From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <u-boot-bounces@lists.denx.de>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id A68E7C25B08
	for <u-boot@archiver.kernel.org>; Wed, 17 Aug 2022 12:13:56 +0000 (UTC)
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id E6E278498F;
	Wed, 17 Aug 2022 14:13:54 +0200 (CEST)
Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de;
	dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="W4ZJfS3v";
	dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id C992F8498D; Wed, 17 Aug 2022 14:13:52 +0200 (CEST)
Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com
 [IPv6:2a00:1450:4864:20::62d])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id D59608498D
 for <u-boot@lists.denx.de>; Wed, 17 Aug 2022 14:13:49 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org
Received: by mail-ej1-x62d.google.com with SMTP id k26so24192430ejx.5
 for <u-boot@lists.denx.de>; Wed, 17 Aug 2022 05:13:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=in-reply-to:content-disposition:mime-version:references:message-id
 :subject:cc:to:from:date:from:to:cc;
 bh=WxcwO3e/+AujGL6J1Wsz6NtWvwenROMeTrFIVkZ8JPI=;
 b=W4ZJfS3v6rPj4dmqNSyMnM+GQonA5oMfa/TPGVb0/uUaF1EOGyw2IRPDUcuKL75zt+
 tLlKoIVXKsl/8uQ/WhIOozmsREVK01fI1bL6MIYCqPaY7tvnONC+NEe2wmlJtWFTRgn3
 8VNR5geLak+O07rG7Mg9dRFIAzquN1Yr7IzcCgrJPzuym7DUl75mC9/U1EswHUTrszHU
 KVhDxobXSAHneYcfHI8UKlqTu7oRzYh76zzNoeZFz4LEPvowIzre+UZhmjkIldgNR6Cg
 CRqkjsPNfXliixKjLy2PxJU4cbbz7vXCHFRgLEjnm61R0nDg8aY80OCn/jPn3TXeH89E
 jeRQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=in-reply-to:content-disposition:mime-version:references:message-id
 :subject:cc:to:from:date:x-gm-message-state:from:to:cc;
 bh=WxcwO3e/+AujGL6J1Wsz6NtWvwenROMeTrFIVkZ8JPI=;
 b=2uoYZra+pIfAKw1qz2HhSFEzYPPRN7be6Nv5xd6z6B1GlaAfzMROn27g6X9Tw4LinH
 9XrkXz8mtpCwd/S322J3dRZTmBV6xMjak5NTcSYK/rBW0JcahW8NVJjUTv4fghnsbT6W
 rfBAfAn+U6mkp4b1D1lIvXG0G5A+QSUF1LDqbfHD0uEsqapew7xSi0cg5QXGE7Wj1nRO
 XUpRK+uyiTWP89Bb/3DL8lyQLzBS0THKKn6Mno7F1xD2gzsM89dIDlInI/rwiQRsWzuw
 /9p34thx+8gEpFSCQBx8/d00YgAAr55kW4M1vqJK05kfywOKH/KubYNmbI4Bj1cOuqZb
 m9jw==
X-Gm-Message-State: ACgBeo0EMy5p33yk+cBJZqgKJw377f/UPDzo5+hoIEZ0x2Z1QXq7w1zB
 PUbLscSOF4MIBGpYN6N5uTCa3Q==
X-Google-Smtp-Source: AA6agR4GlvevzWn13RrhKaV50bVAmlYReAinlvqQd0cm0BUSr6SXPzfVis4XFWSSEmqbGzFDGXggQg==
X-Received: by 2002:a17:907:1df1:b0:730:b058:ef95 with SMTP id
 og49-20020a1709071df100b00730b058ef95mr16402220ejc.600.1660738429445; 
 Wed, 17 Aug 2022 05:13:49 -0700 (PDT)
Received: from hera ([46.103.15.185]) by smtp.gmail.com with ESMTPSA id
 x4-20020a1709065ac400b00730b3bdd8d7sm6807510ejs.179.2022.08.17.05.13.48
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 17 Aug 2022 05:13:48 -0700 (PDT)
Date: Wed, 17 Aug 2022 15:13:46 +0300
From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Cc: u-boot@lists.denx.de, Jorge Ramirez-Ortiz <jorge@foundries.io>,
 Ruchika Gupta <ruchika.gupta@linaro.org>
Subject: Re: [PATCH] cmd: tpm-v2: add get_random
Message-ID: <YvzbemBQIBQ3X8We@hera>
References: <20220817102716.42038-1-oleksandr.suvorov@foundries.io>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20220817102716.42038-1-oleksandr.suvorov@foundries.io>
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de
X-Virus-Status: Clean

Hi Oleksandr

On Wed, Aug 17, 2022 at 01:27:16PM +0300, Oleksandr Suvorov wrote:
> From: Jorge Ramirez-Ortiz <jorge@foundries.io>
> 
> Enable getting randomness from the tpm command line.

Does it have to be the tpm command lime?
As of 87ab234c1cf ("cmd: rng: Add support for selecting RNG device") you can
explicitly select the device on the default rng command.  That series also 
plugs in the TPM RNG into the DM and allows wider usage (e.g from the EFI_RNG_PROTOCOL)

So the rng command should be good enough?

Thanks
/Ilias
> 
> Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
> Co-developed-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
> Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
> ---
> 
>  cmd/tpm-v2.c | 36 ++++++++++++++++++++++++++++++++++++
>  1 file changed, 36 insertions(+)
> 
> diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
> index 4ea5f9f094f..5b53953e207 100644
> --- a/cmd/tpm-v2.c
> +++ b/cmd/tpm-v2.c
> @@ -6,8 +6,10 @@
>  
>  #include <common.h>
>  #include <command.h>
> +#include <display_options.h>
>  #include <dm.h>
>  #include <log.h>
> +#include <malloc.h>
>  #include <mapmem.h>
>  #include <tpm-common.h>
>  #include <tpm-v2.h>
> @@ -206,6 +208,37 @@ unmap_data:
>  	return report_return_code(rc);
>  }
>  
> +static int do_tpm2_get_random(struct cmd_tbl *cmdtp, int flag, int argc,
> +			      char *const argv[])
> +{
> +	struct udevice *dev;
> +	char *buffer;
> +	u32 len;
> +	int ret;
> +
> +	ret = get_tpm(&dev);
> +	if (ret) {
> +		printf("Can't get tpm\n");
> +		return ret;
> +	}
> +
> +	if (argc != 2)
> +		return CMD_RET_USAGE;
> +
> +	len = simple_strtoul(argv[1], NULL, 10);
> +	buffer = calloc(1, len);
> +	if (!buffer)
> +		return -ENOMEM;
> +
> +	ret = tpm2_get_random(dev, buffer, len);
> +	if (!ret)
> +		print_buffer(0, buffer, 1, len, 0);
> +
> +	free(buffer);
> +
> +	return report_return_code(ret);
> +}
> +
>  static int do_tpm_dam_reset(struct cmd_tbl *cmdtp, int flag, int argc,
>  			    char *const argv[])
>  {
> @@ -366,6 +399,7 @@ static struct cmd_tbl tpm2_commands[] = {
>  	U_BOOT_CMD_MKENT(pcr_extend, 0, 1, do_tpm2_pcr_extend, "", ""),
>  	U_BOOT_CMD_MKENT(pcr_read, 0, 1, do_tpm_pcr_read, "", ""),
>  	U_BOOT_CMD_MKENT(get_capability, 0, 1, do_tpm_get_capability, "", ""),
> +	U_BOOT_CMD_MKENT(get_random, 0, 1, do_tpm2_get_random, "", ""),
>  	U_BOOT_CMD_MKENT(dam_reset, 0, 1, do_tpm_dam_reset, "", ""),
>  	U_BOOT_CMD_MKENT(dam_parameters, 0, 1, do_tpm_dam_parameters, "", ""),
>  	U_BOOT_CMD_MKENT(change_auth, 0, 1, do_tpm_change_auth, "", ""),
> @@ -421,6 +455,8 @@ U_BOOT_CMD(tpm2, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command",
>  "    <property>: property\n"
>  "    <addr>: address to store <count> entries of 4 bytes\n"
>  "    <count>: number of entries to retrieve\n"
> +"get_random <len>\n"
> +"    Get <len> random bytes.\n"
>  "dam_reset [<password>]\n"
>  "    If the TPM is not in a LOCKOUT state, reset the internal error counter.\n"
>  "    <password>: optional password\n"
> -- 
> 2.37.2
>