security/tpm: support compiling in multiple TPM drivers

Starting from here CONFIG_TPM1 and CONFIG_TPM2 are no longer mutually exclusive. Change-Id: I44c5a1d825afe414c2f5c2c90f4cfe41ba9bef5f Ticket: https://ticket.coreboot.org/issues/433 Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/69162 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
author: Sergii Dmytruk <sergii.dmytruk@3mdeb.com> 2022-11-01 00:48:43 +0200
committer: Felix Held <felix-coreboot@felixheld.de> 2024-04-16 13:52:14 +0000
commit: 3e5cefcc45d7ef7da9fd9b6ecc499a05f8134039 (patch)
tree: 676b2369f6559b7d0028aaafc0c9b84af798ade6 /src/security/tpm
parent: 7c75f8e5b2c3877487b424a1523c1e2a0caa4111 (diff)
3 files changed, 23 insertions, 20 deletions
diff --git a/src/security/tpm/Kconfig b/src/security/tpm/Kconfig
index 5eb58378ed..ea13fa43c1 100644
--- a/src/security/tpm/Kconfig
+++ b/src/security/tpm/Kconfig
@@ -4,14 +4,9 @@ source "src/security/tpm/tss/vendor/cr50/Kconfig"
 
 menu "Trusted Platform Module"
 
-choice
-	prompt "Trusted Platform Module"
-	default TPM2 if MAINBOARD_HAS_TPM2
-	default TPM1 if MAINBOARD_HAS_TPM1
-	default NO_TPM
-
 config NO_TPM
-	bool "No TPM"
+	bool
+	default y if !TPM1 && !TPM2
 	help
 	  No TPM support. Select this option if your system doesn't have a TPM,
 	  or if you don't want coreboot to communicate with your TPM in any way.
@@ -21,19 +16,17 @@ config NO_TPM
 config TPM1
 	bool "TPM 1.2"
 	depends on I2C_TPM || MEMORY_MAPPED_TPM || SPI_TPM || CRB_TPM
-	depends on !MAINBOARD_HAS_TPM2
+	default y if MAINBOARD_HAS_TPM1
 	help
 	  Select this option if your TPM uses the older TPM 1.2 protocol.
 
 config TPM2
 	bool "TPM 2.0"
 	depends on I2C_TPM || MEMORY_MAPPED_TPM || SPI_TPM || CRB_TPM
-	depends on !MAINBOARD_HAS_TPM1
+	default y if MAINBOARD_HAS_TPM2
 	help
 	  Select this option if your TPM uses the newer TPM 2.0 protocol.
 
-endchoice
-
 config TPM
 	bool
 	default y
@@ -52,7 +45,7 @@ config MAINBOARD_HAS_TPM2
 	  always uses the 2.0 protocol, and that it should be on by default.
 
 config TPM_DEACTIVATE
-	bool "Deactivate TPM"
+	bool "Deactivate TPM (for TPM1)"
 	default n
 	depends on !VBOOT
 	depends on TPM1
@@ -106,13 +99,13 @@ config TPM_LOG_CB
 	  Custom coreboot-specific format of the log derived from TPM1 log format.
 config TPM_LOG_TPM1
 	bool "TPM 1.2 format"
-	depends on TPM1
+	depends on TPM1 && !TPM2
 	help
 	  Log per TPM 1.2 specification.
 	  See "TCG PC Client Specific Implementation Specification for Conventional BIOS".
 config TPM_LOG_TPM2
 	bool "TPM 2.0 format"
-	depends on TPM2
+	depends on TPM1 || TPM2
 	help
 	  Log per TPM 2.0 specification.
 	  See "TCG PC Client Platform Firmware Profile Specification".
diff --git a/src/security/tpm/tis.h b/src/security/tpm/tis.h
index 4a8dc14c31..67ba911e03 100644
--- a/src/security/tpm/tis.h
+++ b/src/security/tpm/tis.h
@@ -54,8 +54,6 @@ typedef tpm_result_t (*tis_sendrecv_fn)(const u8 *sendbuf, size_t send_size, u8
 					size_t *recv_len);
 
 /*
- * tis_probe()
- *
  * Probe for the TPM device and set it up for use within locality 0.
  *
  * @family - pointer which is set to TPM family of the device
@@ -65,7 +63,7 @@ typedef tpm_result_t (*tis_sendrecv_fn)(const u8 *sendbuf, size_t send_size, u8
  * Do not call this explicitly, it's meant to be used exclusively by TSS
  * implementation (tlcl_lib_init() function to be specific).
  */
-tis_sendrecv_fn tis_probe(enum tpm_family *family);
+typedef tis_sendrecv_fn (*tis_probe_fn)(enum tpm_family *family);
 
 /*
  * tis_vendor_write()
diff --git a/src/security/tpm/tss/tss.c b/src/security/tpm/tss/tss.c
index bd0e98582b..8e52de73e9 100644
--- a/src/security/tpm/tss/tss.c
+++ b/src/security/tpm/tss/tss.c
@@ -1,6 +1,10 @@
 /* SPDX-License-Identifier: BSD-3-Clause */
 
 #include <console/console.h>
+#include <drivers/crb/tpm.h>
+#include <drivers/i2c/tpm/tpm.h>
+#include <drivers/pc80/tpm/tpm.h>
+#include <drivers/spi/tpm/tpm.h>
 #include <security/tpm/tis.h>
 #include <security/tpm/tss.h>
 
@@ -24,13 +28,21 @@ tpm_result_t tlcl_lib_init(void)
 	/* Set right away to make recursion impossible. */
 	init_done = true;
 
-	tlcl_tis_sendrecv = tis_probe(&tlcl_tpm_family);
+	tlcl_tis_sendrecv = NULL;
+	if (CONFIG(CRB_TPM))
+		tlcl_tis_sendrecv = crb_tis_probe(&tlcl_tpm_family);
+	if (CONFIG(MEMORY_MAPPED_TPM) && tlcl_tis_sendrecv == NULL)
+		tlcl_tis_sendrecv = pc80_tis_probe(&tlcl_tpm_family);
+	if (CONFIG(I2C_TPM) && tlcl_tis_sendrecv == NULL)
+		tlcl_tis_sendrecv = i2c_tis_probe(&tlcl_tpm_family);
+	if (CONFIG(SPI_TPM) && tlcl_tis_sendrecv == NULL)
+		tlcl_tis_sendrecv = spi_tis_probe(&tlcl_tpm_family);
 
 	if (tlcl_tis_sendrecv == NULL) {
-		printk(BIOS_ERR, "%s: tis_probe failed\n", __func__);
+		printk(BIOS_ERR, "%s: TIS probe failed\n", __func__);
 		tlcl_tpm_family = TPM_UNKNOWN;
 	} else if (tlcl_tpm_family != TPM_1 && tlcl_tpm_family != TPM_2) {
-		printk(BIOS_ERR, "%s: tis_probe returned incorrect TPM family: %d\n", __func__,
+		printk(BIOS_ERR, "%s: TIS probe returned incorrect TPM family: %d\n", __func__,
 		       tlcl_tpm_family);
 		tlcl_tpm_family = TPM_UNKNOWN;
 	}
author	Sergii Dmytruk <sergii.dmytruk@3mdeb.com>	2022-11-01 00:48:43 +0200
committer	Felix Held <felix-coreboot@felixheld.de>	2024-04-16 13:52:14 +0000
commit	3e5cefcc45d7ef7da9fd9b6ecc499a05f8134039 (patch)
tree	676b2369f6559b7d0028aaafc0c9b84af798ade6 /src/security/tpm
parent	7c75f8e5b2c3877487b424a1523c1e2a0caa4111 (diff)