diff options
author | Arthur Heymans <arthur@aheymans.xyz> | 2019-11-20 19:51:06 +0100 |
---|---|---|
committer | Patrick Georgi <pgeorgi@google.com> | 2019-11-29 09:08:33 +0000 |
commit | 0ca944b16fd6c0d25bee666206ada43f95024ce3 (patch) | |
tree | a3e0d51cf395f015809d2bda99ec69fe37c6a817 | |
parent | 344e86bb3baff8f89c1335c190dbee050176e058 (diff) |
security/tpm: Drop CAR_GLOBAL_MIGRATION support
Change-Id: I1c09eda6164efb390de4626f52aafba59962f9c4
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37029
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
-rw-r--r-- | src/drivers/crb/tis.c | 9 | ||||
-rw-r--r-- | src/drivers/crb/tpm.c | 1 | ||||
-rw-r--r-- | src/drivers/i2c/tpm/cr50.c | 32 | ||||
-rw-r--r-- | src/drivers/i2c/tpm/tis.c | 41 | ||||
-rw-r--r-- | src/drivers/i2c/tpm/tis_atmel.c | 1 | ||||
-rw-r--r-- | src/drivers/i2c/tpm/tpm.c | 77 | ||||
-rw-r--r-- | src/drivers/pc80/tpm/tis.c | 7 | ||||
-rw-r--r-- | src/drivers/spi/tpm/tis.c | 9 | ||||
-rw-r--r-- | src/drivers/spi/tpm/tpm.c | 91 | ||||
-rw-r--r-- | src/security/tpm/tspi/log.c | 1 | ||||
-rw-r--r-- | src/security/tpm/tss/tcg-1.2/tss.c | 8 | ||||
-rw-r--r-- | src/security/tpm/tss/tcg-2.0/tss.c | 18 | ||||
-rw-r--r-- | src/security/tpm/tss/tcg-2.0/tss_marshaling.c | 36 | ||||
-rw-r--r-- | src/security/tpm/tss/vendor/cr50/cr50.c | 1 |
14 files changed, 144 insertions, 188 deletions
diff --git a/src/drivers/crb/tis.c b/src/drivers/crb/tis.c index b7a5df4829..f2aba48297 100644 --- a/src/drivers/crb/tis.c +++ b/src/drivers/crb/tis.c @@ -11,7 +11,6 @@ * GNU General Public License for more details. */ -#include <arch/early_variables.h> #include <console/console.h> #include <security/tpm/tis.h> #include <arch/acpigen.h> @@ -21,7 +20,7 @@ #include "tpm.h" #include "chip.h" -static unsigned tpm_is_open CAR_GLOBAL; +static unsigned int tpm_is_open; static const struct { uint16_t vid; @@ -45,7 +44,7 @@ static const char *tis_get_dev_name(struct tpm2_info *info) int tis_open(void) { - if (car_get_var(tpm_is_open)) { + if (tpm_is_open) { printk(BIOS_ERR, "%s called twice.\n", __func__); return -1; } @@ -63,13 +62,13 @@ int tis_open(void) int tis_close(void) { - if (car_get_var(tpm_is_open)) { + if (tpm_is_open) { /* * Do we need to do something here, like waiting for a * transaction to stop? */ - car_set_var(tpm_is_open, 0); + tpm_is_open = 0; } return 0; diff --git a/src/drivers/crb/tpm.c b/src/drivers/crb/tpm.c index 0393417e74..f2b7903e4c 100644 --- a/src/drivers/crb/tpm.c +++ b/src/drivers/crb/tpm.c @@ -15,7 +15,6 @@ */ #include <timer.h> -#include <arch/early_variables.h> #include <console/console.h> #include <arch/mmio.h> #include <delay.h> diff --git a/src/drivers/i2c/tpm/cr50.c b/src/drivers/i2c/tpm/cr50.c index f9a286241e..f386dacb0b 100644 --- a/src/drivers/i2c/tpm/cr50.c +++ b/src/drivers/i2c/tpm/cr50.c @@ -27,7 +27,6 @@ * instead of just reading header and determining the remainder */ -#include <arch/early_variables.h> #include <commonlib/endian.h> #include <string.h> #include <types.h> @@ -55,15 +54,15 @@ struct tpm_inf_dev { uint8_t buf[CR50_MAX_BUFSIZE + sizeof(uint8_t)]; }; -static struct tpm_inf_dev g_tpm_dev CAR_GLOBAL; +static struct tpm_inf_dev g_tpm_dev; __weak int tis_plat_irq_status(void) { - static int warning_displayed CAR_GLOBAL; + static int warning_displayed; - if (!car_get_var(warning_displayed)) { + if (!warning_displayed) { printk(BIOS_WARNING, "WARNING: tis_plat_irq_status() not implemented, wasting 20ms to wait on Cr50!\n"); - car_set_var(warning_displayed, 1); + warning_displayed = 1; } mdelay(CR50_TIMEOUT_NOIRQ_MS); @@ -102,16 +101,14 @@ static int cr50_i2c_wait_tpm_ready(struct tpm_chip *chip) static int cr50_i2c_read(struct tpm_chip *chip, uint8_t addr, uint8_t *buffer, size_t len) { - struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev); - - if (tpm_dev->addr == 0) + if (g_tpm_dev.addr == 0) return -1; /* Clear interrupt before starting transaction */ tis_plat_irq_status(); /* Send the register address byte to the TPM */ - if (i2c_write_raw(tpm_dev->bus, tpm_dev->addr, &addr, 1)) { + if (i2c_write_raw(g_tpm_dev.bus, g_tpm_dev.addr, &addr, 1)) { printk(BIOS_ERR, "%s: Address write failed\n", __func__); return -1; } @@ -121,7 +118,7 @@ static int cr50_i2c_read(struct tpm_chip *chip, uint8_t addr, return -1; /* Read response data from the TPM */ - if (i2c_read_raw(tpm_dev->bus, tpm_dev->addr, buffer, len)) { + if (i2c_read_raw(g_tpm_dev.bus, g_tpm_dev.addr, buffer, len)) { printk(BIOS_ERR, "%s: Read response failed\n", __func__); return -1; } @@ -146,22 +143,20 @@ static int cr50_i2c_read(struct tpm_chip *chip, uint8_t addr, static int cr50_i2c_write(struct tpm_chip *chip, uint8_t addr, uint8_t *buffer, size_t len) { - struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev); - - if (tpm_dev->addr == 0) + if (g_tpm_dev.addr == 0) return -1; if (len > CR50_MAX_BUFSIZE) return -1; /* Prepend the 'register address' to the buffer */ - tpm_dev->buf[0] = addr; - memcpy(tpm_dev->buf + 1, buffer, len); + g_tpm_dev.buf[0] = addr; + memcpy(g_tpm_dev.buf + 1, buffer, len); /* Clear interrupt before starting transaction */ tis_plat_irq_status(); /* Send write request buffer with address */ - if (i2c_write_raw(tpm_dev->bus, tpm_dev->addr, tpm_dev->buf, len + 1)) { + if (i2c_write_raw(g_tpm_dev.bus, g_tpm_dev.addr, g_tpm_dev.buf, len + 1)) { printk(BIOS_ERR, "%s: Error writing to TPM\n", __func__); return -1; } @@ -492,7 +487,6 @@ static int cr50_i2c_probe(struct tpm_chip *chip, uint32_t *did_vid) int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr) { - struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev); uint32_t did_vid = 0; if (dev_addr == 0) { @@ -500,8 +494,8 @@ int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr) return -1; } - tpm_dev->bus = bus; - tpm_dev->addr = dev_addr; + g_tpm_dev.bus = bus; + g_tpm_dev.addr = dev_addr; cr50_vendor_init(chip); diff --git a/src/drivers/i2c/tpm/tis.c b/src/drivers/i2c/tpm/tis.c index e466c45c9f..d791a56af5 100644 --- a/src/drivers/i2c/tpm/tis.c +++ b/src/drivers/i2c/tpm/tis.c @@ -12,7 +12,6 @@ * GNU General Public License for more details. */ -#include <arch/early_variables.h> #include <stdint.h> #include <string.h> #include <assert.h> @@ -27,25 +26,24 @@ #include "tpm.h" /* global structure for tpm chip data */ -static struct tpm_chip g_chip CAR_GLOBAL; +static struct tpm_chip g_chip; #define TPM_CMD_COUNT_BYTE 2 #define TPM_CMD_ORDINAL_BYTE 6 int tis_open(void) { - struct tpm_chip *chip = car_get_var_ptr(&g_chip); int rc; - if (chip->is_open) { + if (g_chip.is_open) { printk(BIOS_DEBUG, "tis_open() called twice.\n"); return -1; } - rc = tpm_vendor_init(chip, CONFIG_DRIVER_TPM_I2C_BUS, + rc = tpm_vendor_init(&g_chip, CONFIG_DRIVER_TPM_I2C_BUS, CONFIG_DRIVER_TPM_I2C_ADDR); if (rc < 0) - chip->is_open = 0; + g_chip.is_open = 0; if (rc) return -1; @@ -55,11 +53,9 @@ int tis_open(void) int tis_close(void) { - struct tpm_chip *chip = car_get_var_ptr(&g_chip); - - if (chip->is_open) { - tpm_vendor_cleanup(chip); - chip->is_open = 0; + if (g_chip.is_open) { + tpm_vendor_cleanup(&g_chip); + g_chip.is_open = 0; } return 0; @@ -76,12 +72,11 @@ static ssize_t tpm_transmit(const uint8_t *sbuf, size_t sbufsiz, void *rbuf, { int rc; uint32_t count; - struct tpm_chip *chip = car_get_var_ptr(&g_chip); memcpy(&count, sbuf + TPM_CMD_COUNT_BYTE, sizeof(count)); count = be32_to_cpu(count); - if (!chip->vendor.send || !chip->vendor.status || !chip->vendor.cancel) + if (!g_chip.vendor.send || !g_chip.vendor.status || !g_chip.vendor.cancel) return -1; if (count == 0) { @@ -94,8 +89,8 @@ static ssize_t tpm_transmit(const uint8_t *sbuf, size_t sbufsiz, void *rbuf, return -1; } - ASSERT(chip->vendor.send); - rc = chip->vendor.send(chip, (uint8_t *) sbuf, count); + ASSERT(g_chip.vendor.send); + rc = g_chip.vendor.send(&g_chip, (uint8_t *) sbuf, count); if (rc < 0) { printk(BIOS_DEBUG, "tpm_transmit: tpm_send error\n"); goto out; @@ -103,14 +98,14 @@ static ssize_t tpm_transmit(const uint8_t *sbuf, size_t sbufsiz, void *rbuf, int timeout = 2 * 60 * 1000; /* two minutes timeout */ while (timeout) { - ASSERT(chip->vendor.status); - uint8_t status = chip->vendor.status(chip); - if ((status & chip->vendor.req_complete_mask) == - chip->vendor.req_complete_val) { + ASSERT(g_chip.vendor.status); + uint8_t status = g_chip.vendor.status(&g_chip); + if ((status & g_chip.vendor.req_complete_mask) == + g_chip.vendor.req_complete_val) { goto out_recv; } - if (status == chip->vendor.req_canceled) { + if (status == g_chip.vendor.req_canceled) { printk(BIOS_DEBUG, "tpm_transmit: Operation Canceled\n"); rc = -1; @@ -120,15 +115,15 @@ static ssize_t tpm_transmit(const uint8_t *sbuf, size_t sbufsiz, void *rbuf, timeout--; } - ASSERT(chip->vendor.cancel); - chip->vendor.cancel(chip); + ASSERT(g_chip.vendor.cancel); + g_chip.vendor.cancel(&g_chip); printk(BIOS_DEBUG, "tpm_transmit: Operation Timed out\n"); rc = -1; //ETIME; goto out; out_recv: - rc = chip->vendor.recv(chip, (uint8_t *) rbuf, rbufsiz); + rc = g_chip.vendor.recv(&g_chip, (uint8_t *) rbuf, rbufsiz); if (rc < 0) printk(BIOS_DEBUG, "tpm_transmit: tpm_recv: error %d\n", rc); out: diff --git a/src/drivers/i2c/tpm/tis_atmel.c b/src/drivers/i2c/tpm/tis_atmel.c index 42df292615..793418a96a 100644 --- a/src/drivers/i2c/tpm/tis_atmel.c +++ b/src/drivers/i2c/tpm/tis_atmel.c @@ -12,7 +12,6 @@ * GNU General Public License for more details. */ -#include <arch/early_variables.h> #include <assert.h> #include <commonlib/endian.h> #include <console/console.h> diff --git a/src/drivers/i2c/tpm/tpm.c b/src/drivers/i2c/tpm/tpm.c index e0950849fc..71641d0edc 100644 --- a/src/drivers/i2c/tpm/tpm.c +++ b/src/drivers/i2c/tpm/tpm.c @@ -28,7 +28,6 @@ */ -#include <arch/early_variables.h> #include <commonlib/endian.h> #include <stdint.h> #include <string.h> @@ -81,7 +80,7 @@ struct tpm_inf_dev { enum i2c_chip_type chip_type; }; -static struct tpm_inf_dev g_tpm_dev CAR_GLOBAL; +static struct tpm_inf_dev g_tpm_dev; /* * iic_tpm_read() - read from TPM register @@ -99,24 +98,23 @@ static struct tpm_inf_dev g_tpm_dev CAR_GLOBAL; */ static int iic_tpm_read(uint8_t addr, uint8_t *buffer, size_t len) { - struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev); int rc; int count; - if (tpm_dev->addr == 0) + if (g_tpm_dev.addr == 0) return -1; - switch (tpm_dev->chip_type) { + switch (g_tpm_dev.chip_type) { case SLB9635: case UNKNOWN: /* slb9635 protocol should work in both cases */ for (count = 0; count < MAX_COUNT; count++) { - rc = i2c_write_raw(tpm_dev->bus, tpm_dev->addr, + rc = i2c_write_raw(g_tpm_dev.bus, g_tpm_dev.addr, &addr, 1); if (rc == 0) break; /* success, break to skip sleep */ - udelay(tpm_dev->sleep_short); + udelay(g_tpm_dev.sleep_short); } if (rc) @@ -127,8 +125,8 @@ static int iic_tpm_read(uint8_t addr, uint8_t *buffer, size_t len) * retrieving the data */ for (count = 0; count < MAX_COUNT; count++) { - udelay(tpm_dev->sleep_short); - rc = i2c_read_raw(tpm_dev->bus, tpm_dev->addr, + udelay(g_tpm_dev.sleep_short); + rc = i2c_read_raw(g_tpm_dev.bus, g_tpm_dev.addr, buffer, len); if (rc == 0) break; /* success, break to skip sleep */ @@ -144,23 +142,23 @@ static int iic_tpm_read(uint8_t addr, uint8_t *buffer, size_t len) * retries should usually not be needed, but are kept just to * be safe on the safe side. */ - struct i2c_msg aseg = { .flags = 0, .slave = tpm_dev->addr, + struct i2c_msg aseg = { .flags = 0, .slave = g_tpm_dev.addr, .buf = &addr, .len = 1 }; struct i2c_msg dseg = { .flags = I2C_M_RD, - .slave = tpm_dev->addr, + .slave = g_tpm_dev.addr, .buf = buffer, .len = len }; for (count = 0; count < MAX_COUNT; count++) { - rc = i2c_transfer(tpm_dev->bus, &aseg, 1) || - i2c_transfer(tpm_dev->bus, &dseg, 1); + rc = i2c_transfer(g_tpm_dev.bus, &aseg, 1) || + i2c_transfer(g_tpm_dev.bus, &dseg, 1); if (rc == 0) break; /* break here to skip sleep */ - udelay(tpm_dev->sleep_short); + udelay(g_tpm_dev.sleep_short); } } } /* take care of 'guard time' */ - udelay(tpm_dev->sleep_short); + udelay(g_tpm_dev.sleep_short); if (rc) return -1; @@ -171,7 +169,6 @@ static int iic_tpm_write_generic(uint8_t addr, uint8_t *buffer, size_t len, unsigned int sleep_time, uint8_t max_count) { - struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev); int rc = 0; int count; @@ -182,14 +179,14 @@ static int iic_tpm_write_generic(uint8_t addr, uint8_t *buffer, size_t len, } /* prepare send buffer */ - tpm_dev->buf[0] = addr; - memcpy(&(tpm_dev->buf[1]), buffer, len); + g_tpm_dev.buf[0] = addr; + memcpy(&(g_tpm_dev.buf[1]), buffer, len); - if (tpm_dev->addr == 0) + if (g_tpm_dev.addr == 0) return -1; for (count = 0; count < max_count; count++) { - rc = i2c_write_raw(tpm_dev->bus, tpm_dev->addr, - tpm_dev->buf, len + 1); + rc = i2c_write_raw(g_tpm_dev.bus, g_tpm_dev.addr, + g_tpm_dev.buf, len + 1); if (rc == 0) break; /* success, break to skip sleep */ @@ -197,7 +194,7 @@ static int iic_tpm_write_generic(uint8_t addr, uint8_t *buffer, size_t len, } /* take care of 'guard time' */ - udelay(tpm_dev->sleep_short); + udelay(g_tpm_dev.sleep_short); if (rc) return -1; @@ -222,8 +219,7 @@ static int iic_tpm_write_generic(uint8_t addr, uint8_t *buffer, size_t len, */ static int iic_tpm_write(uint8_t addr, uint8_t *buffer, size_t len) { - struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev); - return iic_tpm_write_generic(addr, buffer, len, tpm_dev->sleep_short, + return iic_tpm_write_generic(addr, buffer, len, g_tpm_dev.sleep_short, MAX_COUNT); } @@ -233,8 +229,7 @@ static int iic_tpm_write(uint8_t addr, uint8_t *buffer, size_t len) * */ static int iic_tpm_write_long(uint8_t addr, uint8_t *buffer, size_t len) { - struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev); - return iic_tpm_write_generic(addr, buffer, len, tpm_dev->sleep_long, + return iic_tpm_write_generic(addr, buffer, len, g_tpm_dev.sleep_long, MAX_COUNT_LONG); } @@ -479,17 +474,16 @@ out_err: int tpm_vendor_probe(unsigned int bus, uint32_t addr) { - struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev); struct stopwatch sw; uint8_t buf = 0; int ret; long sw_run_duration = SLEEP_DURATION_PROBE_MS; - tpm_dev->chip_type = UNKNOWN; - tpm_dev->bus = bus; - tpm_dev->addr = addr; - tpm_dev->sleep_short = SLEEP_DURATION; - tpm_dev->sleep_long = SLEEP_DURATION_LONG; + g_tpm_dev.chip_type = UNKNOWN; + g_tpm_dev.bus = bus; + g_tpm_dev.addr = addr; + g_tpm_dev.sleep_short = SLEEP_DURATION; + g_tpm_dev.sleep_long = SLEEP_DURATION_LONG; /* * Probe TPM. Check if the TPM_ACCESS register's ValidSts bit is set(1) @@ -521,7 +515,6 @@ int tpm_vendor_probe(unsigned int bus, uint32_t addr) int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr) { - struct tpm_inf_dev *tpm_dev = car_get_var_ptr(&g_tpm_dev); uint32_t vendor; if (dev_addr == 0) { @@ -529,11 +522,11 @@ int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr) return -1; } - tpm_dev->chip_type = UNKNOWN; - tpm_dev->bus = bus; - tpm_dev->addr = dev_addr; - tpm_dev->sleep_short = SLEEP_DURATION; - tpm_dev->sleep_long = SLEEP_DURATION_LONG; + g_tpm_dev.chip_type = UNKNOWN; + g_tpm_dev.bus = bus; + g_tpm_dev.addr = dev_addr; + g_tpm_dev.sleep_short = SLEEP_DURATION; + g_tpm_dev.sleep_long = SLEEP_DURATION_LONG; memset(&chip->vendor, 0, sizeof(struct tpm_vendor_specific)); chip->is_open = 1; @@ -554,9 +547,9 @@ int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr) goto out_err; if (vendor == TPM_TIS_I2C_DID_VID_9645) { - tpm_dev->chip_type = SLB9645; + g_tpm_dev.chip_type = SLB9645; } else if (be32_to_cpu(vendor) == TPM_TIS_I2C_DID_VID_9635) { - tpm_dev->chip_type = SLB9635; + g_tpm_dev.chip_type = SLB9635; } else { printk(BIOS_DEBUG, "Vendor ID 0x%08x not recognized.\n", vendor); @@ -564,8 +557,8 @@ int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr) } printk(BIOS_DEBUG, "I2C TPM %u:%02x (chip type %s device-id 0x%X)\n", - tpm_dev->bus, tpm_dev->addr, - chip_name[tpm_dev->chip_type], vendor >> 16); + g_tpm_dev.bus, g_tpm_dev.addr, + chip_name[g_tpm_dev.chip_type], vendor >> 16); /* * A timeout query to TPM can be placed here. diff --git a/src/drivers/pc80/tpm/tis.c b/src/drivers/pc80/tpm/tis.c index 1baab26b00..39fa70db3f 100644 --- a/src/drivers/pc80/tpm/tis.c +++ b/src/drivers/pc80/tpm/tis.c @@ -31,7 +31,6 @@ #include <device/device.h> #include <console/console.h> #include <security/tpm/tis.h> -#include <arch/early_variables.h> #include <device/pnp.h> #include "chip.h" @@ -162,7 +161,7 @@ static const struct vendor_name vendor_names[] = { * Cached vendor/device ID pair to indicate that the device has been already * discovered */ -static u32 vendor_dev_id CAR_GLOBAL; +static u32 vendor_dev_id; static inline u8 tpm_read_status(int locality) { @@ -402,7 +401,7 @@ static u32 tis_probe(void) u16 vid, did; int i; - if (car_get_var(vendor_dev_id)) + if (vendor_dev_id) return 0; /* Already probed. */ didvid = tpm_read_did_vid(0); @@ -411,7 +410,7 @@ static u32 tis_probe(void) return TPM_DRIVER_ERR; } - car_set_var(vendor_dev_id, didvid); + vendor_dev_id = didvid; vid = didvid & 0xffff; did = (didvid >> 16) & 0xffff; diff --git a/src/drivers/spi/tpm/tis.c b/src/drivers/spi/tpm/tis.c index b50ab0a88c..7d42b7c424 100644 --- a/src/drivers/spi/tpm/tis.c +++ b/src/drivers/spi/tpm/tis.c @@ -4,13 +4,12 @@ * found in the LICENSE file. */ -#include <arch/early_variables.h> #include <console/console.h> #include <security/tpm/tis.h> #include "tpm.h" -static unsigned tpm_is_open CAR_GLOBAL; +static unsigned tpm_is_open; static const struct { uint16_t vid; @@ -34,7 +33,7 @@ static const char *tis_get_dev_name(struct tpm2_info *info) int tis_open(void) { - if (car_get_var(tpm_is_open)) { + if (tpm_is_open) { printk(BIOS_ERR, "tis_open() called twice.\n"); return -1; } @@ -43,13 +42,13 @@ int tis_open(void) int tis_close(void) { - if (car_get_var(tpm_is_open)) { + if (tpm_is_open) { /* * Do we need to do something here, like waiting for a * transaction to stop? */ - car_set_var(tpm_is_open, 0); + tpm_is_open = 0; } return 0; diff --git a/src/drivers/spi/tpm/tpm.c b/src/drivers/spi/tpm/tpm.c index 270b15b471..d3d36c9160 100644 --- a/src/drivers/spi/tpm/tpm.c +++ b/src/drivers/spi/tpm/tpm.c @@ -15,7 +15,6 @@ * Specification Revision 00.43". */ -#include <arch/early_variables.h> #include <assert.h> #include <commonlib/endian.h> #include <console/console.h> @@ -40,10 +39,10 @@ #define CR50_TIMEOUT_INIT_MS 30000 /* Very long timeout for TPM init */ /* SPI slave structure for TPM device. */ -static struct spi_slave g_spi_slave CAR_GLOBAL; +static struct spi_slave g_spi_slave; /* Cached TPM device identification. */ -static struct tpm2_info g_tpm_info CAR_GLOBAL; +static struct tpm2_info g_tpm_info; /* * TODO(vbendeb): make CONFIG_DEBUG_TPM an int to allow different level of @@ -61,16 +60,16 @@ typedef struct { void tpm2_get_info(struct tpm2_info *info) { - *info = car_get_var(g_tpm_info); + *info = g_tpm_info; } __weak int tis_plat_irq_status(void) { - static int warning_displayed CAR_GLOBAL; + static int warning_displayed; - if (!car_get_var(warning_displayed)) { + if (!warning_displayed) { printk(BIOS_WARNING, "WARNING: tis_plat_irq_status() not implemented, wasting 10ms to wait on Cr50!\n"); - car_set_var(warning_displayed, 1); + warning_displayed = 1; } mdelay(10); @@ -109,9 +108,8 @@ static int start_transaction(int read_write, size_t bytes, unsigned int addr) uint8_t byte; int i; struct stopwatch sw; - static int tpm_sync_needed CAR_GLOBAL; - static struct stopwatch wake_up_sw CAR_GLOBAL; - struct spi_slave *spi_slave = car_get_var_ptr(&g_spi_slave); + static int tpm_sync_needed; + static struct stopwatch wake_up_sw; /* * First Cr50 access in each coreboot stage where TPM is used will be * prepended by a wake up pulse on the CS line. @@ -119,7 +117,7 @@ static int start_transaction(int read_write, size_t bytes, unsigned int addr) int wakeup_needed = 1; /* Wait for TPM to finish previous transaction if needed */ - if (car_get_var(tpm_sync_needed)) { + if (tpm_sync_needed) { tpm_sync(); /* * During the first invocation of this function on each stage @@ -127,17 +125,17 @@ static int start_transaction(int read_write, size_t bytes, unsigned int addr) * value is zero), during all following invocations the * stopwatch below is guaranteed to be started. */ - if (!stopwatch_expired(car_get_var_ptr(&wake_up_sw))) + if (!stopwatch_expired(&wake_up_sw)) wakeup_needed = 0; } else { - car_set_var(tpm_sync_needed, 1); + tpm_sync_needed = 1; } if (wakeup_needed) { /* Just in case Cr50 is asleep. */ - spi_claim_bus(spi_slave); + spi_claim_bus(&g_spi_slave); udelay(1); - spi_release_bus(spi_slave); + spi_release_bus(&g_spi_slave); udelay(100); } @@ -146,7 +144,7 @@ static int start_transaction(int read_write, size_t bytes, unsigned int addr) * SPI slave activity, let's be conservative and limit the * window to 900 ms. */ - stopwatch_init_msecs_expire(car_get_var_ptr(&wake_up_sw), 900); + stopwatch_init_msecs_expire(&wake_up_sw, 900); /* * The first byte of the frame header encodes the transaction type @@ -160,7 +158,7 @@ static int start_transaction(int read_write, size_t bytes, unsigned int addr) header.body[i + 1] = (addr >> (8 * (2 - i))) & 0xff; /* CS assert wakes up the slave. */ - spi_claim_bus(spi_slave); + spi_claim_bus(&g_spi_slave); /* * The TCG TPM over SPI specification introduces the notion of SPI @@ -187,7 +185,7 @@ static int start_transaction(int read_write, size_t bytes, unsigned int addr) * to require to stall the master, this would present an issue. * crosbug.com/p/52132 has been opened to track this. */ - spi_xfer(spi_slave, header.body, sizeof(header.body), NULL, 0); + spi_xfer(&g_spi_slave, header.body, sizeof(header.body), NULL, 0); /* * Now poll the bus until TPM removes the stall bit. Give it up to 100 @@ -198,10 +196,10 @@ static int start_transaction(int read_write, size_t bytes, unsigned int addr) do { if (stopwatch_expired(&sw)) { printk(BIOS_ERR, "TPM flow control failure\n"); - spi_release_bus(spi_slave); + spi_release_bus(&g_spi_slave); return 0; } - spi_xfer(spi_slave, NULL, 0, &byte, 1); + spi_xfer(&g_spi_slave, NULL, 0, &byte, 1); } while (!(byte & 1)); return 1; } @@ -214,11 +212,10 @@ static void trace_dump(const char *prefix, uint32_t reg, size_t bytes, const uint8_t *buffer, int force) { - static char prev_prefix CAR_GLOBAL; - static unsigned prev_reg CAR_GLOBAL; - static int current_char CAR_GLOBAL; + static char prev_prefix; + static unsigned int prev_reg; + static int current_char; const int BYTES_PER_LINE = 32; - int *current_char_ptr = car_get_var_ptr(¤t_char); if (!force) { if (!debug_level_) @@ -232,12 +229,11 @@ static void trace_dump(const char *prefix, uint32_t reg, * Do not print register address again if the last dump print was for * that register. */ - if ((car_get_var(prev_prefix) != *prefix) || - (car_get_var(prev_reg) != reg)) { - car_set_var(prev_prefix, *prefix); - car_set_var(prev_reg, reg); + if (prev_prefix != *prefix || (prev_reg != reg)) { + prev_prefix = *prefix; + prev_reg = reg; printk(BIOS_DEBUG, "\n%s %2.2x:", prefix, reg); - *current_char_ptr = 0; + current_char = 0; } if ((reg != TPM_DATA_FIFO_REG) && (bytes == 4)) { @@ -254,12 +250,12 @@ static void trace_dump(const char *prefix, uint32_t reg, * quantiites is printed byte at a time. */ for (i = 0; i < bytes; i++) { - if (*current_char_ptr && - !(*current_char_ptr % BYTES_PER_LINE)) { + if (current_char && + !(current_char % BYTES_PER_LINE)) { printk(BIOS_DEBUG, "\n "); - *current_char_ptr = 0; + current_char = 0; } - (*current_char_ptr)++; + (current_char)++; printk(BIOS_DEBUG, " %2.2x", buffer[i]); } } @@ -271,8 +267,7 @@ static void trace_dump(const char *prefix, uint32_t reg, */ static void write_bytes(const void *buffer, size_t bytes) { - struct spi_slave *spi_slave = car_get_var_ptr(&g_spi_slave); - spi_xfer(spi_slave, buffer, bytes, NULL, 0); + spi_xfer(&g_spi_slave, buffer, bytes, NULL, 0); } /* @@ -281,8 +276,7 @@ static void write_bytes(const void *buffer, size_t bytes) */ static void read_bytes(void *buffer, size_t bytes) { - struct spi_slave *spi_slave = car_get_var_ptr(&g_spi_slave); - spi_xfer(spi_slave, NULL, 0, buffer, bytes); + spi_xfer(&g_spi_slave, NULL, 0, buffer, bytes); } /* @@ -293,12 +287,11 @@ static void read_bytes(void *buffer, size_t bytes) */ static int tpm2_write_reg(unsigned int reg_number, const void *buffer, size_t bytes) { - struct spi_slave *spi_slave = car_get_var_ptr(&g_spi_slave); trace_dump("W", reg_number, bytes, buffer, 0); if (!start_transaction(false, bytes, reg_number)) return 0; write_bytes(buffer, bytes); - spi_release_bus(spi_slave); + spi_release_bus(&g_spi_slave); return 1; } @@ -311,13 +304,12 @@ static int tpm2_write_reg(unsigned int reg_number, const void *buffer, size_t by */ static int tpm2_read_reg(unsigned int reg_number, void *buffer, size_t bytes) { - struct spi_slave *spi_slave = car_get_var_ptr(&g_spi_slave); if (!start_transaction(true, bytes, reg_number)) { memset(buffer, 0, bytes); return 0; } read_bytes(buffer, bytes); - spi_release_bus(spi_slave); + spi_release_bus(&g_spi_slave); trace_dump("R", reg_number, bytes, buffer, 0); return 1; } @@ -424,10 +416,8 @@ int tpm2_init(struct spi_slave *spi_if) uint32_t did_vid, status; uint8_t cmd; int retries; - struct tpm2_info *tpm_info = car_get_var_ptr(&g_tpm_info); - struct spi_slave *spi_slave = car_get_var_ptr(&g_spi_slave); - memcpy(spi_slave, spi_if, sizeof(*spi_if)); + memcpy(&g_spi_slave, spi_if, sizeof(*spi_if)); /* clear any pending IRQs */ tis_plat_irq_status(); @@ -484,15 +474,15 @@ int tpm2_init(struct spi_slave *spi_if) * structure. */ tpm2_read_reg(TPM_RID_REG, &cmd, sizeof(cmd)); - tpm_info->vendor_id = did_vid & 0xffff; - tpm_info->device_id = did_vid >> 16; - tpm_info->revision = cmd; + g_tpm_info.vendor_id = did_vid & 0xffff; + g_tpm_info.device_id = did_vid >> 16; + g_tpm_info.revision = cmd; printk(BIOS_INFO, "Connected to device vid:did:rid of %4.4x:%4.4x:%2.2x\n", - tpm_info->vendor_id, tpm_info->device_id, tpm_info->revision); + g_tpm_info.vendor_id, g_tpm_info.device_id, g_tpm_info.revision); /* Let's report device FW version if available. */ - if (tpm_info->vendor_id == 0x1ae0) { + if (g_tpm_info.vendor_id == 0x1ae0) { int chunk_count = 0; size_t chunk_size; /* @@ -619,10 +609,9 @@ size_t tpm2_process_command(const void *tpm2_command, size_t command_size, uint8_t *rsp_body = tpm2_response; union fifo_transfer_buffer fifo_buffer; const int HEADER_SIZE = 6; - struct tpm2_info *tpm_info = car_get_var_ptr(&g_tpm_info); /* Do not try using an uninitialized TPM. */ - if (!tpm_info->vendor_id) + if (!g_tpm_info.vendor_id) return 0; /* Skip the two byte tag, read the size field. */ diff --git a/src/security/tpm/tspi/log.c b/src/security/tpm/tspi/log.c index 9986d9a7c5..8a9cc88827 100644 --- a/src/security/tpm/tspi/log.c +++ b/src/security/tpm/tspi/log.c @@ -15,7 +15,6 @@ #include <console/console.h> #include <security/tpm/tspi.h> -#include <arch/early_variables.h> #include <region_file.h> #include <string.h> #include <security/vboot/symbols.h> diff --git a/src/security/tpm/tss/tcg-1.2/tss.c b/src/security/tpm/tss/tcg-1.2/tss.c index b11d6a3d16..9bc72d2733 100644 --- a/src/security/tpm/tss/tcg-1.2/tss.c +++ b/src/security/tpm/tss/tcg-1.2/tss.c @@ -14,7 +14,6 @@ * time. */ -#include <arch/early_variables.h> #include <assert.h> #include <string.h> #include <security/tpm/tis.h> @@ -148,12 +147,11 @@ static uint32_t send(const uint8_t *command) /* Exported functions. */ -static uint8_t tlcl_init_done CAR_GLOBAL; +static uint8_t tlcl_init_done; uint32_t tlcl_lib_init(void) { - uint8_t done = car_get_var(tlcl_init_done); - if (done) + if (tlcl_init_done) return VB2_SUCCESS; if (tis_init()) @@ -161,7 +159,7 @@ uint32_t tlcl_lib_init(void) if (tis_open()) return VB2_ERROR_UNKNOWN; - car_set_var(tlcl_init_done, 1); + tlcl_init_done = 1; return VB2_SUCCESS; } diff --git a/src/security/tpm/tss/tcg-2.0/tss.c b/src/security/tpm/tss/tcg-2.0/tss.c index 16e40fe569..6bc30966ff 100644 --- a/src/security/tpm/tss/tcg-2.0/tss.c +++ b/src/security/tpm/tss/tcg-2.0/tss.c @@ -5,7 +5,6 @@ * found in the LICENSE file. */ -#include <arch/early_variables.h> #include <console/console.h> #include <endian.h> #include <string.h> @@ -30,11 +29,9 @@ void *tpm_process_command(TPM_CC command, void *command_body) size_t in_size; const uint8_t *sendb; /* Command/response buffer. */ - static uint8_t cr_buffer[TPM_BUFFER_SIZE] CAR_GLOBAL; + static uint8_t cr_buffer[TPM_BUFFER_SIZE]; - uint8_t *cr_buffer_ptr = car_get_var_ptr(cr_buffer); - - obuf_init(&ob, cr_buffer_ptr, sizeof(cr_buffer)); + obuf_init(&ob, cr_buffer, sizeof(cr_buffer)); if (tpm_marshal_command(command, command_body, &ob) < 0) { printk(BIOS_ERR, "command %#x\n", command); @@ -44,12 +41,12 @@ void *tpm_process_command(TPM_CC command, void *command_body) sendb = obuf_contents(&ob, &out_size); in_size = sizeof(cr_buffer); - if (tis_sendrecv(sendb, out_size, cr_buffer_ptr, &in_size)) { + if (tis_sendrecv(sendb, out_size, cr_buffer, &in_size)) { printk(BIOS_ERR, "tpm transaction failed\n"); return NULL; } - ibuf_init(&ib, cr_buffer_ptr, in_size); + ibuf_init(&ib, cr_buffer, in_size); return tpm_unmarshal_response(command, &ib); } @@ -173,13 +170,12 @@ uint32_t tlcl_force_clear(void) return TPM_SUCCESS; } -static uint8_t tlcl_init_done CAR_GLOBAL; +static uint8_t tlcl_init_done; /* This function is called directly by vboot, uses vboot return types. */ uint32_t tlcl_lib_init(void) { - uint8_t done = car_get_var(tlcl_init_done); - if (done) + if (tlcl_init_done) return VB2_SUCCESS; if (tis_init()) { @@ -192,7 +188,7 @@ uint32_t tlcl_lib_init(void) return VB2_ERROR_UNKNOWN; } - car_set_var(tlcl_init_done, 1); + tlcl_init_done = 1; return VB2_SUCCESS; } diff --git a/src/security/tpm/tss/tcg-2.0/tss_marshaling.c b/src/security/tpm/tss/tcg-2.0/tss_marshaling.c index 1bf211a898..720e7c4b68 100644 --- a/src/security/tpm/tss/tcg-2.0/tss_marshaling.c +++ b/src/security/tpm/tss/tcg-2.0/tss_marshaling.c @@ -5,7 +5,6 @@ * found in the LICENSE file. */ -#include <arch/early_variables.h> #include <commonlib/iobuf.h> #include <console/console.h> #include <stdlib.h> @@ -15,7 +14,7 @@ #include <security/tpm/tss/vendor/cr50/cr50.h> #include <security/tpm/tss.h> -static uint16_t tpm_tag CAR_GLOBAL; /* Depends on the command type. */ +static uint16_t tpm_tag; /* Depends on the command type. */ #define unmarshal_TPM_CAP(a, b) ibuf_read_be32(a, b) #define unmarshal_TPM_CC(a, b) ibuf_read_be32(a, b) @@ -165,7 +164,7 @@ static int marshal_common_session_header(struct obuf *ob, struct tpm2_session_header session_header; int rc = 0; - car_set_var(tpm_tag, TPM_ST_SESSIONS); + tpm_tag = TPM_ST_SESSIONS; for (i = 0; i < handle_count; i++) rc |= marshal_TPM_HANDLE(ob, handles[i]); @@ -270,7 +269,7 @@ static int marshal_hierarchy_control(struct obuf *ob, int rc = 0; struct tpm2_session_header session_header; - car_set_var(tpm_tag, TPM_ST_SESSIONS); + tpm_tag = TPM_ST_SESSIONS; rc |= marshal_TPM_HANDLE(ob, TPM_RH_PLATFORM); memset(&session_header, 0, sizeof(session_header)); @@ -335,7 +334,7 @@ int tpm_marshal_command(TPM_CC command, void *tpm_command_body, struct obuf *ob) const size_t hdr_sz = sizeof(uint16_t) + 2 * sizeof(uint32_t); int rc = 0; - car_set_var(tpm_tag, TPM_ST_NO_SESSIONS); + tpm_tag = TPM_ST_NO_SESSIONS; if (obuf_splice_current(ob, &ob_hdr, hdr_sz) < 0) return -1; @@ -407,7 +406,7 @@ int tpm_marshal_command(TPM_CC command, void *tpm_command_body, struct obuf *ob) return rc; /* Fix up the command header with known values. */ - rc |= obuf_write_be16(&ob_hdr, car_get_var(tpm_tag)); + rc |= obuf_write_be16(&ob_hdr, tpm_tag); rc |= obuf_write_be32(&ob_hdr, obuf_nr_written(ob)); return rc; @@ -552,23 +551,22 @@ static int unmarshal_vendor_command(struct ibuf *ib, struct tpm2_response *tpm_unmarshal_response(TPM_CC command, struct ibuf *ib) { - static struct tpm2_response tpm2_static_resp CAR_GLOBAL; - struct tpm2_response *tpm2_resp = car_get_var_ptr(&tpm2_static_resp); + static struct tpm2_response tpm2_static_resp; int rc = 0; - rc |= ibuf_read_be16(ib, &tpm2_resp->hdr.tpm_tag); - rc |= ibuf_read_be32(ib, &tpm2_resp->hdr.tpm_size); - rc |= unmarshal_TPM_CC(ib, &tpm2_resp->hdr.tpm_code); + rc |= ibuf_read_be16(ib, &tpm2_static_resp.hdr.tpm_tag); + rc |= ibuf_read_be32(ib, &tpm2_static_resp.hdr.tpm_size); + rc |= unmarshal_TPM_CC(ib, &tpm2_static_resp.hdr.tpm_code); if (rc != 0) return NULL; if (ibuf_remaining(ib) == 0) { - if (tpm2_resp->hdr.tpm_size != ibuf_nr_read(ib)) + if (tpm2_static_resp.hdr.tpm_size != ibuf_nr_read(ib)) printk(BIOS_ERR, "%s: size mismatch in response to command %#x\n", __func__, command); - return tpm2_resp; + return &tpm2_static_resp; } switch (command) { @@ -577,11 +575,11 @@ struct tpm2_response *tpm_unmarshal_response(TPM_CC command, struct ibuf *ib) break; case TPM2_GetCapability: - rc |= unmarshal_get_capability(ib, &tpm2_resp->gc); + rc |= unmarshal_get_capability(ib, &tpm2_static_resp.gc); break; case TPM2_NV_Read: - rc |= unmarshal_nv_read(ib, &tpm2_resp->nvr); + rc |= unmarshal_nv_read(ib, &tpm2_static_resp.nvr); break; case TPM2_Hierarchy_Control: @@ -595,7 +593,7 @@ struct tpm2_response *tpm_unmarshal_response(TPM_CC command, struct ibuf *ib) break; case TPM2_CR50_VENDOR_COMMAND: - rc |= unmarshal_vendor_command(ib, &tpm2_resp->vcr); + rc |= unmarshal_vendor_command(ib, &tpm2_static_resp.vcr); break; default: @@ -608,7 +606,7 @@ struct tpm2_response *tpm_unmarshal_response(TPM_CC command, struct ibuf *ib) "Request to unmarshal unexpected command %#x," " code %#x", __func__, __LINE__, command, - tpm2_resp->hdr.tpm_code); + tpm2_static_resp.hdr.tpm_code); sz_left = ibuf_remaining(ib); data = ibuf_oob_drain(ib, sz_left); @@ -627,7 +625,7 @@ struct tpm2_response *tpm_unmarshal_response(TPM_CC command, struct ibuf *ib) printk(BIOS_INFO, "%s:%d got %d bytes back in response to %#x," " failed to parse (%zd)\n", - __func__, __LINE__, tpm2_resp->hdr.tpm_size, + __func__, __LINE__, tpm2_static_resp.hdr.tpm_size, command, ibuf_remaining(ib)); return NULL; } @@ -636,5 +634,5 @@ struct tpm2_response *tpm_unmarshal_response(TPM_CC command, struct ibuf *ib) __func__); /* The entire message have been parsed. */ - return tpm2_resp; + return &tpm2_static_resp; } diff --git a/src/security/tpm/tss/vendor/cr50/cr50.c b/src/security/tpm/tss/vendor/cr50/cr50.c index 4f128dcac1..ec69df4ac9 100644 --- a/src/security/tpm/tss/vendor/cr50/cr50.c +++ b/src/security/tpm/tss/vendor/cr50/cr50.c @@ -4,7 +4,6 @@ * found in the LICENSE file. */ -#include <arch/early_variables.h> #include <console/console.h> #include <endian.h> #include <vb2_api.h> |