Current U-Boot supports TPM v1.2 specification. The new specification (v2.0) is not backward compatible and renames/introduces several functions.
This series introduces a new SPI driver following the TPM v2.0 specification. It has been tested on a ST TPM but should be usable with others v2.0 compliant chips.
Then, basic functionalities are introduced one by one for the v2.0 specification. The INIT command now can receive a parameter to distinguish further TPMv1/TPMv2 commands. After that, the library itself will know which one is pertinent and will return a special error if the desired command is not supported for the selected specification.
Available commands for v2.0 TPMs are: * STARTUP * SELF TEST * CLEAR * PCR EXTEND * PCR READ * GET CAPABILITY * DICTIONARY ATTACK LOCK RESET * DICTIONARY ATTACK CHANGE PARAMETERS * HIERARCHY CHANGE AUTH
Two commands have been written but could not be tested (unsupported by the TPM chosen): * PCR CHANGE AUTH POLICY * PCR CHANGE AUTH VALUE
With this set of function, minimal TPMv2.0 handling is possible with the following sequence.
* First, initialize the TPM stack in U-Boot: "TPM2" is a new parameter to discern the format of the commands:
tpm init TPM2
* Then send the STARTUP command to the TPM. The flag is slightly different between the revisions.
tpm startup TPM2_SU_CLEAR
* To enable full TPM capabilities, continue the tests (or do them all again). It seems like self_test_full always waits for the operation to finish, while continue_self_test returns a busy state if called to early.
tpm continue_self_test tpm self_test_full
* Manage passwords (force_clear also resets a lot of internal stuff). Olderly, TAKE OWNERSHIP == CLEAR + CHANGE AUTH. LOCKOUT is an example, ENDORSEMENT and PLATFORM hierarchies are available too:
tpm force_clear TPM2_RH_LOCKOUT [<pw>] tpm change_auth TPM2_RH_LOCKOUT <new_pw> [<old_pw>]
* Dictionary Attack Mitigation (DAM) parameters can be changed. It is possible to reset the failure counter and disable the lockout (values erased after a CLEAR). It is then possible to check the parameters have been correctly applied.
tpm dam_reset_counter [<pw>] tpm dam_set_parameters 0xffff 1 0 [<pw>] tpm get_capability 0x0006 0x020e 0x4000000 4
* PCR policy may be changed (untested). PCR can be extended (no protection against packet replay yet). PCR can be read (the counter with the number of "extensions" is also given).
tpm pcr_setauthpolicy 0 12345678901234567890123456789012 [<pw>] tpm pcr_read 0 0x4000000 tpm pcr_extend 0 0x4000000
Regular testing may be done through the test/py/ framework when using real hardware, there is no sandbox support for now.
Thanks, Miquèl
Miquel Raynal (19): tpm: add Revision ID field in the chip structure tpm: rename tpm_tis_infineon in tpm_tis_infineon_i2c tpm: add support for TPMv2 SPI modules tpm: fix indentation in command list before adding more tpm: prepare support for TPMv2 commands tpm: add macros for TPMv2 commands tpm: add possible traces to analyze buffers returned by the TPM tpm: handle different buffer sizes tpm: add TPM2_Startup command support tpm: add TPM2_SelfTest command support tpm: add TPM2_Clear command support tpm: rename the _extend() function to be _pcr_event() tpm: add TPM2_PCR_Extend command support tpm: add TPM2_PCR_Read command support tpm: add TPM2_GetCapability command support tpm: add dictionary attack mitigation commands support tpm: add TPM2_HierarchyChangeAuth command support tpm: add PCR authentication commands support test/py: add TPMv2.0 test suite
cmd/tpm.c | 360 +++++++++-- cmd/tpm_test.c | 10 +- drivers/tpm/Kconfig | 13 +- drivers/tpm/Makefile | 3 +- drivers/tpm/tpm_tis.h | 4 + .../{tpm_tis_infineon.c => tpm_tis_infineon_i2c.c} | 2 +- drivers/tpm/tpm_tis_spi.c | 656 +++++++++++++++++++++ include/tpm.h | 183 +++++- lib/tpm.c | 654 ++++++++++++++++++-- test/py/tests/test_tpm2.py | 254 ++++++++ 10 files changed, 1993 insertions(+), 146 deletions(-) rename drivers/tpm/{tpm_tis_infineon.c => tpm_tis_infineon_i2c.c} (99%) create mode 100644 drivers/tpm/tpm_tis_spi.c create mode 100644 test/py/tests/test_tpm2.py