[U-Boot] [PATCH v3 1/2] Introduce generic TPM support in u-boot
TPM (Trusted Platform Module) is an integrated circuit and software platform that provides computer manufacturers with the core components of a subsystem used to assure authenticity, integrity and confidentiality. This driver supports version 1.2 of the TCG (Trusted Computing Group) specifications. The TCG specification defines several so called localities in a TPM chip, to be controlled by different software layers. When used on a typical x86 platform during the firmware phase, only locality 0 can be accessed by the CPU, so this driver even while supporting the locality concept presumes that only locality zero is used. This implementation is loosely based on the article Writing a TPM Device Driver published on http://ptgmedia.pearsoncmg.com Compiling this driver with DEBUG defined will generate trace of all accesses to TMP registers. This driver has been tested and is being used in three different functional ChromeOS machines (Pinetrail and Sandy Bridge Intel chipsets) all using the same Infineon SLB 9635 TT 1.2 device. A u-boot cli command allowing access to the TPM was also implemented and is being submitted as a second patch. Change-Id: I22a33c3e5b2e20eec9557a7621bd463b30389d73 Signed-off-by: Vadim Bendebury vben...@chromium.org CC: Wolfgang Denk w...@denx.de --- Makefile |3 + README| 10 + drivers/tpm/Makefile | 43 drivers/tpm/generic_lpc_tpm.c | 485 + include/tpm.h | 71 ++ 5 files changed, 612 insertions(+), 0 deletions(-) create mode 100644 drivers/tpm/Makefile create mode 100644 drivers/tpm/generic_lpc_tpm.c create mode 100644 include/tpm.h diff --git a/Makefile b/Makefile index 5db2e0e..df86088 100644 --- a/Makefile +++ b/Makefile @@ -268,6 +268,9 @@ LIBS += arch/powerpc/cpu/mpc8xxx/lib8xxx.o endif LIBS += drivers/rtc/librtc.o LIBS += drivers/serial/libserial.o +ifeq ($(CONFIG_GENERIC_LPC_TPM),y) +LIBS += drivers/tpm/libtpm.o +endif LIBS += drivers/twserial/libtws.o LIBS += drivers/usb/eth/libusb_eth.o LIBS += drivers/usb/gadget/libusb_gadget.o diff --git a/README b/README index 7e032a9..bcd3695 100644 --- a/README +++ b/README @@ -1018,6 +1018,16 @@ The following options need to be configured: CONFIG_SH_ETHER_CACHE_WRITEBACK If this option is set, the driver enables cache flush. +- TPM Support: + CONFIG_GENERIC_LPC_TPM + Support for generic parallel port TPM devices. Only one device + per system is supported at this time. + + CONFIG_TPM_TIS_BASE_ADDRESS + Base address where the generic TPM device is mapped + to. Contemporary x86 systems usually map it at + 0xfed4. + - USB Support: At the moment only the UHCI host controller is supported (PIP405, MIP405, MPC5200); define diff --git a/drivers/tpm/Makefile b/drivers/tpm/Makefile new file mode 100644 index 000..be11c8b --- /dev/null +++ b/drivers/tpm/Makefile @@ -0,0 +1,43 @@ +# Copyright (c) 2011 The Chromium OS Authors. All rights reserved. +# +# See file CREDITS for list of people who contributed to this +# project. +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2 of +# the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, +# MA 02111-1307 USA +# + +include $(TOPDIR)/config.mk + +LIB := $(obj)libtpm.o + +COBJS-$(CONFIG_GENERIC_LPC_TPM) = generic_lpc_tpm.o + +COBJS := $(COBJS-y) +SRCS := $(COBJS:.o=.c) +OBJS := $(addprefix $(obj),$(COBJS)) + +all: $(LIB) + +$(LIB): $(obj).depend $(OBJS) + $(call cmd_link_o_target, $(OBJS)) + +# + +include $(SRCTREE)/rules.mk + +sinclude $(obj).depend + +# diff --git a/drivers/tpm/generic_lpc_tpm.c b/drivers/tpm/generic_lpc_tpm.c new file mode 100644 index 000..6b58420 --- /dev/null +++ b/drivers/tpm/generic_lpc_tpm.c @@ -0,0 +1,485 @@ +/* + * Copyright (c) 2011 The Chromium OS Authors. + * + * See file CREDITS for list of people who contributed to this + * project. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published
Re: [U-Boot] [PATCH v3 1/2] Introduce generic TPM support in u-boot
On Sat, Oct 15, 2011 at 6:13 PM, Vadim Bendebury vben...@chromium.org wrote: TPM (Trusted Platform Module) is an integrated circuit and software platform that provides computer manufacturers with the core components of a subsystem used to assure authenticity, integrity and confidentiality. This driver supports version 1.2 of the TCG (Trusted Computing Group) specifications. The TCG specification defines several so called localities in a TPM chip, to be controlled by different software layers. When used on a typical x86 platform during the firmware phase, only locality 0 can be accessed by the CPU, so this driver even while supporting the locality concept presumes that only locality zero is used. This implementation is loosely based on the article Writing a TPM Device Driver published on http://ptgmedia.pearsoncmg.com Compiling this driver with DEBUG defined will generate trace of all accesses to TMP registers. This driver has been tested and is being used in three different functional ChromeOS machines (Pinetrail and Sandy Bridge Intel chipsets) all using the same Infineon SLB 9635 TT 1.2 device. A u-boot cli command allowing access to the TPM was also implemented and is being submitted as a second patch. Change-Id: I22a33c3e5b2e20eec9557a7621bd463b30389d73 Signed-off-by: Vadim Bendebury vben...@chromium.org CC: Wolfgang Denk w...@denx.de --- Makefile | 3 + README | 10 + drivers/tpm/Makefile | 43 drivers/tpm/generic_lpc_tpm.c | 485 + include/tpm.h | 71 ++ 5 files changed, 612 insertions(+), 0 deletions(-) create mode 100644 drivers/tpm/Makefile create mode 100644 drivers/tpm/generic_lpc_tpm.c create mode 100644 include/tpm.h diff --git a/Makefile b/Makefile index 5db2e0e..df86088 100644 --- a/Makefile +++ b/Makefile @@ -268,6 +268,9 @@ LIBS += arch/powerpc/cpu/mpc8xxx/lib8xxx.o endif LIBS += drivers/rtc/librtc.o LIBS += drivers/serial/libserial.o +ifeq ($(CONFIG_GENERIC_LPC_TPM),y) +LIBS += drivers/tpm/libtpm.o +endif LIBS += drivers/twserial/libtws.o LIBS += drivers/usb/eth/libusb_eth.o LIBS += drivers/usb/gadget/libusb_gadget.o diff --git a/README b/README index 7e032a9..bcd3695 100644 --- a/README +++ b/README @@ -1018,6 +1018,16 @@ The following options need to be configured: CONFIG_SH_ETHER_CACHE_WRITEBACK If this option is set, the driver enables cache flush. +- TPM Support: + CONFIG_GENERIC_LPC_TPM + Support for generic parallel port TPM devices. Only one device + per system is supported at this time. + + CONFIG_TPM_TIS_BASE_ADDRESS + Base address where the generic TPM device is mapped + to. Contemporary x86 systems usually map it at + 0xfed4. + - USB Support: At the moment only the UHCI host controller is supported (PIP405, MIP405, MPC5200); define diff --git a/drivers/tpm/Makefile b/drivers/tpm/Makefile new file mode 100644 index 000..be11c8b --- /dev/null +++ b/drivers/tpm/Makefile @@ -0,0 +1,43 @@ +# Copyright (c) 2011 The Chromium OS Authors. All rights reserved. +# +# See file CREDITS for list of people who contributed to this +# project. +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2 of +# the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, +# MA 02111-1307 USA +# + +include $(TOPDIR)/config.mk + +LIB := $(obj)libtpm.o + +COBJS-$(CONFIG_GENERIC_LPC_TPM) = generic_lpc_tpm.o + +COBJS := $(COBJS-y) +SRCS := $(COBJS:.o=.c) +OBJS := $(addprefix $(obj),$(COBJS)) + +all: $(LIB) + +$(LIB): $(obj).depend $(OBJS) + $(call cmd_link_o_target, $(OBJS)) + +# + +include $(SRCTREE)/rules.mk + +sinclude $(obj).depend + +# diff --git a/drivers/tpm/generic_lpc_tpm.c b/drivers/tpm/generic_lpc_tpm.c new file mode 100644 index 000..6b58420 --- /dev/null +++ b/drivers/tpm/generic_lpc_tpm.c @@ -0,0 +1,485 @@ +/* + * Copyright (c) 2011 The Chromium OS Authors. + * + * See file CREDITS for
Re: [U-Boot] [PATCH v3 1/2] Introduce generic TPM support in u-boot
On Sat, Oct 15, 2011 at 6:20 PM, Vadim Bendebury vben...@chromium.org wrote: sorry, sent this and the other patchset with a wrong version number, will resend with the correct number. or maybe not - looks like the latest patches were sent with the correct version number (v3) but gmail reader seems to be collapsing text in square brackets in the subject line... cheers, /vb BTW, here one can see the differences between v2 and v3 http://review-t.appspot.com/23001 and http://review-t.appspot.com/24001. Among other things this app allows adding comments while reviewing the diffs (just doubleclick on the side by side diffs page). Has it been ever discussed - setting up a tool like this for u-boot? cheers, /vb ___ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot ___ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
