Age | Commit message (Collapse) | Author |
|
MAINBOARD_HAS_SPI_TPM_CR50 describes a capability of the board and SPI_TPM
is only on if we actually want to compile in the TPM code. For example,
in src/drivers/i2c/tpm/Kconfig MAINBOARD_HAS_I2C_TPM_CR50 also doesn't
depend on SPI_TPM.
This problem manifests itself as the following build issue when building
with MAINBOARD_HAS_I2C_TPM_CR50 but without an explict "select TPM2":
src/Kconfig:296:error: recursive dependency detected!
src/Kconfig:296: symbol MAINBOARD_HAS_TPM2 is selected by MAINBOARD_HAS_TPM_CR50
src/Kconfig:408: symbol MAINBOARD_HAS_TPM_CR50 depends on MAINBOARD_HAS_SPI_TPM_CR50
src/drivers/spi/tpm/Kconfig:15: symbol MAINBOARD_HAS_SPI_TPM_CR50 depends on SPI_TPM
src/drivers/spi/tpm/Kconfig:1: symbol SPI_TPM depends on TPM2
src/Kconfig:396: symbol TPM2 is selected by MAINBOARD_HAS_TPM2
MAINBOARD_HAS_SPI_TPM_CR50 shouldn't depend on SPI_TPM.
BRANCH=none
BUG=b:36786804
TEST=Boot rowan w/ serial enabled, verify coreboot and depthcharge are
configured to use IRQ flow control when talking to the Cr50 TPM.
Change-Id: I0cb3f6d3aa4159bad563a6a4b006d7f4825e04b4
Signed-off-by: Daniel Kurtz <djkurtz@chromium.org>
Suggested-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/19411
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
1. Move common TIS macros to include/tpm.h.
2. Use common TIS macros while referring to status and access registers.
3. Add a new function claim_locality to properly check for required
access bits and claim locality 0.
BUG=b:36873582
Change-Id: I11bf3e8b6e1f50b7868c9fe4394a858488367287
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://review.coreboot.org/19213
Tested-by: build bot (Jenkins)
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
|
|
In order to be able to use SPI TPM on x86, allow TPM_SPI to be used
with PC80_SYSTEM.
BUG=b:35583330
Change-Id: Ibe626a192d45cf2624368db42d369202a4003123
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://review.coreboot.org/19093
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
1. Use proper CAR semantics for global/static variables.
2. Use spi_* functions directly instead of using a global structure to
store pointers to those functions.
BUG=b:36873582
Change-Id: I1fc52ab797ef0cbd3793a387d68198efc5dde58c
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://review.coreboot.org/19114
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
BUG=b:35647967
TEST=boot from bob
Change-Id: Ib64107b17fb6e93dbe626ce92f3bc9da8b84784e
Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com>
Reviewed-on: https://chromium-review.googlesource.com/452284
Commit-Ready: Caesar Wang <wxt@rock-chips.com>
Tested-by: Caesar Wang <wxt@rock-chips.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/19113
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
BUG=b:35775002
TEST=boot from bob
Change-Id: I6324f3c02da55a8527f085ba463cbb1f4fb5dc2e
Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com>
Reviewed-on: https://chromium-review.googlesource.com/452283
Commit-Ready: Caesar Wang <wxt@rock-chips.com>
Tested-by: Caesar Wang <wxt@rock-chips.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/19112
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins)
|
|
These files are required to support recovery MRC cache hash
save/restore in romtage/ramstage.
BUG=b:35583330
Change-Id: Idd0a4ee1c5f8f861caf40d841053b83a9d7aaef8
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://review.coreboot.org/19092
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
|
|
The spi tis_sendrecv() implementation was always returning success
for all transactions. Correct this by returning -1 on error when
tpm2_process_command() returns 0 since that's its current failure
return code.
BUG=b:36598499
Change-Id: I8bfb5a09198ae4c293330e770271773a185d5061
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/19058
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins)
|
|
The tpm_info object is a global, but its symbol does not need to
be exposed to the world as its only used within tpm.c.
BUG=b:36598499
Change-Id: Idded3dad8d0d1c3535bddfb359009210d3439703
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/19057
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins)
|
|
In the case of start_transaction() failing the chip select is never
deasserted. Correct that by deasserting the chip select when
start_transaction() fails.
BUG=b:36598499
Change-Id: I2c5200085eb357259edab39c1a0fa7b1d81ba7b2
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/19056
Tested-by: build bot (Jenkins)
Reviewed-by: Furquan Shaikh <furquan@google.com>
|
|
Going forward it's important to note when a CR50 is expected
to be present in the system. Additionally, this Kconfig addition
provides symmetry with the equivalent i2c Kconfig option.
BUG=b:35775104
Change-Id: Ifbd42b8a22f407534b23459713558c77cde6935d
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/18680
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins)
|
|
When trying to bring up a device with a malfunctioning TPM2 chip, the
driver currently gets stuck waiting for SPI flow control, causing
bricked devices.
This patch puts a 100 ms cap on the waiting time - this should be
enough even for a longest NVRAM save operation which could be under
way on the TPM device.
BRANCH=gru
BUG=chrome-os-partner:59807
TEST=with a matching change in depthcharge, now a gru with corrupted
SPI TPM comes up to the recovery screen (it was not showing signs
of life before this change).
Change-Id: I63ef5dde8dddd9afeae91e396c157a1a37d47c80
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://review.coreboot.org/17898
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins)
|
|
For spi_setup_slave, instead of making the platform driver return a
pointer to spi_slave structure, pass in a structure pointer that can be
filled in by the driver as required. This removes the need for platform
drivers to maintain a slave structure in data/CAR section.
BUG=chrome-os-partner:59832
BRANCH=None
TEST=Compiles successfully
Change-Id: Ia15a4f88ef4dcfdf616bb1c22261e7cb642a7573
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://review.coreboot.org/17683
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
1. Use size_t instead of unsigned int for bytes_out and bytes_in.
2. Use const attribute for spi_slave structure passed into xfer, claim
bus and release bus functions.
BUG=chrome-os-partner:59832
BRANCH=None
TEST=Compiles successfully
Change-Id: Ie70b3520b51c42d750f907892545510c6058f85a
Signed-off-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-on: https://review.coreboot.org/17682
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
Kconfig hex values don't need to be in quotes, and should start with
'0x'. If the default value isn't set this way, Kconfig will add the
0x to the start, and the entry can be added unnecessarily to the
defconfig since it's "different" than what was set by the default.
A check for this has been added to the Kconfig lint tool.
Change-Id: I86f37340682771700011b6285e4b4af41b7e9968
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/16834
Tested-by: build bot (Jenkins)
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
|
|
Fixed "intierface" typo.
Change-Id: I65f0156ee059a8bed96c900ca3da3a06f45901e8
Signed-off-by: Robert Foss <robert.foss@collabora.com>
Reviewed-on: https://review.coreboot.org/16252
Tested-by: build bot (Jenkins)
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
|
|
The TPM version string has become much longer recently, and the
TPM_FW_VER register available on VID 1ae0 devices supports reading in
arbitrary size quantities.
Let's read 50 bytes at a time to reduce the SPI register read wrapper
overhead, and increase the length limit to 300 bytes to accommodate
longer version strings.
TEST=verified on the Kevin device:
localhost ~ # grep cr50 /sys/firmware/log
Firmware version: RO_A: 0.0.1/84e2dde7 RO_B:* 0.0.2/13eda43f RW_A:* cr50_v1.1.5005-444ddb7 RW_B: cr50_v1.1.5005-5aac83c
cr50_v1.1.5005-444ddb7 private-cr51:v0.0.66-bd9a0fe tpm2:v0.0.259-8f3d735 cryptoc:v0.0.4-5319e83 2016-07-31 10:58:05 vbendeb@kvasha
Change-Id: Ifaf28c1a9a3990372a9cec108c098edbe50d3243
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://review.coreboot.org/16000
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
Change-Id: I7930d5cded290f2605d0c92a9c465a3f0c1291a2
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/15974
Tested-by: build bot (Jenkins)
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
|
|
Some devices allow to retrieve firmware version by reading the same 4
byte register repeatedly until the entire version string is read.
Let's print out TPM firmware version when available. Just in case
something goes wrong limit the version string length to 200 bytes.
CQ-DEPEND=CL:355701
BRANCH=none
BUG=chrome-os-partner:54723
TEST=built the new firmware and ran it on Gru, observed the following
in the coreboot console log:
Connected to device vid:did:rid of 1ae0:0028:00
Firmware version: cr50_v1.1.4792-7a44484
Original-Commit-Id: 1f54a30cebe808abf1b09478b47924bb722a0ca6
Original-Change-Id: Idb069dabb80d34a0efdf04c3c40a42ab0c8a3f94
Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/355704
Original-Reviewed-by: Scott Collyer <scollyer@chromium.org>
Squashed with:
tpm: use 4 byte quantities when retrieving firmware version
The CR50 device is capable of reporting its firmware version in 4 byte
quantities, but the recently introduced code retrieves the version one
byte at a time.
With this fix the version is retrieved in 4 byte chunks.
BRANCH=none
BUG=none
TEST=the version is still reported properly, as reported by the AP
firmware console log:
localhost ~ # grep cr50 /sys/firmware/log
Firmware version: cr50_v1.1.4804-c64cf24
localhost ~ #
Original-Commit-Id: 3111537e7b66d8507b6608ef665e4cde76403818
Original-Change-Id: I04116881a30001e35e989e51ec1567263f9149a6
Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/356542
Original-Reviewed-by: Andrey Pronin <apronin@chromium.org>
Change-Id: Ia9f13a5bf1c34292b866f57c0d14470fe6ca9853
Signed-off-by: Martin Roth <martinroth@chromium.org>
Reviewed-on: https://review.coreboot.org/15573
Tested-by: build bot (Jenkins)
Reviewed-by: Furquan Shaikh <furquan@google.com>
|
|
The "PC Client Protection Profile for TPM 2.0" document defines SPI
bus addresses for different localities. That definition is not honored
in the cr50 implementation, this patch fixes it: locality zero
register file is based off 0xd40000.
BRANCH=none
BUG=chrome-os-partner:54720
TEST=with the fixed cr50 image and the rest of TPM2 initialization
patches applied factory initialization sequence on Gru succeeds.
Change-Id: I49b7ed55f0360448b9a6602ebd31a3a531608da3
Signed-off-by: Martin Roth <martinroth@chromium.org>
Original-Commit-Id: 43344fff5d58ec235e50030413fc38c98dd0a9a1
Original-Change-Id: I2de6fa6c05d3eca989d6785228d5adde1f2a7ab7
Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/355620
Original-Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://review.coreboot.org/15568
Tested-by: build bot (Jenkins)
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@googlemail.com>
|
|
To fully define TPM attachment to a SPI interface both bus and CS
(chip select) settings are required. Add the missing CS configuration
option.
BRANCH=none
BUG=chrome-os-partner:50645
TEST=with the rest of the patches applied it is possible to compile in
and run TPM2 SPI driver.
Change-Id: If297df8e5b9526f156ed1414eb9db317d6af5b33
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/353913
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/15299
Tested-by: build bot (Jenkins)
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@googlemail.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
|
|
This introduces a SPI TPM driver compliant with the TCG issued "TPM
Profile (PTP) Specification Revision 00.43" which can be found by
googling its title.
The driver implements both the hardware flow control protocol and the
TPM state machine.
The hardware flow control allows to map SPI based TPM devices to the
LPC address space on x86 platforms, on all other platforms it needs to
be implemented in the driver software.
The tis layer is somewhat superficial, it might have to be expanded
later.
A lot more implementation details can be found in the code comments.
Also, it is worth mentioning that this is not a complete version of
the driver: its robustness needs to be improved, delay loops need to
be bound, error conditions need to propagate up the call stack.
BRANCH=none
BUG=chrome-os-partner:52132, chrome-os-partner:50645, chrome-os-partner:54141
TEST=with the rest of the patches applied coreboot is able complete
Chrome OS factory initialization of the TPM2 device.
Change-Id: I967bc5c689f6e6f345755f08cb088ad37abd5d1c
Signed-off-by: Martin Roth <martinroth@chromium.org>
Original-Commit-Id: 5611c6f7d7fe6d37da668f337f0e70263913d63e
Original-Change-Id: I17d732e66bd231c2289ec289994dd819c6276855
Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/350124
Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/15298
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@googlemail.com>
Tested-by: build bot (Jenkins)
|
|
Until now it was assumed that all TPM devices were of the same type
(TCG 1.2 spec compliant) and x86 based boards had LPC connected TPMs
and all other boards had I2C connected TPMs.
With the advent of TPM2 specification there is a need to be able to
configure different combinations of TPM types (TPM or TPM2) and
interfaces (LPC, I2C and SPI).
This patch allows to do it. Picking Chrome OS still assumes that the
board has a TPM device, but adding MAINBOARD_HAS_TPM2 to the board's
Kconfig will trigger including of TPM2 instead.
MAINBOARD_HAS_LPC_TPM forces the interface to be set to LPC, adding
SPI_TPM to the board config switches interface choice to SPI, and if
neither of the two is defined, the interface is assumed to be I2C.
BRANCH=none
BUG=chrome-os-partner:50645
TEST=verified that none of the generated board configurations change
as a result of this patch. With the rest of the stack in place it
is possible to configure different combinations of TPM types and
interfaces for ARM and x86 boards.
Change-Id: I24f2e3ee63636566bf2a867c51ed80a622672f07
Signed-off-by: Martin Roth <martinroth@chromium.org>
Original-Commit-Id: 5a25c1070560cd2734519f87dfbf401c135088d1
Original-Change-Id: I659e9301a4a4fe065ca6537ef1fa824a08d36321
Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/349850
Original-Reviewed-by: Martin Roth <martinroth@chromium.org>
Reviewed-on: https://review.coreboot.org/15294
Tested-by: build bot (Jenkins)
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@googlemail.com>
|