diff options
Diffstat (limited to 'src/drivers')
| -rw-r--r-- | src/drivers/crb/tis.c | 36 | ||||
| -rw-r--r-- | src/drivers/crb/tpm.c | 63 | ||||
| -rw-r--r-- | src/drivers/crb/tpm.h | 4 | ||||
| -rw-r--r-- | src/drivers/i2c/tpm/cr50.c | 182 | ||||
| -rw-r--r-- | src/drivers/i2c/tpm/tis.c | 34 | ||||
| -rw-r--r-- | src/drivers/i2c/tpm/tis_atmel.c | 26 | ||||
| -rw-r--r-- | src/drivers/i2c/tpm/tpm.c | 16 | ||||
| -rw-r--r-- | src/drivers/i2c/tpm/tpm.h | 5 | ||||
| -rw-r--r-- | src/drivers/pc80/tpm/tis.c | 173 | ||||
| -rw-r--r-- | src/drivers/spi/tpm/tis.c | 24 | ||||
| -rw-r--r-- | src/drivers/spi/tpm/tpm.c | 16 | ||||
| -rw-r--r-- | src/drivers/spi/tpm/tpm.h | 3 |
12 files changed, 314 insertions, 268 deletions
diff --git a/src/drivers/crb/tis.c b/src/drivers/crb/tis.c index 40a3513511..cdb0dbb612 100644 --- a/src/drivers/crb/tis.c +++ b/src/drivers/crb/tis.c @@ -35,50 +35,52 @@ static const char *tis_get_dev_name(struct tpm2_info *info) return "Unknown"; } -int tis_open(void) +tpm_result_t tis_open(void) { if (tpm_is_open) { printk(BIOS_ERR, "%s called twice.\n", __func__); - return -1; + return TPM_CB_FAIL; } if (CONFIG(HAVE_INTEL_PTT)) { if (!ptt_active()) { printk(BIOS_ERR, "%s: Intel PTT is not active.\n", __func__); - return -1; + return TPM_CB_FAIL; } printk(BIOS_DEBUG, "%s: Intel PTT is active.\n", __func__); } - return 0; + return TPM_SUCCESS; } -int tis_init(void) +tpm_result_t tis_init(void) { struct tpm2_info info; // Wake TPM up (if necessary) - if (tpm2_init() != 0) - return -1; + tpm_result_t rc = tpm2_init(); + if (rc) + return rc; tpm2_get_info(&info); printk(BIOS_INFO, "Initialized TPM device %s revision %d\n", tis_get_dev_name(&info), info.revision); - return 0; + return TPM_SUCCESS; } -int tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, uint8_t *recvbuf, size_t *rbuf_len) +tpm_result_t tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, + uint8_t *recvbuf, size_t *rbuf_len) { int len = tpm2_process_command(sendbuf, sbuf_size, recvbuf, *rbuf_len); if (len == 0) - return -1; + return TPM_CB_FAIL; *rbuf_len = len; - return 0; + return TPM_SUCCESS; } static void crb_tpm_fill_ssdt(const struct device *dev) @@ -118,28 +120,28 @@ static const char *crb_tpm_acpi_name(const struct device *dev) } #if CONFIG(GENERATE_SMBIOS_TABLES) && CONFIG(TPM2) -static int tpm_get_cap(uint32_t property, uint32_t *value) +static tpm_result_t tpm_get_cap(uint32_t property, uint32_t *value) { TPMS_CAPABILITY_DATA cap_data; int i; - uint32_t rc; + tpm_result_t rc; if (!value) - return -1; + return TPM_CB_INVALID_ARG; rc = tlcl_get_capability(TPM_CAP_TPM_PROPERTIES, property, 1, &cap_data); if (rc) - return -1; + return rc; for (i = 0 ; i < cap_data.data.tpmProperties.count; i++) { if (cap_data.data.tpmProperties.tpmProperty[i].property == property) { *value = cap_data.data.tpmProperties.tpmProperty[i].value; - return 0; + return TPM_SUCCESS; } } - return -1; + return TPM_CB_FAIL; } static int smbios_write_type43_tpm(struct device *dev, int *handle, unsigned long *current) diff --git a/src/drivers/crb/tpm.c b/src/drivers/crb/tpm.c index e919137ea4..4e9f6f2d2b 100644 --- a/src/drivers/crb/tpm.c +++ b/src/drivers/crb/tpm.c @@ -67,7 +67,7 @@ static void crb_readControlArea(void) } /* Wait for Reg to be expected Value */ -static int crb_wait_for_reg32(const void *addr, uint32_t timeoutMs, uint32_t mask, +static tpm_result_t crb_wait_for_reg32(const void *addr, uint32_t timeoutMs, uint32_t mask, uint32_t expectedValue) { uint32_t regValue; @@ -81,13 +81,13 @@ static int crb_wait_for_reg32(const void *addr, uint32_t timeoutMs, uint32_t mas regValue = read32(addr); if ((regValue & mask) == expectedValue) - return 0; + return TPM_SUCCESS; if (stopwatch_expired(&sw)) { printk(BIOS_ERR, "CRB_WAIT: Error - Timed out with RegValue: %08x, Mask: %08x, Expected: %08x\n", regValue, mask, expectedValue); - return -1; + return TPM_CB_TIMEOUT; } } } @@ -96,27 +96,27 @@ static int crb_wait_for_reg32(const void *addr, uint32_t timeoutMs, uint32_t mas * * Checks if the CRB Interface is ready */ -static int crb_probe(void) +static tpm_result_t crb_probe(void) { uint64_t tpmStatus = read64(CRB_REG(cur_loc, CRB_REG_INTF_ID)); printk(BIOS_SPEW, "Interface ID Reg. %llx\n", tpmStatus); if ((tpmStatus & CRB_INTF_REG_CAP_CRB) == 0) { printk(BIOS_DEBUG, "TPM: CRB Interface is not supported.\n"); - return -1; + return TPM_CB_FAIL; } if ((tpmStatus & (0xf)) != 1) { printk(BIOS_DEBUG, "TPM: CRB Interface is not active. System needs reboot in order to active TPM.\n"); write32(CRB_REG(cur_loc, CRB_REG_INTF_ID), CRB_INTF_REG_INTF_SEL); - return -1; + return TPM_CB_FAIL; } write32(CRB_REG(cur_loc, CRB_REG_INTF_ID), CRB_INTF_REG_INTF_SEL); write32(CRB_REG(cur_loc, CRB_REG_INTF_ID), CRB_INTF_REG_INTF_LOCK); - return 0; + return TPM_SUCCESS; } /* @@ -129,7 +129,7 @@ static uint8_t crb_activate_locality(void) uint8_t locality = (read8(CRB_REG(0, CRB_REG_LOC_STATE)) >> 2) & 0x07; printk(BIOS_SPEW, "Active locality: %i\n", locality); - int rc = crb_wait_for_reg32(CRB_REG(locality, CRB_REG_LOC_STATE), 750, + tpm_result_t rc = crb_wait_for_reg32(CRB_REG(locality, CRB_REG_LOC_STATE), 750, LOC_STATE_LOC_ASSIGN, LOC_STATE_LOC_ASSIGN); if (!rc && (locality == 0)) @@ -141,15 +141,15 @@ static uint8_t crb_activate_locality(void) rc = crb_wait_for_reg32(CRB_REG(locality, CRB_REG_LOC_STATE), 750, LOC_STATE_LOC_ASSIGN, LOC_STATE_LOC_ASSIGN); if (rc) { - printk(BIOS_ERR, "TPM: Error - No Locality has been assigned TPM-wise.\n"); + printk(BIOS_ERR, "TPM: Error (%#x) - No Locality has been assigned TPM-wise.\n", rc); return 0; } rc = crb_wait_for_reg32(CRB_REG(locality, CRB_REG_LOC_STATE), 1500, LOC_STATE_REG_VALID_STS, LOC_STATE_REG_VALID_STS); if (rc) { - printk(BIOS_ERR, "TPM: Error - LOC_STATE Register %u contains errors.\n", - locality); + printk(BIOS_ERR, "TPM: Error (%#x) - LOC_STATE Register %u contains errors.\n", + rc, locality); return 0; } @@ -157,27 +157,27 @@ static uint8_t crb_activate_locality(void) } /* Switch Device into a Ready State */ -static int crb_switch_to_ready(void) +static tpm_result_t crb_switch_to_ready(void) { /* Transition into ready state */ write8(CRB_REG(cur_loc, CRB_REG_REQUEST), 0x1); - int rc = crb_wait_for_reg32(CRB_REG(cur_loc, CRB_REG_REQUEST), 200, + tpm_result_t rc = crb_wait_for_reg32(CRB_REG(cur_loc, CRB_REG_REQUEST), 200, CRB_REG_REQUEST_CMD_RDY, 0x0); if (rc) { printk(BIOS_ERR, - "TPM: Error - TPM did not transition into ready state in time.\n"); - return -1; + "TPM Error (%#x): TPM did not transition into ready state in time.\n", rc); + return rc; } /* Check TPM_CRB_CTRL_STS[0] to be "0" - no unrecoverable error */ rc = crb_wait_for_reg32(CRB_REG(cur_loc, CRB_REG_STATUS), 500, CRB_REG_STATUS_ERROR, 0x0); if (rc) { - printk(BIOS_ERR, "TPM: Fatal Error - Could not recover.\n"); - return -1; + printk(BIOS_ERR, "TPM Error (%#x): Could not recover.\n", rc); + return rc; } - return 0; + return TPM_SUCCESS; } /* @@ -188,11 +188,12 @@ static int crb_switch_to_ready(void) * normal bring up mode. * */ -int tpm2_init(void) +tpm_result_t tpm2_init(void) { - if (crb_probe()) { + tpm_result_t rc = crb_probe(); + if (rc) { printk(BIOS_ERR, "TPM: Probe failed.\n"); - return -1; + return rc; } /* Read back control area structure */ @@ -211,7 +212,7 @@ int tpm2_init(void) /* Good to go. */ printk(BIOS_SPEW, "TPM: CRB TPM initialized successfully\n"); - return 0; + return TPM_SUCCESS; } static void set_ptt_cmd_resp_buffers(void) @@ -231,7 +232,7 @@ static void set_ptt_cmd_resp_buffers(void) size_t tpm2_process_command(const void *tpm2_command, size_t command_size, void *tpm2_response, size_t max_response) { - int rc; + tpm_result_t rc; if (command_size > control_area.command_size) { printk(BIOS_ERR, "TPM: Command size is too big.\n"); @@ -248,12 +249,15 @@ size_t tpm2_process_command(const void *tpm2_command, size_t command_size, void // Check if CMD bit is cleared. rc = crb_wait_for_reg32(CRB_REG(0, CRB_REG_START), 250, CRB_REG_START_START, 0x0); if (rc) { - printk(BIOS_ERR, "TPM: Error - Cmd Bit not cleared.\n"); + printk(BIOS_ERR, "TPM Error (%#x): Cmd Bit not cleared.\n", rc); return -1; } - if (crb_switch_to_ready()) + rc = crb_switch_to_ready(); + if (rc) { + printk(BIOS_DEBUG, "TPM Error (%#x): Can not transition into ready state.\n", rc); return -1; + } // Write to Command Buffer memcpy(control_area.command_bfr, tpm2_command, command_size); @@ -272,14 +276,14 @@ size_t tpm2_process_command(const void *tpm2_command, size_t command_size, void // Poll for Response rc = crb_wait_for_reg32(CRB_REG(cur_loc, CRB_REG_START), 3500, CRB_REG_START_START, 0); if (rc) { - printk(BIOS_DEBUG, "TPM: Command Timed out.\n"); + printk(BIOS_DEBUG, "TPM Error (%#x): Command Timed out.\n", rc); return -1; } // Check for errors rc = crb_wait_for_reg32(CRB_REG(cur_loc, CRB_REG_STATUS), 200, CRB_REG_STATUS_ERROR, 0); if (rc) { - printk(BIOS_DEBUG, "TPM: Command errored.\n"); + printk(BIOS_DEBUG, "TPM Error (%#x): Command errored.\n", rc); return -1; } @@ -293,8 +297,9 @@ size_t tpm2_process_command(const void *tpm2_command, size_t command_size, void // Copy Response memcpy(tpm2_response, control_area.response_bfr, length); - if (crb_switch_to_ready()) { - printk(BIOS_DEBUG, "TPM: Can not transition into ready state again.\n"); + rc = crb_switch_to_ready(); + if (rc) { + printk(BIOS_DEBUG, "TPM Error (%#x): Can not transition into ready state again.\n", rc); return -1; } diff --git a/src/drivers/crb/tpm.h b/src/drivers/crb/tpm.h index be26be2d24..7b25e78b3b 100644 --- a/src/drivers/crb/tpm.h +++ b/src/drivers/crb/tpm.h @@ -1,6 +1,8 @@ /* SPDX-License-Identifier: BSD-3-Clause */ /* This is a driver for a Command Response Buffer Interface */ +#include <security/tpm/tss_errors.h> + /* CRB driver */ /* address of locality 0 (CRB) */ #define TPM_CRB_BASE_ADDRESS CONFIG_CRB_TPM_BASE_ADDRESS @@ -58,7 +60,7 @@ struct tpm2_info { uint16_t revision; }; -int tpm2_init(void); +tpm_result_t tpm2_init(void); void tpm2_get_info(struct tpm2_info *tpm2_info); size_t tpm2_process_command(const void *tpm2_command, size_t command_size, void *tpm2_response, size_t max_response); diff --git a/src/drivers/i2c/tpm/cr50.c b/src/drivers/i2c/tpm/cr50.c index 929628407d..d207f2b20b 100644 --- a/src/drivers/i2c/tpm/cr50.c +++ b/src/drivers/i2c/tpm/cr50.c @@ -56,12 +56,12 @@ static struct tpm_inf_dev tpm_dev; * 2) wait for TPM to indicate it is ready * 3) read 'len' bytes of TPM response into the provided 'buffer' * - * Return -1 on error, 0 on success. + * Returns TSS Return Code from TCG TPM Structures. See tss_errors.h */ -static int cr50_i2c_read(uint8_t addr, uint8_t *buffer, size_t len) +static tpm_result_t cr50_i2c_read(uint8_t addr, uint8_t *buffer, size_t len) { if (tpm_dev.addr == 0) - return -1; + return TPM_CB_FAIL; /* Clear interrupt before starting transaction */ cr50_plat_irq_status(); @@ -69,20 +69,20 @@ static int cr50_i2c_read(uint8_t addr, uint8_t *buffer, size_t len) /* Send the register address byte to the TPM */ if (i2c_write_raw(tpm_dev.bus, tpm_dev.addr, &addr, 1)) { printk(BIOS_ERR, "%s: Address write failed\n", __func__); - return -1; + return TPM_CB_FAIL; } /* Wait for TPM to be ready with response data */ if (cr50_wait_tpm_ready() != CB_SUCCESS) - return -1; + return TPM_CB_FAIL; /* Read response data from the TPM */ if (i2c_read_raw(tpm_dev.bus, tpm_dev.addr, buffer, len)) { printk(BIOS_ERR, "%s: Read response failed\n", __func__); - return -1; + return TPM_CB_FAIL; } - return 0; + return TPM_SUCCESS; } /* @@ -96,14 +96,14 @@ static int cr50_i2c_read(uint8_t addr, uint8_t *buffer, size_t len) * 2) send the address+data to the TPM * 3) wait for TPM to indicate it is done writing * - * Returns -1 on error, 0 on success. + * Returns TSS Return Code from TCG TPM Structures. See tss_errors.h */ -static int cr50_i2c_write(uint8_t addr, const uint8_t *buffer, size_t len) +static tpm_result_t cr50_i2c_write(uint8_t addr, const uint8_t *buffer, size_t len) { if (tpm_dev.addr == 0) - return -1; + return TPM_CB_INVALID_ARG; if (len > CR50_MAX_BUFSIZE) - return -1; + return TPM_CB_INVALID_ARG; /* Prepend the 'register address' to the buffer */ tpm_dev.buf[0] = addr; @@ -115,11 +115,11 @@ static int cr50_i2c_write(uint8_t addr, const uint8_t *buffer, size_t len) /* Send write request buffer with address */ if (i2c_write_raw(tpm_dev.bus, tpm_dev.addr, tpm_dev.buf, len + 1)) { printk(BIOS_ERR, "%s: Error writing to TPM\n", __func__); - return -1; + return TPM_CB_FAIL; } /* Wait for TPM to be ready */ - return cr50_wait_tpm_ready() == CB_SUCCESS ? 0 : -1; + return cr50_wait_tpm_ready() == CB_SUCCESS ? TPM_SUCCESS : TPM_CB_FAIL; } /* @@ -128,11 +128,13 @@ static int cr50_i2c_write(uint8_t addr, const uint8_t *buffer, size_t len) * * This function will make sure that the AP does not proceed with boot until * TPM finished reset processing. + * + * Returns TSS Return Code from TCG TPM Structures. See tss_errors.h */ -static int process_reset(void) +static tpm_result_t process_reset(void) { struct stopwatch sw; - int rc = 0; + tpm_result_t rc = TPM_SUCCESS; uint8_t access; /* @@ -162,59 +164,72 @@ static int process_reset(void) printk(BIOS_INFO, "TPM ready after %lld ms\n", stopwatch_duration_msecs(&sw)); - return 0; + return TPM_SUCCESS; } while (!stopwatch_expired(&sw)); - if (rc) - printk(BIOS_ERR, "Failed to read TPM\n"); - else + if (rc) { + printk(BIOS_ERR, "Failed to read TPM with error %d\n", rc); + return rc; + } else printk(BIOS_ERR, "TPM failed to reset after %lld ms, status: %#x\n", stopwatch_duration_msecs(&sw), access); - - return -1; + return TPM_CB_FAIL; } /* * Locality could be already claimed (if this is a later coreboot stage and * the RO did not release it), or not yet claimed, if this is verstage or the * older RO did release it. + * + * Returns TSS Return Code from TCG TPM Structures. See tss_errors.h */ -static int claim_locality(void) +static tpm_result_t claim_locality(void) { uint8_t access; const uint8_t mask = TPM_ACCESS_VALID | TPM_ACCESS_ACTIVE_LOCALITY; + tpm_result_t rc = TPM_SUCCESS; - if (cr50_i2c_read(TPM_ACCESS(0), &access, sizeof(access))) - return -1; + rc = cr50_i2c_read(TPM_ACCESS(0), &access, sizeof(access)); + if (rc) + return rc; if ((access & mask) == mask) { printk(BIOS_INFO, "Locality already claimed\n"); - return 0; + return TPM_SUCCESS; } access = TPM_ACCESS_REQUEST_USE; - if (cr50_i2c_write(TPM_ACCESS(0), - &access, sizeof(access))) - return -1; + rc = cr50_i2c_write(TPM_ACCESS(0), + &access, sizeof(access)); + if (rc) + return rc; - if (cr50_i2c_read(TPM_ACCESS(0), &access, sizeof(access))) - return -1; + rc = cr50_i2c_read(TPM_ACCESS(0), &access, sizeof(access)); + if (rc) + return rc; if ((access & mask) != mask) { printk(BIOS_INFO, "Failed to claim locality.\n"); - return -1; + return TPM_CB_FAIL; } - return 0; + return TPM_SUCCESS; } -/* cr50 requires all 4 bytes of status register to be read */ +/* + * cr50 requires all 4 bytes of status register to be read + * + * Returns lowest 8-bits of the TIS Status register value + * see tis_status bit mask enumerated type in tis.h. + * Return 0 on error. + */ static uint8_t cr50_i2c_tis_status(void) { uint8_t buf[4]; - if (cr50_i2c_read(TPM_STS(tpm_dev.locality), buf, sizeof(buf)) < 0) { - printk(BIOS_ERR, "%s: Failed to read status\n", __func__); + tpm_result_t rc = cr50_i2c_read(TPM_STS(tpm_dev.locality), buf, sizeof(buf)); + if (rc) { + printk(BIOS_ERR, "%s: Failed to read status with error %#x\n", __func__, rc); return 0; } return buf[0]; @@ -229,16 +244,21 @@ static void cr50_i2c_tis_ready(void) } /* cr50 uses bytes 3:2 of status register for burst count and - * all 4 bytes must be read */ -static int cr50_i2c_wait_burststs(uint8_t mask, size_t *burst, int *status) + * all 4 bytes must be read + * + * Returns TSS Return Code from TCG TPM Structures. See tss_errors.h + */ +static tpm_result_t cr50_i2c_wait_burststs(uint8_t mask, size_t *burst, int *status) { uint8_t buf[4]; struct stopwatch sw; + tpm_result_t rc = TPM_SUCCESS; stopwatch_init_msecs_expire(&sw, CR50_TIMEOUT_LONG_MS); while (!stopwatch_expired(&sw)) { - if (cr50_i2c_read(TPM_STS(tpm_dev.locality), buf, sizeof(buf)) != 0) { + rc = cr50_i2c_read(TPM_STS(tpm_dev.locality), buf, sizeof(buf)); + if (rc) { mdelay(CR50_TIMEOUT_SHORT_MS); continue; } @@ -249,13 +269,14 @@ static int cr50_i2c_wait_burststs(uint8_t mask, size_t *burst, int *status) /* Check if mask matches and burst is valid */ if ((*status & mask) == mask && *burst > 0 && *burst <= CR50_MAX_BUFSIZE) - return 0; + return TPM_SUCCESS; mdelay(CR50_TIMEOUT_SHORT_MS); } - - printk(BIOS_ERR, "%s: Timeout reading burst and status\n", __func__); - return -1; + printk(BIOS_ERR, "%s: Timeout reading burst and status with error %#x\n", __func__, rc); + if (rc) + return rc; + return TPM_CB_TIMEOUT; } static int cr50_i2c_tis_recv(uint8_t *buf, size_t buf_len) @@ -264,18 +285,21 @@ static int cr50_i2c_tis_recv(uint8_t *buf, size_t buf_len) uint8_t addr = TPM_DATA_FIFO(tpm_dev.locality); uint8_t mask = TPM_STS_VALID | TPM_STS_DATA_AVAIL; int status; + tpm_result_t rc = TPM_SUCCESS; if (buf_len < TPM_HEADER_SIZE) goto out_err; - if (cr50_i2c_wait_burststs(mask, &burstcnt, &status) < 0) { - printk(BIOS_ERR, "%s: First chunk not available\n", __func__); + rc = cr50_i2c_wait_burststs(mask, &burstcnt, &status); + if (rc) { + printk(BIOS_ERR, "%s: First chunk not available with error %#x\n", __func__, rc); goto out_err; } /* Read first chunk of burstcnt bytes */ - if (cr50_i2c_read(addr, buf, burstcnt) != 0) { - printk(BIOS_ERR, "%s: Read failed\n", __func__); + rc = cr50_i2c_read(addr, buf, burstcnt); + if (rc) { + printk(BIOS_ERR, "%s: Read failed with error %#x\n", __func__, rc); goto out_err; } @@ -291,12 +315,13 @@ static int cr50_i2c_tis_recv(uint8_t *buf, size_t buf_len) current = burstcnt; while (current < expected) { /* Read updated burst count and check status */ - if (cr50_i2c_wait_burststs(mask, &burstcnt, &status) < 0) + if (cr50_i2c_wait_burststs(mask, &burstcnt, &status)) goto out_err; len = MIN(burstcnt, expected - current); - if (cr50_i2c_read(addr, buf + current, len) != 0) { - printk(BIOS_ERR, "%s: Read failed\n", __func__); + rc = cr50_i2c_read(addr, buf + current, len); + if (rc) { + printk(BIOS_ERR, "%s: Read failed with error %#x\n", __func__, rc); goto out_err; } @@ -304,7 +329,7 @@ static int cr50_i2c_tis_recv(uint8_t *buf, size_t buf_len) } /* Ensure TPM is done reading data */ - if (cr50_i2c_wait_burststs(TPM_STS_VALID, &burstcnt, &status) < 0) + if (cr50_i2c_wait_burststs(TPM_STS_VALID, &burstcnt, &status)) goto out_err; if (status & TPM_STS_DATA_AVAIL) { printk(BIOS_ERR, "%s: Data still available\n", __func__); @@ -326,6 +351,7 @@ static int cr50_i2c_tis_send(uint8_t *buf, size_t len) size_t burstcnt, limit, sent = 0; uint8_t tpm_go[4] = { TPM_STS_GO }; struct stopwatch sw; + tpm_result_t rc = TPM_SUCCESS; stopwatch_init_msecs_expire(&sw, CR50_TIMEOUT_LONG_MS); @@ -348,14 +374,15 @@ static int cr50_i2c_tis_send(uint8_t *buf, size_t len) mask |= TPM_STS_DATA_EXPECT; /* Read burst count and check status */ - if (cr50_i2c_wait_burststs(mask, &burstcnt, &status) < 0) + if (cr50_i2c_wait_burststs(mask, &burstcnt, &status)) goto out_err; /* Use burstcnt - 1 to account for the address byte * that is inserted by cr50_i2c_write() */ limit = MIN(burstcnt - 1, len); - if (cr50_i2c_write(TPM_DATA_FIFO(tpm_dev.locality), &buf[sent], limit) != 0) { - printk(BIOS_ERR, "%s: Write failed\n", __func__); + rc = cr50_i2c_write(TPM_DATA_FIFO(tpm_dev.locality), &buf[sent], limit); + if (rc) { + printk(BIOS_ERR, "%s: Write failed with error %#x\n", __func__, rc); goto out_err; } @@ -364,7 +391,7 @@ static int cr50_i2c_tis_send(uint8_t *buf, size_t len) } /* Ensure TPM is not expecting more data */ - if (cr50_i2c_wait_burststs(TPM_STS_VALID, &burstcnt, &status) < 0) + if (cr50_i2c_wait_burststs(TPM_STS_VALID, &burstcnt, &status)) goto out_err; if (status & TPM_STS_DATA_EXPECT) { printk(BIOS_ERR, "%s: Data still expected\n", __func__); @@ -372,8 +399,9 @@ static int cr50_i2c_tis_send(uint8_t *buf, size_t len) } /* Start the TPM command */ - if (cr50_i2c_write(TPM_STS(tpm_dev.locality), tpm_go, sizeof(tpm_go)) < 0) { - printk(BIOS_ERR, "%s: Start command failed\n", __func__); + rc = cr50_i2c_write(TPM_STS(tpm_dev.locality), tpm_go, sizeof(tpm_go)); + if (rc) { + printk(BIOS_ERR, "%s: Start command failed with error %#x\n", __func__, rc); goto out_err; } return sent; @@ -396,14 +424,15 @@ static void cr50_vendor_init(struct tpm_chip *chip) chip->cancel = &cr50_i2c_tis_ready; } -int tpm_vendor_probe(unsigned int bus, uint32_t addr) +tpm_result_t tpm_vendor_probe(unsigned int bus, uint32_t addr) { - return 0; + return TPM_SUCCESS; } -static int cr50_i2c_probe(uint32_t *did_vid) +static tpm_result_t cr50_i2c_probe(uint32_t *did_vid) { int retries; + tpm_result_t rc = TPM_SUCCESS; /* * 1s should be enough to synchronize with the TPM even under the @@ -414,14 +443,13 @@ static int cr50_i2c_probe(uint32_t *did_vid) printk(BIOS_INFO, "Probing TPM I2C: "); for (retries = 100; retries > 0; retries--) { - int rc; rc = cr50_i2c_read(TPM_DID_VID(0), (uint8_t *)did_vid, 4); /* Exit once DID and VID verified */ if (!rc && (*did_vid == CR50_DID_VID || *did_vid == TI50_DID_VID)) { printk(BIOS_INFO, "done! DID_VID 0x%08x\n", *did_vid); - return 0; + return TPM_SUCCESS; } /* TPM might be resetting, let's retry in a bit. */ @@ -432,17 +460,21 @@ static int cr50_i2c_probe(uint32_t *did_vid) /* * I2C reads failed, or the DID and VID didn't match */ - printk(BIOS_ERR, "DID_VID 0x%08x not recognized\n", *did_vid); - return -1; + if (!rc) { + printk(BIOS_ERR, "DID_VID 0x%08x not recognized\n", *did_vid); + return TPM_CB_FAIL; + } + return rc; } -int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr) +tpm_result_t tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr) { uint32_t did_vid = 0; + tpm_result_t rc = TPM_SUCCESS; if (dev_addr == 0) { printk(BIOS_ERR, "%s: missing device address\n", __func__); - return -1; + return TPM_CB_FAIL; } tpm_dev.bus = bus; @@ -450,15 +482,19 @@ int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr) cr50_vendor_init(chip); - if (cr50_i2c_probe(&did_vid)) - return -1; + rc = cr50_i2c_probe(&did_vid); + if (rc) + return rc; - if (ENV_SEPARATE_VERSTAGE || ENV_BOOTBLOCK) - if (process_reset()) - return -1; + if (ENV_SEPARATE_VERSTAGE || ENV_BOOTBLOCK) { + rc = process_reset(); + if (rc) + return rc; + } - if (claim_locality()) - return -1; + rc = claim_locality(); + if (rc) + return rc; printk(BIOS_DEBUG, "cr50 TPM 2.0 (i2c %u:0x%02x id %#x)\n", bus, dev_addr, did_vid >> 16); @@ -470,7 +506,7 @@ int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr) } chip->is_open = 1; - return 0; + return TPM_SUCCESS; } enum cb_err tis_vendor_write(unsigned int addr, const void *buffer, size_t bytes) diff --git a/src/drivers/i2c/tpm/tis.c b/src/drivers/i2c/tpm/tis.c index 25b7f40801..a5c3b8fdf3 100644 --- a/src/drivers/i2c/tpm/tis.c +++ b/src/drivers/i2c/tpm/tis.c @@ -19,27 +19,24 @@ static struct tpm_chip chip; #define TPM_CMD_COUNT_BYTE 2 #define TPM_CMD_ORDINAL_BYTE 6 -int tis_open(void) +tpm_result_t tis_open(void) { - int rc; + tpm_result_t rc; if (chip.is_open) { printk(BIOS_DEBUG, "%s() called twice.\n", __func__); - return -1; + return TPM_CB_FAIL; } rc = tpm_vendor_init(&chip, CONFIG_DRIVER_TPM_I2C_BUS, CONFIG_DRIVER_TPM_I2C_ADDR); - if (rc < 0) + if (rc != TPM_SUCCESS) chip.is_open = 0; - if (rc) - return -1; - - return 0; + return rc; } -int tis_init(void) +tpm_result_t tis_init(void) { return tpm_vendor_probe(CONFIG_DRIVER_TPM_I2C_BUS, CONFIG_DRIVER_TPM_I2C_ADDR); @@ -48,23 +45,23 @@ int tis_init(void) static ssize_t tpm_transmit(const uint8_t *sbuf, size_t sbufsiz, void *rbuf, size_t rbufsiz) { - int rc; + int rc = -1; uint32_t count; memcpy(&count, sbuf + TPM_CMD_COUNT_BYTE, sizeof(count)); count = be32_to_cpu(count); if (!chip.send || !chip.status || !chip.cancel) - return -1; + goto out; if (count == 0) { printk(BIOS_DEBUG, "%s: no data\n", __func__); - return -1; + goto out; } if (count > sbufsiz) { printk(BIOS_DEBUG, "%s: invalid count value %#x %zx\n", __func__, count, sbufsiz); - return -1; + goto out; } ASSERT(chip.send); @@ -95,11 +92,10 @@ static ssize_t tpm_transmit(const uint8_t *sbuf, size_t sbufsiz, void *rbuf, ASSERT(chip.cancel); chip.cancel(); printk(BIOS_DEBUG, "%s: Operation Timed out\n", __func__); - rc = -1; //ETIME; + rc = -1; goto out; out_recv: - rc = chip.recv((uint8_t *)rbuf, rbufsiz); if (rc < 0) printk(BIOS_DEBUG, "%s: tpm_recv: error %d\n", __func__, rc); @@ -107,7 +103,7 @@ out: return rc; } -int tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, +tpm_result_t tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, uint8_t *recvbuf, size_t *rbuf_len) { ASSERT(sbuf_size >= 10); @@ -124,12 +120,12 @@ int tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, if (len < 10) { *rbuf_len = 0; - return -1; + return TPM_CB_FAIL; } if (len > *rbuf_len) { *rbuf_len = len; - return -1; + return TPM_CB_FAIL; } *rbuf_len = len; @@ -142,5 +138,5 @@ int tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, hexdump(recvbuf, *rbuf_len); } - return 0; + return TPM_SUCCESS; } diff --git a/src/drivers/i2c/tpm/tis_atmel.c b/src/drivers/i2c/tpm/tis_atmel.c index 669ac68f6c..91ed6a99e3 100644 --- a/src/drivers/i2c/tpm/tis_atmel.c +++ b/src/drivers/i2c/tpm/tis_atmel.c @@ -22,17 +22,17 @@ struct tpm_output_header { uint32_t return_code; } __packed; -int tis_open(void) +tpm_result_t tis_open(void) { - return 0; + return TPM_SUCCESS; } -int tis_init(void) +tpm_result_t tis_init(void) { - return 0; + return TPM_SUCCESS; } -int tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, +tpm_result_t tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, uint8_t *recvbuf, size_t *rbuf_len) { size_t hdr_bytes; @@ -60,8 +60,10 @@ int tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, sbuf_size); if ((status < 0) && (!stopwatch_expired(&sw))) continue; - if (status < 0) - return status; + if (status < 0) { + printk(BIOS_ERR, "I2C write error: %d\n", status); + return TPM_CB_COMMUNICATION_ERROR; + } break; } @@ -79,7 +81,7 @@ int tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, udelay(SLEEP_DURATION); } while (!stopwatch_expired(&sw)); if (status != sizeof(*header)) - return -1; + return TPM_CB_COMMUNICATION_ERROR; /* Determine the number of bytes remaining */ recv_bytes = MIN(be32_to_cpu(*(uint32_t *)&header->length), @@ -94,8 +96,10 @@ int tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, /* Read the full TPM response */ status = i2c_read_raw(CONFIG_DRIVER_TPM_I2C_BUS, CONFIG_DRIVER_TPM_I2C_ADDR, recvbuf, recv_bytes); - if (status < 0) - return status; + if (status < 0) { + printk(BIOS_ERR, "I2C read error: %d\n", status); + return TPM_CB_COMMUNICATION_ERROR; + } } /* Return the number of bytes received */ @@ -110,5 +114,5 @@ int tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, } /* Successful transfer */ - return 0; + return TPM_SUCCESS; } diff --git a/src/drivers/i2c/tpm/tpm.c b/src/drivers/i2c/tpm/tpm.c index c88dcdd4b9..4dbefb44f3 100644 --- a/src/drivers/i2c/tpm/tpm.c +++ b/src/drivers/i2c/tpm/tpm.c @@ -451,7 +451,7 @@ out_err: /* Initialization of I2C TPM */ -int tpm_vendor_probe(unsigned int bus, uint32_t addr) +tpm_result_t tpm_vendor_probe(unsigned int bus, uint32_t addr) { struct stopwatch sw; uint8_t buf = 0; @@ -487,18 +487,18 @@ int tpm_vendor_probe(unsigned int bus, uint32_t addr) * Claim failure if the ValidSts (bit 7) is clear. */ if (!(buf & TPM_STS_VALID)) - return -1; + return TPM_CB_FAIL; - return 0; + return TPM_SUCCESS; } -int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr) +tpm_result_t tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr) { uint32_t vendor; if (dev_addr == 0) { printk(BIOS_ERR, "%s: missing device address\n", __func__); - return -1; + return TPM_CB_FAIL; } tpm_dev.chip_type = UNKNOWN; @@ -518,7 +518,7 @@ int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr) chip->cancel = &tpm_tis_i2c_ready; if (request_locality(0) != 0) - return -1; + return TPM_CB_FAIL; /* Read four bytes from DID_VID register */ if (iic_tpm_read(TPM_DID_VID(0), (uint8_t *)&vendor, 4) < 0) @@ -543,9 +543,9 @@ int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr) * Standard timeout values are used so far */ - return 0; + return TPM_SUCCESS; out_err: release_locality(0, 1); - return -1; + return TPM_CB_FAIL; } diff --git a/src/drivers/i2c/tpm/tpm.h b/src/drivers/i2c/tpm/tpm.h index d4176cc511..fb9837789d 100644 --- a/src/drivers/i2c/tpm/tpm.h +++ b/src/drivers/i2c/tpm/tpm.h @@ -12,6 +12,7 @@ #ifndef __DRIVERS_TPM_SLB9635_I2C_TPM_H__ #define __DRIVERS_TPM_SLB9635_I2C_TPM_H__ +#include <security/tpm/tss_errors.h> #include <stdint.h> enum tpm_timeout { @@ -51,8 +52,8 @@ struct tpm_chip { /* ---------- Interface for TPM vendor ------------ */ -int tpm_vendor_probe(unsigned int bus, uint32_t addr); +tpm_result_t tpm_vendor_probe(unsigned int bus, uint32_t addr); -int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr); +tpm_result_t tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr); #endif /* __DRIVERS_TPM_SLB9635_I2C_TPM_H__ */ diff --git a/src/drivers/pc80/tpm/tis.c b/src/drivers/pc80/tpm/tis.c index a7a3e9d72d..3f2d6bd7a2 100644 --- a/src/drivers/pc80/tpm/tis.c +++ b/src/drivers/pc80/tpm/tis.c @@ -74,17 +74,6 @@ #define TIS_ACCESS_REQUEST_USE (1 << 1) /* 0x02 */ #define TIS_ACCESS_TPM_ESTABLISHMENT (1 << 0) /* 0x01 */ -/* - * Error value returned if a tpm register does not enter the expected state - * after continuous polling. No actual TPM register reading ever returns ~0, - * so this value is a safe error indication to be mixed with possible status - * register values. - */ -#define TPM_TIMEOUT_ERR (~0) - -/* Error value returned on various TPM driver errors */ -#define TPM_DRIVER_ERR (~0) - /* 1 second is plenty for anything TPM does.*/ #define MAX_DELAY_US USECS_PER_SEC @@ -248,9 +237,9 @@ static inline u32 tpm_read_int_polarity(int locality) * @mask - bitmask for the bitfield(s) to watch * @expected - value the field(s) are supposed to be set to * - * Returns 0 on success or TPM_TIMEOUT_ERR on timeout. + * Returns TPM_SUCCESS on success or TPM_CB_TIMEOUT on timeout. */ -static int tis_wait_sts(int locality, u8 mask, u8 expected) +static tpm_result_t tis_wait_sts(int locality, u8 mask, u8 expected) { struct stopwatch sw; @@ -258,24 +247,24 @@ static int tis_wait_sts(int locality, u8 mask, u8 expected) do { u8 value = tpm_read_status(locality); if ((value & mask) == expected) - return 0; + return TPM_SUCCESS; udelay(1); } while (!stopwatch_expired(&sw)); - return TPM_TIMEOUT_ERR; + return TPM_CB_TIMEOUT; } -static inline int tis_wait_ready(int locality) +static inline tpm_result_t tis_wait_ready(int locality) { return tis_wait_sts(locality, TIS_STS_COMMAND_READY, TIS_STS_COMMAND_READY); } -static inline int tis_wait_valid(int locality) +static inline tpm_result_t tis_wait_valid(int locality) { return tis_wait_sts(locality, TIS_STS_VALID, TIS_STS_VALID); } -static inline int tis_wait_valid_data(int locality) +static inline tpm_result_t tis_wait_valid_data(int locality) { const u8 has_data = TIS_STS_DATA_AVAILABLE | TIS_STS_VALID; return tis_wait_sts(locality, has_data, has_data); @@ -302,9 +291,9 @@ static inline int tis_expect_data(int locality) * @mask - bitmask for the bitfield(s) to watch * @expected - value the field(s) are supposed to be set to * - * Returns 0 on success or TPM_TIMEOUT_ERR on timeout. + * Returns TPM_SUCCESS on success or TPM_CB_TIMEOUT on timeout. */ -static int tis_wait_access(int locality, u8 mask, u8 expected) +static tpm_result_t tis_wait_access(int locality, u8 mask, u8 expected) { struct stopwatch sw; @@ -312,13 +301,13 @@ static int tis_wait_access(int locality, u8 mask, u8 expected) do { u8 value = tpm_read_access(locality); if ((value & mask) == expected) - return 0; + return TPM_SUCCESS; udelay(1); } while (!stopwatch_expired(&sw)); - return TPM_TIMEOUT_ERR; + return TPM_CB_TIMEOUT; } -static inline int tis_wait_received_access(int locality) +static inline tpm_result_t tis_wait_received_access(int locality) { return tis_wait_access(locality, TIS_ACCESS_ACTIVE_LOCALITY, TIS_ACCESS_ACTIVE_LOCALITY); @@ -345,10 +334,8 @@ static inline void tis_request_access(int locality) * In practice not all TPMs behave the same so it is necessary to be * flexible when trying to set command ready. * - * Returns 0 on success if the TPM is ready for transactions. - * Returns TPM_TIMEOUT_ERR if the command ready bit does not get set. */ -static int tis_command_ready(u8 locality) +static tpm_result_t tis_command_ready(u8 locality) { u32 status; @@ -360,7 +347,7 @@ static int tis_command_ready(u8 locality) /* Check if command ready is set yet */ if (status & TIS_STS_COMMAND_READY) - return 0; + return TPM_SUCCESS; /* 2nd attempt to set command ready */ tpm_write_status(TIS_STS_COMMAND_READY, locality); @@ -373,10 +360,10 @@ static int tis_command_ready(u8 locality) * * Probe the TPM device and try determining its manufacturer/device name. * - * Returns 0 on success (the device is found or was found during an earlier - * invocation) or TPM_DRIVER_ERR if the device is not found. + * Returns TPM_SUCCESS on success (the device is found or was found during + * an earlier invocation) or TPM_CB_FAIL if the device is not found. */ -int tis_init(void) +tpm_result_t tis_init(void) { const char *device_name = "unknown"; const char *vendor_name = device_name; @@ -386,12 +373,12 @@ int tis_init(void) int i; if (vendor_dev_id) - return 0; /* Already probed. */ + return TPM_SUCCESS; /* Already probed. */ didvid = tpm_read_did_vid(0); if (!didvid || (didvid == 0xffffffff)) { printf("%s: No TPM device found\n", __func__); - return TPM_DRIVER_ERR; + return TPM_CB_FAIL; } vendor_dev_id = didvid; @@ -419,7 +406,7 @@ int tis_init(void) } /* this will have to be converted into debug printout */ printk(BIOS_INFO, "Found TPM %s by %s\n", device_name, vendor_name); - return 0; + return TPM_SUCCESS; } /* @@ -430,19 +417,21 @@ int tis_init(void) * @data - address of the data to send, byte by byte * @len - length of the data to send * - * Returns 0 on success, TPM_DRIVER_ERR on error (in case the device does + * Returns TPM_SUCCESS on success, TPM_CB_FAIL on error (in case the device does * not accept the entire command). */ -static u32 tis_senddata(const u8 *const data, u32 len) +static tpm_result_t tis_senddata(const u8 *const data, u32 len) { u32 offset = 0; u16 burst = 0; u8 locality = 0; + tpm_result_t rc = TPM_SUCCESS; - if (tis_wait_ready(locality)) { - printf("%s:%d - failed to get 'command_ready' status\n", - __FILE__, __LINE__); - return TPM_DRIVER_ERR; + rc = tis_wait_ready(locality); + if (rc) { + printf("%s:%d - failed to get 'command_ready' status with error %#x\n", + __FILE__, __LINE__, rc); + return rc; } burst = tpm_read_burst_count(locality); @@ -456,7 +445,7 @@ static u32 tis_senddata(const u8 *const data, u32 len) if (stopwatch_expired(&sw)) { printf("%s:%d failed to feed %u bytes of %u\n", __FILE__, __LINE__, len - offset, len); - return TPM_DRIVER_ERR; + return TPM_CB_TIMEOUT; } udelay(1); burst = tpm_read_burst_count(locality); @@ -475,10 +464,11 @@ static u32 tis_senddata(const u8 *const data, u32 len) while (count--) tpm_write_data(data[offset++], locality); - if (tis_wait_valid(locality) || !tis_expect_data(locality)) { - printf("%s:%d TPM command feed overflow\n", - __FILE__, __LINE__); - return TPM_DRIVER_ERR; + rc = tis_wait_valid(locality); + if (rc || !tis_expect_data(locality)) { + printf("%s:%d TPM command feed overflow with error %#x\n", + __FILE__, __LINE__, rc); + return rc ? rc : TPM_CB_FAIL; } burst = tpm_read_burst_count(locality); @@ -498,16 +488,17 @@ static u32 tis_senddata(const u8 *const data, u32 len) * Verify that TPM does not expect any more data as part of this * command. */ - if (tis_wait_valid(locality) || tis_expect_data(locality)) { - printf("%s:%d unexpected TPM status %#x\n", - __FILE__, __LINE__, tpm_read_status(locality)); - return TPM_DRIVER_ERR; + rc = tis_wait_valid(locality); + if (rc || tis_expect_data(locality)) { + printf("%s:%d unexpected TPM error %#x with status %#x\n", + __FILE__, __LINE__, rc, tpm_read_status(locality)); + return rc ? rc : TPM_CB_FAIL; } /* OK, sitting pretty, let's start the command execution. */ tpm_write_status(TIS_STS_TPM_GO, locality); - return 0; + return TPM_SUCCESS; } /* @@ -518,22 +509,25 @@ static u32 tis_senddata(const u8 *const data, u32 len) * @buffer - address where to read the response, byte by byte. * @len - pointer to the size of buffer * - * On success stores the number of received bytes to len and returns 0. On - * errors (misformatted TPM data or synchronization problems) returns - * TPM_DRIVER_ERR. + * On success stores the number of received bytes to len and returns + * TPM_SUCCESS. On errors (misformatted TPM data or synchronization + * problems) returns TPM_CB_FAIL. */ -static u32 tis_readresponse(u8 *buffer, size_t *len) +static tpm_result_t tis_readresponse(u8 *buffer, size_t *len) { u16 burst_count; u32 offset = 0; u8 locality = 0; u32 expected_count = *len; int max_cycles = 0; + tpm_result_t rc = TPM_SUCCESS; /* Wait for the TPM to process the command */ - if (tis_wait_valid_data(locality)) { - printf("%s:%d failed processing command\n", __FILE__, __LINE__); - return TPM_DRIVER_ERR; + rc = tis_wait_valid_data(locality); + if (rc) { + printf("%s:%d failed processing command with error %#x\n", + __FILE__, __LINE__, rc); + return rc; } do { @@ -541,7 +535,7 @@ static u32 tis_readresponse(u8 *buffer, size_t *len) if (max_cycles++ == MAX_DELAY_US) { printf("%s:%d TPM stuck on read\n", __FILE__, __LINE__); - return TPM_DRIVER_ERR; + return TPM_CB_FAIL; } udelay(1); } @@ -569,16 +563,17 @@ static u32 tis_readresponse(u8 *buffer, size_t *len) printf("%s:%d bad response size %u\n", __FILE__, __LINE__, expected_count); - return TPM_DRIVER_ERR; + return TPM_CB_FAIL; } } } /* Wait for the next portion */ - if (tis_wait_valid(locality)) { - printf("%s:%d failed to read response\n", - __FILE__, __LINE__); - return TPM_DRIVER_ERR; + rc = tis_wait_valid(locality); + if (rc) { + printf("%s:%d failed to read response with error %#x\n", + __FILE__, __LINE__, rc); + return rc; } if (offset == expected_count) @@ -599,15 +594,16 @@ static u32 tis_readresponse(u8 *buffer, size_t *len) printf("%s:%d wrong receive status: %#x %u bytes left\n", __FILE__, __LINE__, tpm_read_status(locality), tpm_read_burst_count(locality)); - return TPM_DRIVER_ERR; + return TPM_CB_FAIL; } /* Tell the TPM that we are done. */ - if (tis_command_ready(locality) == TPM_TIMEOUT_ERR) - return TPM_DRIVER_ERR; + rc = tis_command_ready(locality); + if (rc) + return rc; *len = offset; - return 0; + return TPM_SUCCESS; } /* @@ -615,31 +611,30 @@ static u32 tis_readresponse(u8 *buffer, size_t *len) * * Requests access to locality 0 for the caller. * - * Returns 0 on success, TPM_DRIVER_ERR on failure. + * Returns TPM_SUCCESS on success, TSS Error on failure. */ -int tis_open(void) +tpm_result_t tis_open(void) { u8 locality = 0; /* we use locality zero for everything */ + tpm_result_t rc = TPM_SUCCESS; if (!tis_has_access(locality)) { /* request access to locality */ tis_request_access(locality); /* did we get a lock? */ - if (tis_wait_received_access(locality)) { - printf("%s:%d - failed to lock locality %u\n", - __FILE__, __LINE__, locality); - return TPM_DRIVER_ERR; + rc = tis_wait_received_access(locality); + if (rc) { + printf("%s:%d - failed to lock locality %u with error %#x\n", + __FILE__, __LINE__, locality, rc); + return rc; } /* Certain TPMs seem to need some delay here or they hang... */ udelay(10); } - if (tis_command_ready(locality) == TPM_TIMEOUT_ERR) - return TPM_DRIVER_ERR; - - return 0; + return tis_command_ready(locality); } /* @@ -652,16 +647,17 @@ int tis_open(void) * @recvbuf - memory to save the response to * @recv_len - pointer to the size of the response buffer * - * Returns 0 on success (and places the number of response bytes at recv_len) - * or TPM_DRIVER_ERR on failure. + * Returns TPM_SUCCESS on success (and places the number of response bytes + * at recv_len) or TPM_CB_FAIL on failure. */ -int tis_sendrecv(const uint8_t *sendbuf, size_t send_size, +tpm_result_t tis_sendrecv(const uint8_t *sendbuf, size_t send_size, uint8_t *recvbuf, size_t *recv_len) { - if (tis_senddata(sendbuf, send_size)) { - printf("%s:%d failed sending data to TPM\n", - __FILE__, __LINE__); - return TPM_DRIVER_ERR; + tpm_result_t rc = tis_senddata(sendbuf, send_size); + if (rc) { + printf("%s:%d failed sending data to TPM with error %#x\n", + __FILE__, __LINE__, rc); + return rc; } return tis_readresponse(recvbuf, recv_len); @@ -680,14 +676,15 @@ int tis_sendrecv(const uint8_t *sendbuf, size_t send_size, * @vector - TPM interrupt vector * @polarity - TPM interrupt polarity * - * Returns 0 on success, TPM_DRIVER_ERR on failure. + * Returns TPM_SUCCESS on success, TPM_CB_FAIL on failure. */ -static int tis_setup_interrupt(int vector, int polarity) +static tpm_result_t tis_setup_interrupt(int vector, int polarity) { u8 locality = 0; + tpm_result_t rc = tlcl_lib_init(); - if (tlcl_lib_init()) - return TPM_DRIVER_ERR; + if (rc) + return rc; /* Set TPM interrupt vector */ tpm_write_int_vector(vector, locality); @@ -695,7 +692,7 @@ static int tis_setup_interrupt(int vector, int polarity) /* Set TPM interrupt polarity and disable interrupts */ tpm_write_int_polarity(polarity, locality); - return 0; + return TPM_SUCCESS; } static void lpc_tpm_read_resources(struct device *dev) diff --git a/src/drivers/spi/tpm/tis.c b/src/drivers/spi/tpm/tis.c index b9b2a4a5cb..6fa6c82848 100644 --- a/src/drivers/spi/tpm/tis.c +++ b/src/drivers/spi/tpm/tis.c @@ -29,29 +29,31 @@ static const char *tis_get_dev_name(struct tpm2_info *info) return "Unknown"; } -int tis_open(void) +tpm_result_t tis_open(void) { if (tpm_is_open) { printk(BIOS_ERR, "%s() called twice.\n", __func__); - return -1; + return TPM_CB_FAIL; } - return 0; + return TPM_SUCCESS; } -int tis_init(void) +tpm_result_t tis_init(void) { struct spi_slave spi; struct tpm2_info info; + tpm_result_t rc = TPM_SUCCESS; if (spi_setup_slave(CONFIG_DRIVER_TPM_SPI_BUS, CONFIG_DRIVER_TPM_SPI_CHIP, &spi)) { printk(BIOS_ERR, "Failed to setup TPM SPI slave\n"); - return -1; + return TPM_CB_FAIL; } - if (tpm2_init(&spi)) { + rc = tpm2_init(&spi); + if (rc) { printk(BIOS_ERR, "Failed to initialize TPM SPI interface\n"); - return -1; + return rc; } tpm2_get_info(&info); @@ -59,18 +61,18 @@ int tis_init(void) printk(BIOS_INFO, "Initialized TPM device %s revision %d\n", tis_get_dev_name(&info), info.revision); - return 0; + return TPM_SUCCESS; } -int tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, +tpm_result_t tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, uint8_t *recvbuf, size_t *rbuf_len) { int len = tpm2_process_command(sendbuf, sbuf_size, recvbuf, *rbuf_len); if (len == 0) - return -1; + return TPM_CB_FAIL; *rbuf_len = len; - return 0; + return TPM_SUCCESS; } diff --git a/src/drivers/spi/tpm/tpm.c b/src/drivers/spi/tpm/tpm.c index 01f04f4a36..13f44f9448 100644 --- a/src/drivers/spi/tpm/tpm.c +++ b/src/drivers/spi/tpm/tpm.c @@ -394,7 +394,7 @@ static const uint32_t supported_did_vids[] = { 0x0000104a /* ST33HTPH2E32 */ }; -int tpm2_init(struct spi_slave *spi_if) +tpm_result_t tpm2_init(struct spi_slave *spi_if) { uint32_t did_vid, status, intf_id; uint8_t cmd; @@ -433,7 +433,7 @@ int tpm2_init(struct spi_slave *spi_if) if (!retries) { printk(BIOS_ERR, "\n%s: Failed to connect to the TPM\n", __func__); - return -1; + return TPM_CB_FAIL; } printk(BIOS_INFO, " done!\n"); @@ -444,11 +444,11 @@ int tpm2_init(struct spi_slave *spi_if) if (tpm2_read_reg(TPM_INTF_ID_REG, &intf_id, sizeof(intf_id)) != CB_SUCCESS) { printk(BIOS_ERR, "\n%s: Failed to read interface ID register\n", __func__); - return -1; + return TPM_CB_FAIL; } if ((be32toh(intf_id) & 0xF) == 0xF) { printk(BIOS_DEBUG, "\n%s: Not a TPM2 device\n", __func__); - return -1; + return TPM_CB_FAIL; } } @@ -459,16 +459,16 @@ int tpm2_init(struct spi_slave *spi_if) * initialization after reset. */ if (tpm2_claim_locality() != CB_SUCCESS) - return -1; + return TPM_CB_FAIL; if (read_tpm_sts(&status) != CB_SUCCESS) { printk(BIOS_ERR, "Reading status reg failed\n"); - return -1; + return TPM_CB_FAIL; } if ((status & TPM_STS_FAMILY_MASK) != TPM_STS_FAMILY_TPM_2_0) { printk(BIOS_ERR, "unexpected TPM family value, status: %#x\n", status); - return -1; + return TPM_CB_FAIL; } /* @@ -492,7 +492,7 @@ int tpm2_init(struct spi_slave *spi_if) cr50_set_board_cfg(); } } - return 0; + return TPM_SUCCESS; } /* diff --git a/src/drivers/spi/tpm/tpm.h b/src/drivers/spi/tpm/tpm.h index cb09148b1f..da15a73bd8 100644 --- a/src/drivers/spi/tpm/tpm.h +++ b/src/drivers/spi/tpm/tpm.h @@ -4,6 +4,7 @@ #define __COREBOOT_SRC_DRIVERS_SPI_TPM_TPM_H #include <drivers/tpm/cr50.h> +#include <security/tpm/tss_errors.h> #include <stddef.h> #include <spi-generic.h> @@ -26,7 +27,7 @@ struct tpm2_info { * * Return 0 on success, non-zero on failure. */ -int tpm2_init(struct spi_slave *spi_if); +tpm_result_t tpm2_init(struct spi_slave *spi_if); /* * Each command processing consists of sending the command to the TPM, by |