diff options
author | Mario Six <mario.six@gdsys.cc> | 2017-01-11 16:00:50 +0100 |
---|---|---|
committer | Stefan Roese <sr@denx.de> | 2017-02-01 09:02:57 +0100 |
commit | 7690be35deaeac1cb51a5f7896c2a46afabdfad3 (patch) | |
tree | db7c33f5f0e6bc909f80159fa1431667a545a346 /lib/tpm.c | |
parent | 3add68c9966e903a1a4b05acc54e4361ca81eae3 (diff) | |
download | u-boot-7690be35deaeac1cb51a5f7896c2a46afabdfad3.tar.gz u-boot-7690be35deaeac1cb51a5f7896c2a46afabdfad3.tar.bz2 u-boot-7690be35deaeac1cb51a5f7896c2a46afabdfad3.zip |
lib: tpm: Add command to flush resources
This patch adds a function to the TPM library, which allows U-Boot to
flush resources, e.g. keys, from the TPM.
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Stefan Roese <sr@denx.de>
Diffstat (limited to 'lib/tpm.c')
-rw-r--r-- | lib/tpm.c | 29 |
1 files changed, 29 insertions, 0 deletions
@@ -645,6 +645,35 @@ uint32_t tpm_get_permissions(uint32_t index, uint32_t *perm) return 0; } +#ifdef CONFIG_TPM_FLUSH_RESOURCES +uint32_t tpm_flush_specific(uint32_t key_handle, uint32_t resource_type) +{ + const uint8_t command[18] = { + 0x00, 0xc1, /* TPM_TAG */ + 0x00, 0x00, 0x00, 0x12, /* parameter size */ + 0x00, 0x00, 0x00, 0xba, /* TPM_COMMAND_CODE */ + 0x00, 0x00, 0x00, 0x00, /* key handle */ + 0x00, 0x00, 0x00, 0x00, /* resource type */ + }; + const size_t key_handle_offset = 10; + const size_t resource_type_offset = 14; + uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; + size_t response_length = sizeof(response); + uint32_t err; + + if (pack_byte_string(buf, sizeof(buf), "sdd", + 0, command, sizeof(command), + key_handle_offset, key_handle, + resource_type_offset, resource_type)) + return TPM_LIB_ERROR; + + err = tpm_sendrecv_command(buf, response, &response_length); + if (err) + return err; + return 0; +} +#endif /* CONFIG_TPM_FLUSH_RESOURCES */ + #ifdef CONFIG_TPM_AUTH_SESSIONS /** |