is is superfluous.
> >> This file is only compiled if CONFIG_$(SPL_TPL_)TPM = y.
> >
> > Yes, but I want the RNG child device addition to be done only in case
> > of u-boot proper, not for SPL and TPM. We do not have RNG support for
> > the SPL/TPM boot stages. So unless someone needs to enable RNG support
> > for SPL/TPL stages, which I doubt, this code should run only in u-boot
> > proper. Thanks.
>
> The tpm-uclass.c is never compiled in SPL or TPL. Have a look at
> drivers/tpm/Kconfig. There is no CONFIG_SPL_TPM or CONFIG_TPL_TPM symbol.

The {S,T}PL_TPM symbol is actually defined under lib/Kconfig.
Currently it is not getting defined in any platform's defconfig, but
one can add it and build the tpm-uclass driver for the SPL/TPL stage
as well. I added the SPL_TPM config to the chromebook_coral and it
indeed builds the tpm-uclass driver. Thanks.

-sughosh

>
> Best regards
>
> Heinrich
>
> >
> > -sughosh
> >
> >>
> >> Best regards
> >>
> >> Heinrich
> >>
> >>> +static int tpm_uclass_post_probe(struct udevice *dev)
> >>> +{
> >>> +     int ret;
> >>> +     const char *drv = is_tpm1(dev) ? TPM_RNG1_DRV_NAME : TPM_RNG2_DRV_NAME;
> >>> +     struct udevice *child;
> >>> +
> >>> +     ret = device_bind_driver(dev, drv, "tpm-rng0", &child);
> >>> +     if (ret == -ENOENT) {
> >>> +             log_err("No driver configured for tpm-rng device\n");
> >>> +             return 0;
> >>> +     }
> >>> +
> >>> +     if (ret) {
> >>> +             log_err("Unable to bind rng driver with the tpm-rng device\n");
> >>> +             return ret;
> >>> +     }
> >>> +
> >>> +     return 0;
> >>> +}
> >>> +
> >>> +static int tpm_uclass_child_pre_probe(struct udevice *dev)
> >>> +{
> >>> +     int ret;
> >>> +
> >>> +     ret = tpm_open(dev->parent);
> >>> +     if (ret == -EBUSY) {
> >>> +             log_info("TPM device already opened\n");
> >>> +     } else if (ret) {
> >>> +             log_err("Unable to open TPM device\n");
> >>> +             return ret;
> >>> +     }
> >>> +
> >>> +     ret = tpm_startup(dev->parent, TPM_ST_CLEAR);
> >>> +     if (ret)
> >>> +             log_err("Unable to start TPM device\n");
> >>> +
> >>> +     return ret;
> >>> +}
> >>> +#endif /* CONFIG_TPM */
> >>> +
> >>>    UCLASS_DRIVER(tpm) = {
> >>> -     .id             = UCLASS_TPM,
> >>> -     .name           = "tpm",
> >>> -     .flags          = DM_UC_FLAG_SEQ_ALIAS,
> >>> +     .id                     = UCLASS_TPM,
> >>> +     .name                   = "tpm",
> >>> +     .flags                  = DM_UC_FLAG_SEQ_ALIAS,
> >>>    #if CONFIG_IS_ENABLED(OF_REAL)
> >>> -     .post_bind      = dm_scan_fdt_dev,
> >>> +     .post_bind              = dm_scan_fdt_dev,
> >>> +#endif
> >>> +#if IS_ENABLED(CONFIG_TPM)
> >>> +     .post_probe             = tpm_uclass_post_probe,
> >>> +     .child_pre_probe        = tpm_uclass_child_pre_probe,
> >>>    #endif
> >>>        .per_device_auto        = sizeof(struct tpm_chip_priv),
> >>>    };
> >>
>

More information about the U-Boot mailing list