diff options
author | Stefan Reinauer <reinauer@chromium.org> | 2013-11-04 17:38:32 -0800 |
---|---|---|
committer | Isaac Christensen <isaac.christensen@se-eng.com> | 2014-09-10 19:37:49 +0200 |
commit | d518c7a2d7ba839f0480a933a7a7c6d7f797e3bf (patch) | |
tree | 7f4fea8a6f98c3ad1d2535e5b60cb96cc4965eed /src/drivers/i2c/tpm/tpm.c | |
parent | 5c85e66b178c4fb4ddc6bcd98d13f43f9ad58792 (diff) | |
download | coreboot-d518c7a2d7ba839f0480a933a7a7c6d7f797e3bf.tar.xz |
tpm: Clean up I2C TPM driver
Drop a lot of u-boot-isms and share common TIS API
between I2C driver and LPC driver.
Signed-off-by: Stefan Reinauer <reinauer@google.com>
Change-Id: I43be8eea0acbdaef58ef256a2bc5336b83368a0e
Reviewed-on: https://chromium-review.googlesource.com/175670
Commit-Queue: Stefan Reinauer <reinauer@chromium.org>
Tested-by: Stefan Reinauer <reinauer@chromium.org>
Reviewed-by: David Hendricks <dhendrix@chromium.org>
(cherry picked from commit 3fc8515b9dcef66998658e1aa5c020d22509810c)
Signed-off-by: Isaac Christensen <isaac.christensen@se-eng.com>
Reviewed-on: http://review.coreboot.org/6855
Tested-by: build bot (Jenkins)
Reviewed-by: Ronald G. Minnich <rminnich@gmail.com>
Diffstat (limited to 'src/drivers/i2c/tpm/tpm.c')
-rw-r--r-- | src/drivers/i2c/tpm/tpm.c | 555 |
1 files changed, 485 insertions, 70 deletions
diff --git a/src/drivers/i2c/tpm/tpm.c b/src/drivers/i2c/tpm/tpm.c index d31cc79878..837bd234ac 100644 --- a/src/drivers/i2c/tpm/tpm.c +++ b/src/drivers/i2c/tpm/tpm.c @@ -8,6 +8,10 @@ * Device driver for TCG/TCPA TPM (trusted platform module). * Specifications at www.trustedcomputinggroup.org * + * This device driver implements the TPM interface as defined in + * the TCG TPM Interface Spec version 1.2, revision 1.0 and the + * Infineon I2C Protocol Stack Specification v0.20. + * * It is based on the Linux kernel driver tpm.c from Leendert van * Dorn, Dave Safford, Reiner Sailer, and Kyleen Hall. * @@ -34,113 +38,524 @@ #include <stdint.h> #include <string.h> -#include <assert.h> +#include <types.h> #include <delay.h> #include <console/console.h> #include <arch/byteorder.h> -#include "tis.h" +#include <device/i2c.h> #include "tpm.h" -/* global structure for tpm chip data */ -struct tpm_chip g_chip; +/* max. buffer size supported by our TPM */ +#ifdef TPM_BUFSIZE +#undef TPM_BUFSIZE +#endif +#define TPM_BUFSIZE 1260 + +/* Address of the TPM on the I2C bus */ +#define TPM_I2C_ADDR 0x20 + +/* max. number of iterations after I2C NAK */ +#define MAX_COUNT 3 + +#define SLEEP_DURATION 60 /* in usec */ + +/* max. number of iterations after I2C NAK for 'long' commands + * we need this especially for sending TPM_READY, since the cleanup after the + * transtion to the ready state may take some time, but it is unpredictable + * how long it will take. + */ +#define MAX_COUNT_LONG 50 + +#define SLEEP_DURATION_LONG 210 /* in usec */ + +/* expected value for DIDVID register */ +#define TPM_TIS_I2C_DID_VID_9635 0x000b15d1L +#define TPM_TIS_I2C_DID_VID_9645 0x001a15d1L + +enum i2c_chip_type { + SLB9635, + SLB9645, + UNKNOWN, +}; + +static const char * const chip_name[] = { + [SLB9635] = "slb9635tt", + [SLB9645] = "slb9645tt", + [UNKNOWN] = "unknown/fallback to slb9635", +}; -#define TPM_CMD_COUNT_BYTE 2 -#define TPM_CMD_ORDINAL_BYTE 6 +/* Structure to store I2C TPM specific stuff */ +struct tpm_inf_dev { + unsigned bus; + unsigned int addr; + uint8_t buf[TPM_BUFSIZE + sizeof(uint8_t)]; // max. buffer size + addr + enum i2c_chip_type chip_type; +}; -ssize_t tpm_transmit(const uint8_t *buf, size_t bufsiz) +static struct tpm_inf_dev tpm_dev = { + .addr = TPM_I2C_ADDR +}; + +/* + * iic_tpm_read() - read from TPM register + * @addr: register address to read from + * @buffer: provided by caller + * @len: number of bytes to read + * + * Read len bytes from TPM register and put them into + * buffer (little-endian format, i.e. first byte is put into buffer[0]). + * + * NOTE: TPM is big-endian for multi-byte values. Multi-byte + * values have to be swapped. + * + * Return -1 on error, 0 on success. + */ +static int iic_tpm_read(uint8_t addr, uint8_t *buffer, size_t len) { - ssize_t rc; - uint32_t count, ordinal; + int rc; + int count; + + if (!tpm_dev.bus) + return -1; + if ((tpm_dev.chip_type == SLB9635) || (tpm_dev.chip_type == UNKNOWN)) { + /* slb9635 protocol should work in both cases */ + for (count = 0; count < MAX_COUNT; count++) { + rc = i2c_write(tpm_dev.bus, tpm_dev.addr, + 0, 0, &addr, 1); + if (rc == 0) + break; /* success, break to skip sleep */ + + udelay(SLEEP_DURATION); + } - struct tpm_chip *chip = &g_chip; + if (rc) + return -1; - memcpy(&count, buf + TPM_CMD_COUNT_BYTE, sizeof(count)); - count = be32_to_cpu(count); - memcpy(&ordinal, buf + TPM_CMD_ORDINAL_BYTE, sizeof(ordinal)); - ordinal = be32_to_cpu(ordinal); + /* After the TPM has successfully received the register address + * it needs some time, thus we're sleeping here again, before + * retrieving the data + */ + for (count = 0; count < MAX_COUNT; count++) { + udelay(SLEEP_DURATION); + rc = i2c_read(tpm_dev.bus, tpm_dev.addr, + 0, 0, buffer, len); + if (rc == 0) + break; /* success, break to skip sleep */ - if (count == 0) { - printk(BIOS_DEBUG, "tpm_transmit: no data\n"); - return -1; //ENODATA; + } + } else { + /* use a combined read for newer chips + * unfortunately the smbus functions are not suitable due to + * the 32 byte limit of the smbus. + * retries should usually not be needed, but are kept just to + * be safe on the safe side. + */ + for (count = 0; count < MAX_COUNT; count++) { + rc = i2c_read(tpm_dev.bus, tpm_dev.addr, + addr, 1, buffer, len); + if (rc == 0) + break; /* break here to skip sleep */ + udelay(SLEEP_DURATION); + } } - if (count > bufsiz) { - printk(BIOS_DEBUG, "tpm_transmit: invalid count value %x %zx\n", - count, bufsiz); - return -1; //E2BIG; + + /* take care of 'guard time' */ + udelay(SLEEP_DURATION); + if (rc) + return -1; + + return 0; +} + +static int iic_tpm_write_generic(uint8_t addr, uint8_t *buffer, size_t len, + unsigned int sleep_time, + uint8_t max_count) +{ + int rc = 0; + int count; + + if (len > TPM_BUFSIZE) { + printk(BIOS_DEBUG, "%s: Length %d is too large\n", __func__, len); + return -1; } - ASSERT(chip->vendor.send); - rc = chip->vendor.send(chip, (uint8_t *) buf, count); - if (rc < 0) { - printk(BIOS_DEBUG, "tpm_transmit: tpm_send: error %zd\n", rc); - goto out; + /* prepare send buffer */ + tpm_dev.buf[0] = addr; + memcpy(&(tpm_dev.buf[1]), buffer, len); + + if (!tpm_dev.bus) + return -1; + for (count = 0; count < max_count; count++) { + rc = i2c_write(tpm_dev.bus, tpm_dev.addr, 0, 0, + tpm_dev.buf, len + 1); + if (rc == 0) + break; /* success, break to skip sleep */ + + udelay(sleep_time); } - if (chip->vendor.irq) - goto out_recv; + /* take care of 'guard time' */ + udelay(SLEEP_DURATION); + if (rc) + return -1; - int timeout = 2 * 60 * 1000; /* two minutes timeout */ + return 0; +} + +/* + * iic_tpm_write() - write to TPM register + * @addr: register address to write to + * @buffer: containing data to be written + * @len: number of bytes to write + * + * Write len bytes from provided buffer to TPM register (little + * endian format, i.e. buffer[0] is written as first byte). + * + * NOTE: TPM is big-endian for multi-byte values. Multi-byte + * values have to be swapped. + * + * NOTE: use this function instead of the iic_tpm_write_generic function. + * + * Return -EIO on error, 0 on success + */ +static int iic_tpm_write(uint8_t addr, uint8_t *buffer, size_t len) +{ + return iic_tpm_write_generic(addr, buffer, len, SLEEP_DURATION, + MAX_COUNT); +} + +/* + * This function is needed especially for the cleanup situation after + * sending TPM_READY + * */ +static int iic_tpm_write_long(uint8_t addr, uint8_t *buffer, size_t len) +{ + return iic_tpm_write_generic(addr, buffer, len, SLEEP_DURATION_LONG, + MAX_COUNT_LONG); +} + +#define TPM_HEADER_SIZE 10 + +enum tis_access { + TPM_ACCESS_VALID = 0x80, + TPM_ACCESS_ACTIVE_LOCALITY = 0x20, + TPM_ACCESS_REQUEST_PENDING = 0x04, + TPM_ACCESS_REQUEST_USE = 0x02, +}; + +enum tis_status { + TPM_STS_VALID = 0x80, + TPM_STS_COMMAND_READY = 0x40, + TPM_STS_GO = 0x20, + TPM_STS_DATA_AVAIL = 0x10, + TPM_STS_DATA_EXPECT = 0x08, +}; + +#define TPM_ACCESS(l) (0x0000 | ((l) << 4)) +#define TPM_STS(l) (0x0001 | ((l) << 4)) +#define TPM_DATA_FIFO(l) (0x0005 | ((l) << 4)) +#define TPM_DID_VID(l) (0x0006 | ((l) << 4)) + +static int check_locality(struct tpm_chip *chip, int loc) +{ + uint8_t buf; + + if (iic_tpm_read(TPM_ACCESS(loc), &buf, 1) < 0) + return -1; + + if ((buf & (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID)) == + (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID)) { + chip->vendor.locality = loc; + return loc; + } + + return -1; +} + +static void release_locality(struct tpm_chip *chip, int loc, int force) +{ + uint8_t buf; + if (iic_tpm_read(TPM_ACCESS(loc), &buf, 1) < 0) + return; + + if (force || (buf & (TPM_ACCESS_REQUEST_PENDING | TPM_ACCESS_VALID)) == + (TPM_ACCESS_REQUEST_PENDING | TPM_ACCESS_VALID)) { + buf = TPM_ACCESS_ACTIVE_LOCALITY; + iic_tpm_write(TPM_ACCESS(loc), &buf, 1); + } +} + +static int request_locality(struct tpm_chip *chip, int loc) +{ + uint8_t buf = TPM_ACCESS_REQUEST_USE; + + if (check_locality(chip, loc) >= 0) + return loc; /* we already have the locality */ + + iic_tpm_write(TPM_ACCESS(loc), &buf, 1); + + /* wait for burstcount */ + int timeout = 2 * 1000; /* 2s timeout */ while (timeout) { - ASSERT(chip->vendor.status); - uint8_t status = chip->vendor.status(chip); - if ((status & chip->vendor.req_complete_mask) == - chip->vendor.req_complete_val) { - goto out_recv; - } + if (check_locality(chip, loc) >= 0) + return loc; + mdelay(TPM_TIMEOUT); + timeout--; + } - if ((status == chip->vendor.req_canceled)) { - printk(BIOS_DEBUG, "tpm_transmit: Operation Canceled\n"); - rc = -1; - goto out; - } + return -1; +} + +static uint8_t tpm_tis_i2c_status(struct tpm_chip *chip) +{ + /* NOTE: Since I2C read may fail, return 0 in this case --> time-out */ + uint8_t buf; + if (iic_tpm_read(TPM_STS(chip->vendor.locality), &buf, 1) < 0) + return 0; + else + return buf; +} + +static void tpm_tis_i2c_ready(struct tpm_chip *chip) +{ + /* this causes the current command to be aborted */ + uint8_t buf = TPM_STS_COMMAND_READY; + iic_tpm_write_long(TPM_STS(chip->vendor.locality), &buf, 1); +} + +static ssize_t get_burstcount(struct tpm_chip *chip) +{ + ssize_t burstcnt; + uint8_t buf[3]; + + /* wait for burstcount */ + int timeout = 2 * 1000; /* 2s timeout */ + while (timeout) { + /* Note: STS is little endian */ + if (iic_tpm_read(TPM_STS(chip->vendor.locality) + 1, buf, 3) < 0) + burstcnt = 0; + else + burstcnt = (buf[2] << 16) + (buf[1] << 8) + buf[0]; + + if (burstcnt) + return burstcnt; mdelay(TPM_TIMEOUT); timeout--; } + return -1; +} + +static int wait_for_stat(struct tpm_chip *chip, uint8_t mask, int *status) +{ + unsigned long timeout = 2 * 1024; + while (timeout) { + *status = tpm_tis_i2c_status(chip); + if ((*status & mask) == mask) + return 0; + mdelay(TPM_TIMEOUT); + timeout--; + } + + return -1; +} + +static int recv_data(struct tpm_chip *chip, uint8_t *buf, size_t count) +{ + size_t size = 0; + + while (size < count) { + ssize_t burstcnt = get_burstcount(chip); + int rc; + + /* burstcount < 0 = TPM is busy */ + if (burstcnt < 0) + return burstcnt; + + /* limit received data to max. left */ + if (burstcnt > (count - size)) + burstcnt = count - size; + + rc = iic_tpm_read(TPM_DATA_FIFO(chip->vendor.locality), + &(buf[size]), + burstcnt); + if (rc == 0) + size += burstcnt; + + } + return size; +} - ASSERT(chip->vendor.cancel); - chip->vendor.cancel(chip); - printk(BIOS_DEBUG, "tpm_transmit: Operation Timed out\n"); - rc = -1; //ETIME; - goto out; +static int tpm_tis_i2c_recv(struct tpm_chip *chip, uint8_t *buf, size_t count) +{ + int size = 0; + uint32_t expected; + int status; -out_recv: + if (count < TPM_HEADER_SIZE) { + size = -1; + goto out; + } + + /* read first 10 bytes, including tag, paramsize, and result */ + size = recv_data(chip, buf, TPM_HEADER_SIZE); + if (size < TPM_HEADER_SIZE) { + printk(BIOS_DEBUG, "tpm_tis_i2c_recv: Unable to read header\n"); + goto out; + } + + memcpy(&expected, buf + TPM_RSP_SIZE_BYTE, sizeof(expected)); + expected = be32_to_cpu(expected); + if ((size_t)expected > count) { + size = -1; + goto out; + } + + size += recv_data(chip, &buf[TPM_HEADER_SIZE], + expected - TPM_HEADER_SIZE); + if (size < expected) { + printk(BIOS_DEBUG, "tpm_tis_i2c_recv: Unable to " + "read remainder of result\n"); + size = -1; + goto out; + } + + wait_for_stat(chip, TPM_STS_VALID, &status); + if (status & TPM_STS_DATA_AVAIL) { /* retry? */ + printk(BIOS_DEBUG, "tpm_tis_i2c_recv: Error left over data\n"); + size = -1; + goto out; + } - rc = chip->vendor.recv(chip, (uint8_t *) buf, TPM_BUFSIZE); - if (rc < 0) - printk(BIOS_DEBUG, "tpm_transmit: tpm_recv: error %zd\n", rc); out: - return rc; + tpm_tis_i2c_ready(chip); + + return size; } -#define TPM_ERROR_SIZE 10 +static int tpm_tis_i2c_send(struct tpm_chip *chip, uint8_t *buf, size_t len) +{ + int status; + size_t count = 0; + uint8_t sts = TPM_STS_GO; + + if (len > TPM_BUFSIZE) + return -1; /* command is too long for our TPM, sorry */ + + status = tpm_tis_i2c_status(chip); + if ((status & TPM_STS_COMMAND_READY) == 0) { + tpm_tis_i2c_ready(chip); + if (wait_for_stat(chip, TPM_STS_COMMAND_READY, &status) < 0) + goto out_err; + } + + while (count < len - 1) { + ssize_t burstcnt = get_burstcount(chip); + + /* burstcount < 0 = TPM is busy */ + if (burstcnt < 0) + return burstcnt; + + if (burstcnt > (len-1-count)) + burstcnt = len-1-count; + +#ifdef CONFIG_TPM_I2C_BURST_LIMITATION + if (burstcnt > CONFIG_TPM_I2C_BURST_LIMITATION) + burstcnt = CONFIG_TPM_I2C_BURST_LIMITATION; +#endif /* CONFIG_TPM_I2C_BURST_LIMITATION */ + + if (iic_tpm_write(TPM_DATA_FIFO(chip->vendor.locality), + &(buf[count]), burstcnt) == 0) + count += burstcnt; + + wait_for_stat(chip, TPM_STS_VALID, &status); + if ((status & TPM_STS_DATA_EXPECT) == 0) + goto out_err; + } + + /* write last byte */ + iic_tpm_write(TPM_DATA_FIFO(chip->vendor.locality), &(buf[count]), 1); + + wait_for_stat(chip, TPM_STS_VALID, &status); + if ((status & TPM_STS_DATA_EXPECT) != 0) + goto out_err; + + /* go and do it */ + iic_tpm_write(TPM_STS(chip->vendor.locality), &sts, 1); + + return len; -struct tpm_chip *tpm_register_hardware(const struct tpm_vendor_specific *entry) +out_err: + tpm_tis_i2c_ready(chip); + + return -1; +} + +static struct tpm_vendor_specific tpm_tis_i2c = { + .status = tpm_tis_i2c_status, + .recv = tpm_tis_i2c_recv, + .send = tpm_tis_i2c_send, + .cancel = tpm_tis_i2c_ready, + .req_complete_mask = TPM_STS_DATA_AVAIL | TPM_STS_VALID, + .req_complete_val = TPM_STS_DATA_AVAIL | TPM_STS_VALID, + .req_canceled = TPM_STS_COMMAND_READY, +}; + +/* Initialization of I2C TPM */ + +int tpm_vendor_init(unsigned bus, uint32_t dev_addr) { + uint32_t vendor; + unsigned int old_addr; struct tpm_chip *chip; + extern struct tpm_chip g_chip; + + old_addr = tpm_dev.addr; + if (dev_addr != 0) + tpm_dev.addr = dev_addr; + tpm_dev.bus = bus; - /* Driver specific per-device data */ chip = &g_chip; - memcpy(&chip->vendor, entry, sizeof(struct tpm_vendor_specific)); + memcpy(&chip->vendor, &tpm_tis_i2c, sizeof(struct tpm_vendor_specific)); chip->is_open = 1; - return chip; -} + /* Disable interrupts (not supported) */ + chip->vendor.irq = 0; -int tpm_open(unsigned bus, uint32_t dev_addr) -{ - int rc; - if (g_chip.is_open) - return -1; //EBUSY; - rc = tpm_vendor_init(bus, dev_addr); - if (rc < 0) - g_chip.is_open = 0; - return rc; + if (request_locality(chip, 0) != 0) + goto out_err; + + /* Read four bytes from DID_VID register */ + if (iic_tpm_read(TPM_DID_VID(0), (uint8_t *)&vendor, 4) < 0) + goto out_release; + + if (vendor == TPM_TIS_I2C_DID_VID_9645) { + tpm_dev.chip_type = SLB9645; + } else if (be32_to_cpu(vendor) == TPM_TIS_I2C_DID_VID_9635) { + tpm_dev.chip_type = SLB9635; + } else { + printk(BIOS_DEBUG, "Vendor ID 0x%08x not recognized.\n", vendor); + goto out_release; + } + + printk(BIOS_DEBUG, "1.2 TPM (chip type %s device-id 0x%X)\n", + chip_name[tpm_dev.chip_type], vendor >> 16); + + /* + * A timeout query to TPM can be placed here. + * Standard timeout values are used so far + */ + + return 0; + +out_release: + release_locality(chip, 0, 1); + +out_err: + tpm_dev.addr = old_addr; + return -1; } -void tpm_close(void) +void tpm_vendor_cleanup(struct tpm_chip *chip) { - if (g_chip.is_open) { - tpm_vendor_cleanup(&g_chip); - g_chip.is_open = 0; - } + release_locality(chip, chip->vendor.locality, 1); } |