diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/Kconfig | 10 | ||||
-rw-r--r-- | lib/fdtdec.c | 3 | ||||
-rw-r--r-- | lib/gzip.c | 1 | ||||
-rw-r--r-- | lib/tpm.c | 82 | ||||
-rw-r--r-- | lib/zlib/zutil.c | 4 |
5 files changed, 91 insertions, 9 deletions
diff --git a/lib/Kconfig b/lib/Kconfig index 884218a..0673072 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -54,6 +54,16 @@ source lib/dhry/Kconfig source lib/rsa/Kconfig +config TPM + bool "Trusted Platform Module (TPM) Support" + help + This enables support for TPMs which can be used to provide security + features for your board. The TPM can be connected via LPC or I2C + and a sandbox TPM is provided for testing purposes. Use the 'tpm' + command to interactive the TPM. Driver model support is provided + for the low-level TPM interface, but only one TPM is supported at + a time by the TPM library. + menu "Hashing Support" config SHA1 diff --git a/lib/fdtdec.c b/lib/fdtdec.c index 81b54f8..5770094 100644 --- a/lib/fdtdec.c +++ b/lib/fdtdec.c @@ -58,8 +58,6 @@ static const char * const compat_names[COMPAT_COUNT] = { COMPAT(MAXIM_MAX77686_PMIC, "maxim,max77686"), COMPAT(GENERIC_SPI_FLASH, "spi-flash"), COMPAT(MAXIM_98095_CODEC, "maxim,max98095-codec"), - COMPAT(INFINEON_SLB9635_TPM, "infineon,slb9635-tpm"), - COMPAT(INFINEON_SLB9645_TPM, "infineon,slb9645tt"), COMPAT(SAMSUNG_EXYNOS5_I2C, "samsung,exynos5-hsi2c"), COMPAT(SANDBOX_LCD_SDL, "sandbox,lcd-sdl"), COMPAT(SAMSUNG_EXYNOS_SYSMMU, "samsung,sysmmu-v3.3"), @@ -76,6 +74,7 @@ static const char * const compat_names[COMPAT_COUNT] = { COMPAT(COMPAT_INTEL_PCH, "intel,bd82x6x"), COMPAT(COMPAT_INTEL_IRQ_ROUTER, "intel,irq-router"), COMPAT(ALTERA_SOCFPGA_DWMAC, "altr,socfpga-stmmac"), + COMPAT(ALTERA_SOCFPGA_DWMMC, "altr,socfpga-dw-mshc"), COMPAT(COMPAT_INTEL_BAYTRAIL_FSP, "intel,baytrail-fsp"), COMPAT(COMPAT_INTEL_BAYTRAIL_FSP_MDP, "intel,baytrail-fsp-mdp"), }; @@ -10,6 +10,7 @@ #include <command.h> #include <image.h> #include <malloc.h> +#include <memalign.h> #include <u-boot/zlib.h> #include "zlib/zutil.h" @@ -6,10 +6,11 @@ */ #include <common.h> -#include <stdarg.h> -#include <u-boot/sha1.h> +#include <dm.h> +#include <tis.h> #include <tpm.h> #include <asm/unaligned.h> +#include <u-boot/sha1.h> /* Internal error of TPM command library */ #define TPM_LIB_ERROR ((uint32_t)~0u) @@ -17,7 +18,6 @@ /* Useful constants */ enum { COMMAND_BUFFER_SIZE = 256, - TPM_PUBEK_SIZE = 256, TPM_REQUEST_HEADER_LENGTH = 10, TPM_RESPONSE_HEADER_LENGTH = 10, PCR_DIGEST_LENGTH = 20, @@ -240,9 +240,20 @@ static uint32_t tpm_sendrecv_command(const void *command, response = response_buffer; response_length = sizeof(response_buffer); } +#ifdef CONFIG_DM_TPM + struct udevice *dev; + int ret; + + ret = uclass_first_device(UCLASS_TPM, &dev); + if (ret) + return ret; + err = tpm_xfer(dev, command, tpm_command_size(command), + response, &response_length); +#else err = tis_sendrecv(command, tpm_command_size(command), response, &response_length); - if (err) +#endif + if (err < 0) return TPM_LIB_ERROR; if (size_ptr) *size_ptr = response_length; @@ -250,15 +261,24 @@ static uint32_t tpm_sendrecv_command(const void *command, return tpm_return_code(response); } -uint32_t tpm_init(void) +int tpm_init(void) { - uint32_t err; + int err; + +#ifdef CONFIG_DM_TPM + struct udevice *dev; + err = uclass_first_device(UCLASS_TPM, &dev); + if (err) + return err; + return tpm_open(dev); +#else err = tis_init(); if (err) return err; return tis_open(); +#endif } uint32_t tpm_startup(enum tpm_startup_type mode) @@ -589,6 +609,56 @@ uint32_t tpm_get_capability(uint32_t cap_area, uint32_t sub_cap, return 0; } +uint32_t tpm_get_permanent_flags(struct tpm_permanent_flags *pflags) +{ + const uint8_t command[22] = { + 0x0, 0xc1, /* TPM_TAG */ + 0x0, 0x0, 0x0, 0x16, /* parameter size */ + 0x0, 0x0, 0x0, 0x65, /* TPM_COMMAND_CODE */ + 0x0, 0x0, 0x0, 0x4, /* TPM_CAP_FLAG_PERM */ + 0x0, 0x0, 0x0, 0x4, /* subcap size */ + 0x0, 0x0, 0x1, 0x8, /* subcap value */ + }; + uint8_t response[COMMAND_BUFFER_SIZE]; + size_t response_length = sizeof(response); + uint32_t err; + + err = tpm_sendrecv_command(command, response, &response_length); + if (err) + return err; + memcpy(pflags, response + TPM_HEADER_SIZE, sizeof(*pflags)); + + return 0; +} + +uint32_t tpm_get_permissions(uint32_t index, uint32_t *perm) +{ + const uint8_t command[22] = { + 0x0, 0xc1, /* TPM_TAG */ + 0x0, 0x0, 0x0, 0x16, /* parameter size */ + 0x0, 0x0, 0x0, 0x65, /* TPM_COMMAND_CODE */ + 0x0, 0x0, 0x0, 0x11, + 0x0, 0x0, 0x0, 0x4, + }; + const size_t index_offset = 18; + const size_t perm_offset = 60; + uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; + size_t response_length = sizeof(response); + uint32_t err; + + if (pack_byte_string(buf, sizeof(buf), "d", 0, command, sizeof(command), + index_offset, index)) + return TPM_LIB_ERROR; + err = tpm_sendrecv_command(buf, response, &response_length); + if (err) + return err; + if (unpack_byte_string(response, response_length, "d", + perm_offset, perm)) + return TPM_LIB_ERROR; + + return 0; +} + #ifdef CONFIG_TPM_AUTH_SESSIONS /** diff --git a/lib/zlib/zutil.c b/lib/zlib/zutil.c index 173a81d..227343e 100644 --- a/lib/zlib/zutil.c +++ b/lib/zlib/zutil.c @@ -43,7 +43,9 @@ void z_error (m) */ #ifndef MY_ZCALLOC /* Any system without a special alloc function */ -#ifndef __UBOOT__ +#ifdef __UBOOT__ +#include <malloc.h> +#else #ifndef STDC extern voidp malloc OF((uInt size)); extern voidp calloc OF((uInt items, uInt size)); |