1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
|
/* SPDX-License-Identifier: BSD-3-Clause */
/*
* This is a driver for a CRB Interface.
*
* The general flow looks like this:
*
* TPM starts in IDLE Mode
*
* IDLE --> READY --> Command Reception
* ^ |
* | v
-- Cmd Complete <-- Command Execution
*/
#include <timer.h>
#include <console/console.h>
#include <device/mmio.h>
#include <string.h>
#include <soc/pci_devs.h>
#include <device/pci_ops.h>
#include "tpm.h"
static struct control_area {
uint32_t request;
uint32_t status;
uint32_t cancel;
uint32_t start;
uint64_t interrupt_control;
uint32_t command_size;
void *command_bfr;
uint32_t response_size;
void *response_bfr;
} control_area;
static uint8_t cur_loc = 0;
/* Read Control Area Structure back */
static void crb_readControlArea(void)
{
control_area.request = read32(CRB_REG(cur_loc, CRB_REG_REQUEST));
control_area.status = read32(CRB_REG(cur_loc, CRB_REG_STATUS));
control_area.cancel = read32(CRB_REG(cur_loc, CRB_REG_CANCEL));
control_area.interrupt_control = read64(CRB_REG(cur_loc, CRB_REG_INT_CTRL));
control_area.command_size = read32(CRB_REG(cur_loc, CRB_REG_CMD_SIZE));
control_area.command_bfr =
(void *)(uintptr_t)read64(CRB_REG(cur_loc, CRB_REG_CMD_ADDR));
control_area.response_size = read32(CRB_REG(cur_loc, CRB_REG_RESP_SIZE));
control_area.response_bfr =
(void *)(uintptr_t)read64(CRB_REG(cur_loc, CRB_REG_RESP_ADDR));
/*
* Intel PTT has to write the command/response address and size
* register before each command submission otherwise the control area
* is all zeroed. This has been observed on Alder Lake S CPU and may be
* applicable to other new microarchitectures. Update the local control
* area data to make crb_tpm_process_command() not fail on buffer checks.
* PTT command/response buffer is fixed to be at offset 0x80 and spans
* up to the end of 4KB region for the current locality.
*/
if (CONFIG(HAVE_INTEL_PTT)) {
control_area.command_size = 0x1000 - CRB_REG_DATA_BUFF;
control_area.response_size = control_area.command_size;
control_area.command_bfr = CRB_REG(cur_loc, CRB_REG_DATA_BUFF);
control_area.response_bfr = CRB_REG(cur_loc, CRB_REG_DATA_BUFF);
}
}
/* Wait for Reg to be expected Value */
static tpm_result_t crb_wait_for_reg32(const void *addr, uint32_t timeoutMs, uint32_t mask,
uint32_t expectedValue)
{
uint32_t regValue;
struct stopwatch sw;
// Set up a timer which breaks the loop after timeout
stopwatch_init_msecs_expire(&sw, timeoutMs);
while (1) {
// Now check if the TPM is in IDLE mode
regValue = read32(addr);
if ((regValue & mask) == expectedValue)
return TPM_SUCCESS;
if (stopwatch_expired(&sw)) {
printk(BIOS_ERR,
"CRB_WAIT: Error - Timed out with RegValue: %08x, Mask: %08x, Expected: %08x\n",
regValue, mask, expectedValue);
return TPM_CB_TIMEOUT;
}
}
}
/* CRB PROBE
*
* Checks if the CRB Interface is ready
*/
static tpm_result_t crb_probe(void)
{
uint64_t tpmStatus = read64(CRB_REG(cur_loc, CRB_REG_INTF_ID));
printk(BIOS_SPEW, "Interface ID Reg. %llx\n", tpmStatus);
if ((tpmStatus & CRB_INTF_REG_CAP_CRB) == 0) {
printk(BIOS_DEBUG, "TPM: CRB Interface is not supported.\n");
return TPM_CB_FAIL;
}
if ((tpmStatus & (0xf)) != 1) {
printk(BIOS_DEBUG,
"TPM: CRB Interface is not active. System needs reboot in order to active TPM.\n");
write32(CRB_REG(cur_loc, CRB_REG_INTF_ID), CRB_INTF_REG_INTF_SEL);
return TPM_CB_FAIL;
}
write32(CRB_REG(cur_loc, CRB_REG_INTF_ID), CRB_INTF_REG_INTF_SEL);
write32(CRB_REG(cur_loc, CRB_REG_INTF_ID), CRB_INTF_REG_INTF_LOCK);
return TPM_SUCCESS;
}
/*
* Get active Locality
*
* Get the active locality
*/
static uint8_t crb_activate_locality(void)
{
uint8_t locality = (read8(CRB_REG(0, CRB_REG_LOC_STATE)) >> 2) & 0x07;
printk(BIOS_SPEW, "Active locality: %i\n", locality);
tpm_result_t rc = crb_wait_for_reg32(CRB_REG(locality, CRB_REG_LOC_STATE), 750,
LOC_STATE_LOC_ASSIGN, LOC_STATE_LOC_ASSIGN);
if (!rc && (locality == 0))
return locality;
if (rc)
write8(CRB_REG(locality, CRB_REG_LOC_CTRL), LOC_CTRL_REQ_ACCESS);
rc = crb_wait_for_reg32(CRB_REG(locality, CRB_REG_LOC_STATE), 750, LOC_STATE_LOC_ASSIGN,
LOC_STATE_LOC_ASSIGN);
if (rc) {
printk(BIOS_ERR, "TPM: Error (%#x) - No Locality has been assigned TPM-wise.\n", rc);
return 0;
}
rc = crb_wait_for_reg32(CRB_REG(locality, CRB_REG_LOC_STATE), 1500,
LOC_STATE_REG_VALID_STS, LOC_STATE_REG_VALID_STS);
if (rc) {
printk(BIOS_ERR, "TPM: Error (%#x) - LOC_STATE Register %u contains errors.\n",
rc, locality);
return 0;
}
return locality;
}
/* Switch Device into a Ready State */
static tpm_result_t crb_switch_to_ready(void)
{
/* Transition into ready state */
write8(CRB_REG(cur_loc, CRB_REG_REQUEST), 0x1);
tpm_result_t rc = crb_wait_for_reg32(CRB_REG(cur_loc, CRB_REG_REQUEST), 200,
CRB_REG_REQUEST_CMD_RDY, 0x0);
if (rc) {
printk(BIOS_ERR,
"TPM Error (%#x): TPM did not transition into ready state in time.\n", rc);
return rc;
}
/* Check TPM_CRB_CTRL_STS[0] to be "0" - no unrecoverable error */
rc = crb_wait_for_reg32(CRB_REG(cur_loc, CRB_REG_STATUS), 500, CRB_REG_STATUS_ERROR,
0x0);
if (rc) {
printk(BIOS_ERR, "TPM Error (%#x): Could not recover.\n", rc);
return rc;
}
return TPM_SUCCESS;
}
/*
* crb_tpm_init
*
* Even though the TPM does not need an initialization we check
* if the TPM responds and is in IDLE mode, which should be the
* normal bring up mode.
*
*/
tpm_result_t crb_tpm_init(void)
{
tpm_result_t rc = crb_probe();
if (rc) {
printk(BIOS_ERR, "TPM: Probe failed.\n");
return rc;
}
/* Read back control area structure */
crb_readControlArea();
/*
* PTT may have no assigned locality before startup. Request locality here to save
* some precious milliseconds which would be wasted in crb_activate_locality polling
* for LOC_STATE_LOC_ASSIGN bit for the first time.
*/
if (CONFIG(HAVE_INTEL_PTT)) {
uint8_t locality = (read8(CRB_REG(0, CRB_REG_LOC_STATE)) >> 2) & 0x07;
write8(CRB_REG(locality, CRB_REG_LOC_CTRL), LOC_CTRL_REQ_ACCESS);
}
/* Good to go. */
printk(BIOS_SPEW, "TPM: CRB TPM initialized successfully\n");
return TPM_SUCCESS;
}
static void set_ptt_cmd_resp_buffers(void)
{
write32(CRB_REG(cur_loc, CRB_REG_CMD_ADDR + 4), 0);
write32(CRB_REG(cur_loc, CRB_REG_CMD_ADDR),
(uintptr_t)CRB_REG(cur_loc, CRB_REG_DATA_BUFF));
write32(CRB_REG(cur_loc, CRB_REG_CMD_SIZE), control_area.command_size);
write64(CRB_REG(cur_loc, CRB_REG_RESP_ADDR),
(uintptr_t)CRB_REG(cur_loc, CRB_REG_DATA_BUFF));
write32(CRB_REG(cur_loc, CRB_REG_RESP_SIZE), control_area.response_size);
}
/*
* crb_tpm_process_command
*/
size_t crb_tpm_process_command(const void *tpm2_command, size_t command_size,
void *tpm2_response, size_t max_response)
{
tpm_result_t rc;
if (command_size > control_area.command_size) {
printk(BIOS_ERR, "TPM: Command size is too big.\n");
return -1;
}
if (control_area.response_size < max_response) {
printk(BIOS_ERR, "TPM: Response size could be too big.\n");
return -1;
}
cur_loc = crb_activate_locality();
// Check if CMD bit is cleared.
rc = crb_wait_for_reg32(CRB_REG(0, CRB_REG_START), 250, CRB_REG_START_START, 0x0);
if (rc) {
printk(BIOS_ERR, "TPM Error (%#x): Cmd Bit not cleared.\n", rc);
return -1;
}
rc = crb_switch_to_ready();
if (rc) {
printk(BIOS_DEBUG, "TPM Error (%#x): Can not transition into ready state.\n", rc);
return -1;
}
// Write to Command Buffer
memcpy(control_area.command_bfr, tpm2_command, command_size);
/*
* Initialize CRB addresses and sizes for PTT. It seems to be possible
* only after CRB is switched to ready and before writing start bit.
* This is also what EDK2 TPM CRB drivers do.
*/
if (CONFIG(HAVE_INTEL_PTT))
set_ptt_cmd_resp_buffers();
// Write Start Bit
write8(CRB_REG(cur_loc, CRB_REG_START), 0x1);
// Poll for Response
rc = crb_wait_for_reg32(CRB_REG(cur_loc, CRB_REG_START), 3500, CRB_REG_START_START, 0);
if (rc) {
printk(BIOS_DEBUG, "TPM Error (%#x): Command Timed out.\n", rc);
return -1;
}
// Check for errors
rc = crb_wait_for_reg32(CRB_REG(cur_loc, CRB_REG_STATUS), 200, CRB_REG_STATUS_ERROR, 0);
if (rc) {
printk(BIOS_DEBUG, "TPM Error (%#x): Command errored.\n", rc);
return -1;
}
// Get Response Length
uint32_t length = be32_to_cpu(read32(control_area.response_bfr + 2));
/* Response has to have at least 6 bytes */
if (length < 6)
return 1;
// Copy Response
memcpy(tpm2_response, control_area.response_bfr, length);
rc = crb_switch_to_ready();
if (rc) {
printk(BIOS_DEBUG, "TPM Error (%#x): Can not transition into ready state again.\n", rc);
return -1;
}
return length;
}
/*
* tp2_get_info
*
* Returns information about the TPM
*
*/
void crb_tpm_get_info(struct crb_tpm_info *crb_tpm_info)
{
uint64_t interfaceReg = read64(CRB_REG(cur_loc, CRB_REG_INTF_ID));
crb_tpm_info->vendor_id = (interfaceReg >> 48) & 0xFFFF;
crb_tpm_info->device_id = (interfaceReg >> 32) & 0xFFFF;
crb_tpm_info->revision = (interfaceReg >> 24) & 0xFF;
}
/*
* crb_tpm_is_active
*
* Checks that CRB interface is available and active.
*
* The body was derived from crb_probe() which unlike this function can also
* write to registers.
*/
bool crb_tpm_is_active(void)
{
uint64_t tpmStatus = read64(CRB_REG(0, CRB_REG_INTF_ID));
printk(BIOS_SPEW, "Interface ID Reg. %llx\n", tpmStatus);
if ((tpmStatus & CRB_INTF_REG_CAP_CRB) == 0) {
printk(BIOS_DEBUG, "TPM: CRB Interface is not supported.\n");
return false;
}
if ((tpmStatus & (0xf)) != 1) {
printk(BIOS_DEBUG, "TPM: CRB Interface is not active.\n");
return false;
}
return true;
}
|