This patch set implements PCR allocate command to handle the algorithm dismatches among TPM device, eventlog from previous boot stage and what U-Boot supports.
It re-configurates TPM device if any active algorithms are not supported by U-Boot or does not exist in the eventlog passed in.
To re-configurate, a PCR allocate command will be sent with new algorithm configurations, followed by a shutdown command and a hardware reset to activate those new configurations.
If any of the algorithms from the eventlog does not supported by U-Boot or TPM device does not support all U-Boot algorithms, exit with error.
This new feature is under control by a new introduced kconfig TPM_PCR_ALLOCATE.
Raymond Mao (6): tpm: add TPM2_Shutdown command tpm: add TPM2_PCR_Allocate command tpm: add wrapper and helper APIs for PCR allocate tpm: add PCR allocate into the eventlog handling tpm: PCR allocate during PCR extend to disable the unsupported algorithms board: qemu-arm: select TPM_PCR_ALLOCATE
cmd/tpm-v2.c | 128 ++++++++++++++++- configs/qemu_arm64_defconfig | 1 + include/tpm-v2.h | 53 ++++++- lib/Kconfig | 12 ++ lib/tpm-v2.c | 259 ++++++++++++++++++++++++++++++++++- lib/tpm_api.c | 4 +- lib/tpm_tcg2.c | 52 +++---- 7 files changed, 463 insertions(+), 46 deletions(-)