[PATCH 2/6] tmp: add TPM2_PCR_Allocate command
Simon Glass
sjg at chromium.org
Sat Jan 18 05:31:25 CET 2025
Hi Raymond,
On Wed, 15 Jan 2025 at 13:02, Raymond Mao <raymond.mao at linaro.org> wrote:
>
> TPM2_PCR_Allocate command is required to re-configurate a TPM device
> to enable or disable algorithms in run-time, thus this patch introduces
> the implementation of PCR allocate APIs and adds related cmd functions
> for testing.
>
> To test the feature, ensure that TPM is started up.
> Run pcr_allocate command to turn on/off an algorithm, multiple calls
> are supported and all changes will be cached:
> `tpm2 pcr_allocate <algorithm_name> <on|off>`
> Run startup command with argument 'off' to shutdown the TPM.
> `tpm2 startup TPM2_SU_CLEAR off`
> Reboot the board via `reset` to activate the changes.
It would be better to have an automated test.
You could create one using the sandbox TPM, and you could add a pytest
which can run on my lab (coral has a TPMv2).
>
> Signed-off-by: Raymond Mao <raymond.mao at linaro.org>
> ---
> cmd/tpm-v2.c | 94 +++++++++++++++++++++++++++++++++++
> include/tpm-v2.h | 29 +++++++++++
> lib/tpm-v2.c | 124 +++++++++++++++++++++++++++++++++++++++++++++++
> 3 files changed, 247 insertions(+)
Regards,
Simon
More information about the U-Boot
mailing list