U-Boot support for wolfTPM and firmware update for SLB9672/SLB9673

[Ilias Apalodimas]

Hi David

> Hi Denx,
>
> We at wolfSSL have developed a port for wolfTPM in U-Boot. The patch allows using the current built-in TPM 2.0 support or switching to wolfTPM via CONFIG_TPM_WOLF=y. It also supports TPM 2.0 firmware update for the Infineon SLB9672 and SLB9673.
>
> I think there is probably some more cleanup and testing needed, but I wanted to submit this to start the discussion and see your thoughts.

It's easier if you CC the appropriate maintainers for each subsystem next
time!

>
> The wolfTPM library is GPLv2 and added as a submodule. If the license or submodule is an issue let’s discuss! I’m positive we can resolve anything.

We recently added a few external libraries. mbedTLS and lwIP. Both of these
are pulled as subtrees, so I'd like to stick to that.

I briefly went through the patch and I don't disagree in pulling an
external library as long as it's reasonably stable and will continue
to be maintained. A few questions since I am not familiar with wolfTPM

- Have you made any size comparisons wrt to the final binary size?
- Does wolfTPM have stable releases that we can use?
- Is there a CVE policy ?

The current patch is quite big and I honestly don't have time to go
through all of it in detail. I'll be away next week, but I can give some
general feedback in ~10days. The easiest thing to do is try to split it
a reasonable amount of patches -- and only include the bare minimum of what's
required to work.

Thanks
/Ilias

>
> Attached is the patch based on latest master 3b6760ddeb4 to review.
>
> 
>
> Thanks,
> David Garske
> Software Engineer, wolfSSL
> +1 (530) 409-2990
> https://www.wolfssl.com <https://www.wolfssl.com/>
> https://github.com/wolfssl