blob: c14dd75a260914583b11351c2b7fce079cc03421 [file] [log] [blame]
Tom Rini10e47792018-05-06 17:58:06 -04001// SPDX-License-Identifier: GPL-2.0+
Simon Glass45158dd2015-08-22 18:31:42 -06002/*
3 * Copyright (c) 2015 Google, Inc
Simon Glass45158dd2015-08-22 18:31:42 -06004 */
5
6#include <common.h>
7#include <command.h>
Miquel Raynal4c6759e2018-05-15 11:57:06 +02008#include <tpm-v1.h>
Simon Glass8ceca1d2018-11-18 14:22:27 -07009#include "tpm-user-utils.h"
Simon Glass45158dd2015-08-22 18:31:42 -060010
11/* Prints error and returns on failure */
12#define TPM_CHECK(tpm_command) do { \
13 uint32_t result; \
14 \
15 result = (tpm_command); \
16 if (result != TPM_SUCCESS) { \
17 printf("TEST FAILED: line %d: " #tpm_command ": 0x%x\n", \
18 __LINE__, result); \
19 return result; \
20 } \
21} while (0)
22
23#define INDEX0 0xda70
24#define INDEX1 0xda71
25#define INDEX2 0xda72
26#define INDEX3 0xda73
27#define INDEX_INITIALISED 0xda80
28#define PHYS_PRESENCE 4
29#define PRESENCE 8
30
Simon Glass8ceca1d2018-11-18 14:22:27 -070031static uint32_t TlclStartupIfNeeded(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -060032{
Simon Glass8ceca1d2018-11-18 14:22:27 -070033 uint32_t result = tpm_startup(dev, TPM_ST_CLEAR);
Simon Glass45158dd2015-08-22 18:31:42 -060034
35 return result == TPM_INVALID_POSTINIT ? TPM_SUCCESS : result;
36}
37
Simon Glass8ceca1d2018-11-18 14:22:27 -070038static int test_timer(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -060039{
40 printf("get_timer(0) = %lu\n", get_timer(0));
41 return 0;
42}
43
Simon Glass8ceca1d2018-11-18 14:22:27 -070044static uint32_t tpm_get_flags(struct udevice *dev, uint8_t *disable,
45 uint8_t *deactivated, uint8_t *nvlocked)
Simon Glass45158dd2015-08-22 18:31:42 -060046{
47 struct tpm_permanent_flags pflags;
48 uint32_t result;
49
Simon Glass8ceca1d2018-11-18 14:22:27 -070050 result = tpm_get_permanent_flags(dev, &pflags);
Simon Glass45158dd2015-08-22 18:31:42 -060051 if (result)
52 return result;
53 if (disable)
54 *disable = pflags.disable;
55 if (deactivated)
56 *deactivated = pflags.deactivated;
57 if (nvlocked)
58 *nvlocked = pflags.nv_locked;
59 debug("TPM: Got flags disable=%d, deactivated=%d, nvlocked=%d\n",
60 pflags.disable, pflags.deactivated, pflags.nv_locked);
61
62 return 0;
63}
64
Simon Glass8ceca1d2018-11-18 14:22:27 -070065static uint32_t tpm_nv_write_value_lock(struct udevice *dev, uint32_t index)
Simon Glass45158dd2015-08-22 18:31:42 -060066{
67 debug("TPM: Write lock 0x%x\n", index);
68
Simon Glass8ceca1d2018-11-18 14:22:27 -070069 return tpm_nv_write_value(dev, index, NULL, 0);
Simon Glass45158dd2015-08-22 18:31:42 -060070}
71
Simon Glass8ceca1d2018-11-18 14:22:27 -070072static int tpm_is_owned(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -060073{
74 uint8_t response[TPM_PUBEK_SIZE];
75 uint32_t result;
76
Simon Glass8ceca1d2018-11-18 14:22:27 -070077 result = tpm_read_pubek(dev, response, sizeof(response));
Simon Glass45158dd2015-08-22 18:31:42 -060078
79 return result != TPM_SUCCESS;
80}
81
Simon Glass8ceca1d2018-11-18 14:22:27 -070082static int test_early_extend(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -060083{
84 uint8_t value_in[20];
85 uint8_t value_out[20];
86
87 printf("Testing earlyextend ...");
Simon Glass8ceca1d2018-11-18 14:22:27 -070088 tpm_init(dev);
89 TPM_CHECK(tpm_startup(dev, TPM_ST_CLEAR));
90 TPM_CHECK(tpm_continue_self_test(dev));
91 TPM_CHECK(tpm_extend(dev, 1, value_in, value_out));
Simon Glass45158dd2015-08-22 18:31:42 -060092 printf("done\n");
93 return 0;
94}
95
Simon Glass8ceca1d2018-11-18 14:22:27 -070096static int test_early_nvram(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -060097{
98 uint32_t x;
99
100 printf("Testing earlynvram ...");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700101 tpm_init(dev);
102 TPM_CHECK(tpm_startup(dev, TPM_ST_CLEAR));
103 TPM_CHECK(tpm_continue_self_test(dev));
104 TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
105 TPM_CHECK(tpm_nv_read_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)));
Simon Glass45158dd2015-08-22 18:31:42 -0600106 printf("done\n");
107 return 0;
108}
109
Simon Glass8ceca1d2018-11-18 14:22:27 -0700110static int test_early_nvram2(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600111{
112 uint32_t x;
113
114 printf("Testing earlynvram2 ...");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700115 tpm_init(dev);
116 TPM_CHECK(tpm_startup(dev, TPM_ST_CLEAR));
117 TPM_CHECK(tpm_continue_self_test(dev));
118 TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
119 TPM_CHECK(tpm_nv_write_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)));
Simon Glass45158dd2015-08-22 18:31:42 -0600120 printf("done\n");
121 return 0;
122}
123
Simon Glass8ceca1d2018-11-18 14:22:27 -0700124static int test_enable(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600125{
126 uint8_t disable = 0, deactivated = 0;
127
128 printf("Testing enable ...\n");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700129 tpm_init(dev);
130 TPM_CHECK(TlclStartupIfNeeded(dev));
131 TPM_CHECK(tpm_self_test_full(dev));
132 TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
133 TPM_CHECK(tpm_get_flags(dev, &disable, &deactivated, NULL));
Simon Glass45158dd2015-08-22 18:31:42 -0600134 printf("\tdisable is %d, deactivated is %d\n", disable, deactivated);
Simon Glass8ceca1d2018-11-18 14:22:27 -0700135 TPM_CHECK(tpm_physical_enable(dev));
136 TPM_CHECK(tpm_physical_set_deactivated(dev, 0));
137 TPM_CHECK(tpm_get_flags(dev, &disable, &deactivated, NULL));
Simon Glass45158dd2015-08-22 18:31:42 -0600138 printf("\tdisable is %d, deactivated is %d\n", disable, deactivated);
139 if (disable == 1 || deactivated == 1)
140 printf("\tfailed to enable or activate\n");
141 printf("\tdone\n");
142 return 0;
143}
144
145#define reboot() do { \
146 printf("\trebooting...\n"); \
147 reset_cpu(0); \
148} while (0)
149
Simon Glass8ceca1d2018-11-18 14:22:27 -0700150static int test_fast_enable(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600151{
152 uint8_t disable = 0, deactivated = 0;
153 int i;
154
155 printf("Testing fastenable ...\n");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700156 tpm_init(dev);
157 TPM_CHECK(TlclStartupIfNeeded(dev));
158 TPM_CHECK(tpm_self_test_full(dev));
159 TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
160 TPM_CHECK(tpm_get_flags(dev, &disable, &deactivated, NULL));
Simon Glass45158dd2015-08-22 18:31:42 -0600161 printf("\tdisable is %d, deactivated is %d\n", disable, deactivated);
162 for (i = 0; i < 2; i++) {
Simon Glass8ceca1d2018-11-18 14:22:27 -0700163 TPM_CHECK(tpm_force_clear(dev));
164 TPM_CHECK(tpm_get_flags(dev, &disable, &deactivated, NULL));
Simon Glass45158dd2015-08-22 18:31:42 -0600165 printf("\tdisable is %d, deactivated is %d\n", disable,
166 deactivated);
167 assert(disable == 1 && deactivated == 1);
Simon Glass8ceca1d2018-11-18 14:22:27 -0700168 TPM_CHECK(tpm_physical_enable(dev));
169 TPM_CHECK(tpm_physical_set_deactivated(dev, 0));
170 TPM_CHECK(tpm_get_flags(dev, &disable, &deactivated, NULL));
Simon Glass45158dd2015-08-22 18:31:42 -0600171 printf("\tdisable is %d, deactivated is %d\n", disable,
172 deactivated);
173 assert(disable == 0 && deactivated == 0);
174 }
175 printf("\tdone\n");
176 return 0;
177}
178
Simon Glass8ceca1d2018-11-18 14:22:27 -0700179static int test_global_lock(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600180{
181 uint32_t zero = 0;
182 uint32_t result;
183 uint32_t x;
184
185 printf("Testing globallock ...\n");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700186 tpm_init(dev);
187 TPM_CHECK(TlclStartupIfNeeded(dev));
188 TPM_CHECK(tpm_self_test_full(dev));
189 TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
190 TPM_CHECK(tpm_nv_read_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)));
191 TPM_CHECK(tpm_nv_write_value(dev, INDEX0, (uint8_t *)&zero,
Simon Glass45158dd2015-08-22 18:31:42 -0600192 sizeof(uint32_t)));
Simon Glass8ceca1d2018-11-18 14:22:27 -0700193 TPM_CHECK(tpm_nv_read_value(dev, INDEX1, (uint8_t *)&x, sizeof(x)));
194 TPM_CHECK(tpm_nv_write_value(dev, INDEX1, (uint8_t *)&zero,
Simon Glass45158dd2015-08-22 18:31:42 -0600195 sizeof(uint32_t)));
Simon Glass8ceca1d2018-11-18 14:22:27 -0700196 TPM_CHECK(tpm_set_global_lock(dev));
Simon Glass45158dd2015-08-22 18:31:42 -0600197 /* Verifies that write to index0 fails */
198 x = 1;
Simon Glass8ceca1d2018-11-18 14:22:27 -0700199 result = tpm_nv_write_value(dev, INDEX0, (uint8_t *)&x, sizeof(x));
Simon Glass45158dd2015-08-22 18:31:42 -0600200 assert(result == TPM_AREA_LOCKED);
Simon Glass8ceca1d2018-11-18 14:22:27 -0700201 TPM_CHECK(tpm_nv_read_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)));
Simon Glass45158dd2015-08-22 18:31:42 -0600202 assert(x == 0);
203 /* Verifies that write to index1 is still possible */
204 x = 2;
Simon Glass8ceca1d2018-11-18 14:22:27 -0700205 TPM_CHECK(tpm_nv_write_value(dev, INDEX1, (uint8_t *)&x, sizeof(x)));
206 TPM_CHECK(tpm_nv_read_value(dev, INDEX1, (uint8_t *)&x, sizeof(x)));
Simon Glass45158dd2015-08-22 18:31:42 -0600207 assert(x == 2);
208 /* Turns off PP */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700209 tpm_tsc_physical_presence(dev, PHYS_PRESENCE);
Simon Glass45158dd2015-08-22 18:31:42 -0600210 /* Verifies that write to index1 fails */
211 x = 3;
Simon Glass8ceca1d2018-11-18 14:22:27 -0700212 result = tpm_nv_write_value(dev, INDEX1, (uint8_t *)&x, sizeof(x));
Simon Glass45158dd2015-08-22 18:31:42 -0600213 assert(result == TPM_BAD_PRESENCE);
Simon Glass8ceca1d2018-11-18 14:22:27 -0700214 TPM_CHECK(tpm_nv_read_value(dev, INDEX1, (uint8_t *)&x, sizeof(x)));
Simon Glass45158dd2015-08-22 18:31:42 -0600215 assert(x == 2);
216 printf("\tdone\n");
217 return 0;
218}
219
Simon Glass8ceca1d2018-11-18 14:22:27 -0700220static int test_lock(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600221{
222 printf("Testing lock ...\n");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700223 tpm_init(dev);
224 tpm_startup(dev, TPM_ST_CLEAR);
225 tpm_self_test_full(dev);
226 tpm_tsc_physical_presence(dev, PRESENCE);
227 tpm_nv_write_value_lock(dev, INDEX0);
Simon Glass45158dd2015-08-22 18:31:42 -0600228 printf("\tLocked 0x%x\n", INDEX0);
229 printf("\tdone\n");
230 return 0;
231}
232
Simon Glass8ceca1d2018-11-18 14:22:27 -0700233static void initialise_spaces(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600234{
235 uint32_t zero = 0;
236 uint32_t perm = TPM_NV_PER_WRITE_STCLEAR | TPM_NV_PER_PPWRITE;
237
238 printf("\tInitialising spaces\n");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700239 tpm_nv_set_locked(dev); /* useful only the first time */
240 tpm_nv_define_space(dev, INDEX0, perm, 4);
241 tpm_nv_write_value(dev, INDEX0, (uint8_t *)&zero, 4);
242 tpm_nv_define_space(dev, INDEX1, perm, 4);
243 tpm_nv_write_value(dev, INDEX1, (uint8_t *)&zero, 4);
244 tpm_nv_define_space(dev, INDEX2, perm, 4);
245 tpm_nv_write_value(dev, INDEX2, (uint8_t *)&zero, 4);
246 tpm_nv_define_space(dev, INDEX3, perm, 4);
247 tpm_nv_write_value(dev, INDEX3, (uint8_t *)&zero, 4);
Simon Glass45158dd2015-08-22 18:31:42 -0600248 perm = TPM_NV_PER_READ_STCLEAR | TPM_NV_PER_WRITE_STCLEAR |
249 TPM_NV_PER_PPWRITE;
Simon Glass8ceca1d2018-11-18 14:22:27 -0700250 tpm_nv_define_space(dev, INDEX_INITIALISED, perm, 1);
Simon Glass45158dd2015-08-22 18:31:42 -0600251}
252
Simon Glass8ceca1d2018-11-18 14:22:27 -0700253static int test_readonly(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600254{
255 uint8_t c;
256 uint32_t index_0, index_1, index_2, index_3;
257 int read0, read1, read2, read3;
258
259 printf("Testing readonly ...\n");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700260 tpm_init(dev);
261 tpm_startup(dev, TPM_ST_CLEAR);
262 tpm_self_test_full(dev);
263 tpm_tsc_physical_presence(dev, PRESENCE);
Simon Glass45158dd2015-08-22 18:31:42 -0600264 /*
265 * Checks if initialisation has completed by trying to read-lock a
266 * space that's created at the end of initialisation
267 */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700268 if (tpm_nv_read_value(dev, INDEX_INITIALISED, &c, 0) == TPM_BADINDEX) {
Simon Glass45158dd2015-08-22 18:31:42 -0600269 /* The initialisation did not complete */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700270 initialise_spaces(dev);
Simon Glass45158dd2015-08-22 18:31:42 -0600271 }
272
273 /* Checks if spaces are OK or messed up */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700274 read0 = tpm_nv_read_value(dev, INDEX0, (uint8_t *)&index_0,
275 sizeof(index_0));
276 read1 = tpm_nv_read_value(dev, INDEX1, (uint8_t *)&index_1,
277 sizeof(index_1));
278 read2 = tpm_nv_read_value(dev, INDEX2, (uint8_t *)&index_2,
279 sizeof(index_2));
280 read3 = tpm_nv_read_value(dev, INDEX3, (uint8_t *)&index_3,
281 sizeof(index_3));
Simon Glass45158dd2015-08-22 18:31:42 -0600282 if (read0 || read1 || read2 || read3) {
283 printf("Invalid contents\n");
284 return 0;
285 }
286
287 /*
288 * Writes space, and locks it. Then attempts to write again.
289 * I really wish I could use the imperative.
290 */
291 index_0 += 1;
Simon Glass8ceca1d2018-11-18 14:22:27 -0700292 if (tpm_nv_write_value(dev, INDEX0, (uint8_t *)&index_0,
293 sizeof(index_0) !=
Simon Glass45158dd2015-08-22 18:31:42 -0600294 TPM_SUCCESS)) {
Masahiro Yamada81e10422017-09-16 14:10:41 +0900295 pr_err("\tcould not write index 0\n");
Simon Glass45158dd2015-08-22 18:31:42 -0600296 }
Simon Glass8ceca1d2018-11-18 14:22:27 -0700297 tpm_nv_write_value_lock(dev, INDEX0);
298 if (tpm_nv_write_value(dev, INDEX0, (uint8_t *)&index_0,
299 sizeof(index_0)) ==
Simon Glass45158dd2015-08-22 18:31:42 -0600300 TPM_SUCCESS)
Masahiro Yamada81e10422017-09-16 14:10:41 +0900301 pr_err("\tindex 0 is not locked\n");
Simon Glass45158dd2015-08-22 18:31:42 -0600302
303 printf("\tdone\n");
304 return 0;
305}
306
Simon Glass8ceca1d2018-11-18 14:22:27 -0700307static int test_redefine_unowned(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600308{
309 uint32_t perm;
310 uint32_t result;
311 uint32_t x;
312
313 printf("Testing redefine_unowned ...");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700314 tpm_init(dev);
315 TPM_CHECK(TlclStartupIfNeeded(dev));
316 TPM_CHECK(tpm_self_test_full(dev));
317 TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
318 assert(!tpm_is_owned(dev));
Simon Glass45158dd2015-08-22 18:31:42 -0600319
320 /* Ensures spaces exist. */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700321 TPM_CHECK(tpm_nv_read_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)));
322 TPM_CHECK(tpm_nv_read_value(dev, INDEX1, (uint8_t *)&x, sizeof(x)));
Simon Glass45158dd2015-08-22 18:31:42 -0600323
324 /* Redefines spaces a couple of times. */
325 perm = TPM_NV_PER_PPWRITE | TPM_NV_PER_GLOBALLOCK;
Simon Glass8ceca1d2018-11-18 14:22:27 -0700326 TPM_CHECK(tpm_nv_define_space(dev, INDEX0, perm, 2 * sizeof(uint32_t)));
327 TPM_CHECK(tpm_nv_define_space(dev, INDEX0, perm, sizeof(uint32_t)));
Simon Glass45158dd2015-08-22 18:31:42 -0600328 perm = TPM_NV_PER_PPWRITE;
Simon Glass8ceca1d2018-11-18 14:22:27 -0700329 TPM_CHECK(tpm_nv_define_space(dev, INDEX1, perm, 2 * sizeof(uint32_t)));
330 TPM_CHECK(tpm_nv_define_space(dev, INDEX1, perm, sizeof(uint32_t)));
Simon Glass45158dd2015-08-22 18:31:42 -0600331
332 /* Sets the global lock */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700333 tpm_set_global_lock(dev);
Simon Glass45158dd2015-08-22 18:31:42 -0600334
335 /* Verifies that index0 cannot be redefined */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700336 result = tpm_nv_define_space(dev, INDEX0, perm, sizeof(uint32_t));
Simon Glass45158dd2015-08-22 18:31:42 -0600337 assert(result == TPM_AREA_LOCKED);
338
339 /* Checks that index1 can */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700340 TPM_CHECK(tpm_nv_define_space(dev, INDEX1, perm, 2 * sizeof(uint32_t)));
341 TPM_CHECK(tpm_nv_define_space(dev, INDEX1, perm, sizeof(uint32_t)));
Simon Glass45158dd2015-08-22 18:31:42 -0600342
343 /* Turns off PP */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700344 tpm_tsc_physical_presence(dev, PHYS_PRESENCE);
Simon Glass45158dd2015-08-22 18:31:42 -0600345
346 /* Verifies that neither index0 nor index1 can be redefined */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700347 result = tpm_nv_define_space(dev, INDEX0, perm, sizeof(uint32_t));
Simon Glass45158dd2015-08-22 18:31:42 -0600348 assert(result == TPM_BAD_PRESENCE);
Simon Glass8ceca1d2018-11-18 14:22:27 -0700349 result = tpm_nv_define_space(dev, INDEX1, perm, sizeof(uint32_t));
Simon Glass45158dd2015-08-22 18:31:42 -0600350 assert(result == TPM_BAD_PRESENCE);
351
352 printf("done\n");
353 return 0;
354}
355
356#define PERMPPGL (TPM_NV_PER_PPWRITE | TPM_NV_PER_GLOBALLOCK)
357#define PERMPP TPM_NV_PER_PPWRITE
358
Simon Glass8ceca1d2018-11-18 14:22:27 -0700359static int test_space_perm(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600360{
361 uint32_t perm;
362
363 printf("Testing spaceperm ...");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700364 tpm_init(dev);
365 TPM_CHECK(TlclStartupIfNeeded(dev));
366 TPM_CHECK(tpm_continue_self_test(dev));
367 TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
368 TPM_CHECK(tpm_get_permissions(dev, INDEX0, &perm));
Simon Glass45158dd2015-08-22 18:31:42 -0600369 assert((perm & PERMPPGL) == PERMPPGL);
Simon Glass8ceca1d2018-11-18 14:22:27 -0700370 TPM_CHECK(tpm_get_permissions(dev, INDEX1, &perm));
Simon Glass45158dd2015-08-22 18:31:42 -0600371 assert((perm & PERMPP) == PERMPP);
372 printf("done\n");
373 return 0;
374}
375
Simon Glass8ceca1d2018-11-18 14:22:27 -0700376static int test_startup(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600377{
378 uint32_t result;
Simon Glass8ceca1d2018-11-18 14:22:27 -0700379
Simon Glass45158dd2015-08-22 18:31:42 -0600380 printf("Testing startup ...\n");
381
Simon Glass8ceca1d2018-11-18 14:22:27 -0700382 tpm_init(dev);
383 result = tpm_startup(dev, TPM_ST_CLEAR);
Simon Glass45158dd2015-08-22 18:31:42 -0600384 if (result != 0 && result != TPM_INVALID_POSTINIT)
385 printf("\ttpm startup failed with 0x%x\n", result);
Simon Glass8ceca1d2018-11-18 14:22:27 -0700386 result = tpm_get_flags(dev, NULL, NULL, NULL);
Simon Glass45158dd2015-08-22 18:31:42 -0600387 if (result != 0)
388 printf("\ttpm getflags failed with 0x%x\n", result);
389 printf("\texecuting SelfTestFull\n");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700390 tpm_self_test_full(dev);
391 result = tpm_get_flags(dev, NULL, NULL, NULL);
Simon Glass45158dd2015-08-22 18:31:42 -0600392 if (result != 0)
393 printf("\ttpm getflags failed with 0x%x\n", result);
394 printf("\tdone\n");
395 return 0;
396}
397
398/*
399 * Runs [op] and ensures it returns success and doesn't run longer than
400 * [time_limit] in milliseconds.
401 */
402#define TTPM_CHECK(op, time_limit) do { \
403 ulong start, time; \
404 uint32_t __result; \
405 \
406 start = get_timer(0); \
407 __result = op; \
408 if (__result != TPM_SUCCESS) { \
409 printf("\t" #op ": error 0x%x\n", __result); \
410 return -1; \
411 } \
412 time = get_timer(start); \
413 printf("\t" #op ": %lu ms\n", time); \
414 if (time > (ulong)time_limit) { \
415 printf("\t" #op " exceeded " #time_limit " ms\n"); \
416 } \
417} while (0)
418
419
Simon Glass8ceca1d2018-11-18 14:22:27 -0700420static int test_timing(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600421{
Simon Glass45158dd2015-08-22 18:31:42 -0600422 uint8_t in[20], out[20];
Simon Glass8ceca1d2018-11-18 14:22:27 -0700423 uint32_t x;
Simon Glass45158dd2015-08-22 18:31:42 -0600424
425 printf("Testing timing ...");
Simon Glass8ceca1d2018-11-18 14:22:27 -0700426 tpm_init(dev);
427 TTPM_CHECK(TlclStartupIfNeeded(dev), 50);
428 TTPM_CHECK(tpm_continue_self_test(dev), 100);
429 TTPM_CHECK(tpm_self_test_full(dev), 1000);
430 TTPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE), 100);
431 TTPM_CHECK(tpm_nv_write_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)),
432 100);
433 TTPM_CHECK(tpm_nv_read_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)),
434 100);
435 TTPM_CHECK(tpm_extend(dev, 0, in, out), 200);
436 TTPM_CHECK(tpm_set_global_lock(dev), 50);
437 TTPM_CHECK(tpm_tsc_physical_presence(dev, PHYS_PRESENCE), 100);
Simon Glass45158dd2015-08-22 18:31:42 -0600438 printf("done\n");
439 return 0;
440}
441
442#define TPM_MAX_NV_WRITES_NOOWNER 64
443
Simon Glass8ceca1d2018-11-18 14:22:27 -0700444static int test_write_limit(struct udevice *dev)
Simon Glass45158dd2015-08-22 18:31:42 -0600445{
Simon Glass45158dd2015-08-22 18:31:42 -0600446 uint32_t result;
Simon Glass8ceca1d2018-11-18 14:22:27 -0700447 int i;
Simon Glass45158dd2015-08-22 18:31:42 -0600448
Simon Glass8ceca1d2018-11-18 14:22:27 -0700449 printf("Testing writelimit ...\n");
450 tpm_init(dev);
451 TPM_CHECK(TlclStartupIfNeeded(dev));
452 TPM_CHECK(tpm_self_test_full(dev));
453 TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
454 TPM_CHECK(tpm_force_clear(dev));
455 TPM_CHECK(tpm_physical_enable(dev));
456 TPM_CHECK(tpm_physical_set_deactivated(dev, 0));
Simon Glass45158dd2015-08-22 18:31:42 -0600457
458 for (i = 0; i < TPM_MAX_NV_WRITES_NOOWNER + 2; i++) {
459 printf("\twriting %d\n", i);
Simon Glass8ceca1d2018-11-18 14:22:27 -0700460 result = tpm_nv_write_value(dev, INDEX0, (uint8_t *)&i,
461 sizeof(i));
Simon Glass45158dd2015-08-22 18:31:42 -0600462 switch (result) {
463 case TPM_SUCCESS:
464 break;
465 case TPM_MAXNVWRITES:
466 assert(i >= TPM_MAX_NV_WRITES_NOOWNER);
467 default:
Masahiro Yamada81e10422017-09-16 14:10:41 +0900468 pr_err("\tunexpected error code %d (0x%x)\n",
Simon Glass45158dd2015-08-22 18:31:42 -0600469 result, result);
470 }
471 }
472
473 /* Reset write count */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700474 TPM_CHECK(tpm_force_clear(dev));
475 TPM_CHECK(tpm_physical_enable(dev));
476 TPM_CHECK(tpm_physical_set_deactivated(dev, 0));
Simon Glass45158dd2015-08-22 18:31:42 -0600477
478 /* Try writing again. */
Simon Glass8ceca1d2018-11-18 14:22:27 -0700479 TPM_CHECK(tpm_nv_write_value(dev, INDEX0, (uint8_t *)&i, sizeof(i)));
Simon Glass45158dd2015-08-22 18:31:42 -0600480 printf("\tdone\n");
481 return 0;
482}
483
484#define VOIDTEST(XFUNC) \
485 int do_test_##XFUNC(cmd_tbl_t *cmd_tbl, int flag, int argc, \
486 char * const argv[]) \
487 { \
Simon Glass8ceca1d2018-11-18 14:22:27 -0700488 struct udevice *dev; \
489 int ret; \
490\
491 ret = get_tpm(&dev); \
492 if (ret) \
493 return ret; \
494 return test_##XFUNC(dev); \
Simon Glass45158dd2015-08-22 18:31:42 -0600495 }
496
497#define VOIDENT(XNAME) \
498 U_BOOT_CMD_MKENT(XNAME, 0, 1, do_test_##XNAME, "", ""),
499
500VOIDTEST(early_extend)
501VOIDTEST(early_nvram)
502VOIDTEST(early_nvram2)
503VOIDTEST(enable)
504VOIDTEST(fast_enable)
505VOIDTEST(global_lock)
506VOIDTEST(lock)
507VOIDTEST(readonly)
508VOIDTEST(redefine_unowned)
509VOIDTEST(space_perm)
510VOIDTEST(startup)
511VOIDTEST(timing)
512VOIDTEST(write_limit)
513VOIDTEST(timer)
514
515static cmd_tbl_t cmd_cros_tpm_sub[] = {
516 VOIDENT(early_extend)
517 VOIDENT(early_nvram)
518 VOIDENT(early_nvram2)
519 VOIDENT(enable)
520 VOIDENT(fast_enable)
521 VOIDENT(global_lock)
522 VOIDENT(lock)
523 VOIDENT(readonly)
524 VOIDENT(redefine_unowned)
525 VOIDENT(space_perm)
526 VOIDENT(startup)
527 VOIDENT(timing)
528 VOIDENT(write_limit)
529 VOIDENT(timer)
530};
531
532static int do_tpmtest(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
533{
534 cmd_tbl_t *c;
Stefan Brünseefa3022016-10-16 17:13:55 +0200535 int i;
Simon Glass45158dd2015-08-22 18:31:42 -0600536
537 printf("argc = %d, argv = ", argc);
Stefan Brünseefa3022016-10-16 17:13:55 +0200538
539 for (i = 0; i < argc; i++)
540 printf(" %s", argv[i]);
541
542 printf("\n------\n");
Simon Glass45158dd2015-08-22 18:31:42 -0600543
Simon Glass45158dd2015-08-22 18:31:42 -0600544 argc--;
545 argv++;
546 c = find_cmd_tbl(argv[0], cmd_cros_tpm_sub,
547 ARRAY_SIZE(cmd_cros_tpm_sub));
548 return c ? c->cmd(cmdtp, flag, argc, argv) : cmd_usage(cmdtp);
549}
550
551U_BOOT_CMD(tpmtest, 2, 1, do_tpmtest, "TPM tests",
552 "\n\tearly_extend\n"
553 "\tearly_nvram\n"
554 "\tearly_nvram2\n"
555 "\tenable\n"
556 "\tfast_enable\n"
557 "\tglobal_lock\n"
558 "\tlock\n"
559 "\treadonly\n"
560 "\tredefine_unowned\n"
561 "\tspace_perm\n"
562 "\tstartup\n"
563 "\ttiming\n"
564 "\twrite_limit\n");