summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorArthur Heymans <arthur@aheymans.xyz>2019-11-20 19:51:06 +0100
committerPatrick Georgi <pgeorgi@google.com>2019-11-29 09:08:33 +0000
commit0ca944b16fd6c0d25bee666206ada43f95024ce3 (patch)
treea3e0d51cf395f015809d2bda99ec69fe37c6a817
parent344e86bb3baff8f89c1335c190dbee050176e058 (diff)
security/tpm: Drop CAR_GLOBAL_MIGRATION support
Change-Id: I1c09eda6164efb390de4626f52aafba59962f9c4 Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37029 Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
-rw-r--r--src/drivers/crb/tis.c9
-rw-r--r--src/drivers/crb/tpm.c1
-rw-r--r--src/drivers/i2c/tpm/cr50.c32
-rw-r--r--src/drivers/i2c/tpm/tis.c41
-rw-r--r--src/drivers/i2c/tpm/tis_atmel.c1
-rw-r--r--src/drivers/i2c/tpm/tpm.c77
-rw-r--r--src/drivers/pc80/tpm/tis.c7
-rw-r--r--src/drivers/spi/tpm/tis.c9
-rw-r--r--src/drivers/spi/tpm/tpm.c91
-rw-r--r--src/security/tpm/tspi/log.c1
-rw-r--r--src/security/tpm/tss/tcg-1.2/tss.c8
-rw-r--r--src/security/tpm/tss/tcg-2.0/tss.c18
-rw-r--r--src/security/tpm/tss/tcg-2.0/tss_marshaling.c36
-rw-r--r--src/security/tpm/tss/vendor/cr50/cr50.c1
14 files changed, 144 insertions, 188 deletions
diff --git a/src/drivers/crb/tis.c b/src/drivers/crb/tis.c
index b7a5df4829..f2aba48297 100644
--- a/src/drivers/crb/tis.c
+++ b/src/drivers/crb/tis.c
@@ -11,7 +11,6 @@
* GNU General Public License for more details.
*/
-#include <arch/early_variables.h>
#include <console/console.h>
#include <security/tpm/tis.h>
#include <arch/acpigen.h>
@@ -21,7 +20,7 @@
#include "tpm.h"
#include "chip.h"
-static unsigned tpm_is_open CAR_GLOBAL;
+static unsigned int tpm_is_open;
static const struct {
uint16_t vid;
@@ -45,7 +44,7 @@ static const char *tis_get_dev_name(struct tpm2_info *info)
int tis_open(void)
{
- if (car_get_var(tpm_is_open)) {
+ if (tpm_is_open) {
printk(BIOS_ERR, "%s called twice.\n", __func__);
return -1;
}
@@ -63,13 +62,13 @@ int tis_open(void)
int tis_close(void)
{
- if (car_get_var(tpm_is_open)) {
+ if (tpm_is_open) {
/*
* Do we need to do something here, like waiting for a
* transaction to stop?
*/
- car_set_var(tpm_is_open, 0);
+ tpm_is_open = 0;
}
return 0;
diff --git a/src/drivers/crb/tpm.c b/src/drivers/crb/tpm.c
index 0393417e74..f2b7903e4c 100644
--- a/src/drivers/crb/tpm.c
+++ b/src/drivers/crb/tpm.c
@@ -15,7 +15,6 @@
*/
#include <timer.h>
-#include <arch/early_variables.h>
#include <console/console.h>
#include <arch/mmio.h>
#include <delay.h>
diff --git a/src/drivers/i2c/tpm/cr50.c b/src/drivers/i2c/tpm/cr50.c
index f9a286241e..f386dacb0b 100644
--- a/src/drivers/i2c/tpm/cr50.c
+++ b/src/drivers/i2c/tpm/cr50.c
@@ -27,7 +27,6 @@
* instead of just reading header and determining the remainder
*/
-#include <arch/early_variables.h>
#include <commonlib/endian.h>
#include <string.h>
#include <types.h>
@@ -55,15 +54,15 @@ struct tpm_inf_dev {
uint8_t buf[CR50_MAX_BUFSIZE + sizeof(uint8_t)];
};
-static struct tpm_inf_dev g_tpm_dev CAR_GLOBAL;
+static struct tpm_inf_dev g_tpm_dev;
__weak int tis_plat_irq_status(void)
{
- static int warning_displayed CAR_GLOBAL;
+ static int warning_displayed;
- if (!car_get_var(warning_displayed)) {
+ if (!warning_displayed) {
printk(BIOS_WARNING, "WARNING: tis_plat_irq_status() not implemented, wasting 20ms to wait on Cr50!\n");
- car_set_var(warning_displayed, 1);
+ warning_displayed = 1;
}
mdelay(CR50_TIMEOUT_NOIRQ_MS);
@@ -102,16 +101,14 @@ static int cr50_i2c_wait_tpm_ready(struct tpm_chip *chip)
static int cr50_i2c_read(struct tpm_chip *chip, uint8_t addr,
uint8_t *buffer, size_t len)
{
- struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev);
-
- if (tpm_dev->addr == 0)
+ if (g_tpm_dev.addr == 0)
return -1;
/* Clear interrupt before starting transaction */
tis_plat_irq_status();
/* Send the register address byte to the TPM */
- if (i2c_write_raw(tpm_dev->bus, tpm_dev->addr, &addr, 1)) {
+ if (i2c_write_raw(g_tpm_dev.bus, g_tpm_dev.addr, &addr, 1)) {
printk(BIOS_ERR, "%s: Address write failed\n", __func__);
return -1;
}
@@ -121,7 +118,7 @@ static int cr50_i2c_read(struct tpm_chip *chip, uint8_t addr,
return -1;
/* Read response data from the TPM */
- if (i2c_read_raw(tpm_dev->bus, tpm_dev->addr, buffer, len)) {
+ if (i2c_read_raw(g_tpm_dev.bus, g_tpm_dev.addr, buffer, len)) {
printk(BIOS_ERR, "%s: Read response failed\n", __func__);
return -1;
}
@@ -146,22 +143,20 @@ static int cr50_i2c_read(struct tpm_chip *chip, uint8_t addr,
static int cr50_i2c_write(struct tpm_chip *chip,
uint8_t addr, uint8_t *buffer, size_t len)
{
- struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev);
-
- if (tpm_dev->addr == 0)
+ if (g_tpm_dev.addr == 0)
return -1;
if (len > CR50_MAX_BUFSIZE)
return -1;
/* Prepend the 'register address' to the buffer */
- tpm_dev->buf[0] = addr;
- memcpy(tpm_dev->buf + 1, buffer, len);
+ g_tpm_dev.buf[0] = addr;
+ memcpy(g_tpm_dev.buf + 1, buffer, len);
/* Clear interrupt before starting transaction */
tis_plat_irq_status();
/* Send write request buffer with address */
- if (i2c_write_raw(tpm_dev->bus, tpm_dev->addr, tpm_dev->buf, len + 1)) {
+ if (i2c_write_raw(g_tpm_dev.bus, g_tpm_dev.addr, g_tpm_dev.buf, len + 1)) {
printk(BIOS_ERR, "%s: Error writing to TPM\n", __func__);
return -1;
}
@@ -492,7 +487,6 @@ static int cr50_i2c_probe(struct tpm_chip *chip, uint32_t *did_vid)
int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr)
{
- struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev);
uint32_t did_vid = 0;
if (dev_addr == 0) {
@@ -500,8 +494,8 @@ int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr)
return -1;
}
- tpm_dev->bus = bus;
- tpm_dev->addr = dev_addr;
+ g_tpm_dev.bus = bus;
+ g_tpm_dev.addr = dev_addr;
cr50_vendor_init(chip);
diff --git a/src/drivers/i2c/tpm/tis.c b/src/drivers/i2c/tpm/tis.c
index e466c45c9f..d791a56af5 100644
--- a/src/drivers/i2c/tpm/tis.c
+++ b/src/drivers/i2c/tpm/tis.c
@@ -12,7 +12,6 @@
* GNU General Public License for more details.
*/
-#include <arch/early_variables.h>
#include <stdint.h>
#include <string.h>
#include <assert.h>
@@ -27,25 +26,24 @@
#include "tpm.h"
/* global structure for tpm chip data */
-static struct tpm_chip g_chip CAR_GLOBAL;
+static struct tpm_chip g_chip;
#define TPM_CMD_COUNT_BYTE 2
#define TPM_CMD_ORDINAL_BYTE 6
int tis_open(void)
{
- struct tpm_chip *chip = car_get_var_ptr(&g_chip);
int rc;
- if (chip->is_open) {
+ if (g_chip.is_open) {
printk(BIOS_DEBUG, "tis_open() called twice.\n");
return -1;
}
- rc = tpm_vendor_init(chip, CONFIG_DRIVER_TPM_I2C_BUS,
+ rc = tpm_vendor_init(&g_chip, CONFIG_DRIVER_TPM_I2C_BUS,
CONFIG_DRIVER_TPM_I2C_ADDR);
if (rc < 0)
- chip->is_open = 0;
+ g_chip.is_open = 0;
if (rc)
return -1;
@@ -55,11 +53,9 @@ int tis_open(void)
int tis_close(void)
{
- struct tpm_chip *chip = car_get_var_ptr(&g_chip);
-
- if (chip->is_open) {
- tpm_vendor_cleanup(chip);
- chip->is_open = 0;
+ if (g_chip.is_open) {
+ tpm_vendor_cleanup(&g_chip);
+ g_chip.is_open = 0;
}
return 0;
@@ -76,12 +72,11 @@ static ssize_t tpm_transmit(const uint8_t *sbuf, size_t sbufsiz, void *rbuf,
{
int rc;
uint32_t count;
- struct tpm_chip *chip = car_get_var_ptr(&g_chip);
memcpy(&count, sbuf + TPM_CMD_COUNT_BYTE, sizeof(count));
count = be32_to_cpu(count);
- if (!chip->vendor.send || !chip->vendor.status || !chip->vendor.cancel)
+ if (!g_chip.vendor.send || !g_chip.vendor.status || !g_chip.vendor.cancel)
return -1;
if (count == 0) {
@@ -94,8 +89,8 @@ static ssize_t tpm_transmit(const uint8_t *sbuf, size_t sbufsiz, void *rbuf,
return -1;
}
- ASSERT(chip->vendor.send);
- rc = chip->vendor.send(chip, (uint8_t *) sbuf, count);
+ ASSERT(g_chip.vendor.send);
+ rc = g_chip.vendor.send(&g_chip, (uint8_t *) sbuf, count);
if (rc < 0) {
printk(BIOS_DEBUG, "tpm_transmit: tpm_send error\n");
goto out;
@@ -103,14 +98,14 @@ static ssize_t tpm_transmit(const uint8_t *sbuf, size_t sbufsiz, void *rbuf,
int timeout = 2 * 60 * 1000; /* two minutes timeout */
while (timeout) {
- ASSERT(chip->vendor.status);
- uint8_t status = chip->vendor.status(chip);
- if ((status & chip->vendor.req_complete_mask) ==
- chip->vendor.req_complete_val) {
+ ASSERT(g_chip.vendor.status);
+ uint8_t status = g_chip.vendor.status(&g_chip);
+ if ((status & g_chip.vendor.req_complete_mask) ==
+ g_chip.vendor.req_complete_val) {
goto out_recv;
}
- if (status == chip->vendor.req_canceled) {
+ if (status == g_chip.vendor.req_canceled) {
printk(BIOS_DEBUG,
"tpm_transmit: Operation Canceled\n");
rc = -1;
@@ -120,15 +115,15 @@ static ssize_t tpm_transmit(const uint8_t *sbuf, size_t sbufsiz, void *rbuf,
timeout--;
}
- ASSERT(chip->vendor.cancel);
- chip->vendor.cancel(chip);
+ ASSERT(g_chip.vendor.cancel);
+ g_chip.vendor.cancel(&g_chip);
printk(BIOS_DEBUG, "tpm_transmit: Operation Timed out\n");
rc = -1; //ETIME;
goto out;
out_recv:
- rc = chip->vendor.recv(chip, (uint8_t *) rbuf, rbufsiz);
+ rc = g_chip.vendor.recv(&g_chip, (uint8_t *) rbuf, rbufsiz);
if (rc < 0)
printk(BIOS_DEBUG, "tpm_transmit: tpm_recv: error %d\n", rc);
out:
diff --git a/src/drivers/i2c/tpm/tis_atmel.c b/src/drivers/i2c/tpm/tis_atmel.c
index 42df292615..793418a96a 100644
--- a/src/drivers/i2c/tpm/tis_atmel.c
+++ b/src/drivers/i2c/tpm/tis_atmel.c
@@ -12,7 +12,6 @@
* GNU General Public License for more details.
*/
-#include <arch/early_variables.h>
#include <assert.h>
#include <commonlib/endian.h>
#include <console/console.h>
diff --git a/src/drivers/i2c/tpm/tpm.c b/src/drivers/i2c/tpm/tpm.c
index e0950849fc..71641d0edc 100644
--- a/src/drivers/i2c/tpm/tpm.c
+++ b/src/drivers/i2c/tpm/tpm.c
@@ -28,7 +28,6 @@
*/
-#include <arch/early_variables.h>
#include <commonlib/endian.h>
#include <stdint.h>
#include <string.h>
@@ -81,7 +80,7 @@ struct tpm_inf_dev {
enum i2c_chip_type chip_type;
};
-static struct tpm_inf_dev g_tpm_dev CAR_GLOBAL;
+static struct tpm_inf_dev g_tpm_dev;
/*
* iic_tpm_read() - read from TPM register
@@ -99,24 +98,23 @@ static struct tpm_inf_dev g_tpm_dev CAR_GLOBAL;
*/
static int iic_tpm_read(uint8_t addr, uint8_t *buffer, size_t len)
{
- struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev);
int rc;
int count;
- if (tpm_dev->addr == 0)
+ if (g_tpm_dev.addr == 0)
return -1;
- switch (tpm_dev->chip_type) {
+ switch (g_tpm_dev.chip_type) {
case SLB9635:
case UNKNOWN:
/* slb9635 protocol should work in both cases */
for (count = 0; count < MAX_COUNT; count++) {
- rc = i2c_write_raw(tpm_dev->bus, tpm_dev->addr,
+ rc = i2c_write_raw(g_tpm_dev.bus, g_tpm_dev.addr,
&addr, 1);
if (rc == 0)
break; /* success, break to skip sleep */
- udelay(tpm_dev->sleep_short);
+ udelay(g_tpm_dev.sleep_short);
}
if (rc)
@@ -127,8 +125,8 @@ static int iic_tpm_read(uint8_t addr, uint8_t *buffer, size_t len)
* retrieving the data
*/
for (count = 0; count < MAX_COUNT; count++) {
- udelay(tpm_dev->sleep_short);
- rc = i2c_read_raw(tpm_dev->bus, tpm_dev->addr,
+ udelay(g_tpm_dev.sleep_short);
+ rc = i2c_read_raw(g_tpm_dev.bus, g_tpm_dev.addr,
buffer, len);
if (rc == 0)
break; /* success, break to skip sleep */
@@ -144,23 +142,23 @@ static int iic_tpm_read(uint8_t addr, uint8_t *buffer, size_t len)
* retries should usually not be needed, but are kept just to
* be safe on the safe side.
*/
- struct i2c_msg aseg = { .flags = 0, .slave = tpm_dev->addr,
+ struct i2c_msg aseg = { .flags = 0, .slave = g_tpm_dev.addr,
.buf = &addr, .len = 1 };
struct i2c_msg dseg = { .flags = I2C_M_RD,
- .slave = tpm_dev->addr,
+ .slave = g_tpm_dev.addr,
.buf = buffer, .len = len };
for (count = 0; count < MAX_COUNT; count++) {
- rc = i2c_transfer(tpm_dev->bus, &aseg, 1) ||
- i2c_transfer(tpm_dev->bus, &dseg, 1);
+ rc = i2c_transfer(g_tpm_dev.bus, &aseg, 1) ||
+ i2c_transfer(g_tpm_dev.bus, &dseg, 1);
if (rc == 0)
break; /* break here to skip sleep */
- udelay(tpm_dev->sleep_short);
+ udelay(g_tpm_dev.sleep_short);
}
}
}
/* take care of 'guard time' */
- udelay(tpm_dev->sleep_short);
+ udelay(g_tpm_dev.sleep_short);
if (rc)
return -1;
@@ -171,7 +169,6 @@ static int iic_tpm_write_generic(uint8_t addr, uint8_t *buffer, size_t len,
unsigned int sleep_time,
uint8_t max_count)
{
- struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev);
int rc = 0;
int count;
@@ -182,14 +179,14 @@ static int iic_tpm_write_generic(uint8_t addr, uint8_t *buffer, size_t len,
}
/* prepare send buffer */
- tpm_dev->buf[0] = addr;
- memcpy(&(tpm_dev->buf[1]), buffer, len);
+ g_tpm_dev.buf[0] = addr;
+ memcpy(&(g_tpm_dev.buf[1]), buffer, len);
- if (tpm_dev->addr == 0)
+ if (g_tpm_dev.addr == 0)
return -1;
for (count = 0; count < max_count; count++) {
- rc = i2c_write_raw(tpm_dev->bus, tpm_dev->addr,
- tpm_dev->buf, len + 1);
+ rc = i2c_write_raw(g_tpm_dev.bus, g_tpm_dev.addr,
+ g_tpm_dev.buf, len + 1);
if (rc == 0)
break; /* success, break to skip sleep */
@@ -197,7 +194,7 @@ static int iic_tpm_write_generic(uint8_t addr, uint8_t *buffer, size_t len,
}
/* take care of 'guard time' */
- udelay(tpm_dev->sleep_short);
+ udelay(g_tpm_dev.sleep_short);
if (rc)
return -1;
@@ -222,8 +219,7 @@ static int iic_tpm_write_generic(uint8_t addr, uint8_t *buffer, size_t len,
*/
static int iic_tpm_write(uint8_t addr, uint8_t *buffer, size_t len)
{
- struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev);
- return iic_tpm_write_generic(addr, buffer, len, tpm_dev->sleep_short,
+ return iic_tpm_write_generic(addr, buffer, len, g_tpm_dev.sleep_short,
MAX_COUNT);
}
@@ -233,8 +229,7 @@ static int iic_tpm_write(uint8_t addr, uint8_t *buffer, size_t len)
* */
static int iic_tpm_write_long(uint8_t addr, uint8_t *buffer, size_t len)
{
- struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev);
- return iic_tpm_write_generic(addr, buffer, len, tpm_dev->sleep_long,
+ return iic_tpm_write_generic(addr, buffer, len, g_tpm_dev.sleep_long,
MAX_COUNT_LONG);
}
@@ -479,17 +474,16 @@ out_err:
int tpm_vendor_probe(unsigned int bus, uint32_t addr)
{
- struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev);
struct stopwatch sw;
uint8_t buf = 0;
int ret;
long sw_run_duration = SLEEP_DURATION_PROBE_MS;
- tpm_dev->chip_type = UNKNOWN;
- tpm_dev->bus = bus;
- tpm_dev->addr = addr;
- tpm_dev->sleep_short = SLEEP_DURATION;
- tpm_dev->sleep_long = SLEEP_DURATION_LONG;
+ g_tpm_dev.chip_type = UNKNOWN;
+ g_tpm_dev.bus = bus;
+ g_tpm_dev.addr = addr;
+ g_tpm_dev.sleep_short = SLEEP_DURATION;
+ g_tpm_dev.sleep_long = SLEEP_DURATION_LONG;
/*
* Probe TPM. Check if the TPM_ACCESS register's ValidSts bit is set(1)
@@ -521,7 +515,6 @@ int tpm_vendor_probe(unsigned int bus, uint32_t addr)
int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr)
{
- struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev);
uint32_t vendor;
if (dev_addr == 0) {
@@ -529,11 +522,11 @@ int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr)
return -1;
}
- tpm_dev->chip_type = UNKNOWN;
- tpm_dev->bus = bus;
- tpm_dev->addr = dev_addr;
- tpm_dev->sleep_short = SLEEP_DURATION;
- tpm_dev->sleep_long = SLEEP_DURATION_LONG;
+ g_tpm_dev.chip_type = UNKNOWN;
+ g_tpm_dev.bus = bus;
+ g_tpm_dev.addr = dev_addr;
+ g_tpm_dev.sleep_short = SLEEP_DURATION;
+ g_tpm_dev.sleep_long = SLEEP_DURATION_LONG;
memset(&chip->vendor, 0, sizeof(struct tpm_vendor_specific));
chip->is_open = 1;
@@ -554,9 +547,9 @@ int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr)
goto out_err;
if (vendor == TPM_TIS_I2C_DID_VID_9645) {
- tpm_dev->chip_type = SLB9645;
+ g_tpm_dev.chip_type = SLB9645;
} else if (be32_to_cpu(vendor) == TPM_TIS_I2C_DID_VID_9635) {
- tpm_dev->chip_type = SLB9635;
+ g_tpm_dev.chip_type = SLB9635;
} else {
printk(BIOS_DEBUG, "Vendor ID 0x%08x not recognized.\n",
vendor);
@@ -564,8 +557,8 @@ int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr)
}
printk(BIOS_DEBUG, "I2C TPM %u:%02x (chip type %s device-id 0x%X)\n",
- tpm_dev->bus, tpm_dev->addr,
- chip_name[tpm_dev->chip_type], vendor >> 16);
+ g_tpm_dev.bus, g_tpm_dev.addr,
+ chip_name[g_tpm_dev.chip_type], vendor >> 16);
/*
* A timeout query to TPM can be placed here.
diff --git a/src/drivers/pc80/tpm/tis.c b/src/drivers/pc80/tpm/tis.c
index 1baab26b00..39fa70db3f 100644
--- a/src/drivers/pc80/tpm/tis.c
+++ b/src/drivers/pc80/tpm/tis.c
@@ -31,7 +31,6 @@
#include <device/device.h>
#include <console/console.h>
#include <security/tpm/tis.h>
-#include <arch/early_variables.h>
#include <device/pnp.h>
#include "chip.h"
@@ -162,7 +161,7 @@ static const struct vendor_name vendor_names[] = {
* Cached vendor/device ID pair to indicate that the device has been already
* discovered
*/
-static u32 vendor_dev_id CAR_GLOBAL;
+static u32 vendor_dev_id;
static inline u8 tpm_read_status(int locality)
{
@@ -402,7 +401,7 @@ static u32 tis_probe(void)
u16 vid, did;
int i;
- if (car_get_var(vendor_dev_id))
+ if (vendor_dev_id)
return 0; /* Already probed. */
didvid = tpm_read_did_vid(0);
@@ -411,7 +410,7 @@ static u32 tis_probe(void)
return TPM_DRIVER_ERR;
}
- car_set_var(vendor_dev_id, didvid);
+ vendor_dev_id = didvid;
vid = didvid & 0xffff;
did = (didvid >> 16) & 0xffff;
diff --git a/src/drivers/spi/tpm/tis.c b/src/drivers/spi/tpm/tis.c
index b50ab0a88c..7d42b7c424 100644
--- a/src/drivers/spi/tpm/tis.c
+++ b/src/drivers/spi/tpm/tis.c
@@ -4,13 +4,12 @@
* found in the LICENSE file.
*/
-#include <arch/early_variables.h>
#include <console/console.h>
#include <security/tpm/tis.h>
#include "tpm.h"
-static unsigned tpm_is_open CAR_GLOBAL;
+static unsigned tpm_is_open;
static const struct {
uint16_t vid;
@@ -34,7 +33,7 @@ static const char *tis_get_dev_name(struct tpm2_info *info)
int tis_open(void)
{
- if (car_get_var(tpm_is_open)) {
+ if (tpm_is_open) {
printk(BIOS_ERR, "tis_open() called twice.\n");
return -1;
}
@@ -43,13 +42,13 @@ int tis_open(void)
int tis_close(void)
{
- if (car_get_var(tpm_is_open)) {
+ if (tpm_is_open) {
/*
* Do we need to do something here, like waiting for a
* transaction to stop?
*/
- car_set_var(tpm_is_open, 0);
+ tpm_is_open = 0;
}
return 0;
diff --git a/src/drivers/spi/tpm/tpm.c b/src/drivers/spi/tpm/tpm.c
index 270b15b471..d3d36c9160 100644
--- a/src/drivers/spi/tpm/tpm.c
+++ b/src/drivers/spi/tpm/tpm.c
@@ -15,7 +15,6 @@
* Specification Revision 00.43".
*/
-#include <arch/early_variables.h>
#include <assert.h>
#include <commonlib/endian.h>
#include <console/console.h>
@@ -40,10 +39,10 @@
#define CR50_TIMEOUT_INIT_MS 30000 /* Very long timeout for TPM init */
/* SPI slave structure for TPM device. */
-static struct spi_slave g_spi_slave CAR_GLOBAL;
+static struct spi_slave g_spi_slave;
/* Cached TPM device identification. */
-static struct tpm2_info g_tpm_info CAR_GLOBAL;
+static struct tpm2_info g_tpm_info;
/*
* TODO(vbendeb): make CONFIG_DEBUG_TPM an int to allow different level of
@@ -61,16 +60,16 @@ typedef struct {
void tpm2_get_info(struct tpm2_info *info)
{
- *info = car_get_var(g_tpm_info);
+ *info = g_tpm_info;
}
__weak int tis_plat_irq_status(void)
{
- static int warning_displayed CAR_GLOBAL;
+ static int warning_displayed;
- if (!car_get_var(warning_displayed)) {
+ if (!warning_displayed) {
printk(BIOS_WARNING, "WARNING: tis_plat_irq_status() not implemented, wasting 10ms to wait on Cr50!\n");
- car_set_var(warning_displayed, 1);
+ warning_displayed = 1;
}
mdelay(10);
@@ -109,9 +108,8 @@ static int start_transaction(int read_write, size_t bytes, unsigned int addr)
uint8_t byte;
int i;
struct stopwatch sw;
- static int tpm_sync_needed CAR_GLOBAL;
- static struct stopwatch wake_up_sw CAR_GLOBAL;
- struct spi_slave *spi_slave = car_get_var_ptr(&g_spi_slave);
+ static int tpm_sync_needed;
+ static struct stopwatch wake_up_sw;
/*
* First Cr50 access in each coreboot stage where TPM is used will be
* prepended by a wake up pulse on the CS line.
@@ -119,7 +117,7 @@ static int start_transaction(int read_write, size_t bytes, unsigned int addr)
int wakeup_needed = 1;
/* Wait for TPM to finish previous transaction if needed */
- if (car_get_var(tpm_sync_needed)) {
+ if (tpm_sync_needed) {
tpm_sync();
/*
* During the first invocation of this function on each stage
@@ -127,17 +125,17 @@ static int start_transaction(int read_write, size_t bytes, unsigned int addr)
* value is zero), during all following invocations the
* stopwatch below is guaranteed to be started.
*/
- if (!stopwatch_expired(car_get_var_ptr(&wake_up_sw)))
+ if (!stopwatch_expired(&wake_up_sw))
wakeup_needed = 0;
} else {
- car_set_var(tpm_sync_needed, 1);
+ tpm_sync_needed = 1;
}
if (wakeup_needed) {
/* Just in case Cr50 is asleep. */
- spi_claim_bus(spi_slave);
+ spi_claim_bus(&g_spi_slave);
udelay(1);
- spi_release_bus(spi_slave);
+ spi_release_bus(&g_spi_slave);
udelay(100);
}
@@ -146,7 +144,7 @@ static int start_transaction(int read_write, size_t bytes, unsigned int addr)
* SPI slave activity, let's be conservative and limit the
* window to 900 ms.
*/
- stopwatch_init_msecs_expire(car_get_var_ptr(&wake_up_sw), 900);
+ stopwatch_init_msecs_expire(&wake_up_sw, 900);
/*
* The first byte of the frame header encodes the transaction type
@@ -160,7 +158,7 @@ static int start_transaction(int read_write, size_t bytes, unsigned int addr)
header.body[i + 1] = (addr >> (8 * (2 - i))) & 0xff;
/* CS assert wakes up the slave. */
- spi_claim_bus(spi_slave);
+ spi_claim_bus(&g_spi_slave);
/*
* The TCG TPM over SPI specification introduces the notion of SPI
@@ -187,7 +185,7 @@ static int start_transaction(int read_write, size_t bytes, unsigned int addr)
* to require to stall the master, this would present an issue.
* crosbug.com/p/52132 has been opened to track this.
*/
- spi_xfer(spi_slave, header.body, sizeof(header.body), NULL, 0);
+ spi_xfer(&g_spi_slave, header.body, sizeof(header.body), NULL, 0);
/*
* Now poll the bus until TPM removes the stall bit. Give it up to 100
@@ -198,10 +196,10 @@ static int start_transaction(int read_write, size_t bytes, unsigned int addr)
do {
if (stopwatch_expired(&sw)) {
printk(BIOS_ERR, "TPM flow control failure\n");
- spi_release_bus(spi_slave);
+ spi_release_bus(&g_spi_slave);
return 0;
}
- spi_xfer(spi_slave, NULL, 0, &byte, 1);
+ spi_xfer(&g_spi_slave, NULL, 0, &byte, 1);
} while (!(byte & 1));
return 1;
}
@@ -214,11 +212,10 @@ static void trace_dump(const char *prefix, uint32_t reg,
size_t bytes, const uint8_t *buffer,
int force)
{
- static char prev_prefix CAR_GLOBAL;
- static unsigned prev_reg CAR_GLOBAL;
- static int current_char CAR_GLOBAL;
+ static char prev_prefix;
+ static unsigned int prev_reg;
+ static int current_char;
const int BYTES_PER_LINE = 32;
- int *current_char_ptr = car_get_var_ptr(&current_char);
if (!force) {
if (!debug_level_)
@@ -232,12 +229,11 @@ static void trace_dump(const char *prefix, uint32_t reg,
* Do not print register address again if the last dump print was for
* that register.
*/
- if ((car_get_var(prev_prefix) != *prefix) ||
- (car_get_var(prev_reg) != reg)) {
- car_set_var(prev_prefix, *prefix);
- car_set_var(prev_reg, reg);
+ if (prev_prefix != *prefix || (prev_reg != reg)) {
+ prev_prefix = *prefix;
+ prev_reg = reg;
printk(BIOS_DEBUG, "\n%s %2.2x:", prefix, reg);
- *current_char_ptr = 0;
+ current_char = 0;
}
if ((reg != TPM_DATA_FIFO_REG) && (bytes == 4)) {
@@ -254,12 +250,12 @@ static void trace_dump(const char *prefix, uint32_t reg,
* quantiites is printed byte at a time.
*/
for (i = 0; i < bytes; i++) {
- if (*current_char_ptr &&
- !(*current_char_ptr % BYTES_PER_LINE)) {
+ if (current_char &&
+ !(current_char % BYTES_PER_LINE)) {
printk(BIOS_DEBUG, "\n ");
- *current_char_ptr = 0;
+ current_char = 0;
}
- (*current_char_ptr)++;
+ (current_char)++;
printk(BIOS_DEBUG, " %2.2x", buffer[i]);
}
}
@@ -271,8 +267,7 @@ static void trace_dump(const char *prefix, uint32_t reg,
*/
static void write_bytes(const void *buffer, size_t bytes)
{
- struct spi_slave *spi_slave = car_get_var_ptr(&g_spi_slave);
- spi_xfer(spi_slave, buffer, bytes, NULL, 0);
+ spi_xfer(&g_spi_slave, buffer, bytes, NULL, 0);
}
/*
@@ -281,8 +276,7 @@ static void write_bytes(const void *buffer, size_t bytes)
*/
static void read_bytes(void *buffer, size_t bytes)
{
- struct spi_slave *spi_slave = car_get_var_ptr(&g_spi_slave);
- spi_xfer(spi_slave, NULL, 0, buffer, bytes);
+ spi_xfer(&g_spi_slave, NULL, 0, buffer, bytes);
}
/*
@@ -293,12 +287,11 @@ static void read_bytes(void *buffer, size_t bytes)
*/
static int tpm2_write_reg(unsigned int reg_number, const void *buffer, size_t bytes)
{
- struct spi_slave *spi_slave = car_get_var_ptr(&g_spi_slave);
trace_dump("W", reg_number, bytes, buffer, 0);
if (!start_transaction(false, bytes, reg_number))
return 0;
write_bytes(buffer, bytes);
- spi_release_bus(spi_slave);
+ spi_release_bus(&g_spi_slave);
return 1;
}
@@ -311,13 +304,12 @@ static int tpm2_write_reg(unsigned int reg_number, const void *buffer, size_t by
*/
static int tpm2_read_reg(unsigned int reg_number, void *buffer, size_t bytes)
{
- struct spi_slave *spi_slave = car_get_var_ptr(&g_spi_slave);
if (!start_transaction(true, bytes, reg_number)) {
memset(buffer, 0, bytes);
return 0;
}
read_bytes(buffer, bytes);
- spi_release_bus(spi_slave);
+ spi_release_bus(&g_spi_slave);
trace_dump("R", reg_number, bytes, buffer, 0);
return 1;
}
@@ -424,10 +416,8 @@ int tpm2_init(struct spi_slave *spi_if)
uint32_t did_vid, status;
uint8_t cmd;
int retries;
- struct tpm2_info *tpm_info = car_get_var_ptr(&g_tpm_info);
- struct spi_slave *spi_slave = car_get_var_ptr(&g_spi_slave);
- memcpy(spi_slave, spi_if, sizeof(*spi_if));
+ memcpy(&g_spi_slave, spi_if, sizeof(*spi_if));
/* clear any pending IRQs */
tis_plat_irq_status();
@@ -484,15 +474,15 @@ int tpm2_init(struct spi_slave *spi_if)
* structure.
*/
tpm2_read_reg(TPM_RID_REG, &cmd, sizeof(cmd));
- tpm_info->vendor_id = did_vid & 0xffff;
- tpm_info->device_id = did_vid >> 16;
- tpm_info->revision = cmd;
+ g_tpm_info.vendor_id = did_vid & 0xffff;
+ g_tpm_info.device_id = did_vid >> 16;
+ g_tpm_info.revision = cmd;
printk(BIOS_INFO, "Connected to device vid:did:rid of %4.4x:%4.4x:%2.2x\n",
- tpm_info->vendor_id, tpm_info->device_id, tpm_info->revision);
+ g_tpm_info.vendor_id, g_tpm_info.device_id, g_tpm_info.revision);
/* Let's report device FW version if available. */
- if (tpm_info->vendor_id == 0x1ae0) {
+ if (g_tpm_info.vendor_id == 0x1ae0) {
int chunk_count = 0;
size_t chunk_size;
/*
@@ -619,10 +609,9 @@ size_t tpm2_process_command(const void *tpm2_command, size_t command_size,
uint8_t *rsp_body = tpm2_response;
union fifo_transfer_buffer fifo_buffer;
const int HEADER_SIZE = 6;
- struct tpm2_info *tpm_info = car_get_var_ptr(&g_tpm_info);
/* Do not try using an uninitialized TPM. */
- if (!tpm_info->vendor_id)
+ if (!g_tpm_info.vendor_id)
return 0;
/* Skip the two byte tag, read the size field. */
diff --git a/src/security/tpm/tspi/log.c b/src/security/tpm/tspi/log.c
index 9986d9a7c5..8a9cc88827 100644
--- a/src/security/tpm/tspi/log.c
+++ b/src/security/tpm/tspi/log.c
@@ -15,7 +15,6 @@
#include <console/console.h>
#include <security/tpm/tspi.h>
-#include <arch/early_variables.h>
#include <region_file.h>
#include <string.h>
#include <security/vboot/symbols.h>
diff --git a/src/security/tpm/tss/tcg-1.2/tss.c b/src/security/tpm/tss/tcg-1.2/tss.c
index b11d6a3d16..9bc72d2733 100644
--- a/src/security/tpm/tss/tcg-1.2/tss.c
+++ b/src/security/tpm/tss/tcg-1.2/tss.c
@@ -14,7 +14,6 @@
* time.
*/
-#include <arch/early_variables.h>
#include <assert.h>
#include <string.h>
#include <security/tpm/tis.h>
@@ -148,12 +147,11 @@ static uint32_t send(const uint8_t *command)
/* Exported functions. */
-static uint8_t tlcl_init_done CAR_GLOBAL;
+static uint8_t tlcl_init_done;
uint32_t tlcl_lib_init(void)
{
- uint8_t done = car_get_var(tlcl_init_done);
- if (done)
+ if (tlcl_init_done)
return VB2_SUCCESS;
if (tis_init())
@@ -161,7 +159,7 @@ uint32_t tlcl_lib_init(void)
if (tis_open())
return VB2_ERROR_UNKNOWN;
- car_set_var(tlcl_init_done, 1);
+ tlcl_init_done = 1;
return VB2_SUCCESS;
}
diff --git a/src/security/tpm/tss/tcg-2.0/tss.c b/src/security/tpm/tss/tcg-2.0/tss.c
index 16e40fe569..6bc30966ff 100644
--- a/src/security/tpm/tss/tcg-2.0/tss.c
+++ b/src/security/tpm/tss/tcg-2.0/tss.c
@@ -5,7 +5,6 @@
* found in the LICENSE file.
*/
-#include <arch/early_variables.h>
#include <console/console.h>
#include <endian.h>
#include <string.h>
@@ -30,11 +29,9 @@ void *tpm_process_command(TPM_CC command, void *command_body)
size_t in_size;
const uint8_t *sendb;
/* Command/response buffer. */
- static uint8_t cr_buffer[TPM_BUFFER_SIZE] CAR_GLOBAL;
+ static uint8_t cr_buffer[TPM_BUFFER_SIZE];
- uint8_t *cr_buffer_ptr = car_get_var_ptr(cr_buffer);
-
- obuf_init(&ob, cr_buffer_ptr, sizeof(cr_buffer));
+ obuf_init(&ob, cr_buffer, sizeof(cr_buffer));
if (tpm_marshal_command(command, command_body, &ob) < 0) {
printk(BIOS_ERR, "command %#x\n", command);
@@ -44,12 +41,12 @@ void *tpm_process_command(TPM_CC command, void *command_body)
sendb = obuf_contents(&ob, &out_size);
in_size = sizeof(cr_buffer);
- if (tis_sendrecv(sendb, out_size, cr_buffer_ptr, &in_size)) {
+ if (tis_sendrecv(sendb, out_size, cr_buffer, &in_size)) {
printk(BIOS_ERR, "tpm transaction failed\n");
return NULL;
}
- ibuf_init(&ib, cr_buffer_ptr, in_size);
+ ibuf_init(&ib, cr_buffer, in_size);
return tpm_unmarshal_response(command, &ib);
}
@@ -173,13 +170,12 @@ uint32_t tlcl_force_clear(void)
return TPM_SUCCESS;
}
-static uint8_t tlcl_init_done CAR_GLOBAL;
+static uint8_t tlcl_init_done;
/* This function is called directly by vboot, uses vboot return types. */
uint32_t tlcl_lib_init(void)
{
- uint8_t done = car_get_var(tlcl_init_done);
- if (done)
+ if (tlcl_init_done)
return VB2_SUCCESS;
if (tis_init()) {
@@ -192,7 +188,7 @@ uint32_t tlcl_lib_init(void)
return VB2_ERROR_UNKNOWN;
}
- car_set_var(tlcl_init_done, 1);
+ tlcl_init_done = 1;
return VB2_SUCCESS;
}
diff --git a/src/security/tpm/tss/tcg-2.0/tss_marshaling.c b/src/security/tpm/tss/tcg-2.0/tss_marshaling.c
index 1bf211a898..720e7c4b68 100644
--- a/src/security/tpm/tss/tcg-2.0/tss_marshaling.c
+++ b/src/security/tpm/tss/tcg-2.0/tss_marshaling.c
@@ -5,7 +5,6 @@
* found in the LICENSE file.
*/
-#include <arch/early_variables.h>
#include <commonlib/iobuf.h>
#include <console/console.h>
#include <stdlib.h>
@@ -15,7 +14,7 @@
#include <security/tpm/tss/vendor/cr50/cr50.h>
#include <security/tpm/tss.h>
-static uint16_t tpm_tag CAR_GLOBAL; /* Depends on the command type. */
+static uint16_t tpm_tag; /* Depends on the command type. */
#define unmarshal_TPM_CAP(a, b) ibuf_read_be32(a, b)
#define unmarshal_TPM_CC(a, b) ibuf_read_be32(a, b)
@@ -165,7 +164,7 @@ static int marshal_common_session_header(struct obuf *ob,
struct tpm2_session_header session_header;
int rc = 0;
- car_set_var(tpm_tag, TPM_ST_SESSIONS);
+ tpm_tag = TPM_ST_SESSIONS;
for (i = 0; i < handle_count; i++)
rc |= marshal_TPM_HANDLE(ob, handles[i]);
@@ -270,7 +269,7 @@ static int marshal_hierarchy_control(struct obuf *ob,
int rc = 0;
struct tpm2_session_header session_header;
- car_set_var(tpm_tag, TPM_ST_SESSIONS);
+ tpm_tag = TPM_ST_SESSIONS;
rc |= marshal_TPM_HANDLE(ob, TPM_RH_PLATFORM);
memset(&session_header, 0, sizeof(session_header));
@@ -335,7 +334,7 @@ int tpm_marshal_command(TPM_CC command, void *tpm_command_body, struct obuf *ob)
const size_t hdr_sz = sizeof(uint16_t) + 2 * sizeof(uint32_t);
int rc = 0;
- car_set_var(tpm_tag, TPM_ST_NO_SESSIONS);
+ tpm_tag = TPM_ST_NO_SESSIONS;
if (obuf_splice_current(ob, &ob_hdr, hdr_sz) < 0)
return -1;
@@ -407,7 +406,7 @@ int tpm_marshal_command(TPM_CC command, void *tpm_command_body, struct obuf *ob)
return rc;
/* Fix up the command header with known values. */
- rc |= obuf_write_be16(&ob_hdr, car_get_var(tpm_tag));
+ rc |= obuf_write_be16(&ob_hdr, tpm_tag);
rc |= obuf_write_be32(&ob_hdr, obuf_nr_written(ob));
return rc;
@@ -552,23 +551,22 @@ static int unmarshal_vendor_command(struct ibuf *ib,
struct tpm2_response *tpm_unmarshal_response(TPM_CC command, struct ibuf *ib)
{
- static struct tpm2_response tpm2_static_resp CAR_GLOBAL;
- struct tpm2_response *tpm2_resp = car_get_var_ptr(&tpm2_static_resp);
+ static struct tpm2_response tpm2_static_resp;
int rc = 0;
- rc |= ibuf_read_be16(ib, &tpm2_resp->hdr.tpm_tag);
- rc |= ibuf_read_be32(ib, &tpm2_resp->hdr.tpm_size);
- rc |= unmarshal_TPM_CC(ib, &tpm2_resp->hdr.tpm_code);
+ rc |= ibuf_read_be16(ib, &tpm2_static_resp.hdr.tpm_tag);
+ rc |= ibuf_read_be32(ib, &tpm2_static_resp.hdr.tpm_size);
+ rc |= unmarshal_TPM_CC(ib, &tpm2_static_resp.hdr.tpm_code);
if (rc != 0)
return NULL;
if (ibuf_remaining(ib) == 0) {
- if (tpm2_resp->hdr.tpm_size != ibuf_nr_read(ib))
+ if (tpm2_static_resp.hdr.tpm_size != ibuf_nr_read(ib))
printk(BIOS_ERR,
"%s: size mismatch in response to command %#x\n",
__func__, command);
- return tpm2_resp;
+ return &tpm2_static_resp;
}
switch (command) {
@@ -577,11 +575,11 @@ struct tpm2_response *tpm_unmarshal_response(TPM_CC command, struct ibuf *ib)
break;
case TPM2_GetCapability:
- rc |= unmarshal_get_capability(ib, &tpm2_resp->gc);
+ rc |= unmarshal_get_capability(ib, &tpm2_static_resp.gc);
break;
case TPM2_NV_Read:
- rc |= unmarshal_nv_read(ib, &tpm2_resp->nvr);
+ rc |= unmarshal_nv_read(ib, &tpm2_static_resp.nvr);
break;
case TPM2_Hierarchy_Control:
@@ -595,7 +593,7 @@ struct tpm2_response *tpm_unmarshal_response(TPM_CC command, struct ibuf *ib)
break;
case TPM2_CR50_VENDOR_COMMAND:
- rc |= unmarshal_vendor_command(ib, &tpm2_resp->vcr);
+ rc |= unmarshal_vendor_command(ib, &tpm2_static_resp.vcr);
break;
default:
@@ -608,7 +606,7 @@ struct tpm2_response *tpm_unmarshal_response(TPM_CC command, struct ibuf *ib)
"Request to unmarshal unexpected command %#x,"
" code %#x",
__func__, __LINE__, command,
- tpm2_resp->hdr.tpm_code);
+ tpm2_static_resp.hdr.tpm_code);
sz_left = ibuf_remaining(ib);
data = ibuf_oob_drain(ib, sz_left);
@@ -627,7 +625,7 @@ struct tpm2_response *tpm_unmarshal_response(TPM_CC command, struct ibuf *ib)
printk(BIOS_INFO,
"%s:%d got %d bytes back in response to %#x,"
" failed to parse (%zd)\n",
- __func__, __LINE__, tpm2_resp->hdr.tpm_size,
+ __func__, __LINE__, tpm2_static_resp.hdr.tpm_size,
command, ibuf_remaining(ib));
return NULL;
}
@@ -636,5 +634,5 @@ struct tpm2_response *tpm_unmarshal_response(TPM_CC command, struct ibuf *ib)
__func__);
/* The entire message have been parsed. */
- return tpm2_resp;
+ return &tpm2_static_resp;
}
diff --git a/src/security/tpm/tss/vendor/cr50/cr50.c b/src/security/tpm/tss/vendor/cr50/cr50.c
index 4f128dcac1..ec69df4ac9 100644
--- a/src/security/tpm/tss/vendor/cr50/cr50.c
+++ b/src/security/tpm/tss/vendor/cr50/cr50.c
@@ -4,7 +4,6 @@
* found in the LICENSE file.
*/
-#include <arch/early_variables.h>
#include <console/console.h>
#include <endian.h>
#include <vb2_api.h>