[PATCH v4 10/14] cmd: refactor tpm2 command into frontend/backend architecture

[Simon Glass]

Hi Aidan,

On Tue, 12 May 2026 at 18:26, Aidan Garske <aidan at wolfssl.com> wrote:
>
> From: Aidan <aidan at wolfssl.com>
>
> Split the tpm2 command implementation into a shared frontend and
> two selectable backends. This allows wolfTPM to provide its own
> TPM2 command implementations while keeping the command table,
> dispatcher, and help text shared.
>
> Architecture:
>
> cmd/tpm-v2.c (frontend - always compiled):
>   Contains the tpm2_commands[] table, get_tpm2_commands(), the
>   do_tpm2() dispatcher, and the U_BOOT_CMD help text. References
>   backend functions via cmd/tpm2-backend.h. When CONFIG_TPM_WOLF
>   is enabled, additional wolfTPM-only commands (caps, pcr_print,
>   firmware_update, firmware_cancel) are added to the table.
>
> cmd/tpm2-backend.h (new):
>   Declares all backend function prototypes that both backends must
>   implement: do_tpm2_device, do_tpm2_info, do_tpm2_init,
>   do_tpm2_startup, do_tpm2_selftest, do_tpm2_clear,
>   do_tpm2_pcr_extend, do_tpm2_pcr_read, do_tpm2_get_capability,
>   do_tpm2_dam_reset, do_tpm2_dam_parameters, do_tpm2_change_auth,
>   do_tpm2_pcr_setauthpolicy, do_tpm2_pcr_setauthvalue,
>   do_tpm2_pcr_allocate, plus wolfTPM-only functions.
>
> cmd/native_tpm2.c (new - native backend):
>   Contains the original tpm2 command implementations that use
>   U-Boot's TPM driver model (tpm_api.h, tpm-v2.h). Compiled when
>   CONFIG_TPM_WOLF is not set. Common commands delegate to
>   tpm-common.c helpers (do_tpm_device, do_tpm_info, etc.).
>
> cmd/wolftpm.c (new - wolfTPM backend):
>   Implements all tpm2 commands using wolfTPM library APIs directly
>   (wolfTPM2_Init, wolfTPM2_GetCapabilities, wolfTPM2_ExtendPCR,
>   etc.). Includes Infineon-specific firmware update and cancel
>   commands. Each command initializes its own WOLFTPM2_DEV instance

This commit should be split so that the refactor is first and the Wolf
stuff later.

Regards,
Simon