Convert our SPI TPM driver and use the newly added API
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Add support for devices that expose a TPMv2 though MMIO.
Apart from those devices, we can use the driver in our QEMU setups and
test TPM related code which is difficult to achieve using the sandbox
driver (e.g test the EFI TCG2 protocol).
It's worth noting that a previous patch added TPMv2 TIS core functions,
which the current driver is consuming.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
We want to support nvdata in TPM2 as well. To avoid code duplicating the
associated code, move it into a common file.
Drop the special-case logic for the kernel space. This can be handled by
the higher-level code now, i.e. in vboot itself.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present the security chip is not used in these U-Boot phases. Update
the Makefile to exclude it.
Fix a few logging statements while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
TPM TEE driver
Various minor sandbox video enhancements
New driver model core utility functions
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAl48iogACgkQfxc6PpAI
reaVzAf/an3/yKe6r3CVWlcRV6H/dVg1ApnnLpX7jS0p0b++oCVvOiy7z1WPXj3k
b1SSgENDeeZ/8EHio+Gf7ZidH/TGEj7L6YEFwd1t60GMkZiWEkNf4Z53tw482YG+
96hoPD+ySTW+ddIdVHWAFG2I4aEiKHANJAp/ItNdD+rLbrEwNQy+eiK5JTOk80B6
/X8AJCLZeAC1s7vs+2+WolgjT78QGzA9HHalMiublcqh0ivKKk0QeQiOKKPe8JYJ
om5YY1TxayQ60Xmo5f39/SBfzEEklxw83sU9o1tBeYzyVUpu7fQdkxiDbWdsij77
DgwLdeYQJGbN+hdSWE0gjTqyhW+lWA==
=KRoA
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-6feb20' of https://gitlab.denx.de/u-boot/custodians/u-boot-dm
sandbox conversion to SDL2
TPM TEE driver
Various minor sandbox video enhancements
New driver model core utility functions
H1 is a Google security chip present in recent Chromebooks, Pixel phones
and other devices. Cr50 is the name of the software that runs on H1 in
Chromebooks.
This chip is used to handle TPM-like functionality and also has quite a
few additional features.
Add a driver for this.
Signed-off-by: Simon Glass <sjg@chromium.org>
This driver can emulate all the basic functionalities of a TPMv2.x
chip and should behave like them during regular testing.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add the tpm2_tis_spi driver that should support any TPMv2 compliant
(SPI) module.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.
Signed-off-by: Tom Rini <trini@konsulko.com>
Add support for TPM ST33ZP24 spi.
The ST33ZP24 does have a spi interface.
The transport protocol is proprietary.
For spi we are relying only on DM_SPI.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Add support for TPM ST33ZP24 family with i2c.
For i2c we are relying only on DM_I2C.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Now that all TPM drivers use driver model, we can drop the special driver
model CONFIG option.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Christophe Ricard<christophe-h.ricard@st.com>
As there is no TCG specification or recommendation for i2c TPM 1.2,
move tpm_tis_i2c driver to tpm_i2c_infineon. Other tpm vendors like Atmel
or STMicroelectronics may have a different transport protocol for i2c.
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Acked-by: Simon Glass <sjg@chromium.org>
Add a new uclass for TPMs which uses almost the same TIS (TPM Interface
Specification) as is currently implemented. Since init() is handled by the
normal driver model probe() method, we don't need to implement that. Also
rename the transfer method to xfer() which is a less clumbsy name.
Once all drivers and users are converted to driver model we can remove the
old code.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Christophe Ricard<christophe-h.ricard@st.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
The current Infineon I2C TPM driver is written in two parts, intended to
support use with other I2C devices. However we don't have any users and the
Atmel I2C TPM device does not use this file.
We should simplify this and remove the unused abstration. As a first step,
move the code into one file.
Also the name tpm_private.h suggests that the header file is generic to all
TPMs but it is not. Rename it indicate that it relates only to this driver
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
Add a simple TPM emulator for sandbox. It only supports a small subset of
TPM operations. However, these are enough to perform common tasks.
Note this is an initial commit to get this working, but it could use
cleaning up (for example constants instead of open-coded values).
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add support for Atmel TPM devices with two wire interface.
Signed-off-by: Dirk Eibach <dirk.eibach@gdsys.cc>
Signed-off-by: Reinhard Pfau <reinhard.pfau@gdsys.cc>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Andy Fleming <afleming@freescale.com>
This patch does a similar code reogranzation from
http://patchwork.ozlabs.org/patch/132179/
which is based on an old version of code (fdt support and bus selection
still not in). It merges this tidy-up on top of the recent code. It does
not make any logical change.
tpm.c implements the interface defined in tpm.h based on underlying
LPC or I2C TPM driver. tpm.c and the underlying driver communicate
throught tpm_private.h.
Note: Merging the LPC driver with tpm.c is left to future patches.
Change-Id: Ie1384f5f9e3935d3bc9a44adf8de80c5a70a5f2b
Signed-off-by: Tom Wai-Hong Tam <waihong@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
The new name is more aligned with Linux kernel's naming of TPM driver.
Signed-off-by: Peter Huewe <peter.huewe@infineon.com>
Signed-off-by: Che-Liang Chiou <clchiou@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Mike Frysinger <vapier@gentoo.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Tom Wai-Hong Tam <waihong@chromium.org>
Add a driver for the I2C TPM from Infineon.
Signed-off-by: Che-Liang Chiou <clchiou@chromium.org>
Signed-off-by: Rong Chang <rongchang@chromium.org>
Signed-off-by: Tom Wai-Hong Tam <waihong@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
TPM (Trusted Platform Module) is an integrated circuit and
software platform that provides computer manufacturers with the
core components of a subsystem used to assure authenticity,
integrity and confidentiality.
This driver supports version 1.2 of the TCG (Trusted Computing
Group) specifications.
The TCG specification defines several so called localities in a
TPM chip, to be controlled by different software layers. When
used on a typical x86 platform during the firmware phase, only
locality 0 can be accessed by the CPU, so this driver even while
supporting the locality concept presumes that only locality zero
is used.
This implementation is loosely based on the article "Writing a
TPM Device Driver" published on http://ptgmedia.pearsoncmg.com
Compiling this driver with DEBUG defined will generate trace of
all accesses to TMP registers.
This driver has been tested and is being used in three different
functional ChromeOS machines (Pinetrail and Sandy Bridge Intel
chipsets) all using the same Infineon SLB 9635 TT 1.2 device.
A u-boot cli command allowing access to the TPM was also
implemented and is being submitted as a second patch.
Change-Id: I22a33c3e5b2e20eec9557a7621bd463b30389d73
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
CC: Wolfgang Denk <wd@denx.de>