security/tpm/: turn tis_{init,open} into tis_probe

init() was always followed by open() and after successful initialization
we only need send-receive function which is now returned by tis_probe()
on success, thus further reducing number of functions to export from
drivers.

This also removes check for opening TIS twice that seems to have no
value.

Change-Id: I52ad8d69d50d449f031c36b15bf70ef07986946c
Ticket: https://ticket.coreboot.org/issues/433
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/76954
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>

8 files changed, 74 insertions, 104 deletions

diff --git a/src/drivers/crb/tis.c b/src/drivers/crb/tis.c
index cdb0dbb612..2c9128e5d7 100644
--- a/src/drivers/crb/tis.c
+++ b/src/drivers/crb/tis.c
@@ -14,8 +14,6 @@
 #include "tpm.h"
 #include "chip.h"
 
-static unsigned int tpm_is_open;
-
 static const struct {
 	uint16_t vid;
 	uint16_t did;
@@ -35,52 +33,41 @@ static const char *tis_get_dev_name(struct tpm2_info *info)
 	return "Unknown";
 }
 
-tpm_result_t tis_open(void)
+static tpm_result_t crb_tpm_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, uint8_t *recvbuf,
+				     size_t *rbuf_len)
 {
-	if (tpm_is_open) {
-		printk(BIOS_ERR, "%s called twice.\n", __func__);
+	int len = tpm2_process_command(sendbuf, sbuf_size, recvbuf, *rbuf_len);
+
+	if (len == 0)
 		return TPM_CB_FAIL;
-	}
 
-	if (CONFIG(HAVE_INTEL_PTT)) {
-		if (!ptt_active()) {
-			printk(BIOS_ERR, "%s: Intel PTT is not active.\n", __func__);
-			return TPM_CB_FAIL;
-		}
-		printk(BIOS_DEBUG, "%s: Intel PTT is active.\n", __func__);
-	}
+	*rbuf_len = len;
 
 	return TPM_SUCCESS;
 }
 
-tpm_result_t tis_init(void)
+tis_sendrecv_fn tis_probe(void)
 {
 	struct tpm2_info info;
 
-	// Wake TPM up (if necessary)
-	tpm_result_t rc = tpm2_init();
-	if (rc)
-		return rc;
+	/* Wake TPM up (if necessary) */
+	if (tpm2_init())
+		return NULL;
 
 	tpm2_get_info(&info);
 
 	printk(BIOS_INFO, "Initialized TPM device %s revision %d\n", tis_get_dev_name(&info),
 	       info.revision);
 
-	return TPM_SUCCESS;
-}
-
-tpm_result_t tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size,
-					uint8_t *recvbuf, size_t *rbuf_len)
-{
-	int len = tpm2_process_command(sendbuf, sbuf_size, recvbuf, *rbuf_len);
-
-	if (len == 0)
-		return TPM_CB_FAIL;
-
-	*rbuf_len = len;
+	if (CONFIG(HAVE_INTEL_PTT)) {
+		if (!ptt_active()) {
+			printk(BIOS_ERR, "%s: Intel PTT is not active.\n", __func__);
+			return NULL;
+		}
+		printk(BIOS_DEBUG, "%s: Intel PTT is active.\n", __func__);
+	}
 
-	return TPM_SUCCESS;
+	return &crb_tpm_sendrecv;
 }
 
 static void crb_tpm_fill_ssdt(const struct device *dev)
diff --git a/src/drivers/i2c/tpm/cr50.c b/src/drivers/i2c/tpm/cr50.c
index 3351ca2700..8462198410 100644
--- a/src/drivers/i2c/tpm/cr50.c
+++ b/src/drivers/i2c/tpm/cr50.c
@@ -505,7 +505,6 @@ tpm_result_t tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t d
                 cr50_set_board_cfg();
 	}
 
-	chip->is_open = 1;
 	return TPM_SUCCESS;
 }
 
diff --git a/src/drivers/i2c/tpm/tis.c b/src/drivers/i2c/tpm/tis.c
index a5c3b8fdf3..6cb05f0dd7 100644
--- a/src/drivers/i2c/tpm/tis.c
+++ b/src/drivers/i2c/tpm/tis.c
@@ -19,29 +19,6 @@ static struct tpm_chip chip;
 #define TPM_CMD_COUNT_BYTE 2
 #define TPM_CMD_ORDINAL_BYTE 6
 
-tpm_result_t tis_open(void)
-{
-	tpm_result_t rc;
-
-	if (chip.is_open) {
-		printk(BIOS_DEBUG, "%s() called twice.\n", __func__);
-		return TPM_CB_FAIL;
-	}
-
-	rc = tpm_vendor_init(&chip, CONFIG_DRIVER_TPM_I2C_BUS,
-			     CONFIG_DRIVER_TPM_I2C_ADDR);
-	if (rc != TPM_SUCCESS)
-		chip.is_open = 0;
-
-	return rc;
-}
-
-tpm_result_t tis_init(void)
-{
-	return tpm_vendor_probe(CONFIG_DRIVER_TPM_I2C_BUS,
-				CONFIG_DRIVER_TPM_I2C_ADDR);
-}
-
 static ssize_t tpm_transmit(const uint8_t *sbuf, size_t sbufsiz, void *rbuf,
 			size_t rbufsiz)
 {
@@ -103,8 +80,8 @@ out:
 	return rc;
 }
 
-tpm_result_t tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size,
-		uint8_t *recvbuf, size_t *rbuf_len)
+static tpm_result_t i2c_tpm_sendrecv(const uint8_t *sendbuf, size_t sbuf_size,
+				     uint8_t *recvbuf, size_t *rbuf_len)
 {
 	ASSERT(sbuf_size >= 10);
 
@@ -140,3 +117,14 @@ tpm_result_t tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size,
 
 	return TPM_SUCCESS;
 }
+
+tis_sendrecv_fn tis_probe(void)
+{
+	if (tpm_vendor_probe(CONFIG_DRIVER_TPM_I2C_BUS, CONFIG_DRIVER_TPM_I2C_ADDR))
+		return NULL;
+
+	if (tpm_vendor_init(&chip, CONFIG_DRIVER_TPM_I2C_BUS, CONFIG_DRIVER_TPM_I2C_ADDR))
+		return NULL;
+
+	return &i2c_tpm_sendrecv;
+}
diff --git a/src/drivers/i2c/tpm/tis_atmel.c b/src/drivers/i2c/tpm/tis_atmel.c
index 91ed6a99e3..0a29049d95 100644
--- a/src/drivers/i2c/tpm/tis_atmel.c
+++ b/src/drivers/i2c/tpm/tis_atmel.c
@@ -22,18 +22,8 @@ struct tpm_output_header {
 	uint32_t return_code;
 } __packed;
 
-tpm_result_t tis_open(void)
-{
-	return TPM_SUCCESS;
-}
-
-tpm_result_t tis_init(void)
-{
-	return TPM_SUCCESS;
-}
-
-tpm_result_t tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size,
-		uint8_t *recvbuf, size_t *rbuf_len)
+static tpm_result_t i2c_tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size,
+				     uint8_t *recvbuf, size_t *rbuf_len)
 {
 	size_t hdr_bytes;
 	struct tpm_output_header *header;
@@ -116,3 +106,8 @@ tpm_result_t tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size,
 	/* Successful transfer */
 	return TPM_SUCCESS;
 }
+
+tis_sendrecv_fn tis_probe(void)
+{
+	return &i2c_tis_sendrecv;
+}
diff --git a/src/drivers/i2c/tpm/tpm.c b/src/drivers/i2c/tpm/tpm.c
index 91c310b8f3..541eb3aaa0 100644
--- a/src/drivers/i2c/tpm/tpm.c
+++ b/src/drivers/i2c/tpm/tpm.c
@@ -507,8 +507,6 @@ tpm_result_t tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t d
 	tpm_dev.sleep_short = SLEEP_DURATION;
 	tpm_dev.sleep_long = SLEEP_DURATION_LONG;
 
-	chip->is_open = 1;
-
 	chip->req_complete_mask = TPM_STS_DATA_AVAIL | TPM_STS_VALID;
 	chip->req_complete_val = TPM_STS_DATA_AVAIL | TPM_STS_VALID;
 	chip->req_canceled = TPM_STS_COMMAND_READY;
diff --git a/src/drivers/i2c/tpm/tpm.h b/src/drivers/i2c/tpm/tpm.h
index fb9837789d..628ad4dc69 100644
--- a/src/drivers/i2c/tpm/tpm.h
+++ b/src/drivers/i2c/tpm/tpm.h
@@ -39,7 +39,6 @@ enum tpm_timeout {
 #define	TPM_DID_VID(l)			(0x0006 | ((l) << 4))
 
 struct tpm_chip {
-	int is_open;
 	uint8_t req_complete_mask;
 	uint8_t req_complete_val;
 	uint8_t req_canceled;
diff --git a/src/drivers/pc80/tpm/tis.c b/src/drivers/pc80/tpm/tis.c
index 3f2d6bd7a2..019e4a1fe9 100644
--- a/src/drivers/pc80/tpm/tis.c
+++ b/src/drivers/pc80/tpm/tis.c
@@ -356,14 +356,14 @@ static tpm_result_t tis_command_ready(u8 locality)
 }
 
 /*
- * tis_init()
+ * pc80_tis_probe()
  *
  * Probe the TPM device and try determining its manufacturer/device name.
  *
  * Returns TPM_SUCCESS on success (the device is found or was found during
  * an earlier invocation) or TPM_CB_FAIL if the device is not found.
  */
-tpm_result_t tis_init(void)
+static tpm_result_t pc80_tis_probe(void)
 {
 	const char *device_name = "unknown";
 	const char *vendor_name = device_name;
@@ -607,13 +607,13 @@ static tpm_result_t tis_readresponse(u8 *buffer, size_t *len)
 }
 
 /*
- * tis_open()
+ * pc80_tis_open()
  *
  * Requests access to locality 0 for the caller.
  *
  * Returns TPM_SUCCESS on success, TSS Error on failure.
  */
-tpm_result_t tis_open(void)
+static tpm_result_t pc80_tis_open(void)
 {
 	u8 locality = 0; /* we use locality zero for everything */
 	tpm_result_t rc = TPM_SUCCESS;
@@ -650,8 +650,8 @@ tpm_result_t tis_open(void)
  * Returns TPM_SUCCESS on success (and places the number of response bytes
  * at recv_len) or TPM_CB_FAIL on failure.
  */
-tpm_result_t tis_sendrecv(const uint8_t *sendbuf, size_t send_size,
-		 uint8_t *recvbuf, size_t *recv_len)
+static tpm_result_t pc80_tpm_sendrecv(const uint8_t *sendbuf, size_t send_size,
+				      uint8_t *recvbuf, size_t *recv_len)
 {
 	tpm_result_t rc = tis_senddata(sendbuf, send_size);
 	if (rc) {
@@ -664,6 +664,23 @@ tpm_result_t tis_sendrecv(const uint8_t *sendbuf, size_t send_size,
 }
 
 /*
+ * tis_probe()
+ *
+ * Probe for the TPM device and set it up for use within locality 0. Returns
+ * pointer to send-receive function on success or NULL on failure.
+ */
+tis_sendrecv_fn tis_probe(void)
+{
+	if (pc80_tis_probe())
+		return NULL;
+
+	if (pc80_tis_open())
+		return NULL;
+
+	return &pc80_tpm_sendrecv;
+}
+
+/*
  * tis_setup_interrupt()
  *
  * Set up the interrupt vector and polarity for locality 0 and
diff --git a/src/drivers/spi/tpm/tis.c b/src/drivers/spi/tpm/tis.c
index 6fa6c82848..90d7f59ba9 100644
--- a/src/drivers/spi/tpm/tis.c
+++ b/src/drivers/spi/tpm/tis.c
@@ -5,8 +5,6 @@
 
 #include "tpm.h"
 
-static unsigned int tpm_is_open;
-
 static const struct {
 	uint16_t vid;
 	uint16_t did;
@@ -29,31 +27,33 @@ static const char *tis_get_dev_name(struct tpm2_info *info)
 	return "Unknown";
 }
 
-tpm_result_t tis_open(void)
+static tpm_result_t tpm_sendrecv(const uint8_t *sendbuf, size_t sbuf_size,
+				 uint8_t *recvbuf, size_t *rbuf_len)
 {
-	if (tpm_is_open) {
-		printk(BIOS_ERR, "%s() called twice.\n", __func__);
+	int len = tpm2_process_command(sendbuf, sbuf_size, recvbuf, *rbuf_len);
+
+	if (len == 0)
 		return TPM_CB_FAIL;
-	}
+
+	*rbuf_len = len;
+
 	return TPM_SUCCESS;
 }
 
-tpm_result_t tis_init(void)
+tis_sendrecv_fn tis_probe(void)
 {
 	struct spi_slave spi;
 	struct tpm2_info info;
-	tpm_result_t rc = TPM_SUCCESS;
 
 	if (spi_setup_slave(CONFIG_DRIVER_TPM_SPI_BUS,
 			    CONFIG_DRIVER_TPM_SPI_CHIP, &spi)) {
 		printk(BIOS_ERR, "Failed to setup TPM SPI slave\n");
-		return TPM_CB_FAIL;
+		return NULL;
 	}
 
-	rc = tpm2_init(&spi);
-	if (rc) {
+	if (tpm2_init(&spi)) {
 		printk(BIOS_ERR, "Failed to initialize TPM SPI interface\n");
-		return rc;
+		return NULL;
 	}
 
 	tpm2_get_info(&info);
@@ -61,18 +61,5 @@ tpm_result_t tis_init(void)
 	printk(BIOS_INFO, "Initialized TPM device %s revision %d\n",
 	       tis_get_dev_name(&info), info.revision);
 
-	return TPM_SUCCESS;
-}
-
-tpm_result_t tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size,
-		 uint8_t *recvbuf, size_t *rbuf_len)
-{
-	int len = tpm2_process_command(sendbuf, sbuf_size, recvbuf, *rbuf_len);
-
-	if (len == 0)
-		return TPM_CB_FAIL;
-
-	*rbuf_len = len;
-
-	return TPM_SUCCESS;
+	return &tpm_sendrecv;
 }