blob: 56a5aa4aa5ead0b6c913250903eeae0a590bd698 [file] [log] [blame]
Tom Rini10e47792018-05-06 17:58:06 -04001// SPDX-License-Identifier: GPL-2.0+
Simon Glass45158dd2015-08-22 18:31:42 -06002/*
3 * Copyright (c) 2015 Google, Inc
Simon Glass45158dd2015-08-22 18:31:42 -06004 */
5
6#include <common.h>
7#include <command.h>
8#include <environment.h>
Miquel Raynal4c6759e2018-05-15 11:57:06 +02009#include <tpm-v1.h>
Simon Glass8ceca1d2018-11-18 14:22:27 -070010#include "tpm-user-utils.h"
Simon Glass45158dd2015-08-22 18:31:42 -060011
12/* Prints error and returns on failure */
13#define TPM_CHECK(tpm_command) do { \
14 uint32_t result; \
15 \
16 result = (tpm_command); \
17 if (result != TPM_SUCCESS) { \
18 printf("TEST FAILED: line %d: " #tpm_command ": 0x%x\n", \
19 __LINE__, result); \
20 return result; \
21 } \
22} while (0)
23
24#define INDEX0 0xda70
25#define INDEX1 0xda71
26#define INDEX2 0xda72
27#define INDEX3 0xda73
28#define INDEX_INITIALISED 0xda80
29#define PHYS_PRESENCE 4
30#define PRESENCE 8
31
Simon Glass8ceca1d2018-11-18 14:22:27 -070032static uint32_t TlclStartupIfNeeded(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -060033{
Simon Glass8ceca1d2018-11-18 14:22:27 -070034 uint32_t result = tpm_startup(dev, TPM_ST_CLEAR);
Simon Glass45158dd2015-08-22 18:31:42 -060035
36 return result == TPM_INVALID_POSTINIT ? TPM_SUCCESS : result;
37}
38
Simon Glass8ceca1d2018-11-18 14:22:27 -070039static int test_timer(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -060040{
41 printf("get_timer(0) = %lu\n", get_timer(0));
42 return 0;
43}
44
Simon Glass8ceca1d2018-11-18 14:22:27 -070045static uint32_t tpm_get_flags(struct udevice *dev, uint8_t *disable,
46 uint8_t *deactivated, uint8_t *nvlocked)
Simon Glass45158dd2015-08-22 18:31:42 -060047{
48 struct tpm_permanent_flags pflags;
49 uint32_t result;
50
Simon Glass8ceca1d2018-11-18 14:22:27 -070051 result = tpm_get_permanent_flags(dev, &pflags);
Simon Glass45158dd2015-08-22 18:31:42 -060052 if (result)
53 return result;
54 if (disable)
55 *disable = pflags.disable;
56 if (deactivated)
57 *deactivated = pflags.deactivated;
58 if (nvlocked)
59 *nvlocked = pflags.nv_locked;
60 debug("TPM: Got flags disable=%d, deactivated=%d, nvlocked=%d\n",
61 pflags.disable, pflags.deactivated, pflags.nv_locked);
62
63 return 0;
64}
65
Simon Glass8ceca1d2018-11-18 14:22:27 -070066static uint32_t tpm_nv_write_value_lock(struct udevice *dev, uint32_t index)
Simon Glass45158dd2015-08-22 18:31:42 -060067{
68 debug("TPM: Write lock 0x%x\n", index);
69
Simon Glass8ceca1d2018-11-18 14:22:27 -070070 return tpm_nv_write_value(dev, index, NULL, 0);
Simon Glass45158dd2015-08-22 18:31:42 -060071}
72
Simon Glass8ceca1d2018-11-18 14:22:27 -070073static int tpm_is_owned(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -060074{
75 uint8_t response[TPM_PUBEK_SIZE];
76 uint32_t result;
77
Simon Glass8ceca1d2018-11-18 14:22:27 -070078 result = tpm_read_pubek(dev, response, sizeof(response));
Simon Glass45158dd2015-08-22 18:31:42 -060079
80 return result != TPM_SUCCESS;
81}
82
Simon Glass8ceca1d2018-11-18 14:22:27 -070083static int test_early_extend(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -060084{
85 uint8_t value_in[20];
86 uint8_t value_out[20];
87
88 printf("Testing earlyextend ...");
Simon Glass8ceca1d2018-11-18 14:22:27 -070089 tpm_init(dev);
90 TPM_CHECK(tpm_startup(dev, TPM_ST_CLEAR));
91 TPM_CHECK(tpm_continue_self_test(dev));
92 TPM_CHECK(tpm_extend(dev, 1, value_in, value_out));
Simon Glass45158dd2015-08-22 18:31:42 -060093 printf("done\n");
94 return 0;
95}
96
Simon Glass8ceca1d2018-11-18 14:22:27 -070097static int test_early_nvram(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -060098{
99 uint32_t x;
100
101 printf("Testing earlynvram ...");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700102 tpm_init(dev);
103 TPM_CHECK(tpm_startup(dev, TPM_ST_CLEAR));
104 TPM_CHECK(tpm_continue_self_test(dev));
105 TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
106 TPM_CHECK(tpm_nv_read_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)));
Simon Glass45158dd2015-08-22 18:31:42 -0600107 printf("done\n");
108 return 0;
109}
110
Simon Glass8ceca1d2018-11-18 14:22:27 -0700111static int test_early_nvram2(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600112{
113 uint32_t x;
114
115 printf("Testing earlynvram2 ...");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700116 tpm_init(dev);
117 TPM_CHECK(tpm_startup(dev, TPM_ST_CLEAR));
118 TPM_CHECK(tpm_continue_self_test(dev));
119 TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
120 TPM_CHECK(tpm_nv_write_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)));
Simon Glass45158dd2015-08-22 18:31:42 -0600121 printf("done\n");
122 return 0;
123}
124
Simon Glass8ceca1d2018-11-18 14:22:27 -0700125static int test_enable(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600126{
127 uint8_t disable = 0, deactivated = 0;
128
129 printf("Testing enable ...\n");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700130 tpm_init(dev);
131 TPM_CHECK(TlclStartupIfNeeded(dev));
132 TPM_CHECK(tpm_self_test_full(dev));
133 TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
134 TPM_CHECK(tpm_get_flags(dev, &disable, &deactivated, NULL));
Simon Glass45158dd2015-08-22 18:31:42 -0600135 printf("\tdisable is %d, deactivated is %d\n", disable, deactivated);
Simon Glass8ceca1d2018-11-18 14:22:27 -0700136 TPM_CHECK(tpm_physical_enable(dev));
137 TPM_CHECK(tpm_physical_set_deactivated(dev, 0));
138 TPM_CHECK(tpm_get_flags(dev, &disable, &deactivated, NULL));
Simon Glass45158dd2015-08-22 18:31:42 -0600139 printf("\tdisable is %d, deactivated is %d\n", disable, deactivated);
140 if (disable == 1 || deactivated == 1)
141 printf("\tfailed to enable or activate\n");
142 printf("\tdone\n");
143 return 0;
144}
145
146#define reboot() do { \
147 printf("\trebooting...\n"); \
148 reset_cpu(0); \
149} while (0)
150
Simon Glass8ceca1d2018-11-18 14:22:27 -0700151static int test_fast_enable(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600152{
153 uint8_t disable = 0, deactivated = 0;
154 int i;
155
156 printf("Testing fastenable ...\n");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700157 tpm_init(dev);
158 TPM_CHECK(TlclStartupIfNeeded(dev));
159 TPM_CHECK(tpm_self_test_full(dev));
160 TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
161 TPM_CHECK(tpm_get_flags(dev, &disable, &deactivated, NULL));
Simon Glass45158dd2015-08-22 18:31:42 -0600162 printf("\tdisable is %d, deactivated is %d\n", disable, deactivated);
163 for (i = 0; i < 2; i++) {
Simon Glass8ceca1d2018-11-18 14:22:27 -0700164 TPM_CHECK(tpm_force_clear(dev));
165 TPM_CHECK(tpm_get_flags(dev, &disable, &deactivated, NULL));
Simon Glass45158dd2015-08-22 18:31:42 -0600166 printf("\tdisable is %d, deactivated is %d\n", disable,
167 deactivated);
168 assert(disable == 1 && deactivated == 1);
Simon Glass8ceca1d2018-11-18 14:22:27 -0700169 TPM_CHECK(tpm_physical_enable(dev));
170 TPM_CHECK(tpm_physical_set_deactivated(dev, 0));
171 TPM_CHECK(tpm_get_flags(dev, &disable, &deactivated, NULL));
Simon Glass45158dd2015-08-22 18:31:42 -0600172 printf("\tdisable is %d, deactivated is %d\n", disable,
173 deactivated);
174 assert(disable == 0 && deactivated == 0);
175 }
176 printf("\tdone\n");
177 return 0;
178}
179
Simon Glass8ceca1d2018-11-18 14:22:27 -0700180static int test_global_lock(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600181{
182 uint32_t zero = 0;
183 uint32_t result;
184 uint32_t x;
185
186 printf("Testing globallock ...\n");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700187 tpm_init(dev);
188 TPM_CHECK(TlclStartupIfNeeded(dev));
189 TPM_CHECK(tpm_self_test_full(dev));
190 TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
191 TPM_CHECK(tpm_nv_read_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)));
192 TPM_CHECK(tpm_nv_write_value(dev, INDEX0, (uint8_t *)&zero,
Simon Glass45158dd2015-08-22 18:31:42 -0600193 sizeof(uint32_t)));
Simon Glass8ceca1d2018-11-18 14:22:27 -0700194 TPM_CHECK(tpm_nv_read_value(dev, INDEX1, (uint8_t *)&x, sizeof(x)));
195 TPM_CHECK(tpm_nv_write_value(dev, INDEX1, (uint8_t *)&zero,
Simon Glass45158dd2015-08-22 18:31:42 -0600196 sizeof(uint32_t)));
Simon Glass8ceca1d2018-11-18 14:22:27 -0700197 TPM_CHECK(tpm_set_global_lock(dev));
Simon Glass45158dd2015-08-22 18:31:42 -0600198 /* Verifies that write to index0 fails */
199 x = 1;
Simon Glass8ceca1d2018-11-18 14:22:27 -0700200 result = tpm_nv_write_value(dev, INDEX0, (uint8_t *)&x, sizeof(x));
Simon Glass45158dd2015-08-22 18:31:42 -0600201 assert(result == TPM_AREA_LOCKED);
Simon Glass8ceca1d2018-11-18 14:22:27 -0700202 TPM_CHECK(tpm_nv_read_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)));
Simon Glass45158dd2015-08-22 18:31:42 -0600203 assert(x == 0);
204 /* Verifies that write to index1 is still possible */
205 x = 2;
Simon Glass8ceca1d2018-11-18 14:22:27 -0700206 TPM_CHECK(tpm_nv_write_value(dev, INDEX1, (uint8_t *)&x, sizeof(x)));
207 TPM_CHECK(tpm_nv_read_value(dev, INDEX1, (uint8_t *)&x, sizeof(x)));
Simon Glass45158dd2015-08-22 18:31:42 -0600208 assert(x == 2);
209 /* Turns off PP */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700210 tpm_tsc_physical_presence(dev, PHYS_PRESENCE);
Simon Glass45158dd2015-08-22 18:31:42 -0600211 /* Verifies that write to index1 fails */
212 x = 3;
Simon Glass8ceca1d2018-11-18 14:22:27 -0700213 result = tpm_nv_write_value(dev, INDEX1, (uint8_t *)&x, sizeof(x));
Simon Glass45158dd2015-08-22 18:31:42 -0600214 assert(result == TPM_BAD_PRESENCE);
Simon Glass8ceca1d2018-11-18 14:22:27 -0700215 TPM_CHECK(tpm_nv_read_value(dev, INDEX1, (uint8_t *)&x, sizeof(x)));
Simon Glass45158dd2015-08-22 18:31:42 -0600216 assert(x == 2);
217 printf("\tdone\n");
218 return 0;
219}
220
Simon Glass8ceca1d2018-11-18 14:22:27 -0700221static int test_lock(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600222{
223 printf("Testing lock ...\n");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700224 tpm_init(dev);
225 tpm_startup(dev, TPM_ST_CLEAR);
226 tpm_self_test_full(dev);
227 tpm_tsc_physical_presence(dev, PRESENCE);
228 tpm_nv_write_value_lock(dev, INDEX0);
Simon Glass45158dd2015-08-22 18:31:42 -0600229 printf("\tLocked 0x%x\n", INDEX0);
230 printf("\tdone\n");
231 return 0;
232}
233
Simon Glass8ceca1d2018-11-18 14:22:27 -0700234static void initialise_spaces(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600235{
236 uint32_t zero = 0;
237 uint32_t perm = TPM_NV_PER_WRITE_STCLEAR | TPM_NV_PER_PPWRITE;
238
239 printf("\tInitialising spaces\n");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700240 tpm_nv_set_locked(dev); /* useful only the first time */
241 tpm_nv_define_space(dev, INDEX0, perm, 4);
242 tpm_nv_write_value(dev, INDEX0, (uint8_t *)&zero, 4);
243 tpm_nv_define_space(dev, INDEX1, perm, 4);
244 tpm_nv_write_value(dev, INDEX1, (uint8_t *)&zero, 4);
245 tpm_nv_define_space(dev, INDEX2, perm, 4);
246 tpm_nv_write_value(dev, INDEX2, (uint8_t *)&zero, 4);
247 tpm_nv_define_space(dev, INDEX3, perm, 4);
248 tpm_nv_write_value(dev, INDEX3, (uint8_t *)&zero, 4);
Simon Glass45158dd2015-08-22 18:31:42 -0600249 perm = TPM_NV_PER_READ_STCLEAR | TPM_NV_PER_WRITE_STCLEAR |
250 TPM_NV_PER_PPWRITE;
Simon Glass8ceca1d2018-11-18 14:22:27 -0700251 tpm_nv_define_space(dev, INDEX_INITIALISED, perm, 1);
Simon Glass45158dd2015-08-22 18:31:42 -0600252}
253
Simon Glass8ceca1d2018-11-18 14:22:27 -0700254static int test_readonly(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600255{
256 uint8_t c;
257 uint32_t index_0, index_1, index_2, index_3;
258 int read0, read1, read2, read3;
259
260 printf("Testing readonly ...\n");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700261 tpm_init(dev);
262 tpm_startup(dev, TPM_ST_CLEAR);
263 tpm_self_test_full(dev);
264 tpm_tsc_physical_presence(dev, PRESENCE);
Simon Glass45158dd2015-08-22 18:31:42 -0600265 /*
266 * Checks if initialisation has completed by trying to read-lock a
267 * space that's created at the end of initialisation
268 */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700269 if (tpm_nv_read_value(dev, INDEX_INITIALISED, &c, 0) == TPM_BADINDEX) {
Simon Glass45158dd2015-08-22 18:31:42 -0600270 /* The initialisation did not complete */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700271 initialise_spaces(dev);
Simon Glass45158dd2015-08-22 18:31:42 -0600272 }
273
274 /* Checks if spaces are OK or messed up */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700275 read0 = tpm_nv_read_value(dev, INDEX0, (uint8_t *)&index_0,
276 sizeof(index_0));
277 read1 = tpm_nv_read_value(dev, INDEX1, (uint8_t *)&index_1,
278 sizeof(index_1));
279 read2 = tpm_nv_read_value(dev, INDEX2, (uint8_t *)&index_2,
280 sizeof(index_2));
281 read3 = tpm_nv_read_value(dev, INDEX3, (uint8_t *)&index_3,
282 sizeof(index_3));
Simon Glass45158dd2015-08-22 18:31:42 -0600283 if (read0 || read1 || read2 || read3) {
284 printf("Invalid contents\n");
285 return 0;
286 }
287
288 /*
289 * Writes space, and locks it. Then attempts to write again.
290 * I really wish I could use the imperative.
291 */
292 index_0 += 1;
Simon Glass8ceca1d2018-11-18 14:22:27 -0700293 if (tpm_nv_write_value(dev, INDEX0, (uint8_t *)&index_0,
294 sizeof(index_0) !=
Simon Glass45158dd2015-08-22 18:31:42 -0600295 TPM_SUCCESS)) {
Masahiro Yamada81e10422017-09-16 14:10:41 +0900296 pr_err("\tcould not write index 0\n");
Simon Glass45158dd2015-08-22 18:31:42 -0600297 }
Simon Glass8ceca1d2018-11-18 14:22:27 -0700298 tpm_nv_write_value_lock(dev, INDEX0);
299 if (tpm_nv_write_value(dev, INDEX0, (uint8_t *)&index_0,
300 sizeof(index_0)) ==
Simon Glass45158dd2015-08-22 18:31:42 -0600301 TPM_SUCCESS)
Masahiro Yamada81e10422017-09-16 14:10:41 +0900302 pr_err("\tindex 0 is not locked\n");
Simon Glass45158dd2015-08-22 18:31:42 -0600303
304 printf("\tdone\n");
305 return 0;
306}
307
Simon Glass8ceca1d2018-11-18 14:22:27 -0700308static int test_redefine_unowned(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600309{
310 uint32_t perm;
311 uint32_t result;
312 uint32_t x;
313
314 printf("Testing redefine_unowned ...");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700315 tpm_init(dev);
316 TPM_CHECK(TlclStartupIfNeeded(dev));
317 TPM_CHECK(tpm_self_test_full(dev));
318 TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
319 assert(!tpm_is_owned(dev));
Simon Glass45158dd2015-08-22 18:31:42 -0600320
321 /* Ensures spaces exist. */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700322 TPM_CHECK(tpm_nv_read_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)));
323 TPM_CHECK(tpm_nv_read_value(dev, INDEX1, (uint8_t *)&x, sizeof(x)));
Simon Glass45158dd2015-08-22 18:31:42 -0600324
325 /* Redefines spaces a couple of times. */
326 perm = TPM_NV_PER_PPWRITE | TPM_NV_PER_GLOBALLOCK;
Simon Glass8ceca1d2018-11-18 14:22:27 -0700327 TPM_CHECK(tpm_nv_define_space(dev, INDEX0, perm, 2 * sizeof(uint32_t)));
328 TPM_CHECK(tpm_nv_define_space(dev, INDEX0, perm, sizeof(uint32_t)));
Simon Glass45158dd2015-08-22 18:31:42 -0600329 perm = TPM_NV_PER_PPWRITE;
Simon Glass8ceca1d2018-11-18 14:22:27 -0700330 TPM_CHECK(tpm_nv_define_space(dev, INDEX1, perm, 2 * sizeof(uint32_t)));
331 TPM_CHECK(tpm_nv_define_space(dev, INDEX1, perm, sizeof(uint32_t)));
Simon Glass45158dd2015-08-22 18:31:42 -0600332
333 /* Sets the global lock */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700334 tpm_set_global_lock(dev);
Simon Glass45158dd2015-08-22 18:31:42 -0600335
336 /* Verifies that index0 cannot be redefined */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700337 result = tpm_nv_define_space(dev, INDEX0, perm, sizeof(uint32_t));
Simon Glass45158dd2015-08-22 18:31:42 -0600338 assert(result == TPM_AREA_LOCKED);
339
340 /* Checks that index1 can */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700341 TPM_CHECK(tpm_nv_define_space(dev, INDEX1, perm, 2 * sizeof(uint32_t)));
342 TPM_CHECK(tpm_nv_define_space(dev, INDEX1, perm, sizeof(uint32_t)));
Simon Glass45158dd2015-08-22 18:31:42 -0600343
344 /* Turns off PP */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700345 tpm_tsc_physical_presence(dev, PHYS_PRESENCE);
Simon Glass45158dd2015-08-22 18:31:42 -0600346
347 /* Verifies that neither index0 nor index1 can be redefined */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700348 result = tpm_nv_define_space(dev, INDEX0, perm, sizeof(uint32_t));
Simon Glass45158dd2015-08-22 18:31:42 -0600349 assert(result == TPM_BAD_PRESENCE);
Simon Glass8ceca1d2018-11-18 14:22:27 -0700350 result = tpm_nv_define_space(dev, INDEX1, perm, sizeof(uint32_t));
Simon Glass45158dd2015-08-22 18:31:42 -0600351 assert(result == TPM_BAD_PRESENCE);
352
353 printf("done\n");
354 return 0;
355}
356
357#define PERMPPGL (TPM_NV_PER_PPWRITE | TPM_NV_PER_GLOBALLOCK)
358#define PERMPP TPM_NV_PER_PPWRITE
359
Simon Glass8ceca1d2018-11-18 14:22:27 -0700360static int test_space_perm(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600361{
362 uint32_t perm;
363
364 printf("Testing spaceperm ...");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700365 tpm_init(dev);
366 TPM_CHECK(TlclStartupIfNeeded(dev));
367 TPM_CHECK(tpm_continue_self_test(dev));
368 TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
369 TPM_CHECK(tpm_get_permissions(dev, INDEX0, &perm));
Simon Glass45158dd2015-08-22 18:31:42 -0600370 assert((perm & PERMPPGL) == PERMPPGL);
Simon Glass8ceca1d2018-11-18 14:22:27 -0700371 TPM_CHECK(tpm_get_permissions(dev, INDEX1, &perm));
Simon Glass45158dd2015-08-22 18:31:42 -0600372 assert((perm & PERMPP) == PERMPP);
373 printf("done\n");
374 return 0;
375}
376
Simon Glass8ceca1d2018-11-18 14:22:27 -0700377static int test_startup(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600378{
379 uint32_t result;
Simon Glass8ceca1d2018-11-18 14:22:27 -0700380
Simon Glass45158dd2015-08-22 18:31:42 -0600381 printf("Testing startup ...\n");
382
Simon Glass8ceca1d2018-11-18 14:22:27 -0700383 tpm_init(dev);
384 result = tpm_startup(dev, TPM_ST_CLEAR);
Simon Glass45158dd2015-08-22 18:31:42 -0600385 if (result != 0 && result != TPM_INVALID_POSTINIT)
386 printf("\ttpm startup failed with 0x%x\n", result);
Simon Glass8ceca1d2018-11-18 14:22:27 -0700387 result = tpm_get_flags(dev, NULL, NULL, NULL);
Simon Glass45158dd2015-08-22 18:31:42 -0600388 if (result != 0)
389 printf("\ttpm getflags failed with 0x%x\n", result);
390 printf("\texecuting SelfTestFull\n");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700391 tpm_self_test_full(dev);
392 result = tpm_get_flags(dev, NULL, NULL, NULL);
Simon Glass45158dd2015-08-22 18:31:42 -0600393 if (result != 0)
394 printf("\ttpm getflags failed with 0x%x\n", result);
395 printf("\tdone\n");
396 return 0;
397}
398
399/*
400 * Runs [op] and ensures it returns success and doesn't run longer than
401 * [time_limit] in milliseconds.
402 */
403#define TTPM_CHECK(op, time_limit) do { \
404 ulong start, time; \
405 uint32_t __result; \
406 \
407 start = get_timer(0); \
408 __result = op; \
409 if (__result != TPM_SUCCESS) { \
410 printf("\t" #op ": error 0x%x\n", __result); \
411 return -1; \
412 } \
413 time = get_timer(start); \
414 printf("\t" #op ": %lu ms\n", time); \
415 if (time > (ulong)time_limit) { \
416 printf("\t" #op " exceeded " #time_limit " ms\n"); \
417 } \
418} while (0)
419
420
Simon Glass8ceca1d2018-11-18 14:22:27 -0700421static int test_timing(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600422{
Simon Glass45158dd2015-08-22 18:31:42 -0600423 uint8_t in[20], out[20];
Simon Glass8ceca1d2018-11-18 14:22:27 -0700424 uint32_t x;
Simon Glass45158dd2015-08-22 18:31:42 -0600425
426 printf("Testing timing ...");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700427 tpm_init(dev);
428 TTPM_CHECK(TlclStartupIfNeeded(dev), 50);
429 TTPM_CHECK(tpm_continue_self_test(dev), 100);
430 TTPM_CHECK(tpm_self_test_full(dev), 1000);
431 TTPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE), 100);
432 TTPM_CHECK(tpm_nv_write_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)),
433 100);
434 TTPM_CHECK(tpm_nv_read_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)),
435 100);
436 TTPM_CHECK(tpm_extend(dev, 0, in, out), 200);
437 TTPM_CHECK(tpm_set_global_lock(dev), 50);
438 TTPM_CHECK(tpm_tsc_physical_presence(dev, PHYS_PRESENCE), 100);
Simon Glass45158dd2015-08-22 18:31:42 -0600439 printf("done\n");
440 return 0;
441}
442
443#define TPM_MAX_NV_WRITES_NOOWNER 64
444
Simon Glass8ceca1d2018-11-18 14:22:27 -0700445static int test_write_limit(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600446{
Simon Glass45158dd2015-08-22 18:31:42 -0600447 uint32_t result;
Simon Glass8ceca1d2018-11-18 14:22:27 -0700448 int i;
Simon Glass45158dd2015-08-22 18:31:42 -0600449
Simon Glass8ceca1d2018-11-18 14:22:27 -0700450 printf("Testing writelimit ...\n");
451 tpm_init(dev);
452 TPM_CHECK(TlclStartupIfNeeded(dev));
453 TPM_CHECK(tpm_self_test_full(dev));
454 TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
455 TPM_CHECK(tpm_force_clear(dev));
456 TPM_CHECK(tpm_physical_enable(dev));
457 TPM_CHECK(tpm_physical_set_deactivated(dev, 0));
Simon Glass45158dd2015-08-22 18:31:42 -0600458
459 for (i = 0; i < TPM_MAX_NV_WRITES_NOOWNER + 2; i++) {
460 printf("\twriting %d\n", i);
Simon Glass8ceca1d2018-11-18 14:22:27 -0700461 result = tpm_nv_write_value(dev, INDEX0, (uint8_t *)&i,
462 sizeof(i));
Simon Glass45158dd2015-08-22 18:31:42 -0600463 switch (result) {
464 case TPM_SUCCESS:
465 break;
466 case TPM_MAXNVWRITES:
467 assert(i >= TPM_MAX_NV_WRITES_NOOWNER);
468 default:
Masahiro Yamada81e10422017-09-16 14:10:41 +0900469 pr_err("\tunexpected error code %d (0x%x)\n",
Simon Glass45158dd2015-08-22 18:31:42 -0600470 result, result);
471 }
472 }
473
474 /* Reset write count */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700475 TPM_CHECK(tpm_force_clear(dev));
476 TPM_CHECK(tpm_physical_enable(dev));
477 TPM_CHECK(tpm_physical_set_deactivated(dev, 0));
Simon Glass45158dd2015-08-22 18:31:42 -0600478
479 /* Try writing again. */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700480 TPM_CHECK(tpm_nv_write_value(dev, INDEX0, (uint8_t *)&i, sizeof(i)));
Simon Glass45158dd2015-08-22 18:31:42 -0600481 printf("\tdone\n");
482 return 0;
483}
484
485#define VOIDTEST(XFUNC) \
486 int do_test_##XFUNC(cmd_tbl_t *cmd_tbl, int flag, int argc, \
487 char * const argv[]) \
488 { \
Simon Glass8ceca1d2018-11-18 14:22:27 -0700489 struct udevice *dev; \
490 int ret; \
491\
492 ret = get_tpm(&dev); \
493 if (ret) \
494 return ret; \
495 return test_##XFUNC(dev); \
Simon Glass45158dd2015-08-22 18:31:42 -0600496 }
497
498#define VOIDENT(XNAME) \
499 U_BOOT_CMD_MKENT(XNAME, 0, 1, do_test_##XNAME, "", ""),
500
501VOIDTEST(early_extend)
502VOIDTEST(early_nvram)
503VOIDTEST(early_nvram2)
504VOIDTEST(enable)
505VOIDTEST(fast_enable)
506VOIDTEST(global_lock)
507VOIDTEST(lock)
508VOIDTEST(readonly)
509VOIDTEST(redefine_unowned)
510VOIDTEST(space_perm)
511VOIDTEST(startup)
512VOIDTEST(timing)
513VOIDTEST(write_limit)
514VOIDTEST(timer)
515
516static cmd_tbl_t cmd_cros_tpm_sub[] = {
517 VOIDENT(early_extend)
518 VOIDENT(early_nvram)
519 VOIDENT(early_nvram2)
520 VOIDENT(enable)
521 VOIDENT(fast_enable)
522 VOIDENT(global_lock)
523 VOIDENT(lock)
524 VOIDENT(readonly)
525 VOIDENT(redefine_unowned)
526 VOIDENT(space_perm)
527 VOIDENT(startup)
528 VOIDENT(timing)
529 VOIDENT(write_limit)
530 VOIDENT(timer)
531};
532
533static int do_tpmtest(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
534{
535 cmd_tbl_t *c;
Stefan Brünseefa3022016-10-16 17:13:55 +0200536 int i;
Simon Glass45158dd2015-08-22 18:31:42 -0600537
538 printf("argc = %d, argv = ", argc);
Stefan Brünseefa3022016-10-16 17:13:55 +0200539
540 for (i = 0; i < argc; i++)
541 printf(" %s", argv[i]);
542
543 printf("\n------\n");
Simon Glass45158dd2015-08-22 18:31:42 -0600544
Simon Glass45158dd2015-08-22 18:31:42 -0600545 argc--;
546 argv++;
547 c = find_cmd_tbl(argv[0], cmd_cros_tpm_sub,
548 ARRAY_SIZE(cmd_cros_tpm_sub));
549 return c ? c->cmd(cmdtp, flag, argc, argv) : cmd_usage(cmdtp);
550}
551
552U_BOOT_CMD(tpmtest, 2, 1, do_tpmtest, "TPM tests",
553 "\n\tearly_extend\n"
554 "\tearly_nvram\n"
555 "\tearly_nvram2\n"
556 "\tenable\n"
557 "\tfast_enable\n"
558 "\tglobal_lock\n"
559 "\tlock\n"
560 "\treadonly\n"
561 "\tredefine_unowned\n"
562 "\tspace_perm\n"
563 "\tstartup\n"
564 "\ttiming\n"
565 "\twrite_limit\n");