|
|
|
/*
|
|
|
|
* Copyright (c) 2011 The Chromium OS Authors.
|
|
|
|
*
|
|
|
|
* SPDX-License-Identifier: GPL-2.0+
|
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The code in this file is based on the article "Writing a TPM Device Driver"
|
|
|
|
* published on http://ptgmedia.pearsoncmg.com.
|
|
|
|
*
|
|
|
|
* One principal difference is that in the simplest config the other than 0
|
|
|
|
* TPM localities do not get mapped by some devices (for instance, by Infineon
|
|
|
|
* slb9635), so this driver provides access to locality 0 only.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <common.h>
|
|
|
|
#include <dm.h>
|
|
|
|
#include <mapmem.h>
|
|
|
|
#include <tis.h>
|
|
|
|
#include <tpm.h>
|
|
|
|
#include <asm/io.h>
|
|
|
|
|
|
|
|
#define PREFIX "lpc_tpm: "
|
|
|
|
|
|
|
|
struct tpm_locality {
|
|
|
|
u32 access;
|
|
|
|
u8 padding0[4];
|
|
|
|
u32 int_enable;
|
|
|
|
u8 vector;
|
|
|
|
u8 padding1[3];
|
|
|
|
u32 int_status;
|
|
|
|
u32 int_capability;
|
|
|
|
u32 tpm_status;
|
|
|
|
u8 padding2[8];
|
|
|
|
u8 data;
|
|
|
|
u8 padding3[3803];
|
|
|
|
u32 did_vid;
|
|
|
|
u8 rid;
|
|
|
|
u8 padding4[251];
|
|
|
|
};
|
|
|
|
|
|
|
|
struct tpm_tis_lpc_priv {
|
|
|
|
struct tpm_locality *regs;
|
|
|
|
};
|
|
|
|
|
|
|
|
/*
|
|
|
|
* This pointer refers to the TPM chip, 5 of its localities are mapped as an
|
|
|
|
* array.
|
|
|
|
*/
|
|
|
|
#define TPM_TOTAL_LOCALITIES 5
|
|
|
|
|
|
|
|
/* Some registers' bit field definitions */
|
|
|
|
#define TIS_STS_VALID (1 << 7) /* 0x80 */
|
|
|
|
#define TIS_STS_COMMAND_READY (1 << 6) /* 0x40 */
|
|
|
|
#define TIS_STS_TPM_GO (1 << 5) /* 0x20 */
|
|
|
|
#define TIS_STS_DATA_AVAILABLE (1 << 4) /* 0x10 */
|
|
|
|
#define TIS_STS_EXPECT (1 << 3) /* 0x08 */
|
|
|
|
#define TIS_STS_RESPONSE_RETRY (1 << 1) /* 0x02 */
|
|
|
|
|
|
|
|
#define TIS_ACCESS_TPM_REG_VALID_STS (1 << 7) /* 0x80 */
|
|
|
|
#define TIS_ACCESS_ACTIVE_LOCALITY (1 << 5) /* 0x20 */
|
|
|
|
#define TIS_ACCESS_BEEN_SEIZED (1 << 4) /* 0x10 */
|
|
|
|
#define TIS_ACCESS_SEIZE (1 << 3) /* 0x08 */
|
|
|
|
#define TIS_ACCESS_PENDING_REQUEST (1 << 2) /* 0x04 */
|
|
|
|
#define TIS_ACCESS_REQUEST_USE (1 << 1) /* 0x02 */
|
|
|
|
#define TIS_ACCESS_TPM_ESTABLISHMENT (1 << 0) /* 0x01 */
|
|
|
|
|
|
|
|
#define TIS_STS_BURST_COUNT_MASK (0xffff)
|
|
|
|
#define TIS_STS_BURST_COUNT_SHIFT (8)
|
|
|
|
|
|
|
|
/* 1 second is plenty for anything TPM does. */
|
|
|
|
#define MAX_DELAY_US (1000 * 1000)
|
|
|
|
|
|
|
|
/* Retrieve burst count value out of the status register contents. */
|
|
|
|
static u16 burst_count(u32 status)
|
|
|
|
{
|
|
|
|
return (status >> TIS_STS_BURST_COUNT_SHIFT) &
|
|
|
|
TIS_STS_BURST_COUNT_MASK;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* TPM access wrappers to support tracing */
|
|
|
|
static u8 tpm_read_byte(struct tpm_tis_lpc_priv *priv, const u8 *ptr)
|
|
|
|
{
|
|
|
|
u8 ret = readb(ptr);
|
|
|
|
debug(PREFIX "Read reg 0x%4.4x returns 0x%2.2x\n",
|
|
|
|
(u32)(uintptr_t)ptr - (u32)(uintptr_t)priv->regs, ret);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
static u32 tpm_read_word(struct tpm_tis_lpc_priv *priv, const u32 *ptr)
|
|
|
|
{
|
|
|
|
u32 ret = readl(ptr);
|
|
|
|
debug(PREFIX "Read reg 0x%4.4x returns 0x%8.8x\n",
|
|
|
|
(u32)(uintptr_t)ptr - (u32)(uintptr_t)priv->regs, ret);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void tpm_write_byte(struct tpm_tis_lpc_priv *priv, u8 value, u8 *ptr)
|
|
|
|
{
|
|
|
|
debug(PREFIX "Write reg 0x%4.4x with 0x%2.2x\n",
|
|
|
|
(u32)(uintptr_t)ptr - (u32)(uintptr_t)priv->regs, value);
|
|
|
|
writeb(value, ptr);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void tpm_write_word(struct tpm_tis_lpc_priv *priv, u32 value,
|
|
|
|
u32 *ptr)
|
|
|
|
{
|
|
|
|
debug(PREFIX "Write reg 0x%4.4x with 0x%8.8x\n",
|
|
|
|
(u32)(uintptr_t)ptr - (u32)(uintptr_t)priv->regs, value);
|
|
|
|
writel(value, ptr);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* tis_wait_reg()
|
|
|
|
*
|
|
|
|
* Wait for at least a second for a register to change its state to match the
|
|
|
|
* expected state. Normally the transition happens within microseconds.
|
|
|
|
*
|
|
|
|
* @reg - pointer to the TPM register
|
|
|
|
* @mask - bitmask for the bitfield(s) to watch
|
|
|
|
* @expected - value the field(s) are supposed to be set to
|
|
|
|
*
|
|
|
|
* Returns the register contents in case the expected value was found in the
|
|
|
|
* appropriate register bits, or -ETIMEDOUT on timeout.
|
|
|
|
*/
|
|
|
|
static int tis_wait_reg(struct tpm_tis_lpc_priv *priv, u32 *reg, u8 mask,
|
|
|
|
u8 expected)
|
|
|
|
{
|
|
|
|
u32 time_us = MAX_DELAY_US;
|
|
|
|
|
|
|
|
while (time_us > 0) {
|
|
|
|
u32 value = tpm_read_word(priv, reg);
|
|
|
|
if ((value & mask) == expected)
|
|
|
|
return value;
|
|
|
|
udelay(1); /* 1 us */
|
|
|
|
time_us--;
|
|
|
|
}
|
|
|
|
|
|
|
|
return -ETIMEDOUT;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Probe the TPM device and try determining its manufacturer/device name.
|
|
|
|
*
|
|
|
|
* Returns 0 on success, -ve on error
|
|
|
|
*/
|
|
|
|
static int tpm_tis_lpc_probe(struct udevice *dev)
|
|
|
|
{
|
|
|
|
struct tpm_tis_lpc_priv *priv = dev_get_priv(dev);
|
|
|
|
u32 vid, did;
|
|
|
|
fdt_addr_t addr;
|
|
|
|
u32 didvid;
|
|
|
|
|
|
|
|
addr = dev_get_addr(dev);
|
|
|
|
if (addr == FDT_ADDR_T_NONE)
|
|
|
|
return -EINVAL;
|
|
|
|
priv->regs = map_sysmem(addr, 0);
|
|
|
|
didvid = tpm_read_word(priv, &priv->regs[0].did_vid);
|
|
|
|
|
|
|
|
vid = didvid & 0xffff;
|
|
|
|
did = (didvid >> 16) & 0xffff;
|
|
|
|
if (vid != 0x15d1 || did != 0xb) {
|
|
|
|
debug("Invalid vendor/device ID %04x/%04x\n", vid, did);
|
|
|
|
return -ENOSYS;
|
|
|
|
}
|
|
|
|
|
|
|
|
debug("Found TPM %s by %s\n", "SLB9635 TT 1.2", "Infineon");
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* tis_senddata()
|
|
|
|
*
|
|
|
|
* send the passed in data to the TPM device.
|
|
|
|
*
|
|
|
|
* @data - address of the data to send, byte by byte
|
|
|
|
* @len - length of the data to send
|
|
|
|
*
|
|
|
|
* Returns 0 on success, -ve on error (in case the device does not accept
|
|
|
|
* the entire command).
|
|
|
|
*/
|
|
|
|
static int tis_senddata(struct udevice *dev, const u8 *data, size_t len)
|
|
|
|
{
|
|
|
|
struct tpm_tis_lpc_priv *priv = dev_get_priv(dev);
|
|
|
|
struct tpm_locality *regs = priv->regs;
|
|
|
|
u32 offset = 0;
|
|
|
|
u16 burst = 0;
|
|
|
|
u32 max_cycles = 0;
|
|
|
|
u8 locality = 0;
|
|
|
|
u32 value;
|
|
|
|
|
|
|
|
value = tis_wait_reg(priv, ®s[locality].tpm_status,
|
|
|
|
TIS_STS_COMMAND_READY, TIS_STS_COMMAND_READY);
|
|
|
|
if (value == -ETIMEDOUT) {
|
|
|
|
printf("%s:%d - failed to get 'command_ready' status\n",
|
|
|
|
__FILE__, __LINE__);
|
|
|
|
return value;
|
|
|
|
}
|
|
|
|
burst = burst_count(value);
|
|
|
|
|
|
|
|
while (1) {
|
|
|
|
unsigned count;
|
|
|
|
|
|
|
|
/* Wait till the device is ready to accept more data. */
|
|
|
|
while (!burst) {
|
|
|
|
if (max_cycles++ == MAX_DELAY_US) {
|
|
|
|
printf("%s:%d failed to feed %d bytes of %d\n",
|
|
|
|
__FILE__, __LINE__, len - offset, len);
|
|
|
|
return -ETIMEDOUT;
|
|
|
|
}
|
|
|
|
udelay(1);
|
|
|
|
burst = burst_count(tpm_read_word(priv,
|
|
|
|
®s[locality].tpm_status));
|
|
|
|
}
|
|
|
|
|
|
|
|
max_cycles = 0;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Calculate number of bytes the TPM is ready to accept in one
|
|
|
|
* shot.
|
|
|
|
*
|
|
|
|
* We want to send the last byte outside of the loop (hence
|
|
|
|
* the -1 below) to make sure that the 'expected' status bit
|
|
|
|
* changes to zero exactly after the last byte is fed into the
|
|
|
|
* FIFO.
|
|
|
|
*/
|
linux/kernel.h: sync min, max, min3, max3 macros with Linux
U-Boot has never cared about the type when we get max/min of two
values, but Linux Kernel does. This commit gets min, max, min3, max3
macros synced with the kernel introducing type checks.
Many of references of those macros must be fixed to suppress warnings.
We have two options:
- Use min, max, min3, max3 only when the arguments have the same type
(or add casts to the arguments)
- Use min_t/max_t instead with the appropriate type for the first
argument
Signed-off-by: Masahiro Yamada <yamada.m@jp.panasonic.com>
Acked-by: Pavel Machek <pavel@denx.de>
Acked-by: Lukasz Majewski <l.majewski@samsung.com>
Tested-by: Lukasz Majewski <l.majewski@samsung.com>
[trini: Fixup arch/blackfin/lib/string.c]
Signed-off-by: Tom Rini <trini@ti.com>
10 years ago
|
|
|
count = min((u32)burst, len - offset - 1);
|
|
|
|
while (count--)
|
|
|
|
tpm_write_byte(priv, data[offset++],
|
|
|
|
®s[locality].data);
|
|
|
|
|
|
|
|
value = tis_wait_reg(priv, ®s[locality].tpm_status,
|
|
|
|
TIS_STS_VALID, TIS_STS_VALID);
|
|
|
|
|
|
|
|
if ((value == -ETIMEDOUT) || !(value & TIS_STS_EXPECT)) {
|
|
|
|
printf("%s:%d TPM command feed overflow\n",
|
|
|
|
__FILE__, __LINE__);
|
|
|
|
return value == -ETIMEDOUT ? value : -EIO;
|
|
|
|
}
|
|
|
|
|
|
|
|
burst = burst_count(value);
|
|
|
|
if ((offset == (len - 1)) && burst) {
|
|
|
|
/*
|
|
|
|
* We need to be able to send the last byte to the
|
|
|
|
* device, so burst size must be nonzero before we
|
|
|
|
* break out.
|
|
|
|
*/
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Send the last byte. */
|
|
|
|
tpm_write_byte(priv, data[offset++], ®s[locality].data);
|
|
|
|
/*
|
|
|
|
* Verify that TPM does not expect any more data as part of this
|
|
|
|
* command.
|
|
|
|
*/
|
|
|
|
value = tis_wait_reg(priv, ®s[locality].tpm_status,
|
|
|
|
TIS_STS_VALID, TIS_STS_VALID);
|
|
|
|
if ((value == -ETIMEDOUT) || (value & TIS_STS_EXPECT)) {
|
|
|
|
printf("%s:%d unexpected TPM status 0x%x\n",
|
|
|
|
__FILE__, __LINE__, value);
|
|
|
|
return value == -ETIMEDOUT ? value : -EIO;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* OK, sitting pretty, let's start the command execution. */
|
|
|
|
tpm_write_word(priv, TIS_STS_TPM_GO, ®s[locality].tpm_status);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* tis_readresponse()
|
|
|
|
*
|
|
|
|
* read the TPM device response after a command was issued.
|
|
|
|
*
|
|
|
|
* @buffer - address where to read the response, byte by byte.
|
|
|
|
* @len - pointer to the size of buffer
|
|
|
|
*
|
|
|
|
* On success stores the number of received bytes to len and returns 0. On
|
|
|
|
* errors (misformatted TPM data or synchronization problems) returns
|
|
|
|
* -ve value.
|
|
|
|
*/
|
|
|
|
static int tis_readresponse(struct udevice *dev, u8 *buffer, size_t len)
|
|
|
|
{
|
|
|
|
struct tpm_tis_lpc_priv *priv = dev_get_priv(dev);
|
|
|
|
struct tpm_locality *regs = priv->regs;
|
|
|
|
u16 burst;
|
|
|
|
u32 value;
|
|
|
|
u32 offset = 0;
|
|
|
|
u8 locality = 0;
|
|
|
|
const u32 has_data = TIS_STS_DATA_AVAILABLE | TIS_STS_VALID;
|
|
|
|
u32 expected_count = len;
|
|
|
|
int max_cycles = 0;
|
|
|
|
|
|
|
|
/* Wait for the TPM to process the command. */
|
|
|
|
value = tis_wait_reg(priv, ®s[locality].tpm_status,
|
|
|
|
has_data, has_data);
|
|
|
|
if (value == -ETIMEDOUT) {
|
|
|
|
printf("%s:%d failed processing command\n",
|
|
|
|
__FILE__, __LINE__);
|
|
|
|
return value;
|
|
|
|
}
|
|
|
|
|
|
|
|
do {
|
|
|
|
while ((burst = burst_count(value)) == 0) {
|
|
|
|
if (max_cycles++ == MAX_DELAY_US) {
|
|
|
|
printf("%s:%d TPM stuck on read\n",
|
|
|
|
__FILE__, __LINE__);
|
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
udelay(1);
|
|
|
|
value = tpm_read_word(priv, ®s[locality].tpm_status);
|
|
|
|
}
|
|
|
|
|
|
|
|
max_cycles = 0;
|
|
|
|
|
|
|
|
while (burst-- && (offset < expected_count)) {
|
|
|
|
buffer[offset++] = tpm_read_byte(priv,
|
|
|
|
®s[locality].data);
|
|
|
|
|
|
|
|
if (offset == 6) {
|
|
|
|
/*
|
|
|
|
* We got the first six bytes of the reply,
|
|
|
|
* let's figure out how many bytes to expect
|
|
|
|
* total - it is stored as a 4 byte number in
|
|
|
|
* network order, starting with offset 2 into
|
|
|
|
* the body of the reply.
|
|
|
|
*/
|
|
|
|
u32 real_length;
|
|
|
|
memcpy(&real_length,
|
|
|
|
buffer + 2,
|
|
|
|
sizeof(real_length));
|
|
|
|
expected_count = be32_to_cpu(real_length);
|
|
|
|
|
|
|
|
if ((expected_count < offset) ||
|
|
|
|
(expected_count > len)) {
|
|
|
|
printf("%s:%d bad response size %d\n",
|
|
|
|
__FILE__, __LINE__,
|
|
|
|
expected_count);
|
|
|
|
return -ENOSPC;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Wait for the next portion. */
|
|
|
|
value = tis_wait_reg(priv, ®s[locality].tpm_status,
|
|
|
|
TIS_STS_VALID, TIS_STS_VALID);
|
|
|
|
if (value == -ETIMEDOUT) {
|
|
|
|
printf("%s:%d failed to read response\n",
|
|
|
|
__FILE__, __LINE__);
|
|
|
|
return value;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (offset == expected_count)
|
|
|
|
break; /* We got all we needed. */
|
|
|
|
|
|
|
|
} while ((value & has_data) == has_data);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Make sure we indeed read all there was. The TIS_STS_VALID bit is
|
|
|
|
* known to be set.
|
|
|
|
*/
|
|
|
|
if (value & TIS_STS_DATA_AVAILABLE) {
|
|
|
|
printf("%s:%d wrong receive status %x\n",
|
|
|
|
__FILE__, __LINE__, value);
|
|
|
|
return -EBADMSG;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Tell the TPM that we are done. */
|
|
|
|
tpm_write_word(priv, TIS_STS_COMMAND_READY,
|
|
|
|
®s[locality].tpm_status);
|
|
|
|
|
|
|
|
return offset;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int tpm_tis_lpc_open(struct udevice *dev)
|
|
|
|
{
|
|
|
|
struct tpm_tis_lpc_priv *priv = dev_get_priv(dev);
|
|
|
|
struct tpm_locality *regs = priv->regs;
|
|
|
|
u8 locality = 0; /* we use locality zero for everything. */
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
/* now request access to locality. */
|
|
|
|
tpm_write_word(priv, TIS_ACCESS_REQUEST_USE, ®s[locality].access);
|
|
|
|
|
|
|
|
/* did we get a lock? */
|
|
|
|
ret = tis_wait_reg(priv, ®s[locality].access,
|
|
|
|
TIS_ACCESS_ACTIVE_LOCALITY,
|
|
|
|
TIS_ACCESS_ACTIVE_LOCALITY);
|
|
|
|
if (ret == -ETIMEDOUT) {
|
|
|
|
printf("%s:%d - failed to lock locality %d\n",
|
|
|
|
__FILE__, __LINE__, locality);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
tpm_write_word(priv, TIS_STS_COMMAND_READY,
|
|
|
|
®s[locality].tpm_status);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int tpm_tis_lpc_close(struct udevice *dev)
|
|
|
|
{
|
|
|
|
struct tpm_tis_lpc_priv *priv = dev_get_priv(dev);
|
|
|
|
struct tpm_locality *regs = priv->regs;
|
|
|
|
u8 locality = 0;
|
|
|
|
|
|
|
|
if (tpm_read_word(priv, ®s[locality].access) &
|
|
|
|
TIS_ACCESS_ACTIVE_LOCALITY) {
|
|
|
|
tpm_write_word(priv, TIS_ACCESS_ACTIVE_LOCALITY,
|
|
|
|
®s[locality].access);
|
|
|
|
|
|
|
|
if (tis_wait_reg(priv, ®s[locality].access,
|
|
|
|
TIS_ACCESS_ACTIVE_LOCALITY, 0) == -ETIMEDOUT) {
|
|
|
|
printf("%s:%d - failed to release locality %d\n",
|
|
|
|
__FILE__, __LINE__, locality);
|
|
|
|
return -ETIMEDOUT;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int tpm_tis_get_desc(struct udevice *dev, char *buf, int size)
|
|
|
|
{
|
|
|
|
if (size < 50)
|
|
|
|
return -ENOSPC;
|
|
|
|
|
|
|
|
return snprintf(buf, size, "1.2 TPM (vendor %s, chip %s)",
|
|
|
|
"Infineon", "SLB9635 TT 1.2");
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static const struct tpm_ops tpm_tis_lpc_ops = {
|
|
|
|
.open = tpm_tis_lpc_open,
|
|
|
|
.close = tpm_tis_lpc_close,
|
|
|
|
.get_desc = tpm_tis_get_desc,
|
|
|
|
.send = tis_senddata,
|
|
|
|
.recv = tis_readresponse,
|
|
|
|
};
|
|
|
|
|
|
|
|
static const struct udevice_id tpm_tis_lpc_ids[] = {
|
|
|
|
{ .compatible = "infineon,slb9635lpc" },
|
|
|
|
{ }
|
|
|
|
};
|
|
|
|
|
|
|
|
U_BOOT_DRIVER(tpm_tis_lpc) = {
|
|
|
|
.name = "tpm_tis_lpc",
|
|
|
|
.id = UCLASS_TPM,
|
|
|
|
.of_match = tpm_tis_lpc_ids,
|
|
|
|
.ops = &tpm_tis_lpc_ops,
|
|
|
|
.probe = tpm_tis_lpc_probe,
|
|
|
|
.priv_auto_alloc_size = sizeof(struct tpm_tis_lpc_priv),
|
|
|
|
};
|