[PATCH 2/8] drivers: rollback: Add TPM2 implementation of rollback devices
Simon Glass
sjg at chromium.org
Fri Dec 1 19:32:13 CET 2023
Hi,
On Fri, 1 Dec 2023 at 07:52, Ilias Apalodimas
<ilias.apalodimas at linaro.org> wrote:
>
> Hi Sean,
>
> On Tue, Sep 12, 2023 at 02:47:25AM -0700, seanedmond at linux.microsoft.com wrote:
> > From: Stephen Carlson <stcarlso at linux.microsoft.com>
> >
> > This implementation of the rollback uclass driver allows existing TPM2
> > devices declared in the device tree to be referenced for storing the OS
> > anti-rollback counter, using the TPM2 non-volatile storage API. The
> > rollback device must be a child of the TPM device. For example:
> >
> > tpm2 {
> > compatible = "sandbox,tpm2";
> >
> > rollback at 1 {
> > compatible = "tpm,rollback";
> > rollback-nv-index = <0x1001007>;
> > };
> > };
> >
> This node is part of the DT specification right? If we accept this, we
> should figure out if we can add that to the specification.
For now I suggest adding a binding file to U-Boot and sending it upstream.
We still seem to be having extreme difficulty actually getting things
accepted upstream.
The logic of this driver needs a few changes, I believe:
- probe() should do nothing, to avoid probe failing due to bad counter, etc.
- we should have a startup() method to actually init the counter
- if that fails, we should have a setup() method to set up a new counter
That way the caller is in charge of things.
Of course you can put helper functions in the uclass.
Regards,
Simon
More information about the U-Boot
mailing list