// SPDX-License-Identifier: GPL-2.0 /* * Author: * Miquel Raynal * * Description: * SPI-level driver for TCG/TIS TPM (trusted platform module). * Specifications at www.trustedcomputinggroup.org * * This device driver implements the TPM interface as defined in * the TCG SPI protocol stack version 2.0. * * It is based on the U-Boot driver tpm_tis_infineon_i2c.c. */ #include #include #include #include #include #include #include #include #include #include #include #include "tpm_tis.h" #include "tpm_internal.h" DECLARE_GLOBAL_DATA_PTR; #define TPM_ACCESS(l) (0x0000 | ((l) << 12)) #define TPM_INT_ENABLE(l) (0x0008 | ((l) << 12)) #define TPM_STS(l) (0x0018 | ((l) << 12)) #define TPM_DATA_FIFO(l) (0x0024 | ((l) << 12)) #define TPM_DID_VID(l) (0x0F00 | ((l) << 12)) #define TPM_RID(l) (0x0F04 | ((l) << 12)) #define MAX_SPI_FRAMESIZE 64 /* Number of wait states to wait for */ #define TPM_WAIT_STATES 100 /** * struct tpm_tis_chip_data - Non-discoverable TPM information * * @pcr_count: Number of PCR per bank * @pcr_select_min: Size in octets of the pcrSelect array */ struct tpm_tis_chip_data { unsigned int pcr_count; unsigned int pcr_select_min; unsigned int time_before_first_cmd_ms; }; /** * tpm_tis_spi_read() - Read from TPM register * * @addr: register address to read from * @buffer: provided by caller * @len: number of bytes to read * * Read len bytes from TPM register and put them into * buffer (little-endian format, i.e. first byte is put into buffer[0]). * * NOTE: TPM is big-endian for multi-byte values. Multi-byte * values have to be swapped. * * @return -EIO on error, 0 on success. */ static int tpm_tis_spi_xfer(struct udevice *dev, u32 addr, const u8 *out, u8 *in, u16 len) { struct spi_slave *slave = dev_get_parent_priv(dev); int transfer_len, ret; u8 tx_buf[MAX_SPI_FRAMESIZE]; u8 rx_buf[MAX_SPI_FRAMESIZE]; if (in && out) { log(LOGC_NONE, LOGL_ERR, "%s: can't do full duplex\n", __func__); return -EINVAL; } ret = spi_claim_bus(slave); if (ret < 0) { log(LOGC_NONE, LOGL_ERR, "%s: could not claim bus\n", __func__); return ret; } while (len) { /* Request */ transfer_len = min_t(u16, len, MAX_SPI_FRAMESIZE); tx_buf[0] = (in ? BIT(7) : 0) | (transfer_len - 1); tx_buf[1] = 0xD4; tx_buf[2] = addr >> 8; tx_buf[3] = addr; ret = spi_xfer(slave, 4 * 8, tx_buf, rx_buf, SPI_XFER_BEGIN); if (ret < 0) { log(LOGC_NONE, LOGL_ERR, "%s: spi request transfer failed (err: %d)\n", __func__, ret); goto release_bus; } /* Wait state */ if (!(rx_buf[3] & 0x1)) { int i; for (i = 0; i < TPM_WAIT_STATES; i++) { ret = spi_xfer(slave, 1 * 8, NULL, rx_buf, 0); if (ret) { log(LOGC_NONE, LOGL_ERR, "%s: wait state failed: %d\n", __func__, ret); goto release_bus; } if (rx_buf[0] & 0x1) break; } if (i == TPM_WAIT_STATES) { log(LOGC_NONE, LOGL_ERR, "%s: timeout on wait state\n", __func__); ret = -ETIMEDOUT; goto release_bus; } } /* Read/Write */ if (out) { memcpy(tx_buf, out, transfer_len); out += transfer_len; } ret = spi_xfer(slave, transfer_len * 8, out ? tx_buf : NULL, in ? rx_buf : NULL, SPI_XFER_END); if (ret) { log(LOGC_NONE, LOGL_ERR, "%s: spi read transfer failed (err: %d)\n", __func__, ret); goto release_bus; } if (in) { memcpy(in, rx_buf, transfer_len); in += transfer_len; } len -= transfer_len; } release_bus: /* If an error occurred, release the chip by deasserting the CS */ if (ret < 0) spi_xfer(slave, 0, NULL, NULL, SPI_XFER_END); spi_release_bus(slave); return ret; } static int tpm_tis_spi_read(struct udevice *dev, u16 addr, u8 *in, u16 len) { return tpm_tis_spi_xfer(dev, addr, NULL, in, len); } static int tpm_tis_spi_read32(struct udevice *dev, u32 addr, u32 *result) { __le32 result_le; int ret; ret = tpm_tis_spi_read(dev, addr, (u8 *)&result_le, sizeof(u32)); if (!ret) *result = le32_to_cpu(result_le); return ret; } static int tpm_tis_spi_write(struct udevice *dev, u16 addr, const u8 *out, u16 len) { return tpm_tis_spi_xfer(dev, addr, out, NULL, len); } static int tpm_tis_spi_check_locality(struct udevice *dev, int loc) { const u8 mask = TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID; struct tpm_chip *chip = dev_get_priv(dev); u8 buf; int ret; ret = tpm_tis_spi_read(dev, TPM_ACCESS(loc), &buf, 1); if (ret) return ret; if ((buf & mask) == mask) { chip->locality = loc; return 0; } return -ENOENT; } static void tpm_tis_spi_release_locality(struct udevice *dev, int loc, bool force) { const u8 mask = TPM_ACCESS_REQUEST_PENDING | TPM_ACCESS_VALID; u8 buf; if (tpm_tis_spi_read(dev, TPM_ACCESS(loc), &buf, 1) < 0) return; if (force || (buf & mask) == mask) { buf = TPM_ACCESS_ACTIVE_LOCALITY; tpm_tis_spi_write(dev, TPM_ACCESS(loc), &buf, 1); } } static int tpm_tis_spi_request_locality(struct udevice *dev, int loc) { struct tpm_chip *chip = dev_get_priv(dev); unsigned long start, stop; u8 buf = TPM_ACCESS_REQUEST_USE; int ret; ret = tpm_tis_spi_check_locality(dev, loc); if (!ret) return 0; if (ret != -ENOENT) { log(LOGC_NONE, LOGL_ERR, "%s: Failed to get locality: %d\n", __func__, ret); return ret; } ret = tpm_tis_spi_write(dev, TPM_ACCESS(loc), &buf, 1); if (ret) { log(LOGC_NONE, LOGL_ERR, "%s: Failed to write to TPM: %d\n", __func__, ret); return ret; } start = get_timer(0); stop = chip->timeout_a; do { ret = tpm_tis_spi_check_locality(dev, loc); if (!ret) return 0; if (ret != -ENOENT) { log(LOGC_NONE, LOGL_ERR, "%s: Failed to get locality: %d\n", __func__, ret); return ret; } mdelay(TPM_TIMEOUT_MS); } while (get_timer(start) < stop); log(LOGC_NONE, LOGL_ERR, "%s: Timeout getting locality: %d\n", __func__, ret); return ret; } static u8 tpm_tis_spi_status(struct udevice *dev, u8 *status) { struct tpm_chip *chip = dev_get_priv(dev); return tpm_tis_spi_read(dev, TPM_STS(chip->locality), status, 1); } static int tpm_tis_spi_wait_for_stat(struct udevice *dev, u8 mask, unsigned long timeout, u8 *status) { unsigned long start = get_timer(0); unsigned long stop = timeout; int ret; do { mdelay(TPM_TIMEOUT_MS); ret = tpm_tis_spi_status(dev, status); if (ret) return ret; if ((*status & mask) == mask) return 0; } while (get_timer(start) < stop); return -ETIMEDOUT; } static int tpm_tis_spi_get_burstcount(struct udevice *dev) { struct tpm_chip *chip = dev_get_priv(dev); unsigned long start, stop; u32 burstcount, ret; /* wait for burstcount */ start = get_timer(0); stop = chip->timeout_d; do { ret = tpm_tis_spi_read32(dev, TPM_STS(chip->locality), &burstcount); if (ret) return -EBUSY; burstcount = (burstcount >> 8) & 0xFFFF; if (burstcount) return burstcount; mdelay(TPM_TIMEOUT_MS); } while (get_timer(start) < stop); return -EBUSY; } static int tpm_tis_spi_cancel(struct udevice *dev) { struct tpm_chip *chip = dev_get_priv(dev); u8 data = TPM_STS_COMMAND_READY; return tpm_tis_spi_write(dev, TPM_STS(chip->locality), &data, 1); } static int tpm_tis_spi_recv_data(struct udevice *dev, u8 *buf, size_t count) { struct tpm_chip *chip = dev_get_priv(dev); int size = 0, burstcnt, len, ret; u8 status; while (size < count && tpm_tis_spi_wait_for_stat(dev, TPM_STS_DATA_AVAIL | TPM_STS_VALID, chip->timeout_c, &status) == 0) { burstcnt = tpm_tis_spi_get_burstcount(dev); if (burstcnt < 0) return burstcnt; len = min_t(int, burstcnt, count - size); ret = tpm_tis_spi_read(dev, TPM_DATA_FIFO(chip->locality), buf + size, len); if (ret < 0) return ret; size += len; } return size; } static int tpm_tis_spi_recv(struct udevice *dev, u8 *buf, size_t count) { struct tpm_chip *chip = dev_get_priv(dev); int size, expected; if (!chip) return -ENODEV; if (count < TPM_HEADER_SIZE) { size = -EIO; goto out; } size = tpm_tis_spi_recv_data(dev, buf, TPM_HEADER_SIZE); if (size < TPM_HEADER_SIZE) { log(LOGC_NONE, LOGL_ERR, "TPM error, unable to read header\n"); goto out; } expected = get_unaligned_be32(buf + 2); if (expected > count) { size = -EIO; goto out; } size += tpm_tis_spi_recv_data(dev, &buf[TPM_HEADER_SIZE], expected - TPM_HEADER_SIZE); if (size < expected) { log(LOGC_NONE, LOGL_ERR, "TPM error, unable to read remaining bytes of result\n"); size = -EIO; goto out; } out: tpm_tis_spi_cancel(dev); tpm_tis_spi_release_locality(dev, chip->locality, false); return size; } static int tpm_tis_spi_send(struct udevice *dev, const u8 *buf, size_t len) { struct tpm_chip *chip = dev_get_priv(dev); u32 i, size; u8 status; int burstcnt, ret; u8 data; if (!chip) return -ENODEV; if (len > TPM_DEV_BUFSIZE) return -E2BIG; /* Command is too long for our tpm, sorry */ ret = tpm_tis_spi_request_locality(dev, 0); if (ret < 0) return -EBUSY; /* * Check if the TPM is ready. If not, if not, cancel the pending command * and poll on the status to be finally ready. */ ret = tpm_tis_spi_status(dev, &status); if (ret) return ret; if (!(status & TPM_STS_COMMAND_READY)) { /* Force the transition, usually this will be done at startup */ ret = tpm_tis_spi_cancel(dev); if (ret) { log(LOGC_NONE, LOGL_ERR, "%s: Could not cancel previous operation\n", __func__); goto out_err; } ret = tpm_tis_spi_wait_for_stat(dev, TPM_STS_COMMAND_READY, chip->timeout_b, &status); if (ret < 0 || !(status & TPM_STS_COMMAND_READY)) { log(LOGC_NONE, LOGL_ERR, "status %d after wait for stat returned %d\n", status, ret); goto out_err; } } for (i = 0; i < len - 1;) { burstcnt = tpm_tis_spi_get_burstcount(dev); if (burstcnt < 0) return burstcnt; size = min_t(int, len - i - 1, burstcnt); ret = tpm_tis_spi_write(dev, TPM_DATA_FIFO(chip->locality), buf + i, size); if (ret < 0) goto out_err; i += size; } ret = tpm_tis_spi_status(dev, &status); if (ret) goto out_err; if ((status & TPM_STS_DATA_EXPECT) == 0) { ret = -EIO; goto out_err; } ret = tpm_tis_spi_write(dev, TPM_DATA_FIFO(chip->locality), buf + len - 1, 1); if (ret) goto out_err; ret = tpm_tis_spi_status(dev, &status); if (ret) goto out_err; if ((status & TPM_STS_DATA_EXPECT) != 0) { ret = -EIO; goto out_err; } data = TPM_STS_GO; ret = tpm_tis_spi_write(dev, TPM_STS(chip->locality), &data, 1); if (ret) goto out_err; return len; out_err: tpm_tis_spi_cancel(dev); tpm_tis_spi_release_locality(dev, chip->locality, false); return ret; } static int tpm_tis_spi_cleanup(struct udevice *dev) { struct tpm_chip *chip = dev_get_priv(dev); tpm_tis_spi_cancel(dev); /* * The TPM needs some time to clean up here, * so we sleep rather than keeping the bus busy */ mdelay(2); tpm_tis_spi_release_locality(dev, chip->locality, false); return 0; } static int tpm_tis_spi_open(struct udevice *dev) { struct tpm_chip *chip = dev_get_priv(dev); struct tpm_chip_priv *priv = dev_get_uclass_priv(dev); if (chip->is_open) return -EBUSY; chip->is_open = 1; return 0; } static int tpm_tis_spi_close(struct udevice *dev) { struct tpm_chip *chip = dev_get_priv(dev); if (chip->is_open) { tpm_tis_spi_release_locality(dev, chip->locality, true); chip->is_open = 0; } return 0; } static int tpm_tis_get_desc(struct udevice *dev, char *buf, int size) { struct tpm_chip *chip = dev_get_priv(dev); if (size < 80) return -ENOSPC; return snprintf(buf, size, "%s v2.0: VendorID 0x%04x, DeviceID 0x%04x, RevisionID 0x%02x [%s]", dev->name, chip->vend_dev & 0xFFFF, chip->vend_dev >> 16, chip->rid, (chip->is_open ? "open" : "closed")); } static int tpm_tis_wait_init(struct udevice *dev, int loc) { struct tpm_chip *chip = dev_get_priv(dev); unsigned long start, stop; u8 status; int ret; start = get_timer(0); stop = chip->timeout_b; do { mdelay(TPM_TIMEOUT_MS); ret = tpm_tis_spi_read(dev, TPM_ACCESS(loc), &status, 1); if (ret) break; if (status & TPM_ACCESS_VALID) return 0; } while (get_timer(start) < stop); return -EIO; } static int tpm_tis_spi_probe(struct udevice *dev) { struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(dev); struct tpm_chip_priv *priv = dev_get_uclass_priv(dev); struct tpm_chip *chip = dev_get_priv(dev); int ret; /* Use the TPM v2 stack */ priv->version = TPM_V2; if (IS_ENABLED(CONFIG_DM_GPIO)) { struct gpio_desc reset_gpio; ret = gpio_request_by_name(dev, "gpio-reset", 0, &reset_gpio, GPIOD_IS_OUT); if (ret) { log(LOGC_NONE, LOGL_NOTICE, "%s: missing reset GPIO\n", __func__); } else { dm_gpio_set_value(&reset_gpio, 0); mdelay(1); dm_gpio_set_value(&reset_gpio, 1); } } /* Ensure a minimum amount of time elapsed since reset of the TPM */ mdelay(drv_data->time_before_first_cmd_ms); chip->locality = 0; chip->timeout_a = TIS_SHORT_TIMEOUT_MS; chip->timeout_b = TIS_LONG_TIMEOUT_MS; chip->timeout_c = TIS_SHORT_TIMEOUT_MS; chip->timeout_d = TIS_SHORT_TIMEOUT_MS; priv->pcr_count = drv_data->pcr_count; priv->pcr_select_min = drv_data->pcr_select_min; ret = tpm_tis_wait_init(dev, chip->locality); if (ret) { log(LOGC_DM, LOGL_ERR, "%s: no device found\n", __func__); return ret; } ret = tpm_tis_spi_request_locality(dev, chip->locality); if (ret) { log(LOGC_NONE, LOGL_ERR, "%s: could not request locality %d\n", __func__, chip->locality); return ret; } ret = tpm_tis_spi_read32(dev, TPM_DID_VID(chip->locality), &chip->vend_dev); if (ret) { log(LOGC_NONE, LOGL_ERR, "%s: could not retrieve VendorID/DeviceID\n", __func__); return ret; } ret = tpm_tis_spi_read(dev, TPM_RID(chip->locality), &chip->rid, 1); if (ret) { log(LOGC_NONE, LOGL_ERR, "%s: could not retrieve RevisionID\n", __func__); return ret; } log(LOGC_NONE, LOGL_ERR, "SPI TPMv2.0 found (vid:%04x, did:%04x, rid:%02x)\n", chip->vend_dev & 0xFFFF, chip->vend_dev >> 16, chip->rid); return 0; } static int tpm_tis_spi_remove(struct udevice *dev) { struct tpm_chip *chip = dev_get_priv(dev); tpm_tis_spi_release_locality(dev, chip->locality, true); return 0; } static const struct tpm_ops tpm_tis_spi_ops = { .open = tpm_tis_spi_open, .close = tpm_tis_spi_close, .get_desc = tpm_tis_get_desc, .send = tpm_tis_spi_send, .recv = tpm_tis_spi_recv, .cleanup = tpm_tis_spi_cleanup, }; static const struct tpm_tis_chip_data tpm_tis_std_chip_data = { .pcr_count = 24, .pcr_select_min = 3, .time_before_first_cmd_ms = 30, }; static const struct udevice_id tpm_tis_spi_ids[] = { { .compatible = "tis,tpm2-spi", .data = (ulong)&tpm_tis_std_chip_data, }, { } }; U_BOOT_DRIVER(tpm_tis_spi) = { .name = "tpm_tis_spi", .id = UCLASS_TPM, .of_match = tpm_tis_spi_ids, .ops = &tpm_tis_spi_ops, .probe = tpm_tis_spi_probe, .remove = tpm_tis_spi_remove, .priv_auto_alloc_size = sizeof(struct tpm_chip), };