diff options
author | Michał Żygowski <michal.zygowski@3mdeb.com> | 2022-05-04 14:12:17 +0200 |
---|---|---|
committer | Michał Żygowski <michal.zygowski@3mdeb.com> | 2022-09-30 08:21:01 +0000 |
commit | 283e5876b552edbb7398c7f4f881b7fecd165dd1 (patch) | |
tree | e2450696242b9984178e51c4b43abb00aa791018 | |
parent | e779523193bc61c475c3207f650bd840a808cb04 (diff) |
drivers/crb: Add SMBIOS hook to generate type 43 TPM Device
Example for Alder Lake PTT:
Handle 0x004C, DMI type 43, 31 bytes
TPM Device
Vendor ID: INTC
Specification Version: 2.0
Firmware Revision: 600.18
Description: Intel iTPM
Characteristics:
TPM Device characteristics not supported
OEM-specific Information: 0x00000000
TEST=Execute dmidecode and see the type 43 is populated with PTT
on MSI PRO Z690-A WIFI DDR4
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Change-Id: I05289f98969bd431017aff1aa77be5806d6f1838
Reviewed-on: https://review.coreboot.org/c/coreboot/+/64049
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Christian Walter <christian.walter@9elements.com>
-rw-r--r-- | src/drivers/crb/tis.c | 88 | ||||
-rw-r--r-- | src/security/tpm/tss/tcg-2.0/tss_structures.h | 5 |
2 files changed, 92 insertions, 1 deletions
diff --git a/src/drivers/crb/tis.c b/src/drivers/crb/tis.c index 1167697651..bb1cf218ad 100644 --- a/src/drivers/crb/tis.c +++ b/src/drivers/crb/tis.c @@ -6,6 +6,10 @@ #include <device/device.h> #include <drivers/intel/ptt/ptt.h> #include <drivers/tpm/tpm_ppi.h> +#include <security/tpm/tss.h> +#include <endian.h> +#include <smbios.h> +#include <string.h> #include "tpm.h" #include "chip.h" @@ -126,6 +130,86 @@ static const char *crb_tpm_acpi_name(const struct device *dev) return "TPM"; } +#if CONFIG(GENERATE_SMBIOS_TABLES) && CONFIG(TPM2) +static int tpm_get_cap(uint32_t property, uint32_t *value) +{ + TPMS_CAPABILITY_DATA cap_data; + int i; + uint32_t status; + + if (!value) + return -1; + + status = tlcl_get_capability(TPM_CAP_TPM_PROPERTIES, property, 1, &cap_data); + + if (status) + return -1; + + for (i = 0 ; i < cap_data.data.tpmProperties.count; i++) { + if (cap_data.data.tpmProperties.tpmProperty[i].property == property) { + *value = cap_data.data.tpmProperties.tpmProperty[i].value; + return 0; + } + } + + return -1; +} + +static int smbios_write_type43_tpm(struct device *dev, int *handle, unsigned long *current) +{ + struct tpm2_info info; + uint32_t tpm_manuf, tpm_family; + uint32_t fw_ver1, fw_ver2; + uint8_t major_spec_ver, minor_spec_ver; + + tpm2_get_info(&info); + + /* If any of these have invalid values, assume TPM not present or disabled */ + if (info.vendor_id == 0 || info.vendor_id == 0xFFFF || + info.device_id == 0 || info.device_id == 0xFFFF) { + printk(BIOS_DEBUG, "%s: Invalid Vendor ID/Device ID\n", __func__); + return 0; + } + + /* Vendor ID is the value returned by TPM2_GetCapabiltiy TPM_PT_MANUFACTURER */ + if (tpm_get_cap(TPM_PT_MANUFACTURER, &tpm_manuf)) { + printk(BIOS_DEBUG, "TPM2_GetCap TPM_PT_MANUFACTURER failed\n"); + return 0; + } + + tpm_manuf = be32toh(tpm_manuf); + + if (tpm_get_cap(TPM_PT_FIRMWARE_VERSION_1, &fw_ver1)) { + printk(BIOS_DEBUG, "TPM2_GetCap TPM_PT_FIRMWARE_VERSION_1 failed\n"); + return 0; + } + + if (tpm_get_cap(TPM_PT_FIRMWARE_VERSION_2, &fw_ver2)) { + printk(BIOS_DEBUG, "TPM2_GetCap TPM_PT_FIRMWARE_VERSION_2 failed\n"); + return 0; + } + + if (tpm_get_cap(TPM_PT_FAMILY_INDICATOR, &tpm_family)) { + printk(BIOS_DEBUG, "TPM2_GetCap TPM_PT_FAMILY_INDICATOR failed\n"); + return 0; + } + + tpm_family = be32toh(tpm_family); + + if (!strncmp((char *)&tpm_family, "2.0", 4)) { + major_spec_ver = 2; + minor_spec_ver = 0; + } else { + printk(BIOS_ERR, "%s: Invalid TPM family\n", __func__); + return 0; + } + + return smbios_write_type43(current, handle, tpm_manuf, major_spec_ver, minor_spec_ver, + fw_ver1, fw_ver2, tis_get_dev_name(&info), + SMBIOS_TPM_DEVICE_CHARACTERISTICS_NOT_SUPPORTED, 0); +} +#endif + static struct device_operations __maybe_unused crb_ops = { .read_resources = noop_read_resources, .set_resources = noop_set_resources, @@ -133,7 +217,9 @@ static struct device_operations __maybe_unused crb_ops = { .acpi_name = crb_tpm_acpi_name, .acpi_fill_ssdt = crb_tpm_fill_ssdt, #endif - +#if CONFIG(GENERATE_SMBIOS_TABLES) && CONFIG(TPM2) + .get_smbios_data = smbios_write_type43_tpm, +#endif }; static void enable_dev(struct device *dev) diff --git a/src/security/tpm/tss/tcg-2.0/tss_structures.h b/src/security/tpm/tss/tcg-2.0/tss_structures.h index c0e354d8f5..cb0283045f 100644 --- a/src/security/tpm/tss/tcg-2.0/tss_structures.h +++ b/src/security/tpm/tss/tcg-2.0/tss_structures.h @@ -177,6 +177,11 @@ typedef TPM_HANDLE TPMI_RH_NV_INDEX; /* TPM Property capability constants. */ typedef uint32_t TPM_PT; #define PT_GROUP 0x00000100 +#define PT_FIXED (PT_GROUP * 1) +#define TPM_PT_FAMILY_INDICATOR ((TPM_PT)(PT_FIXED + 0)) +#define TPM_PT_MANUFACTURER ((TPM_PT)(PT_FIXED + 5)) +#define TPM_PT_FIRMWARE_VERSION_1 ((TPM_PT)(PT_FIXED + 11)) +#define TPM_PT_FIRMWARE_VERSION_2 ((TPM_PT)(PT_FIXED + 12)) #define PT_VAR (PT_GROUP * 2) #define TPM_PT_PERMANENT ((TPM_PT)(PT_VAR + 0)) |