[PATCH v3 00/12] tpm: Add wolfTPM library support for TPM 2.0

[Aidan Garske <aidan@wolfssl.com>]

Hi all,

This is v3 of the wolfTPM TPM 2.0 stack integration for U-Boot.

wolfTPM (https://github.com/wolfSSL/wolfTPM) is a portable, GPLv2 TPM 2.0
library that provides a full TPM 2.0 command set, an SPI/MMIO HAL, and
firmware-update support for Infineon SLB9672/SLB9673 hardware.  This
series wires it into U-Boot as an optional backend behind the existing
'tpm2' command, alongside support for QEMU+swtpm, sandbox emulation, and
real Raspberry Pi 4 + Infineon SLB9672 hardware.

Branch (full 14-commit history including the subtree squash + merge):
  https://github.com/aidangarske/u-boot wolftpm-v2-patches

Note on the subtree commits omitted from this email thread:
  The branch above contains 14 commits; the email series is 12 patches.
  Two commits are deliberately not sent to the list:

    * "Squashed 'lib/wolftpm/' content from commit 664db130d57"
        - the parentless squash commit produced by `git subtree add`.
          Its diff is ~3.4MB / ~90k lines and would be rejected by the
          mailing list on size.
    * "Merge commit 'd42fd7b146...' as 'lib/wolftpm'"
        - the corresponding subtree merge commit. Merges have no patch
          form and are routinely omitted by `git format-patch`.

  Please pull from the branch above (or wolfssl/wolfTPM @ 664db130d57)
  to inspect the imported wolfTPM source. Subsequent updates will go
  via tools/update-subtree.sh, matching how mbedTLS, lwIP, and
  dts/upstream are maintained in tree.

Changes since v2:
  - Replaced the lib/wolftpm git submodule with a git subtree import
    (squash + merge), matching the convention used for mbedTLS, lwIP,
    and dts/upstream.  tools/update-subtree.sh is updated to know
    about the wolftpm subtree (path lib/wolftpm, upstream
    https://github.com/wolfssl/wolfTPM.git).
    [feedback: Ilias Apalodimas]
  - Reverted the changes to include/linux/byteorder/generic.h.  The
    redefinition workaround for cpu_to_beXX / beXX_to_cpu now lives
    on the wolfTPM side: include/configs/user_settings.h pulls in
    <asm/byteorder.h> up front so U-Boot's macros are defined before
    wolfTPM's #ifndef-guarded fallbacks in tpm2_packet.h.
    [feedback: Ilias Apalodimas]

Testing:
  - QEMU arm64 + swtpm Python test framework
    (./test/py/test.py --bd qemu_arm64 -k "test_wolftpm and not ut_cmd"):
    19 passed, 2 skipped (matching doc/usage/cmd/wolftpm.rst).
  - Manual QEMU arm64 + swtpm walkthrough per
    doc/usage/cmd/wolftpm.rst section "Building and Running wolfTPM
    with U-Boot using QEMU": tpm2 help/info/autostart/startup/
    get_capability/pcr_read/pcr_print/caps all return expected output.
  - Raspberry Pi 4 + Infineon SLB9672 (real hardware): all wolfTPM
    cmd tests pass, including firmware update path.

v2 thread:
  https://lore.kernel.org/u-boot/?q=PATCH+v2+tpm+wolfTPM

Aidan Garske (12):
  tpm: export tpm_show_device, tpm_set_device, and get_tpm
  include/hash: add SHA384 hash wrapper declaration for wolfTPM
  spi: add BCM2835/BCM2711 hardware SPI controller driver
  dts: add TPM device tree nodes for RPi4, QEMU, and sandbox
  tpm: add wolfTPM build rules and Kconfig
  tpm: add wolfTPM headers and SHA384 glue code
  tpm: add wolfTPM driver helpers and Kconfig options
  cmd: refactor tpm2 command into frontend/backend architecture
  tpm: add sandbox TPM SPI emulator
  test: add wolfTPM C unit tests and Python integration tests
  doc: add wolfTPM documentation
  configs: enable wolfTPM in rpi_4_defconfig

--
2.47.3