summaryrefslogtreecommitdiff
path: root/src/drivers/i2c/tpm/cr50.c
AgeCommit message (Collapse)Author
2022-06-08drivers/tpm/cr50: Add TPM IRQ timeout Kconfig optionYu-Ping Wu
The current 10ms timeout for SPI TPM IRQ is not enough for platforms using ti50 (such as corsola). Therefore, introduce a new Kconfig option 'GOOGLE_TPM_IRQ_TIMEOUT_MS'. For platforms using cr50, we need to support legacy pre-ready-IRQ cr50 factory images during the initial boot, so the timeout remains 100ms for I2C TPM and 10ms for SPI TPM. For all the other platforms using ti50, the default timeout is increased to 750ms, as suggested by the ti50 team (apronin@google.com). BUG=b:232327704 TEST=emerge-corsola coreboot BRANCH=none Change-Id: I8dbb919e4a421a99a994913613a33738a49f5956 Signed-off-by: Yu-Ping Wu <yupingso@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/64412 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Hung-Te Lin <hungte@chromium.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2022-04-24tpm: Allow separate handling of Google Ti50 TPMJes Klinke
A new iteration of Google's TPM implementation will advertize a new DID:VID, but otherwise follow the same protocol as the earlier design. This change makes use of Kconfigs TPM_GOOGLE_CR50 and TPM_GOOGLE_TI50 to be able to take slightly different code paths, when e.g. evaluating whether TPM firmware is new enough to support certain features. Change-Id: I1e1f8eb9b94fc2d5689656335dc1135b47880986 Signed-off-by: Jes B. Klinke <jbk@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/63158 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2022-03-25drivers/i2c/tpm: Work around missing board_cfg in Ti50 FW under 0.15Eric Lai
Ti50 FW under 0.15 is not support board cfg command which causes I2C errors and entering recovery mode. And ODM stocks are 0.12 pre-flashed. Add workaround for the old Ti50 chip. BUG=b:224650720 TEST=no I2C errors in coreboot. [ERROR] cr50_i2c_read: Address write failed [INFO ] .I2C stop bit not received Signed-off-by: Eric Lai <eric_lai@quanta.corp-partner.google.com> Change-Id: Ieec7842ca66b4c690df04a400cebcf45138c745d Reviewed-on: https://review.coreboot.org/c/coreboot/+/63011 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org> Reviewed-by: Kangheui Won <khwon@chromium.org>
2022-03-09{drivers/security}: Replace `cb_err_t` with `enum cb_err`Subrata Banik
This patch replaces remaining `cb_err_t` with `enum cb_err` after commit hash 69cc557c (commonlib/bsd: Remove cb_err_t) removes majority of `cb_err_t` instances. TEST=Able to build the brya. Signed-off-by: Subrata Banik <subratabanik@google.com> Change-Id: I3392f9c2cfb4a889a999c8ea25066c89979f0900 Reviewed-on: https://review.coreboot.org/c/coreboot/+/62676 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com> Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
2022-03-07drivers/tpm/cr50: Add I2C bus support to cr50 driverTim Wawrzynczak
This allows mainboards using an I2C bus to communicate with the cr50 to reuse the functionality related to firmware version and BOARD_CFG. BUG=b:202246591 TEST=boot on brya0, see cr50 FW version in logs Change-Id: Ide1a7299936193da3cd3d15fdfd1a80994d70da0 Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/62059 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2022-02-23cr50: Increase cr50 i2c probe timeoutRob Barnes
Turns out 200ms still isn't enough in the worst reset conditions. There's been some reports of failures at 200ms with some older cr50 versions. Let's not take any chances and bump this way up since if this fails, it prevents boot. BUG=b:213828947 BRANCH=None TEST=Reboot and suspend_stress on Nipperkin Signed-off-by: Rob Barnes <robbarnes@google.com> Change-Id: I5be0a80c064546fd277f66135abc9d0572df11cb Reviewed-on: https://review.coreboot.org/c/coreboot/+/61864 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Raul Rangel <rrangel@chromium.org>
2022-02-11drivers/i2c/tpm/cr50: Remove unused `chip` function argumentsTim Wawrzynczak
The `chip` argument passed around to many functions in this driver is actualy unused, so remove it where it is unused. Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org> Change-Id: Ib8d32fdf340c8ef49fefd11da433e3b6ee561f29 Reviewed-on: https://review.coreboot.org/c/coreboot/+/61718 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Subrata Banik <subratabanik@google.com> Reviewed-by: Nick Vaccaro <nvaccaro@google.com>
2022-02-07treewide: Remove "ERROR: "/"WARN: " prefixes from log messagesJulius Werner
Now that the console system itself will clearly differentiate loglevels, it is no longer necessary to explicitly add "ERROR: " in front of every BIOS_ERR message to help it stand out more (and allow automated tooling to grep for it). Removing all these extra .rodata characters should save us a nice little amount of binary size. This patch was created by running find src/ -type f -exec perl -0777 -pi -e 's/printk\(\s*BIOS_ERR,\s*"ERROR: /printk\(BIOS_ERR, "/gi' '{}' ';' and doing some cursory review/cleanup on the result. Then doing the same thing for BIOS_WARN with 's/printk\(\s*BIOS_WARNING,\s*"WARN(ING)?: /printk\(BIOS_WARNING, "/gi' Signed-off-by: Julius Werner <jwerner@chromium.org> Change-Id: I3d0573acb23d2df53db6813cb1a5fc31b5357db8 Reviewed-on: https://review.coreboot.org/c/coreboot/+/61309 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Reviewed-by: Lance Zhao Reviewed-by: Jason Glenesk <jason.glenesk@gmail.com>
2022-01-17cr50: Increase cr50 i2c probe timeoutRob Barnes
Turns out 150ms isn't enough in the worst reset conditions. On guybrush the TPM is reset in S0i3 and the CR50 is allowed to hibernate. The CR50 is woken up and initialized early during S0i3 resume. Occasionally the CR50 isn't ready before the probe times out. BUG=b:213828947 BRANCH=None TEST=suspend_stress_test -c 1000 Change-Id: Ifda438080cf1ad2796c7061223a6a97b8e6e9987 Signed-off-by: Rob Barnes <robbarnes@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/61104 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Paul Menzel <paulepanter@mailbox.org> Reviewed-by: Raul Rangel <rrangel@chromium.org> Reviewed-by: Karthik Ramasubramanian <kramasub@google.com> Reviewed-by: Keith Short <keithshort@chromium.org>
2021-10-05src/acpi to src/lib: Fix spelling errorsMartin Roth
These issues were found and fixed by codespell, a useful tool for finding spelling errors. Signed-off-by: Martin Roth <martin@coreboot.org> Change-Id: I5b8ecdfe75d99028fee820a2034466a8ad1c5e63 Reviewed-on: https://review.coreboot.org/c/coreboot/+/58080 Reviewed-by: Felix Held <felix-coreboot@felixheld.de> Reviewed-by: Angel Pons <th3fanbus@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2021-01-19drivers/i2c/tpm/cr50.c: Use __func__Elyes HAOUAS
Change-Id: If2751f3672072b7fa421ae33dc6e1490fdf35247 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/49547 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Christian Walter <christian.walter@9elements.com>
2020-05-11treewide: Remove "this file is part of" linesPatrick Georgi
Stefan thinks they don't add value. Command used: sed -i -e '/file is part of /d' $(git grep "file is part of " |egrep ":( */\*.*\*/\$|#|;#|-- | *\* )" | cut -d: -f1 |grep -v crossgcc |grep -v gcov | grep -v /elf.h |grep -v nvramtool) The exceptions are for: - crossgcc (patch file) - gcov (imported from gcc) - elf.h (imported from GNU's libc) - nvramtool (more complicated header) The removed lines are: - fmt.Fprintln(f, "/* This file is part of the coreboot project. */") -# This file is part of a set of unofficial pre-commit hooks available -/* This file is part of coreboot */ -# This file is part of msrtool. -/* This file is part of msrtool. */ - * This file is part of ncurses, designed to be appended after curses.h.in -/* This file is part of pgtblgen. */ - * This file is part of the coreboot project. - /* This file is part of the coreboot project. */ -# This file is part of the coreboot project. -# This file is part of the coreboot project. -## This file is part of the coreboot project. --- This file is part of the coreboot project. -/* This file is part of the coreboot project */ -/* This file is part of the coreboot project. */ -;## This file is part of the coreboot project. -# This file is part of the coreboot project. It originated in the - * This file is part of the coreinfo project. -## This file is part of the coreinfo project. - * This file is part of the depthcharge project. -/* This file is part of the depthcharge project. */ -/* This file is part of the ectool project. */ - * This file is part of the GNU C Library. - * This file is part of the libpayload project. -## This file is part of the libpayload project. -/* This file is part of the Linux kernel. */ -## This file is part of the superiotool project. -/* This file is part of the superiotool project */ -/* This file is part of uio_usbdebug */ Change-Id: I82d872b3b337388c93d5f5bf704e9ee9e53ab3a9 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41194 Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-05-06treewide: replace GPLv2 long form headers with SPDX headerPatrick Georgi
This replaces GPLv2-or-later and GPLv2-only long form text with the short SPDX identifiers. Commands used: perl -i -p0e 's|/\*[*\n\t ]*This program is free software[:;].*you.*can.*redistribute.*it.*and/or.*modify.*it.*under.*the.*terms.*of.*the.*GNU.*General.*Public.*License.*as.*published.*by.*the.*Free.*Software.*Foundation[;,].*version.*2.*of.*the.*License.*or.*(at.*your.*option).*any.*later.*version.+This.*program.*is.*distributed.*in.*the.*hope.*that.*it.*will.*be.*useful,.*but.*;.*without.*even.*the.*implied.*warranty.*of.*MERCHANTABILITY.*or.*FITNESS.*FOR.*A.*PARTICULAR.*PURPOSE..*.*See.*the.*GNU.*General.*Public.*License for more details.[\n\t ]*\*/|/* SPDX-License-Identifier: GPL-2.0-or-later */|s' $(cat filelist) perl -i -p0e 's|/\*[*\n\t ]*This program is free software[:;].*you.*can.*redistribute.*it.*and/or.*modify.*it.*under.*the.*terms.*of.*the.*GNU.*General.*Public.*License.*as.*published.*by.*the.*Free.*Software.*Foundation[;,].*version.*2.+This.*program.*is.*distributed.*in.*the.*hope.*that.*it.*will.*be.*useful,.*but.*;.*without.*even.*the.*implied.*warranty.*of.*MERCHANTABILITY.*or.*FITNESS.*FOR.*A.*PARTICULAR.*PURPOSE..*.*See.*the.*GNU.*General.*Public.*License for more details.[\n\t ]*\*/|/* SPDX-License-Identifier: GPL-2.0-only */|s' $(cat filelist) perl -i -p0e 's|/\*[*\n\t ]*This program is free software[:;].*you.*can.*redistribute.*it.*and/or.*modify.*it.*under.*the.*terms.*of.*the.*GNU.*General.*Public.*License.*version.*2.*as.*published.*by.*the.*Free.*Software.*Foundation[.;,].+This.*program.*is.*distributed.*in.*the.*hope.*that.*it.*will.*be.*useful,.*but.*;.*without.*even.*the.*implied.*warranty.*of.*MERCHANTABILITY.*or.*FITNESS.*FOR.*A.*PARTICULAR.*PURPOSE..*.*See.*the.*GNU.*General.*Public.*License for more details.[\n\t ]*\*/|/* SPDX-License-Identifier: GPL-2.0-only */|s' $(cat filelist) perl -i -p0e 's|/\*[*\n\t ]*This software is licensed under.*the.*terms.*of.*the.*GNU.*General.*Public.*License.*version.*2.*as.*published.*by.*the.*Free.*Software.*Foundation,.+This.*program.*is.*distributed.*in.*the.*hope.*that.*it.*will.*be.*useful,.*but.*;.*without.*even.*the.*implied.*warranty.*of.*MERCHANTABILITY.*or.*FITNESS.*FOR.*A.*PARTICULAR.*PURPOSE..*.*See.*the.*GNU.*General.*Public.*License for more details.[\n\t ]*\*/|/* SPDX-License-Identifier: GPL-2.0-only */|s' $(cat filelist) Change-Id: I7a746088a35633c11fc7ebe86006e96458a1abf8 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41066 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: David Hendricks <david.hendricks@gmail.com> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
2020-05-06treewide: Move "is part of the coreboot project" line in its own commentPatrick Georgi
That makes it easier to identify "license only" headers (because they are now license only) Script line used for that: perl -i -p0e 's|/\*.*\n.*This file is part of the coreboot project.*\n.*\*|/* This file is part of the coreboot project. */\n/*|' # ...filelist... Change-Id: I2280b19972e37c36d8c67a67e0320296567fa4f6 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41065 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: David Hendricks <david.hendricks@gmail.com> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Angel Pons <th3fanbus@gmail.com>
2020-04-23rules.h: Rename ENV_VERSTAGE to ENV_SEPARATE_VERSTAGEJulius Werner
When CONFIG_SEPARATE_VERSTAGE=n, all verstage code gets linked into the appropriate calling stage (bootblock or romstage). This means that ENV_VERSTAGE is actually 0, and instead ENV_BOOTBLOCK or ENV_ROMSTAGE are 1. This keeps tripping up people who are just trying to write a simple "are we in verstage (i.e. wherever the vboot init logic runs)" check, e.g. for TPM init functions which may run in "verstage" or ramstage depending on whether vboot is enabled. Those checks will not work as intended for CONFIG_SEPARATE_VERSTAGE=n. This patch renames ENV_VERSTAGE to ENV_SEPARATE_VERSTAGE to try to clarify that this macro can really only be used to check whether code is running in a *separate* verstage, and clue people in that they may need to cover the linked-in verstage case as well. Signed-off-by: Julius Werner <jwerner@chromium.org> Change-Id: I2ff3a3c3513b3db44b3cff3d93398330cd3632ea Reviewed-on: https://review.coreboot.org/c/coreboot/+/40582 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2019-12-20{drivers,southbridge}: Replace min() with MIN()Elyes HAOUAS
This is to remove min/max() from <stdlib.h>. Change-Id: Ica03d9aec8a81f57709abcac655dfb0ebce3f8c6 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37818 Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-12-02src/: Remove g_ prefixes and _g suffixes from variablesPatrick Georgi
These were often used to distinguish CAR_GLOBAL variables that weren't directly usable. Since we're getting rid of this special case, also get rid of the marker. This change was created using coccinelle and the following script: @match@ type T; identifier old =~ "^(g_.*|.*_g)$"; @@ old @script:python global_marker@ old << match.old; new; @@ new = old if old[0:2] == "g_": new = new[2:] if new[-2:] == "_g": new = new[:-2] coccinelle.new = new @@ identifier match.old, global_marker.new; @@ - old + new @@ type T; identifier match.old, global_marker.new; @@ - T old; + T new; @@ type T; identifier match.old, global_marker.new; @@ - T old + T new = ...; There were some manual fixups: Some code still uses the global/local variable naming scheme, so keep g_* there, and some variable names weren't completely rewritten. Change-Id: I4936ff9780a0d3ed9b8b539772bc48887f8d5eed Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37358 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
2019-11-29security/tpm: Drop CAR_GLOBAL_MIGRATION supportArthur Heymans
Change-Id: I1c09eda6164efb390de4626f52aafba59962f9c4 Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37029 Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-27cr50 i2c: add error message reporting TPM IRQ timeoutVadim Bendebury
Various recent x86 SOCs have trouble registering short pulses generated by the H1 to indicate that it is ready for the next transaction. This patch adds an error message to report this condition, which would greatly reduce the amount of guesswork when troubleshooting new platforms. BUG=b:144002424 TEST=tried this code on the Drallion device exhibiting the problem, observed error messages in the coreboot log; $ grep IRQ ap.log Cr50 i2c TPM IRQ timeout! Cr50 i2c TPM IRQ timeout! Cr50 i2c TPM IRQ timeout! Cr50 i2c TPM IRQ timeout! ... Change-Id: I5f6ee3986bed58e12fd0ec8cecbf35f46c9263c2 Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37255 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Mathew King <mathewk@chromium.org>
2019-10-27src/{device,drivers}: Use 'include <stdlib.h>' when appropriateElyes HAOUAS
Also, including <types.h>, is supposed to provide stdint and stddef. Change-Id: I99918a5a77e759bc7d4192d2c3fd6ad493c70248 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/33681 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Martin Roth <martinroth@google.com>
2019-10-22AUTHORS: Move src/drivers/[a*-i*] copyrights into AUTHORS fileMartin Roth
As discussed on the mailing list and voted upon, the coreboot project is going to move the majority of copyrights out of the headers and into an AUTHORS file. This will happen a bit at a time, as we'll be unifying license headers at the same time. Updated Authors file is in a separate commit. Signed-off-by: Martin Roth <martin@coreboot.org> Change-Id: I1acea8c975d14904b7e486dc57a1a67480a6ee6e Reviewed-on: https://review.coreboot.org/c/coreboot/+/36178 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2019-01-24cr50: Add probe command to poll Cr50 until DID VID is validKeith Short
Added new routine cr50_i2c_probe() which ensures that communication with the Cr50 over I2C is good prior to attempting other initialization of the Cr50 and TPM state. This avoids a race condition when the Cr50 is first booting that it may reset it's I2C slave interface during the first few I2C transactions initiated from coreboot. BUG=b:120009037 BRANCH=none TEST=Run the Cr50 factory update against Careena board. Confirm that I2C reads are retried until the DID VID is valid. Tested against debug Cr50 firmware that forced failure of cr50_i2c_probe() and verfied that coreboot shows recovery screen. Change-Id: I47c59a32378ad00336277e111e81ba8d2d63e69a Signed-off-by: Keith Short <keithshort@chromium.org> Reviewed-on: https://review.coreboot.org/c/30295 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Raul Rangel <rrangel@chromium.org> Reviewed-by: Martin Roth <martinroth@google.com> Reviewed-by: Daniel Kurtz <djkurtz@google.com>
2018-10-08Move compiler.h to commonlibNico Huber
Its spreading copies got out of sync. And as it is not a standard header but used in commonlib code, it belongs into commonlib. While we are at it, always include it via GCC's `-include` switch. Some Windows and BSD quirk handling went into the util copies. We always guard from redefinitions now to prevent further issues. Change-Id: I850414e6db1d799dce71ff2dc044e6a000ad2552 Signed-off-by: Nico Huber <nico.h@gmx.de> Reviewed-on: https://review.coreboot.org/28927 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-08-14drivers/i2c/tpm/cr50.c: Check if TPM was readRichard Spiegel
Under some conditions, cr50_i2c_read() can return without actually reading the TPM, which will leave access uninitialized. Set an initial value for access, and if TPM fails to respond in time check if at least TPM was read. This way avoids printing an uninitialized value. BUG=b:112253891 TEST=Build and boot grunt. Change-Id: I5ec7a99396db32971dc8485b77158d735ab1d788 Signed-off-by: Richard Spiegel <richard.spiegel@silverbackltd.com> Reviewed-on: https://review.coreboot.org/27995 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Martin Roth <martinroth@google.com> Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
2018-04-24compiler.h: add __weak macroAaron Durbin
Instead of writing out '__attribute__((weak))' use a shorter form. Change-Id: If418a1d55052780077febd2d8f2089021f414b91 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/25767 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-by: Justin TerAvest <teravest@chromium.org>
2018-01-18security/tpm: Change TPM naming for different layers.Philipp Deppenwiese
* Rename tlcl* to tss* as tpm software stack layer. * Fix inconsistent naming. Change-Id: I206dd6a32dbd303a6d4d987e424407ebf5c518fa Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22104 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2018-01-18security/tpm: Move tpm TSS and TSPI layer to security sectionPhilipp Deppenwiese
* Move code from src/lib and src/include into src/security/tpm * Split TPM TSS 1.2 and 2.0 * Fix header includes * Add a new directory structure with kconfig and makefile includes Change-Id: Id15a9aa6bd367560318dfcfd450bf5626ea0ec2b Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22103 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2017-11-22drivers/i2c/tpm/cr50: Simplify and increase init delay to 30 secondsDuncan Laurie
The Cr50 i2c driver provides separate entry points for probing and initialization, but probing function does not really do much. It also claims and releases locality on every coreboot stage, but there is no need for this - locality should be definitely claimed after reset and then it could be retained through the boot process. On top of that the driver does not properly account for long time it could take the Cr50 chip to come around to reset processing if TPM reset request was posted during a lengthy TPM operation. This patch addresses the issues as follows: - tpm_vendor_probe() and tpm_vendor_cleanup() become noops, kept around to conform to the expected driver API. - tpm_vendor_init() invokes a function to process TPM reset only in the first stage using TPM (typically verstage), the function checks if locality is claimed and if so - waits for it to be released, which indicates that TPM reset processing is over. - before claiming locality check if it is already taken, and if so - just proceed. BRANCH=none BUG=b:65867313, b:68729265 TEST=Verified that reef no longer hangs during EC reboot and firmware_Cr50ClearTPMOwner (not yet merged) tests. Change-Id: Iba8445caf1342e3a5fefcb2664b0759a1a8e84e3 Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Reviewed-on: https://review.coreboot.org/22554 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2017-11-09drivers/i2c/tpm/cr50: Increase init delay to 30 secondsDuncan Laurie
In case the TPM is doing a long crypto operation the initial probe could be very delayed. Rather than end up in recovery make the delay long enough to accommodate the (current) long crypto times. BUG=b:65867313, b:68729265 TEST=Verified that Soraka no longer hangs during EC reboot test. Change-Id: I3bccff70e001dfc065c24be8ad34ef239a144db1 Signed-off-by: Duncan Laurie <dlaurie@google.com> Signed-off-by: Furquan Shaikh <furquan@chromium.org> Reviewed-on: https://review.coreboot.org/22379 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2017-08-18include/device: Split i2c.h into threeNico Huber
Split `i2c.h` into three pieces to ease reuse of the generic defi- nitions. No code is changed. * `i2c.h` - keeps the generic definitions * `i2c_simple.h` - holds the current, limited to one controller driver per board, devicetree independent I2C interface * `i2c_bus.h` - will become the devicetree compatible interface for native I2C (e.g. non-SMBus) controllers Change-Id: I382d45c70f9314588663e1284f264f877469c74d Signed-off-by: Nico Huber <nico.huber@secunet.com> Reviewed-on: https://review.coreboot.org/20845 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2017-07-13Rename __attribute__((packed)) --> __packedStefan Reinauer
Also unify __attribute__ ((..)) to __attribute__((..)) and handle ((__packed__)) like ((packed)) Change-Id: Ie60a51c3fa92b5009724a5b7c2932e361bf3490c Signed-off-by: Stefan Reinauer <stefan.reinauer@coreboot.org> Reviewed-on: https://review.coreboot.org/15921 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2017-04-24drivers/i2c/tpm/cr50: Use tis_plat_irq_status for Cr50 IRQ statusDaniel Kurtz
The Cr50 TPM uses an IRQ to provide a "status" signal used for hand-shaking the reception of commands. Real IRQs are not supported in firmware, however firmware can still poll interrupt status registers for the same effect. Commit 94cc485338a3 ("drivers/i2c/tpm/cr50: Support interrupts for status") added support for the Cr50 driver on X86 platforms to use a KConfig file to supply an IRQ which it would poll using acpi_get_gpe. If the IRQ is not supplied, the Cr50 driver inserts a 20 ms wait. Unfortunately this doesn't work so well when using the i2c connected Cr50 on ARM platforms. Luckily, a more generic implementation to allow a mainboard to supply a Cr50 IRQ status polling function was solved for SPI connected Cr50s by commit 19e3d335bddb ("drivers/spi/tpm: using tpm irq to sync tpm transaction"). Let's refactor the i2c c50 driver to use this same approach, and change eve and reef boards to make use of DRIVER_TPM_TIS_ACPI_INTERRUPT for specifying the TPM flow control interrupt. This essentially reverts these two commits: 48f708d199 drivers/i2c/tpm/cr50: Initialize IRQ status handler before probe 94cc485338 drivers/i2c/tpm/cr50: Support interrupts for status And ports this commit to i2c/tpm/cr50: 19e3d335bd drivers/spi/tpm: using tpm irq to sync tpm transaction As a side effect the tpm_vendor_specific IRQ field goes back to its original usage as the "TPM 1.2 command complete" interrupt, instead of being repurposed to hold the flow control IRQ. BRANCH=none BUG=b:36786804 TEST=Boot reef w/ serial enabled firmware, verify verstage sees "cr50 TPM" and does not complain about lack of tis_plat_irq_status(). TEST=Boot eve w/ serial enabled firmware, verify verstage sees "cr50 TPM" and does not complain about lack of tis_plat_irq_status(). Change-Id: I004329eae1d8aabda51c46b8504bf210484782b4 Signed-off-by: Daniel Kurtz <djkurtz@chromium.org> Reviewed-on: https://review.coreboot.org/19363 Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins)
2017-04-13drivers/spi/tpm: Clean up SPI TPM driverFurquan Shaikh
1. Move common TIS macros to include/tpm.h. 2. Use common TIS macros while referring to status and access registers. 3. Add a new function claim_locality to properly check for required access bits and claim locality 0. BUG=b:36873582 Change-Id: I11bf3e8b6e1f50b7868c9fe4394a858488367287 Signed-off-by: Furquan Shaikh <furquan@chromium.org> Reviewed-on: https://review.coreboot.org/19213 Tested-by: build bot (Jenkins) Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
2017-03-15drivers/i2c/tpm: Fix issues detected by checkpatchLee Leahy
Fix the following warnings detected by checkpatch.pl: WARNING: Prefer 'unsigned int' to bare use of 'unsigned' WARNING: braces {} are not necessary for single statement blocks WARNING: Unnecessary parentheses - maybe == should be = ? WARNING: line over 80 characters WARNING: missing space after return type TEST=Build and run on Galileo Gen2 Change-Id: I56f915f6c1975cce123fd38043bad2638717d88c Signed-off-by: Lee Leahy <leroy.p.leahy@intel.com> Reviewed-on: https://review.coreboot.org/18832 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-11-07drivers/i2c/tpm/cr50: Increase IRQ timeoutDuncan Laurie
Increase the IRQ timeout to prevent issues if there is a delay in the TPM responding to a command. Split the no-IRQ case out so it doesn't suffer unnecessarily. BUG=chrome-os-partner:59191 TEST=suspend/resume testing on eve board Change-Id: I1ea7859bc7a056a450b2b0ee32153ae43ee8699f Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://review.coreboot.org/17204 Reviewed-by: Furquan Shaikh <furquan@google.com> Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2016-10-05drivers/i2c/tpm/cr50: Initialize IRQ status handler before probeDuncan Laurie
Move the setup of the IRQ status handler so it will be set up properly before the early probe happens. BUG=chrome-os-partner:53336 Change-Id: I4380af1233d2a252899459635a3cb69ca196088d Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://review.coreboot.org/16861 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
2016-09-21drivers/i2c/tpm/cr50: Support interrupts for statusDuncan Laurie
Support reading the ACPI GPE status (on x86) to determine when the cr50 is ready to return response data or is done processing written data. If the interrupt is not defined by Kconfig then it will continue to use the safe delay. This was tested with reef hardware and a modified cr50 image that generates interrupts at the intended points. BUG=chrome-os-partner:53336 Change-Id: Ic8f805159650c45382cacac8840450a1f8b4d7a1 Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://review.coreboot.org/16672 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-09-21drivers/i2c/tpm/cr50: Improve data handling and function namesDuncan Laurie
Unify the function names to be consistent throughout the driver and improve the handling while waiting for data available and data expected flags from the TPM. BUG=chrome-os-partner:53336 Change-Id: Ie2dfb7ede1bcda0e77070df945c47c1428115907 Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://review.coreboot.org/16668 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-09-21drivers/i2c/tpm/cr50: Clean up locality functionsDuncan Laurie
Clean up the mask and timeout handling in the locality functions that were copied from the original driver. BUG=chrome-os-partner:53336 Change-Id: Ifdcb3be0036b2c02bfbd1bcd326e9519d3726ee0 Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://review.coreboot.org/16667 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-09-21drivers/i2c/tpm/cr50: Rename i2c read/write functionsDuncan Laurie
Rename the low-level functions from iic_tpm_read/write to cr50_i2c_read/write to better match the driver name, and pass in the tpm_chip structure to the low-level read/write functions as it will be needed in future changes. BUG=chrome-os-partner:53336 Change-Id: I826a7f024f8d137453af86ba920e0a3a734f7349 Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://review.coreboot.org/16666 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-09-21drivers/i2c/tpm/cr50: Clean up timeoutsDuncan Laurie
Use two different timeouts in the driver. The 2ms timeout is needed to be safe for cr50 to cover the extended timeout that is seen with some commands. The other at 2 seconds which is a TPM spec timeout. BUG=chrome-os-partner:53336 Change-Id: Ia396fc48b8fe6e56e7071db9d74561de02b5b50e Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://review.coreboot.org/16665 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-09-21drivers/i2c/tpm/cr50: Reduce max buffer sizeDuncan Laurie
Reduce the static buffer size from the generic default 1260 down to 64 to match the max FIFO size for the cr50 hardware and reduce the footprint of the driver. BUG=chrome-os-partner:53336 Change-Id: I6f9f71d501b60299edad4b16cc553a85391a1866 Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://review.coreboot.org/16664 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-09-21drivers/i2c/tpm: Split cr50 driver from main driverDuncan Laurie
Originally I thought it would be cleaner to keep this code in one place, but as things continue to diverge it ends up being easier to split this into its own driver. This way the different drivers in coreboot, depthcharge, and the kernel, can all be standalone and if one is changed it is easier to modify the others. This change splits out the cr50 driver and brings along the basic elements from the existing driver with no real change in functionality. The following commits will modify the code to make it consistent so it can all be shared with depthcharge and the linux kernel drivers. BUG=chrome-os-partner:53336 Change-Id: I3b62b680773d23cc5a7d2217b9754c6c28bccfa7 Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://review.coreboot.org/16663 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-09-19Revert "drivers/i2c/tpm: Split cr50 driver from main driver"Duncan Laurie
This reverts commit c565f9910707b91fcc7a27bab28806e558bb474d.
2016-09-19Revert "drivers/i2c/tpm/cr50: Reduce max buffer size"Duncan Laurie
This reverts commit 97a2a1ece152b6d40a524361721405b77c37959d.
2016-09-19Revert "drivers/i2c/tpm/cr50: Clean up timeouts"Duncan Laurie
This reverts commit 93c778688f0bf2f90334505a3082a2cd4ce1623a.
2016-09-19Revert "drivers/i2c/tpm/cr50: Rename i2c read/write functions"Duncan Laurie
This reverts commit 6f5ceb26b9b3e1455ebbd6192e1d2c832bddc77e.
2016-09-19Revert "drivers/i2c/tpm/cr50: Clean up locality functions"Duncan Laurie
This reverts commit 557e1a729a9ca89e814220b6203b7ac0dc446913.
2016-09-19Revert "drivers/i2c/tpm/cr50: Improve data handling and function names"Duncan Laurie
This reverts commit 1241e7db55aff313e56bf4546d969c11368b08a2.
2016-09-19Revert "drivers/i2c/tpm/cr50: Support interrupts for status"Duncan Laurie
This reverts commit a5e419c51187d24818f056327746a18676fe3a20.
2016-09-19drivers/i2c/tpm/cr50: Support interrupts for statusDuncan Laurie
Support reading the ACPI GPE status (on x86) to determine when the cr50 is ready to return response data or is done processing written data. If the interrupt is not defined by Kconfig then it will continue to use the safe delay. This was tested with reef hardware and a modified cr50 image that generates interrupts at the intended points. BUG=chrome-os-partner:53336 Change-Id: I9f78f520fd089cb4471d8826a8cfecff67398bf8 Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
2016-09-19drivers/i2c/tpm/cr50: Improve data handling and function namesDuncan Laurie
Unify the function names to be consistent throughout the driver and improve the handling while waiting for data available and data expected flags from the TPM. BUG=chrome-os-partner:53336 Change-Id: I7e3912fb8d8c6ad17d1af2d2a7189bf7c0c52c8e Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
2016-09-19drivers/i2c/tpm/cr50: Clean up locality functionsDuncan Laurie
Clean up the mask and timeout handling in the locality functions that were copied from the original driver. BUG=chrome-os-partner:53336 Change-Id: Ifa1445224b475aec38c2ac56e15cb7ba7fcd21ea Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
2016-09-19drivers/i2c/tpm/cr50: Rename i2c read/write functionsDuncan Laurie
Rename the low-level functions from iic_tpm_read/write to cr50_i2c_read/write to better match the driver name, and pass in the tpm_chip structure to the low-level read/write functions as it will be needed in future changes. BUG=chrome-os-partner:53336 Change-Id: Ib4a68ce1b3a83ea7c4bcefb9c6f002f6dd4aac1f Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
2016-09-19drivers/i2c/tpm/cr50: Clean up timeoutsDuncan Laurie
Use two different timeouts in the driver. The 2ms timeout is needed to be safe for cr50 to cover the extended timeout that is seen with some commands. The other at 2 seconds which is a TPM spec timeout. BUG=chrome-os-partner:53336 Change-Id: I77fdd7ea646b8b2fef449f07e3a08bcce174fe8b Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
2016-09-19drivers/i2c/tpm/cr50: Reduce max buffer sizeDuncan Laurie
Reduce the static buffer size from the generic default 1260 down to 64 to match the max FIFO size for the cr50 hardware and reduce the footprint of the driver. BUG=chrome-os-partner:53336 Change-Id: Ia88facca607f3fd5072d0d986323fde075f15855 Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
2016-09-19drivers/i2c/tpm: Split cr50 driver from main driverDuncan Laurie
Originally I thought it would be cleaner to keep this code in one place, but as things continue to diverge it ends up being easier to split this into its own driver. This way the different drivers in coreboot, depthcharge, and the kernel, can all be standalone and if one is changed it is easier to modify the others. This change splits out the cr50 driver and brings along the basic elements from the existing driver with no real change in functionality. The following commits will modify the code to make it consistent so it can all be shared with depthcharge and the linux kernel drivers. BUG=chrome-os-partner:53336 Change-Id: Ia9a65e72519b95f5739e3b7a16b9c2431d64ebe2 Signed-off-by: Duncan Laurie <dlaurie@chromium.org>