1
2
3
4
5
6#include <common.h>
7#include <command.h>
8#include <env.h>
9#include <malloc.h>
10#include <asm/unaligned.h>
11#include <tpm-common.h>
12#include <tpm-v1.h>
13#include "tpm-user-utils.h"
14#include <tpm_api.h>
15
16static int do_tpm_startup(struct cmd_tbl *cmdtp, int flag, int argc,
17 char *const argv[])
18{
19 enum tpm_startup_type mode;
20 struct udevice *dev;
21 int rc;
22
23 rc = get_tpm(&dev);
24 if (rc)
25 return rc;
26 if (argc != 2)
27 return CMD_RET_USAGE;
28 if (!strcasecmp("TPM_ST_CLEAR", argv[1])) {
29 mode = TPM_ST_CLEAR;
30 } else if (!strcasecmp("TPM_ST_STATE", argv[1])) {
31 mode = TPM_ST_STATE;
32 } else if (!strcasecmp("TPM_ST_DEACTIVATED", argv[1])) {
33 mode = TPM_ST_DEACTIVATED;
34 } else {
35 printf("Couldn't recognize mode string: %s\n", argv[1]);
36 return CMD_RET_FAILURE;
37 }
38
39 return report_return_code(tpm_startup(dev, mode));
40}
41
42static int do_tpm_nv_define_space(struct cmd_tbl *cmdtp, int flag, int argc,
43 char *const argv[])
44{
45 u32 index, perm, size;
46 struct udevice *dev;
47 int rc;
48
49 rc = get_tpm(&dev);
50 if (rc)
51 return rc;
52
53 if (argc != 4)
54 return CMD_RET_USAGE;
55 index = simple_strtoul(argv[1], NULL, 0);
56 perm = simple_strtoul(argv[2], NULL, 0);
57 size = simple_strtoul(argv[3], NULL, 0);
58
59 return report_return_code(tpm1_nv_define_space(dev, index, perm, size));
60}
61
62static int do_tpm_nv_read_value(struct cmd_tbl *cmdtp, int flag, int argc,
63 char *const argv[])
64{
65 u32 index, count, rc;
66 struct udevice *dev;
67 void *data;
68
69 rc = get_tpm(&dev);
70 if (rc)
71 return rc;
72
73 if (argc != 4)
74 return CMD_RET_USAGE;
75 index = simple_strtoul(argv[1], NULL, 0);
76 data = (void *)simple_strtoul(argv[2], NULL, 0);
77 count = simple_strtoul(argv[3], NULL, 0);
78
79 rc = tpm_nv_read_value(dev, index, data, count);
80 if (!rc) {
81 puts("area content:\n");
82 print_byte_string(data, count);
83 }
84
85 return report_return_code(rc);
86}
87
88static int do_tpm_nv_write_value(struct cmd_tbl *cmdtp, int flag, int argc,
89 char *const argv[])
90{
91 struct udevice *dev;
92 u32 index, rc;
93 size_t count;
94 void *data;
95
96 rc = get_tpm(&dev);
97 if (rc)
98 return rc;
99
100 if (argc != 3)
101 return CMD_RET_USAGE;
102 index = simple_strtoul(argv[1], NULL, 0);
103 data = parse_byte_string(argv[2], NULL, &count);
104 if (!data) {
105 printf("Couldn't parse byte string %s\n", argv[2]);
106 return CMD_RET_FAILURE;
107 }
108
109 rc = tpm_nv_write_value(dev, index, data, count);
110 free(data);
111
112 return report_return_code(rc);
113}
114
115static int do_tpm_extend(struct cmd_tbl *cmdtp, int flag, int argc,
116 char *const argv[])
117{
118 u8 in_digest[20], out_digest[20];
119 struct udevice *dev;
120 u32 index, rc;
121
122 rc = get_tpm(&dev);
123 if (rc)
124 return rc;
125
126 if (argc != 3)
127 return CMD_RET_USAGE;
128 index = simple_strtoul(argv[1], NULL, 0);
129 if (!parse_byte_string(argv[2], in_digest, NULL)) {
130 printf("Couldn't parse byte string %s\n", argv[2]);
131 return CMD_RET_FAILURE;
132 }
133
134 rc = tpm_pcr_extend(dev, index, in_digest, out_digest);
135 if (!rc) {
136 puts("PCR value after execution of the command:\n");
137 print_byte_string(out_digest, sizeof(out_digest));
138 }
139
140 return report_return_code(rc);
141}
142
143static int do_tpm_pcr_read(struct cmd_tbl *cmdtp, int flag, int argc,
144 char *const argv[])
145{
146 u32 index, count, rc;
147 struct udevice *dev;
148 void *data;
149
150 rc = get_tpm(&dev);
151 if (rc)
152 return rc;
153
154 if (argc != 4)
155 return CMD_RET_USAGE;
156 index = simple_strtoul(argv[1], NULL, 0);
157 data = (void *)simple_strtoul(argv[2], NULL, 0);
158 count = simple_strtoul(argv[3], NULL, 0);
159
160 rc = tpm_pcr_read(dev, index, data, count);
161 if (!rc) {
162 puts("Named PCR content:\n");
163 print_byte_string(data, count);
164 }
165
166 return report_return_code(rc);
167}
168
169static int do_tpm_tsc_physical_presence(struct cmd_tbl *cmdtp, int flag,
170 int argc, char *const argv[])
171{
172 struct udevice *dev;
173 u16 presence;
174 int rc;
175
176 rc = get_tpm(&dev);
177 if (rc)
178 return rc;
179
180 if (argc != 2)
181 return CMD_RET_USAGE;
182 presence = (u16)simple_strtoul(argv[1], NULL, 0);
183
184 return report_return_code(tpm_tsc_physical_presence(dev, presence));
185}
186
187static int do_tpm_read_pubek(struct cmd_tbl *cmdtp, int flag, int argc,
188 char *const argv[])
189{
190 struct udevice *dev;
191 u32 count, rc;
192 void *data;
193
194 rc = get_tpm(&dev);
195 if (rc)
196 return rc;
197
198 if (argc != 3)
199 return CMD_RET_USAGE;
200 data = (void *)simple_strtoul(argv[1], NULL, 0);
201 count = simple_strtoul(argv[2], NULL, 0);
202
203 rc = tpm_read_pubek(dev, data, count);
204 if (!rc) {
205 puts("pubek value:\n");
206 print_byte_string(data, count);
207 }
208
209 return report_return_code(rc);
210}
211
212static int do_tpm_physical_set_deactivated(struct cmd_tbl *cmdtp, int flag,
213 int argc, char *const argv[])
214{
215 struct udevice *dev;
216 u8 state;
217 int rc;
218
219 rc = get_tpm(&dev);
220 if (rc)
221 return rc;
222
223 if (argc != 2)
224 return CMD_RET_USAGE;
225 state = (u8)simple_strtoul(argv[1], NULL, 0);
226
227 return report_return_code(tpm_physical_set_deactivated(dev, state));
228}
229
230static int do_tpm_get_capability(struct cmd_tbl *cmdtp, int flag, int argc,
231 char *const argv[])
232{
233 u32 cap_area, sub_cap, rc;
234 void *cap;
235 size_t count;
236 struct udevice *dev;
237
238 rc = get_tpm(&dev);
239 if (rc)
240 return rc;
241
242 if (argc != 5)
243 return CMD_RET_USAGE;
244 cap_area = simple_strtoul(argv[1], NULL, 0);
245 sub_cap = simple_strtoul(argv[2], NULL, 0);
246 cap = (void *)simple_strtoul(argv[3], NULL, 0);
247 count = simple_strtoul(argv[4], NULL, 0);
248
249 rc = tpm_get_capability(dev, cap_area, sub_cap, cap, count);
250 if (!rc) {
251 puts("capability information:\n");
252 print_byte_string(cap, count);
253 }
254
255 return report_return_code(rc);
256}
257
258static int do_tpm_raw_transfer(struct cmd_tbl *cmdtp, int flag, int argc,
259 char *const argv[])
260{
261 struct udevice *dev;
262 void *command;
263 u8 response[1024];
264 size_t count, response_length = sizeof(response);
265 u32 rc;
266
267 command = parse_byte_string(argv[1], NULL, &count);
268 if (!command) {
269 printf("Couldn't parse byte string %s\n", argv[1]);
270 return CMD_RET_FAILURE;
271 }
272
273 rc = get_tpm(&dev);
274 if (rc)
275 return rc;
276
277 rc = tpm_xfer(dev, command, count, response, &response_length);
278 free(command);
279 if (!rc) {
280 puts("tpm response:\n");
281 print_byte_string(response, response_length);
282 }
283
284 return report_return_code(rc);
285}
286
287static int do_tpm_nv_define(struct cmd_tbl *cmdtp, int flag, int argc,
288 char *const argv[])
289{
290 u32 index, perm, size;
291 struct udevice *dev;
292 int rc;
293
294 rc = get_tpm(&dev);
295 if (rc)
296 return rc;
297
298 if (argc != 4)
299 return CMD_RET_USAGE;
300 size = type_string_get_space_size(argv[1]);
301 if (!size) {
302 printf("Couldn't parse arguments\n");
303 return CMD_RET_USAGE;
304 }
305 index = simple_strtoul(argv[2], NULL, 0);
306 perm = simple_strtoul(argv[3], NULL, 0);
307
308 return report_return_code(tpm1_nv_define_space(dev, index, perm, size));
309}
310
311static int do_tpm_nv_read(struct cmd_tbl *cmdtp, int flag, int argc,
312 char *const argv[])
313{
314 u32 index, count, err;
315 struct udevice *dev;
316 void *data;
317 int rc;
318
319 rc = get_tpm(&dev);
320 if (rc)
321 return rc;
322
323 if (argc < 3)
324 return CMD_RET_USAGE;
325 if (argc != 3 + type_string_get_num_values(argv[1]))
326 return CMD_RET_USAGE;
327 index = simple_strtoul(argv[2], NULL, 0);
328 data = type_string_alloc(argv[1], &count);
329 if (!data) {
330 printf("Couldn't parse arguments\n");
331 return CMD_RET_USAGE;
332 }
333
334 err = tpm_nv_read_value(dev, index, data, count);
335 if (!err) {
336 if (type_string_write_vars(argv[1], data, argv + 3)) {
337 printf("Couldn't write to variables\n");
338 err = ~0;
339 }
340 }
341 free(data);
342
343 return report_return_code(err);
344}
345
346static int do_tpm_nv_write(struct cmd_tbl *cmdtp, int flag, int argc,
347 char *const argv[])
348{
349 u32 index, count, err;
350 struct udevice *dev;
351 void *data;
352 int rc;
353
354 rc = get_tpm(&dev);
355 if (rc)
356 return rc;
357
358 if (argc < 3)
359 return CMD_RET_USAGE;
360 if (argc != 3 + type_string_get_num_values(argv[1]))
361 return CMD_RET_USAGE;
362 index = simple_strtoul(argv[2], NULL, 0);
363 data = type_string_alloc(argv[1], &count);
364 if (!data) {
365 printf("Couldn't parse arguments\n");
366 return CMD_RET_USAGE;
367 }
368 if (type_string_pack(argv[1], argv + 3, data)) {
369 printf("Couldn't parse arguments\n");
370 free(data);
371 return CMD_RET_USAGE;
372 }
373
374 err = tpm_nv_write_value(dev, index, data, count);
375 free(data);
376
377 return report_return_code(err);
378}
379
380#ifdef CONFIG_TPM_AUTH_SESSIONS
381
382static int do_tpm_oiap(struct cmd_tbl *cmdtp, int flag, int argc,
383 char *const argv[])
384{
385 u32 auth_handle, err;
386 struct udevice *dev;
387 int rc;
388
389 rc = get_tpm(&dev);
390 if (rc)
391 return rc;
392
393 err = tpm1_oiap(dev, &auth_handle);
394
395 return report_return_code(err);
396}
397
398#ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1
399static int do_tpm_load_key_by_sha1(struct cmd_tbl *cmdtp, int flag, int argc,
400 char *const argv[])
401{
402 u32 parent_handle = 0;
403 u32 key_len, key_handle, err;
404 u8 usage_auth[DIGEST_LENGTH];
405 u8 parent_hash[DIGEST_LENGTH];
406 void *key;
407 struct udevice *dev;
408
409 err = get_tpm(&dev);
410 if (err)
411 return err;
412
413 if (argc < 5)
414 return CMD_RET_USAGE;
415
416 parse_byte_string(argv[1], parent_hash, NULL);
417 key = (void *)simple_strtoul(argv[2], NULL, 0);
418 key_len = simple_strtoul(argv[3], NULL, 0);
419 if (strlen(argv[4]) != 2 * DIGEST_LENGTH)
420 return CMD_RET_FAILURE;
421 parse_byte_string(argv[4], usage_auth, NULL);
422
423 err = tpm1_find_key_sha1(dev, usage_auth, parent_hash, &parent_handle);
424 if (err) {
425 printf("Could not find matching parent key (err = %d)\n", err);
426 return CMD_RET_FAILURE;
427 }
428
429 printf("Found parent key %08x\n", parent_handle);
430
431 err = tpm1_load_key2_oiap(dev, parent_handle, key, key_len, usage_auth,
432 &key_handle);
433 if (!err) {
434 printf("Key handle is 0x%x\n", key_handle);
435 env_set_hex("key_handle", key_handle);
436 }
437
438 return report_return_code(err);
439}
440#endif
441
442static int do_tpm_load_key2_oiap(struct cmd_tbl *cmdtp, int flag, int argc,
443 char *const argv[])
444{
445 u32 parent_handle, key_len, key_handle, err;
446 u8 usage_auth[DIGEST_LENGTH];
447 void *key;
448 struct udevice *dev;
449 int rc;
450
451 rc = get_tpm(&dev);
452 if (rc)
453 return rc;
454
455 if (argc < 5)
456 return CMD_RET_USAGE;
457
458 parent_handle = simple_strtoul(argv[1], NULL, 0);
459 key = (void *)simple_strtoul(argv[2], NULL, 0);
460 key_len = simple_strtoul(argv[3], NULL, 0);
461 if (strlen(argv[4]) != 2 * DIGEST_LENGTH)
462 return CMD_RET_FAILURE;
463 parse_byte_string(argv[4], usage_auth, NULL);
464
465 err = tpm1_load_key2_oiap(dev, parent_handle, key, key_len, usage_auth,
466 &key_handle);
467 if (!err)
468 printf("Key handle is 0x%x\n", key_handle);
469
470 return report_return_code(err);
471}
472
473static int do_tpm_get_pub_key_oiap(struct cmd_tbl *cmdtp, int flag, int argc,
474 char *const argv[])
475{
476 u32 key_handle, err;
477 u8 usage_auth[DIGEST_LENGTH];
478 u8 pub_key_buffer[TPM_PUBKEY_MAX_LENGTH];
479 size_t pub_key_len = sizeof(pub_key_buffer);
480 struct udevice *dev;
481 int rc;
482
483 rc = get_tpm(&dev);
484 if (rc)
485 return rc;
486
487 if (argc < 3)
488 return CMD_RET_USAGE;
489
490 key_handle = simple_strtoul(argv[1], NULL, 0);
491 if (strlen(argv[2]) != 2 * DIGEST_LENGTH)
492 return CMD_RET_FAILURE;
493 parse_byte_string(argv[2], usage_auth, NULL);
494
495 err = tpm1_get_pub_key_oiap(dev, key_handle, usage_auth, pub_key_buffer,
496 &pub_key_len);
497 if (!err) {
498 printf("dump of received pub key structure:\n");
499 print_byte_string(pub_key_buffer, pub_key_len);
500 }
501 return report_return_code(err);
502}
503
504TPM_COMMAND_NO_ARG(tpm1_end_oiap)
505
506#endif
507
508#ifdef CONFIG_TPM_FLUSH_RESOURCES
509static int do_tpm_flush(struct cmd_tbl *cmdtp, int flag, int argc,
510 char *const argv[])
511{
512 struct udevice *dev;
513 int type = 0;
514 int rc;
515
516 rc = get_tpm(&dev);
517 if (rc)
518 return rc;
519
520 if (argc != 3)
521 return CMD_RET_USAGE;
522
523 if (!strcasecmp(argv[1], "key"))
524 type = TPM_RT_KEY;
525 else if (!strcasecmp(argv[1], "auth"))
526 type = TPM_RT_AUTH;
527 else if (!strcasecmp(argv[1], "hash"))
528 type = TPM_RT_HASH;
529 else if (!strcasecmp(argv[1], "trans"))
530 type = TPM_RT_TRANS;
531 else if (!strcasecmp(argv[1], "context"))
532 type = TPM_RT_CONTEXT;
533 else if (!strcasecmp(argv[1], "counter"))
534 type = TPM_RT_COUNTER;
535 else if (!strcasecmp(argv[1], "delegate"))
536 type = TPM_RT_DELEGATE;
537 else if (!strcasecmp(argv[1], "daa_tpm"))
538 type = TPM_RT_DAA_TPM;
539 else if (!strcasecmp(argv[1], "daa_v0"))
540 type = TPM_RT_DAA_V0;
541 else if (!strcasecmp(argv[1], "daa_v1"))
542 type = TPM_RT_DAA_V1;
543
544 if (!type) {
545 printf("Resource type %s unknown.\n", argv[1]);
546 return -1;
547 }
548
549 if (!strcasecmp(argv[2], "all")) {
550 u16 res_count;
551 u8 buf[288];
552 u8 *ptr;
553 int err;
554 uint i;
555
556
557 err = tpm_get_capability(dev, TPM_CAP_HANDLE, type, buf,
558 sizeof(buf));
559 if (err) {
560 printf("tpm_get_capability returned error %d.\n", err);
561 return -1;
562 }
563 res_count = get_unaligned_be16(buf);
564 ptr = buf + 2;
565 for (i = 0; i < res_count; ++i, ptr += 4)
566 tpm1_flush_specific(dev, get_unaligned_be32(ptr), type);
567 } else {
568 u32 handle = simple_strtoul(argv[2], NULL, 0);
569
570 if (!handle) {
571 printf("Illegal resource handle %s\n", argv[2]);
572 return -1;
573 }
574 tpm1_flush_specific(dev, cpu_to_be32(handle), type);
575 }
576
577 return 0;
578}
579#endif
580
581#ifdef CONFIG_TPM_LIST_RESOURCES
582static int do_tpm_list(struct cmd_tbl *cmdtp, int flag, int argc,
583 char *const argv[])
584{
585 struct udevice *dev;
586 int type = 0;
587 u16 res_count;
588 u8 buf[288];
589 u8 *ptr;
590 int err;
591 uint i;
592
593 err = get_tpm(&dev);
594 if (err)
595 return err;
596
597 if (argc != 2)
598 return CMD_RET_USAGE;
599
600 if (!strcasecmp(argv[1], "key"))
601 type = TPM_RT_KEY;
602 else if (!strcasecmp(argv[1], "auth"))
603 type = TPM_RT_AUTH;
604 else if (!strcasecmp(argv[1], "hash"))
605 type = TPM_RT_HASH;
606 else if (!strcasecmp(argv[1], "trans"))
607 type = TPM_RT_TRANS;
608 else if (!strcasecmp(argv[1], "context"))
609 type = TPM_RT_CONTEXT;
610 else if (!strcasecmp(argv[1], "counter"))
611 type = TPM_RT_COUNTER;
612 else if (!strcasecmp(argv[1], "delegate"))
613 type = TPM_RT_DELEGATE;
614 else if (!strcasecmp(argv[1], "daa_tpm"))
615 type = TPM_RT_DAA_TPM;
616 else if (!strcasecmp(argv[1], "daa_v0"))
617 type = TPM_RT_DAA_V0;
618 else if (!strcasecmp(argv[1], "daa_v1"))
619 type = TPM_RT_DAA_V1;
620
621 if (!type) {
622 printf("Resource type %s unknown.\n", argv[1]);
623 return -1;
624 }
625
626
627 err = tpm_get_capability(dev, TPM_CAP_HANDLE, type, buf,
628 sizeof(buf));
629 if (err) {
630 printf("tpm_get_capability returned error %d.\n", err);
631 return -1;
632 }
633 res_count = get_unaligned_be16(buf);
634 ptr = buf + 2;
635
636 printf("Resources of type %s (%02x):\n", argv[1], type);
637 if (!res_count) {
638 puts("None\n");
639 } else {
640 for (i = 0; i < res_count; ++i, ptr += 4)
641 printf("Index %d: %08x\n", i, get_unaligned_be32(ptr));
642 }
643
644 return 0;
645}
646#endif
647
648TPM_COMMAND_NO_ARG(tpm_self_test_full)
649TPM_COMMAND_NO_ARG(tpm_continue_self_test)
650TPM_COMMAND_NO_ARG(tpm_force_clear)
651TPM_COMMAND_NO_ARG(tpm_physical_enable)
652TPM_COMMAND_NO_ARG(tpm_physical_disable)
653
654static struct cmd_tbl tpm1_commands[] = {
655 U_BOOT_CMD_MKENT(device, 0, 1, do_tpm_device, "", ""),
656 U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""),
657 U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""),
658 U_BOOT_CMD_MKENT(startup, 0, 1,
659 do_tpm_startup, "", ""),
660 U_BOOT_CMD_MKENT(self_test_full, 0, 1,
661 do_tpm_self_test_full, "", ""),
662 U_BOOT_CMD_MKENT(continue_self_test, 0, 1,
663 do_tpm_continue_self_test, "", ""),
664 U_BOOT_CMD_MKENT(force_clear, 0, 1,
665 do_tpm_force_clear, "", ""),
666 U_BOOT_CMD_MKENT(physical_enable, 0, 1,
667 do_tpm_physical_enable, "", ""),
668 U_BOOT_CMD_MKENT(physical_disable, 0, 1,
669 do_tpm_physical_disable, "", ""),
670 U_BOOT_CMD_MKENT(nv_define_space, 0, 1,
671 do_tpm_nv_define_space, "", ""),
672 U_BOOT_CMD_MKENT(nv_read_value, 0, 1,
673 do_tpm_nv_read_value, "", ""),
674 U_BOOT_CMD_MKENT(nv_write_value, 0, 1,
675 do_tpm_nv_write_value, "", ""),
676 U_BOOT_CMD_MKENT(extend, 0, 1,
677 do_tpm_extend, "", ""),
678 U_BOOT_CMD_MKENT(pcr_read, 0, 1,
679 do_tpm_pcr_read, "", ""),
680 U_BOOT_CMD_MKENT(tsc_physical_presence, 0, 1,
681 do_tpm_tsc_physical_presence, "", ""),
682 U_BOOT_CMD_MKENT(read_pubek, 0, 1,
683 do_tpm_read_pubek, "", ""),
684 U_BOOT_CMD_MKENT(physical_set_deactivated, 0, 1,
685 do_tpm_physical_set_deactivated, "", ""),
686 U_BOOT_CMD_MKENT(get_capability, 0, 1,
687 do_tpm_get_capability, "", ""),
688 U_BOOT_CMD_MKENT(raw_transfer, 0, 1,
689 do_tpm_raw_transfer, "", ""),
690 U_BOOT_CMD_MKENT(nv_define, 0, 1,
691 do_tpm_nv_define, "", ""),
692 U_BOOT_CMD_MKENT(nv_read, 0, 1,
693 do_tpm_nv_read, "", ""),
694 U_BOOT_CMD_MKENT(nv_write, 0, 1,
695 do_tpm_nv_write, "", ""),
696#ifdef CONFIG_TPM_AUTH_SESSIONS
697 U_BOOT_CMD_MKENT(oiap, 0, 1,
698 do_tpm_oiap, "", ""),
699 U_BOOT_CMD_MKENT(end_oiap, 0, 1,
700 do_tpm1_end_oiap, "", ""),
701 U_BOOT_CMD_MKENT(load_key2_oiap, 0, 1,
702 do_tpm_load_key2_oiap, "", ""),
703#ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1
704 U_BOOT_CMD_MKENT(load_key_by_sha1, 0, 1,
705 do_tpm_load_key_by_sha1, "", ""),
706#endif
707 U_BOOT_CMD_MKENT(get_pub_key_oiap, 0, 1,
708 do_tpm_get_pub_key_oiap, "", ""),
709#endif
710#ifdef CONFIG_TPM_FLUSH_RESOURCES
711 U_BOOT_CMD_MKENT(flush, 0, 1,
712 do_tpm_flush, "", ""),
713#endif
714#ifdef CONFIG_TPM_LIST_RESOURCES
715 U_BOOT_CMD_MKENT(list, 0, 1,
716 do_tpm_list, "", ""),
717#endif
718};
719
720struct cmd_tbl *get_tpm1_commands(unsigned int *size)
721{
722 *size = ARRAY_SIZE(tpm1_commands);
723
724 return tpm1_commands;
725}
726
727U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm,
728"Issue a TPMv1.x command",
729"cmd args...\n"
730" - Issue TPM command <cmd> with arguments <args...>.\n"
731"Admin Startup and State Commands:\n"
732" device [num device]\n"
733" - Show all devices or set the specified device\n"
734" info - Show information about the TPM\n"
735" init\n"
736" - Put TPM into a state where it waits for 'startup' command.\n"
737" startup mode\n"
738" - Issue TPM_Starup command. <mode> is one of TPM_ST_CLEAR,\n"
739" TPM_ST_STATE, and TPM_ST_DEACTIVATED.\n"
740"Admin Testing Commands:\n"
741" self_test_full\n"
742" - Test all of the TPM capabilities.\n"
743" continue_self_test\n"
744" - Inform TPM that it should complete the self-test.\n"
745"Admin Opt-in Commands:\n"
746" physical_enable\n"
747" - Set the PERMANENT disable flag to FALSE using physical presence as\n"
748" authorization.\n"
749" physical_disable\n"
750" - Set the PERMANENT disable flag to TRUE using physical presence as\n"
751" authorization.\n"
752" physical_set_deactivated 0|1\n"
753" - Set deactivated flag.\n"
754"Admin Ownership Commands:\n"
755" force_clear\n"
756" - Issue TPM_ForceClear command.\n"
757" tsc_physical_presence flags\n"
758" - Set TPM device's Physical Presence flags to <flags>.\n"
759"The Capability Commands:\n"
760" get_capability cap_area sub_cap addr count\n"
761" - Read <count> bytes of TPM capability indexed by <cap_area> and\n"
762" <sub_cap> to memory address <addr>.\n"
763#if defined(CONFIG_TPM_FLUSH_RESOURCES) || defined(CONFIG_TPM_LIST_RESOURCES)
764"Resource management functions\n"
765#endif
766#ifdef CONFIG_TPM_FLUSH_RESOURCES
767" flush resource_type id\n"
768" - flushes a resource of type <resource_type> (may be one of key, auth,\n"
769" hash, trans, context, counter, delegate, daa_tpm, daa_v0, daa_v1),\n"
770" and id <id> from the TPM. Use an <id> of \"all\" to flush all\n"
771" resources of that type.\n"
772#endif
773#ifdef CONFIG_TPM_LIST_RESOURCES
774" list resource_type\n"
775" - lists resources of type <resource_type> (may be one of key, auth,\n"
776" hash, trans, context, counter, delegate, daa_tpm, daa_v0, daa_v1),\n"
777" contained in the TPM.\n"
778#endif
779#ifdef CONFIG_TPM_AUTH_SESSIONS
780"Storage functions\n"
781" loadkey2_oiap parent_handle key_addr key_len usage_auth\n"
782" - loads a key data from memory address <key_addr>, <key_len> bytes\n"
783" into TPM using the parent key <parent_handle> with authorization\n"
784" <usage_auth> (20 bytes hex string).\n"
785#ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1
786" load_key_by_sha1 parent_hash key_addr key_len usage_auth\n"
787" - loads a key data from memory address <key_addr>, <key_len> bytes\n"
788" into TPM using the parent hash <parent_hash> (20 bytes hex string)\n"
789" with authorization <usage_auth> (20 bytes hex string).\n"
790#endif
791" get_pub_key_oiap key_handle usage_auth\n"
792" - get the public key portion of a loaded key <key_handle> using\n"
793" authorization <usage auth> (20 bytes hex string)\n"
794#endif
795"Endorsement Key Handling Commands:\n"
796" read_pubek addr count\n"
797" - Read <count> bytes of the public endorsement key to memory\n"
798" address <addr>\n"
799"Integrity Collection and Reporting Commands:\n"
800" extend index digest_hex_string\n"
801" - Add a new measurement to a PCR. Update PCR <index> with the 20-bytes\n"
802" <digest_hex_string>\n"
803" pcr_read index addr count\n"
804" - Read <count> bytes from PCR <index> to memory address <addr>.\n"
805#ifdef CONFIG_TPM_AUTH_SESSIONS
806"Authorization Sessions\n"
807" oiap\n"
808" - setup an OIAP session\n"
809" end_oiap\n"
810" - terminates an active OIAP session\n"
811#endif
812"Non-volatile Storage Commands:\n"
813" nv_define_space index permission size\n"
814" - Establish a space at index <index> with <permission> of <size> bytes.\n"
815" nv_read_value index addr count\n"
816" - Read <count> bytes from space <index> to memory address <addr>.\n"
817" nv_write_value index addr count\n"
818" - Write <count> bytes from memory address <addr> to space <index>.\n"
819"Miscellaneous helper functions:\n"
820" raw_transfer byte_string\n"
821" - Send a byte string <byte_string> to TPM and print the response.\n"
822" Non-volatile storage helper functions:\n"
823" These helper functions treat a non-volatile space as a non-padded\n"
824" sequence of integer values. These integer values are defined by a type\n"
825" string, which is a text string of 'bwd' characters: 'b' means a 8-bit\n"
826" value, 'w' 16-bit value, 'd' 32-bit value. All helper functions take\n"
827" a type string as their first argument.\n"
828" nv_define type_string index perm\n"
829" - Define a space <index> with permission <perm>.\n"
830" nv_read types_string index vars...\n"
831" - Read from space <index> to environment variables <vars...>.\n"
832" nv_write types_string index values...\n"
833" - Write to space <index> from values <values...>.\n"
834);
835
