tpm: add TPM2_Clear command support
Add support for the TPM2_Clear command.
Change the command file and the help accordingly.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index 885bb05..6f34987 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -51,11 +51,35 @@
return report_return_code(tpm2_self_test(full_test));
}
+static int do_tpm2_clear(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
+{
+ u32 handle = 0;
+ const char *pw = (argc < 3) ? NULL : argv[2];
+ const ssize_t pw_sz = pw ? strlen(pw) : 0;
+
+ if (argc < 2 || argc > 3)
+ return CMD_RET_USAGE;
+
+ if (pw_sz > TPM2_DIGEST_LEN)
+ return -EINVAL;
+
+ if (!strcasecmp("TPM2_RH_LOCKOUT", argv[1]))
+ handle = TPM2_RH_LOCKOUT;
+ else if (!strcasecmp("TPM2_RH_PLATFORM", argv[1]))
+ handle = TPM2_RH_PLATFORM;
+ else
+ return CMD_RET_USAGE;
+
+ return report_return_code(tpm2_clear(handle, pw, pw_sz));
+}
+
static cmd_tbl_t tpm2_commands[] = {
U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""),
U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""),
U_BOOT_CMD_MKENT(startup, 0, 1, do_tpm2_startup, "", ""),
U_BOOT_CMD_MKENT(self_test, 0, 1, do_tpm2_self_test, "", ""),
+ U_BOOT_CMD_MKENT(clear, 0, 1, do_tpm2_clear, "", ""),
};
cmd_tbl_t *get_tpm_commands(unsigned int *size)
@@ -82,4 +106,9 @@
" <type> is one of:\n"
" * full (perform all tests)\n"
" * continue (only check untested tests)\n"
+"clear <hierarchy>\n"
+" Issue a TPM2_Clear command.\n"
+" <hierarchy> is one of:\n"
+" * TPM2_RH_LOCKOUT\n"
+" * TPM2_RH_PLATFORM\n"
);