Commit graph

26 commits

Author SHA1 Message Date
Ilias Apalodimas
a5c30c26b2 tpm: Use the new API on tpm2 spi driver
Convert our SPI TPM driver and use the newly added API

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-11-10 20:57:54 +01:00
Ilias Apalodimas
e0ff348997 tpm2: Add a TPMv2 MMIO TIS driver
Add support for devices that expose a TPMv2 though MMIO.
Apart from those devices, we can use the driver in our QEMU setups and
test TPM related code which is difficult to achieve using the sandbox
driver (e.g test the EFI TCG2 protocol).

It's worth noting that a previous patch added TPMv2 TIS core functions,
which the current driver is consuming.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-11-10 20:57:54 +01:00
Simon Glass
974c98f26c sandbox: tpm: Split out common nvdata code
We want to support nvdata in TPM2 as well. To avoid code duplicating the
associated code, move it into a common file.

Drop the special-case logic for the kernel space. This can be handled by
the higher-level code now, i.e. in vboot itself.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-08-01 09:05:24 -06:00
Simon Glass
13ad993fc7 tpm: Don't include cr50 in TPL/SPL
At present the security chip is not used in these U-Boot phases. Update
the Makefile to exclude it.

Fix a few logging statements while we are here.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-03-02 15:53:37 -05:00
Tom Rini
9a8942b53d sandbox conversion to SDL2
TPM TEE driver
 Various minor sandbox video enhancements
 New driver model core utility functions
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAl48iogACgkQfxc6PpAI
 reaVzAf/an3/yKe6r3CVWlcRV6H/dVg1ApnnLpX7jS0p0b++oCVvOiy7z1WPXj3k
 b1SSgENDeeZ/8EHio+Gf7ZidH/TGEj7L6YEFwd1t60GMkZiWEkNf4Z53tw482YG+
 96hoPD+ySTW+ddIdVHWAFG2I4aEiKHANJAp/ItNdD+rLbrEwNQy+eiK5JTOk80B6
 /X8AJCLZeAC1s7vs+2+WolgjT78QGzA9HHalMiublcqh0ivKKk0QeQiOKKPe8JYJ
 om5YY1TxayQ60Xmo5f39/SBfzEEklxw83sU9o1tBeYzyVUpu7fQdkxiDbWdsij77
 DgwLdeYQJGbN+hdSWE0gjTqyhW+lWA==
 =KRoA
 -----END PGP SIGNATURE-----

Merge tag 'dm-pull-6feb20' of https://gitlab.denx.de/u-boot/custodians/u-boot-dm

sandbox conversion to SDL2
TPM TEE driver
Various minor sandbox video enhancements
New driver model core utility functions
2020-02-11 10:58:41 -05:00
Simon Glass
d36856a385 tpm: Add a driver for H1/Cr50
H1 is a Google security chip present in recent Chromebooks, Pixel phones
and other devices. Cr50 is the name of the software that runs on H1 in
Chromebooks.

This chip is used to handle TPM-like functionality and also has quite a
few additional features.

Add a driver for this.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-02-07 22:46:35 +08:00
Thirupathaiah Annapureddy
8d73be7a8e tpm2: ftpm: A driver for firmware TPM running inside TEE
Add a driver for a firmware TPM running inside TEE.

Documentation of the firmware TPM:
https://www.microsoft.com/en-us/research/publication/ftpm-software-implementation-tpm-chip/

Implementation of the firmware TPM:
https://github.com/Microsoft/ms-tpm-20-ref/tree/master/Samples/ARM32-FirmwareTPM

Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com>
2020-02-05 19:33:46 -07:00
Simon Glass
6307896c17 tpm: Add support for SPL and TPL
At present the tpm can only be used in U-Boot proper. Updated it to work
in SPL and TPL also.

Signed-off-by: Simon Glass <sjg@chromium.org>
2018-10-09 04:40:27 -06:00
Miquel Raynal
2bae712f7a tpm: add a Sandbox TPMv2.x driver
This driver can emulate all the basic functionalities of a TPMv2.x
chip and should behave like them during regular testing.

Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
2018-05-25 20:13:00 -04:00
Miquel Raynal
eb46910b4b tpm: add support for TPMv2.x SPI modules
Add the tpm2_tis_spi driver that should support any TPMv2 compliant
(SPI) module.

Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2018-05-25 20:12:59 -04:00
Tom Rini
83d290c56f SPDX: Convert all of our single license tags to Linux Kernel style
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from.  So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry.  Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.

In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.

This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents.  There's also a few places where I found we did not have a tag
and have introduced one.

Signed-off-by: Tom Rini <trini@konsulko.com>
2018-05-07 09:34:12 -04:00
Christophe Ricard
b75fdc11eb tpm: st33zp24: Add tpm st33zp24 spi support
Add support for TPM ST33ZP24 spi.

The ST33ZP24 does have a spi interface.
The transport protocol is proprietary.

For spi we are relying only on DM_SPI.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
2016-01-28 21:01:22 -07:00
Christophe Ricard
3aa74088d4 tpm: st33zp24: Add tpm st33zp24 support with i2c
Add support for TPM ST33ZP24 family with i2c.

For i2c we are relying only on DM_I2C.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
2016-01-28 21:01:22 -07:00
Simon Glass
2419cd16a1 dm: tpm: Drop CONFIG_DM_TPM
Now that all TPM drivers use driver model, we can drop the special driver
model CONFIG option.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Christophe Ricard<christophe-h.ricard@st.com>
2015-10-23 09:42:28 -06:00
Christophe Ricard
0766ad2f7f dm: tpm: Move tpm_tis_i2c to tpm_i2c_infineon
As there is no TCG specification or recommendation for i2c TPM 1.2,
move tpm_tis_i2c driver to tpm_i2c_infineon. Other tpm vendors like Atmel
or STMicroelectronics may have a different transport protocol for i2c.

Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Acked-by: Simon Glass <sjg@chromium.org>
2015-10-23 09:42:28 -06:00
Simon Glass
f255d31f90 dm: tpm: Add a uclass for Trusted Platform Modules
Add a new uclass for TPMs which uses almost the same TIS (TPM Interface
Specification) as is currently implemented. Since init() is handled by the
normal driver model probe() method, we don't need to implement that. Also
rename the transfer method to xfer() which is a less clumbsy name.

Once all drivers and users are converted to driver model we can remove the
old code.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Christophe Ricard<christophe-h.ricard@st.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
2015-08-31 07:57:28 -06:00
Simon Glass
4cd7b7834c tpm: Move the I2C TPM code into one file
The current Infineon I2C TPM driver is written in two parts, intended to
support use with other I2C devices. However we don't have any users and the
Atmel I2C TPM device does not use this file.

We should simplify this and remove the unused abstration. As a first step,
move the code into one file.

Also the name tpm_private.h suggests that the header file is generic to all
TPMs but it is not. Rename it indicate that it relates only to this driver

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
2015-08-31 07:57:27 -06:00
Simon Glass
ed3f5a30a7 sandbox: tpm: Add TPM emulation
Add a simple TPM emulator for sandbox. It only supports a small subset of
TPM operations. However, these are enough to perform common tasks.

Note this is an initial commit to get this working, but it could use
cleaning up (for example constants instead of open-coded values).

Signed-off-by: Simon Glass <sjg@chromium.org>

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2014-01-08 17:25:12 -07:00
Masahiro Yamada
36cf0a845c drivers: tpm: clean up unused code
Signed-off-by: Masahiro Yamada <yamada.m@jp.panasonic.com>
2013-11-17 14:11:30 -05:00
Masahiro Yamada
710f1d3d5f drivers: convert makefiles to Kbuild style
Signed-off-by: Masahiro Yamada <yamada.m@jp.panasonic.com>
2013-10-31 13:26:01 -04:00
Wolfgang Denk
1a4596601f Add GPL-2.0+ SPDX-License-Identifier to source files
Signed-off-by: Wolfgang Denk <wd@denx.de>
[trini: Fixup common/cmd_io.c]
Signed-off-by: Tom Rini <trini@ti.com>
2013-07-24 09:44:38 -04:00
Dirk Eibach
c01939c764 Add Atmel I2C tpm
Add support for Atmel TPM devices with two wire interface.

Signed-off-by: Dirk Eibach <dirk.eibach@gdsys.cc>
Signed-off-by: Reinhard Pfau <reinhard.pfau@gdsys.cc>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Andy Fleming <afleming@freescale.com>
2013-07-16 17:44:30 -05:00
Tom Wai-Hong Tam
1b393db587 tpm: Reorganize the I2C TPM driver
This patch does a similar code reogranzation from
  http://patchwork.ozlabs.org/patch/132179/
which is based on an old version of code (fdt support and bus selection
still not in). It merges this tidy-up on top of the recent code. It does
not make any logical change.

tpm.c implements the interface defined in tpm.h based on underlying
LPC or I2C TPM driver. tpm.c and the underlying driver communicate
throught tpm_private.h.

Note: Merging the LPC driver with tpm.c is left to future patches.

Change-Id: Ie1384f5f9e3935d3bc9a44adf8de80c5a70a5f2b
Signed-off-by: Tom Wai-Hong Tam <waihong@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2013-06-03 01:31:23 -07:00
Che-liang Chiou
90899cc014 tpm: Rename generic_lpc_tpm to tpm_tis_lpc
The new name is more aligned with Linux kernel's naming of TPM driver.

Signed-off-by: Peter Huewe <peter.huewe@infineon.com>
Signed-off-by: Che-Liang Chiou <clchiou@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Mike Frysinger <vapier@gentoo.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Tom Wai-Hong Tam <waihong@chromium.org>
2013-06-03 01:26:25 -07:00
Rong Chang
f626799816 tpm: Add Infineon slb9635_i2c TPM driver
Add a driver for the I2C TPM from Infineon.

Signed-off-by: Che-Liang Chiou <clchiou@chromium.org>
Signed-off-by: Rong Chang <rongchang@chromium.org>
Signed-off-by: Tom Wai-Hong Tam <waihong@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
2013-04-12 14:13:00 -07:00
Vadim Bendebury
5e1247247b Introduce generic TPM support in u-boot
TPM (Trusted Platform Module) is an integrated circuit and
software platform that provides computer manufacturers with the
core components of a subsystem used to assure authenticity,
integrity and confidentiality.

This driver supports version 1.2 of the TCG (Trusted Computing
Group) specifications.

The TCG specification defines several so called localities in a
TPM chip, to be controlled by different software layers. When
used on a typical x86 platform during the firmware phase, only
locality 0 can be accessed by the CPU, so this driver even while
supporting the locality concept presumes that only locality zero
is used.

This implementation is loosely based on the article "Writing a
TPM Device Driver" published on http://ptgmedia.pearsoncmg.com

Compiling this driver with DEBUG defined will generate trace of
all accesses to TMP registers.

This driver has been tested and is being used in three different
functional ChromeOS machines (Pinetrail and Sandy Bridge Intel
chipsets) all using the same Infineon SLB 9635 TT 1.2 device.

A u-boot cli command allowing access to the TPM was also
implemented and is being submitted as a second patch.

Change-Id: I22a33c3e5b2e20eec9557a7621bd463b30389d73
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
CC: Wolfgang Denk <wd@denx.de>
2011-12-07 08:45:51 +01:00