From c703814e951376bef0945934dccff9158d54db7d Mon Sep 17 00:00:00 2001
From: Christian Walter <christian.walter@9elements.com>
Date: Tue, 16 Jul 2019 20:01:44 +0200
Subject: src/drivers/intel/ptt: Add PTT Support

Add function which checks if Intel Platform Trust Technology / Intel
integrated TPM is enabled/active.

Change-Id: If93bb5e1a3a59b5045f4e44359683876fb387a71
Signed-off-by: Christian Walter <christian.walter@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34380
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
---
 src/drivers/intel/ptt/Kconfig      |  5 ++++
 src/drivers/intel/ptt/Makefile.inc |  4 +++
 src/drivers/intel/ptt/ptt.c        | 53 ++++++++++++++++++++++++++++++++++++++
 src/drivers/intel/ptt/ptt.h        | 27 +++++++++++++++++++
 4 files changed, 89 insertions(+)
 create mode 100644 src/drivers/intel/ptt/Kconfig
 create mode 100644 src/drivers/intel/ptt/Makefile.inc
 create mode 100644 src/drivers/intel/ptt/ptt.c
 create mode 100644 src/drivers/intel/ptt/ptt.h

(limited to 'src/drivers/intel/ptt')

diff --git a/src/drivers/intel/ptt/Kconfig b/src/drivers/intel/ptt/Kconfig
new file mode 100644
index 0000000000..c013f42c43
--- /dev/null
+++ b/src/drivers/intel/ptt/Kconfig
@@ -0,0 +1,5 @@
+config HAVE_INTEL_PTT
+	bool
+	default n
+	help
+		Activate if your platform has Intel Platform Trust Technology like Intel iTPM and you want to use it.
diff --git a/src/drivers/intel/ptt/Makefile.inc b/src/drivers/intel/ptt/Makefile.inc
new file mode 100644
index 0000000000..fdecc89b9f
--- /dev/null
+++ b/src/drivers/intel/ptt/Makefile.inc
@@ -0,0 +1,4 @@
+romstage-$(CONFIG_HAVE_INTEL_PTT) += ptt.c
+ramstage-$(CONFIG_HAVE_INTEL_PTT) += ptt.c
+postcar-$(CONFIG_HAVE_INTEL_PTT) += ptt.c
+verstage-$(CONFIG_HAVE_INTEL_PTT) += ptt.c
diff --git a/src/drivers/intel/ptt/ptt.c b/src/drivers/intel/ptt/ptt.c
new file mode 100644
index 0000000000..738de50a8f
--- /dev/null
+++ b/src/drivers/intel/ptt/ptt.c
@@ -0,0 +1,53 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ */
+
+#include <soc/pci_devs.h>
+#include <device/pci_ops.h>
+#include <console/console.h>
+#include <timer.h>
+
+#include "ptt.h"
+
+#define PCI_ME_HFSTS4 0x64
+#define PTT_ENABLE (1 << 19)
+
+/* Dump Intel ME register */
+static uint32_t read_register(int reg_addr)
+{
+	if (!PCH_DEV_CSE)
+		return 0xFFFFFFFF;
+
+	return pci_read_config32(PCH_DEV_CSE, reg_addr);
+}
+
+/*
+ * ptt_active()
+ *
+ * Check if PTT Flag is set - so that PTT is active.
+ *
+ * Return true if active, false otherwise.
+ */
+bool ptt_active(void)
+{
+	uint32_t fwsts4 = read_register(PCI_ME_HFSTS4);
+
+	if (fwsts4 == 0xFFFFFFFF)
+		return false;
+
+	if ((fwsts4 & PTT_ENABLE) == 0) {
+		printk(BIOS_DEBUG, "Intel ME Establishment bit not valid.\n");
+		return false;
+	}
+
+	return true;
+}
diff --git a/src/drivers/intel/ptt/ptt.h b/src/drivers/intel/ptt/ptt.h
new file mode 100644
index 0000000000..ed5e90f599
--- /dev/null
+++ b/src/drivers/intel/ptt/ptt.h
@@ -0,0 +1,27 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * This driver checks if the PTT Bit is set correctly within the FWSTS4
+ * register. This is needed in order to use the iTPM, because we have to
+ * check prior using the interface that this bit is set correctly - otherwise
+ * it could work unpredictable. The bit should already be set if the Intel ME
+ * is still in the preboot phase.
+ *
+ */
+#include <stdint.h>
+/*
+ * ptt_active
+ *
+ * Checks if the Intel PTT is active. If PTT is active, returns true,
+ * false otherwise.
+ */
+bool ptt_active(void);
-- 
cgit v1.2.3