From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <u-boot-bounces@lists.denx.de>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id A8F78C38145
	for <u-boot@archiver.kernel.org>; Sat,  3 Sep 2022 14:06:08 +0000 (UTC)
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id 7C09984405;
	Sat,  3 Sep 2022 16:06:06 +0200 (CEST)
Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de;
	dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="RSnd87q5";
	dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id 28553847E6; Sat,  3 Sep 2022 16:06:05 +0200 (CEST)
Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com
 [IPv6:2a00:1450:4864:20::534])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id 7163384382
 for <u-boot@lists.denx.de>; Sat,  3 Sep 2022 16:06:02 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org
Received: by mail-ed1-x534.google.com with SMTP id c59so6053561edf.10
 for <u-boot@lists.denx.de>; Sat, 03 Sep 2022 07:06:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=in-reply-to:content-disposition:mime-version:references:message-id
 :subject:cc:to:from:date:from:to:cc:subject:date;
 bh=lRDYYVCeqYxWsL54GRA6+geiLRdPGQUIKqHESxVtD+Y=;
 b=RSnd87q5aUWZtrtlD+6E7TfknQwBhM+YyLOezqy5+MsAaAWJnLY8SJPjDgwgiGhtjy
 qpl8Fw4tfAKHHOnaY0tq4QxHPMqwqdpH6PiQOEXjJsLQBiSQSJCPeN7FmK5FwnHNHKvG
 WcSaU5gnWLhf7QR0zvnsvZXK/F/1V0wLIX5u6mThamx9V8CwWucGOlVU1pXpArZy1gA9
 WypZstgQ7gHi90FWpxYWc42X6pCqjcg6FUjNLpRUaE4CfU1LVzd6HVi+U21JLcoSfLzw
 nn0ompSYg7xjs1jV1MkJpuSszhzaO+EnMpiIVCe2FRPRMeaU+qenaNAMsDNOFWIRkLpl
 RCrg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=in-reply-to:content-disposition:mime-version:references:message-id
 :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date;
 bh=lRDYYVCeqYxWsL54GRA6+geiLRdPGQUIKqHESxVtD+Y=;
 b=uvffncm1iVIbYngVUJRg3M6FDLbiCfBrgZI642WV0duzM4Dyro88xtKWE32VWNUad6
 2XVK9tueikuFnwhLeYTYNT11GbqIz/+VQu4bs/vs/exE2yvnQD4Z0pZZ6qQEL3h+eKUk
 mKU9KNP93iUjC83hVNjVyxLkgtwReGmk/q0t8bzTdTQn/6ZJnKlfO+k68upOj5xRG6zm
 JFE1lLIeQT7AeZyMQOpiNrzxRMbIyA15ScoN+TSScFOv+Pl5y82+v2HuE57qHkguogLB
 P9gFMAP/ldBTTtfyV4DqPn3myzVtC0TmFDJg2R8Bmip00F4naWUz8FBDs1ju0ykt07I7
 dySw==
X-Gm-Message-State: ACgBeo2hsiQokPFqSlMkWVXpe604mvb9tdcPzDjh4SjbGOe62N1/YItX
 iiYVwtp3buGKiaTUbyGGe7/kZclZ9UIt1w==
X-Google-Smtp-Source: AA6agR69w3E3EbvFQxhejNykkrytgX53wCBTKnHCoXLmA6HztwiPxGZBi8hpovkDj0bhk0GL+DpZsw==
X-Received: by 2002:a05:6402:454:b0:447:59a8:fc7d with SMTP id
 p20-20020a056402045400b0044759a8fc7dmr37776433edw.68.1662213962021; 
 Sat, 03 Sep 2022 07:06:02 -0700 (PDT)
Received: from hades ([46.103.15.185]) by smtp.gmail.com with ESMTPSA id
 z60-20020a509e42000000b00448cb764290sm3231631ede.92.2022.09.03.07.06.00
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 03 Sep 2022 07:06:01 -0700 (PDT)
Date: Sat, 3 Sep 2022 17:05:58 +0300
From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: Simon Glass <sjg@chromium.org>
Cc: U-Boot Mailing List <u-boot@lists.denx.de>,
 Heinrich Schuchardt <xypron.glpk@gmx.de>,
 Masahisa Kojima <masahisa.kojima@linaro.org>,
 Ruchika Gupta <ruchika.gupta@linaro.org>
Subject: Re: [PATCH v4 7/7] tpm: Allow committing non-volatile data
Message-ID: <YxNfRqqs9N4raGv+@hades>
References: <20220823171240.386269-1-sjg@chromium.org>
 <20220823171240.386269-8-sjg@chromium.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20220823171240.386269-8-sjg@chromium.org>
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de
X-Virus-Status: Clean

Thanks Simon,

I'll queue up the series once the CI completes

On Tue, Aug 23, 2022 at 10:12:40AM -0700, Simon Glass wrote:
> Add an option to tell the TPM to commit non-volatile data immediately it
> is changed, rather than waiting until later. This is needed in some
> situations, since if the device reboots it may not write the data.
> 
> Add definitions for the rest of the Cr50 commands while we are here.
> 
> Signed-off-by: Simon Glass <sjg@chromium.org>
> ---
> 
> Changes in v4:
> - Rename function and add arguments for the command/subcmd
> 
>  include/tpm-v2.h | 17 +++++++++++++++++
>  lib/tpm-v2.c     | 21 +++++++++++++++++++++
>  2 files changed, 38 insertions(+)
> 
> diff --git a/include/tpm-v2.h b/include/tpm-v2.h
> index 36c6ac0be6e..737e57551d7 100644
> --- a/include/tpm-v2.h
> +++ b/include/tpm-v2.h
> @@ -671,4 +671,21 @@ u32 tpm2_submit_command(struct udevice *dev, const u8 *sendbuf,
>  u32 tpm2_report_state(struct udevice *dev, uint vendor_cmd, uint vendor_subcmd,
>  		      u8 *recvbuf, size_t *recv_size);
>  
> +/**
> + * tpm2_enable_nvcommits() - Tell TPM to commit NV data immediately
> + *
> + * For Chromium OS verified boot, we may reboot or reset at different times,
> + * possibly leaving non-volatile data unwritten by the TPM.
> + *
> + * This vendor command is used to indicate that non-volatile data should be
> + * written to its store immediately.
> + *
> + * @dev		TPM device
> + * @vendor_cmd:	Vendor command number to send
> + * @vendor_subcmd: Vendor sub-command number to send
> + * Return: result of the operation
> + */
> +u32 tpm2_enable_nvcommits(struct udevice *dev, uint vendor_cmd,
> +			  uint vendor_subcmd);
> +
>  #endif /* __TPM_V2_H */
> diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
> index edee9854a7c..697b982e079 100644
> --- a/lib/tpm-v2.c
> +++ b/lib/tpm-v2.c
> @@ -704,3 +704,24 @@ u32 tpm2_report_state(struct udevice *dev, uint vendor_cmd, uint vendor_subcmd,
>  
>  	return 0;
>  }
> +
> +u32 tpm2_enable_nvcommits(struct udevice *dev, uint vendor_cmd,
> +			  uint vendor_subcmd)
> +{
> +	u8 command_v2[COMMAND_BUFFER_SIZE] = {
> +		/* header 10 bytes */
> +		tpm_u16(TPM2_ST_NO_SESSIONS),		/* TAG */
> +		tpm_u32(10 + 2),			/* Length */
> +		tpm_u32(vendor_cmd),	/* Command code */
> +
> +		tpm_u16(vendor_subcmd),
> +	};
> +	int ret;
> +
> +	ret = tpm_sendrecv_command(dev, command_v2, NULL, NULL);
> +	log_debug("ret=%s, %x\n", dev->name, ret);
> +	if (ret)
> +		return ret;
> +
> +	return 0;
> +}
> -- 
> 2.37.2.609.g9ff673ca1a-goog
> 

Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>