[PATCH v3 4/8] tpm: Add the RNG child device
Simon Glass
sjg at chromium.org
Wed Mar 9 03:35:41 CET 2022
Hi,
On Fri, 4 Mar 2022 at 06:35, Sughosh Ganu <sughosh.ganu at linaro.org> wrote:
>
> The TPM device comes with the random number generator(RNG)
> functionality which is built into the TPM device. Add logic to add the
> RNG child device in the TPM uclass post probe callback.
>
> The RNG device can then be used to pass a set of random bytes to the
> linux kernel, need for address space randomisation through the
> EFI_RNG_PROTOCOL interface.
>
> Signed-off-by: Sughosh Ganu <sughosh.ganu at linaro.org>
> ---
>
> Changes since V2:
> * Enable DM_RNG when CONFIG_TPM is enabled to build the RNG uclass
> code
>
> drivers/tpm/tpm-uclass.c | 60 +++++++++++++++++++++++++++++++++++++---
> lib/Kconfig | 1 +
> 2 files changed, 57 insertions(+), 4 deletions(-)
No new comments from last time, still needs to be addressed.
>
> diff --git a/drivers/tpm/tpm-uclass.c b/drivers/tpm/tpm-uclass.c
> index f67fe1019b..d1b9e0a757 100644
> --- a/drivers/tpm/tpm-uclass.c
> +++ b/drivers/tpm/tpm-uclass.c
> @@ -11,10 +11,16 @@
> #include <log.h>
> #include <linux/delay.h>
> #include <linux/unaligned/be_byteshift.h>
> +#include <tpm_api.h>
> #include <tpm-v1.h>
> #include <tpm-v2.h>
> #include "tpm_internal.h"
>
> +#include <dm/lists.h>
> +
> +#define TPM_RNG1_DRV_NAME "tpm1-rng"
> +#define TPM_RNG2_DRV_NAME "tpm2-rng"
> +
> int tpm_open(struct udevice *dev)
> {
> struct tpm_ops *ops = tpm_get_ops(dev);
> @@ -136,12 +142,58 @@ int tpm_xfer(struct udevice *dev, const uint8_t *sendbuf, size_t send_size,
> return 0;
> }
>
> +#if IS_ENABLED(CONFIG_TPM)
> +static int tpm_uclass_post_probe(struct udevice *dev)
> +{
> + int ret;
> + const char *drv = tpm_is_v1(dev) ?
> + TPM_RNG1_DRV_NAME : TPM_RNG2_DRV_NAME;
> + struct udevice *child;
> +
> + ret = device_bind_driver(dev, drv, "tpm-rng0", &child);
> + if (ret == -ENOENT) {
> + log_err("No driver configured for tpm-rng device\n");
> + return 0;
> + }
> +
> + if (ret) {
> + log_err("Unable to bind rng driver with the tpm-rng device\n");
> + return ret;
> + }
> +
> + return 0;
> +}
> +
> +static int tpm_uclass_child_pre_probe(struct udevice *dev)
> +{
> + int ret;
> +
> + ret = tpm_open(dev->parent);
> + if (ret == -EBUSY) {
> + log_info("TPM device already opened\n");
> + } else if (ret) {
> + log_err("Unable to open TPM device\n");
> + return ret;
> + }
> +
> + ret = tpm_startup(dev->parent, TPM_ST_CLEAR);
> + if (ret)
> + log_err("Unable to start TPM device\n");
> +
> + return ret;
> +}
> +#endif /* CONFIG_TPM */
> +
> UCLASS_DRIVER(tpm) = {
> - .id = UCLASS_TPM,
> - .name = "tpm",
> - .flags = DM_UC_FLAG_SEQ_ALIAS,
> + .id = UCLASS_TPM,
> + .name = "tpm",
> + .flags = DM_UC_FLAG_SEQ_ALIAS,
> #if CONFIG_IS_ENABLED(OF_REAL)
> - .post_bind = dm_scan_fdt_dev,
> + .post_bind = dm_scan_fdt_dev,
> +#endif
> +#if IS_ENABLED(CONFIG_TPM)
> + .post_probe = tpm_uclass_post_probe,
> + .child_pre_probe = tpm_uclass_child_pre_probe,
> #endif
> .per_device_auto = sizeof(struct tpm_chip_priv),
> };
> diff --git a/lib/Kconfig b/lib/Kconfig
> index 3c6fa99b1a..0f05c97afc 100644
> --- a/lib/Kconfig
> +++ b/lib/Kconfig
> @@ -341,6 +341,7 @@ source lib/crypt/Kconfig
> config TPM
> bool "Trusted Platform Module (TPM) Support"
> depends on DM
> + select DM_RNG
> help
> This enables support for TPMs which can be used to provide security
> features for your board. The TPM can be connected via LPC or I2C
> --
> 2.25.1
>
Regards,
Simon
More information about the U-Boot
mailing list