From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <u-boot-bounces@lists.denx.de>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id D4ECCC61DA3
	for <u-boot@archiver.kernel.org>; Tue, 21 Feb 2023 13:58:48 +0000 (UTC)
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id B898C85899;
	Tue, 21 Feb 2023 14:58:45 +0100 (CET)
Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de;
	dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="YCbjvBAH";
	dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id D051280BA1; Tue, 21 Feb 2023 14:58:43 +0100 (CET)
Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com
 [IPv6:2a00:1450:4864:20::534])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id 2A64A80BA1
 for <u-boot@lists.denx.de>; Tue, 21 Feb 2023 14:58:41 +0100 (CET)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org
Received: by mail-ed1-x534.google.com with SMTP id h16so17757121edz.10
 for <u-boot@lists.denx.de>; Tue, 21 Feb 2023 05:58:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=in-reply-to:content-disposition:mime-version:references:message-id
 :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to;
 bh=sBGDG6eBeCMEIa1l7yZ109Kdhd02jU5eahr87NeV8oQ=;
 b=YCbjvBAHE2U8ehvwNX7+IJexgwp/3++oz0aYOUHboKhRX8hIdfzDuTmj/4/9T6D5vW
 5+SnyQeL4uj7l9FZQYa9SV1ByU4CTgO0+99rlg7t3zxrGop2vLtmbSvfW6Vc0K3hc2P7
 eIaDja7hz5OLo9AvqejIhnh65sPrg9XGAAY6IJ0PtuJhtQtXFzxnFCXWvWFInD3laecB
 NQqgb0gTWiJ/aapKE0qDDvRLXStelmxxk4vuAGjFqDSEuqdp9Ei7jFz81JyL40vn7mgs
 HIyvhAzu1nm86KPTEHinbXeGdp0DJRQdNboLqOmGesmk/yQykfalwqgnFtV3vFfXvp9L
 44sQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=in-reply-to:content-disposition:mime-version:references:message-id
 :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date
 :message-id:reply-to;
 bh=sBGDG6eBeCMEIa1l7yZ109Kdhd02jU5eahr87NeV8oQ=;
 b=ZIaV7qT1zxGwCCisqnmKRBtGp91ul+lKCLuM8TAdoOwknJiC2+PwbDGEhTh8UOqcO3
 u46zxNrP155MB7dtPrk6Hb0YJFvcjbqcFKC39qWvPLeQiOPuLBs7iFYCk04sGEej7bcr
 dfMQ4nz/wWqc756F1QXiMnJyKuJbAXeJH8GPDj7HycJa5333/QmBOoNtrGO8hkPca9Xi
 3TImLFGEiNk6qMnix2tfo5ctGDILgosyOZp5frK0iw6OYbncWk3kaMM9tffb88WHhwmV
 zszBqb2YoTIpLV0XZfCmI6VwaQVODTQ+TzZVxGuop3PiQKSIEZbydgOhqqClPwPD4JVk
 kWVA==
X-Gm-Message-State: AO0yUKVvI1hKaf+XACvirVTxSrs832uxkkh86FbM6Mwd5+R9hzDxM64l
 CBjQ027a56q4y3E3LvDaCPmdhw==
X-Google-Smtp-Source: AK7set+qpPzy7+h+ve+KP892fsiFEVdTRMM4HFRgfNUIYUw0GmZr/TAl301QTgYE6pRZsUztf086gg==
X-Received: by 2002:a17:906:4d0a:b0:8af:370b:da59 with SMTP id
 r10-20020a1709064d0a00b008af370bda59mr11123284eju.17.1676987920654; 
 Tue, 21 Feb 2023 05:58:40 -0800 (PST)
Received: from hera (ppp176092130041.access.hol.gr. [176.92.130.41])
 by smtp.gmail.com with ESMTPSA id
 gk7-20020a17090790c700b008c673cd9ba2sm3977691ejb.126.2023.02.21.05.58.40
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 21 Feb 2023 05:58:40 -0800 (PST)
Date: Tue, 21 Feb 2023 15:58:38 +0200
From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: Simon Glass <sjg@chromium.org>
Cc: U-Boot Mailing List <u-boot@lists.denx.de>
Subject: Re: [PATCH v2] tpm: Allow committing non-volatile data
Message-ID: <Y/TODuRYJXJrNmj4@hera>
References: <20230220163124.299996-1-sjg@chromium.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20230220163124.299996-1-sjg@chromium.org>
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de
X-Virus-Status: Clean

Hi Simon,

On Mon, Feb 20, 2023 at 09:31:24AM -0700, Simon Glass wrote:
> Add an option to tell the TPM to commit non-volatile data immediately it
> is changed, rather than waiting until later. This is needed in some
> situations, since if the device reboots it may not write the data.
>
> Add definitions for the rest of the Cr50 commands while we are here.

This defines a function that's unused. IIRC you said U-Boot doesn't use it,
but some code that run for that laptop does right?
In any case the function declaration doesn't belong to the TPMv2 library.
I think we are better off adding it to the cr50 driver itself.  I also
assume you compile u-boot in a 'special' way so the linker doesn't get rid
of the emitted code?  Does t hat mean we can define it as __unused as well?

Thanks
/Ilias
>
> Signed-off-by: Simon Glass <sjg@chromium.org>
> ---
> I am resending this as I think it got lost.
>
> Changes in v2:
> - Rebase to master
>
>  include/tpm-v2.h | 14 ++++++++++++++
>  lib/tpm-v2.c     | 20 ++++++++++++++++++++
>  2 files changed, 34 insertions(+)
>
> diff --git a/include/tpm-v2.h b/include/tpm-v2.h
> index 8e90a616220..0a03994740d 100644
> --- a/include/tpm-v2.h
> +++ b/include/tpm-v2.h
> @@ -712,4 +712,18 @@ u32 tpm2_submit_command(struct udevice *dev, const u8 *sendbuf,
>   */
>  u32 tpm2_cr50_report_state(struct udevice *dev, u8 *recvbuf, size_t *recv_size);
>
> +/*
> + * tpm2_cr50_enable_nvcommits() - Tell Cr50 to commit NV data immediately
> + *
> + * For Chromium OS verified boot, we may reboot or reset at different times,
> + * possibly leaving non-volatile data unwritten by the TPM.
> + *
> + * This vendor command is used to indicate that non-volatile data should be
> + * written to its store immediately.
> + *
> + * @dev		TPM device
> + * Return: result of the operation
> + */
> +u32 tpm2_cr50_enable_nvcommits(struct udevice *dev);
> +
>  #endif /* __TPM_V2_H */
> diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
> index bdf019b0f93..5fcd3649b74 100644
> --- a/lib/tpm-v2.c
> +++ b/lib/tpm-v2.c
> @@ -699,3 +699,23 @@ u32 tpm2_cr50_report_state(struct udevice *dev, u8 *recvbuf, size_t *recv_size)
>
>  	return 0;
>  }
> +
> +u32 tpm2_cr50_enable_nvcommits(struct udevice *dev)
> +{
> +	u8 command_v2[COMMAND_BUFFER_SIZE] = {
> +		/* header 10 bytes */
> +		tpm_u16(TPM2_ST_NO_SESSIONS),		/* TAG */
> +		tpm_u32(10 + 2),			/* Length */
> +		tpm_u32(TPM2_CR50_VENDOR_COMMAND),	/* Command code */
> +
> +		tpm_u16(TPM2_CR50_SUB_CMD_NVMEM_ENABLE_COMMITS),
> +	};
> +	int ret;
> +
> +	ret = tpm_sendrecv_command(dev, command_v2, NULL, NULL);
> +	log_debug("ret=%s, %x\n", dev->name, ret);
> +	if (ret)
> +		return ret;
> +
> +	return 0;
> +}
> --
> 2.39.2.637.g21b0678d19-goog
>