acpi: Add IORT helper functions
[coreboot2.git] / src / drivers / i2c / tpm / cr50.c
blob5f5ca66d5f11d0fbe7191421cc80ac4cd2c226b9
1 /* SPDX-License-Identifier: GPL-2.0-only */
3 /* Based on Linux Kernel TPM driver */
5 /*
6 * cr50 is a TPM 2.0 capable device that requires special
7 * handling for the I2C interface.
9 * - Use an interrupt for transaction status instead of hardcoded delays
10 * - Must use write+wait+read read protocol
11 * - All 4 bytes of status register must be read/written at once
12 * - Burst count max is 63 bytes, and burst count behaves
13 * slightly differently than other I2C TPMs
14 * - When reading from FIFO the full burstcnt must be read
15 * instead of just reading header and determining the remainder
18 #include <commonlib/endian.h>
19 #include <commonlib/helpers.h>
20 #include <console/console.h>
21 #include <delay.h>
22 #include <device/i2c_simple.h>
23 #include <drivers/tpm/cr50.h>
24 #include <endian.h>
25 #include <security/tpm/tis.h>
26 #include <string.h>
27 #include <types.h>
28 #include <timer.h>
30 #include "tpm.h"
32 #define CR50_MAX_BUFSIZE 63
33 #define CR50_TIMEOUT_INIT_MS 30000 /* Very long timeout for TPM init */
34 #define CR50_TIMEOUT_LONG_MS 2000 /* Long timeout while waiting for TPM */
35 #define CR50_TIMEOUT_SHORT_MS 2 /* Short timeout during transactions */
36 #define CR50_DID_VID 0x00281ae0L
37 #define TI50_DT_DID_VID 0x504a6666L
38 #define TI50_OT_DID_VID 0x50666666L
40 struct tpm_inf_dev {
41 int bus;
42 int locality;
43 unsigned int addr;
44 uint8_t buf[CR50_MAX_BUFSIZE + sizeof(uint8_t)];
47 static struct tpm_inf_dev tpm_dev;
50 * cr50_i2c_read() - read from TPM register
52 * @addr: register address to read from
53 * @buffer: provided by caller
54 * @len: number of bytes to read
56 * 1) send register address byte 'addr' to the TPM
57 * 2) wait for TPM to indicate it is ready
58 * 3) read 'len' bytes of TPM response into the provided 'buffer'
60 * Returns TSS Return Code from TCG TPM Structures. See tss_errors.h
62 static tpm_result_t cr50_i2c_read(uint8_t addr, uint8_t *buffer, size_t len)
64 if (tpm_dev.addr == 0)
65 return TPM_CB_INVALID_ARG;
67 /* Clear interrupt before starting transaction */
68 cr50_plat_irq_status();
70 /* Send the register address byte to the TPM */
71 if (i2c_write_raw(tpm_dev.bus, tpm_dev.addr, &addr, 1)) {
72 printk(BIOS_ERR, "%s: Address write failed\n", __func__);
73 return TPM_CB_COMMUNICATION_ERROR;
76 /* Wait for TPM to be ready with response data */
77 if (cr50_wait_tpm_ready() != CB_SUCCESS)
78 return TPM_CB_TIMEOUT;
80 /* Read response data from the TPM */
81 if (i2c_read_raw(tpm_dev.bus, tpm_dev.addr, buffer, len)) {
82 printk(BIOS_ERR, "%s: Read response failed\n", __func__);
83 return TPM_CB_COMMUNICATION_ERROR;
86 return TPM_SUCCESS;
90 * cr50_i2c_write() - write to TPM register
92 * @addr: register address to write to
93 * @buffer: data to write
94 * @len: number of bytes to write
96 * 1) prepend the provided address to the provided data
97 * 2) send the address+data to the TPM
98 * 3) wait for TPM to indicate it is done writing
100 * Returns TSS Return Code from TCG TPM Structures. See tss_errors.h
102 static tpm_result_t cr50_i2c_write(uint8_t addr, const uint8_t *buffer, size_t len)
104 if (tpm_dev.addr == 0)
105 return TPM_CB_INVALID_ARG;
106 if (len > CR50_MAX_BUFSIZE)
107 return TPM_CB_INVALID_ARG;
109 /* Prepend the 'register address' to the buffer */
110 tpm_dev.buf[0] = addr;
111 memcpy(tpm_dev.buf + 1, buffer, len);
113 /* Clear interrupt before starting transaction */
114 cr50_plat_irq_status();
116 /* Send write request buffer with address */
117 if (i2c_write_raw(tpm_dev.bus, tpm_dev.addr, tpm_dev.buf, len + 1)) {
118 printk(BIOS_ERR, "%s: Error writing to TPM\n", __func__);
119 return TPM_CB_COMMUNICATION_ERROR;
122 /* Wait for TPM to be ready */
123 return cr50_wait_tpm_ready() == CB_SUCCESS ? TPM_SUCCESS : TPM_CB_TIMEOUT;
127 * Cr50 processes reset requests asynchronously and conceivably could be busy
128 * executing a long command and not reacting to the reset pulse for a while.
130 * This function will make sure that the AP does not proceed with boot until
131 * TPM finished reset processing.
133 * Returns TSS Return Code from TCG TPM Structures. See tss_errors.h
135 static tpm_result_t process_reset(void)
137 struct stopwatch sw;
138 tpm_result_t rc = TPM_SUCCESS;
139 uint8_t access;
142 * Locality is released by TPM reset.
144 * If locality is taken at this point, this could be due to the fact
145 * that the TPM is performing a long operation and has not processed
146 * reset request yet. We'll wait up to CR50_TIMEOUT_INIT_MS and see if
147 * it releases locality when reset is processed.
149 stopwatch_init_msecs_expire(&sw, CR50_TIMEOUT_INIT_MS);
150 do {
151 const uint8_t mask =
152 TPM_ACCESS_VALID | TPM_ACCESS_ACTIVE_LOCALITY;
154 rc = cr50_i2c_read(TPM_ACCESS(0),
155 &access, sizeof(access));
156 if (rc || ((access & mask) == mask)) {
158 * Don't bombard the chip with traffic, let it keep
159 * processing the command.
161 mdelay(2);
162 continue;
165 printk(BIOS_INFO, "TPM ready after %lld ms\n",
166 stopwatch_duration_msecs(&sw));
168 return TPM_SUCCESS;
169 } while (!stopwatch_expired(&sw));
171 if (rc) {
172 printk(BIOS_ERR, "Failed to read TPM with error %d\n", rc);
173 return rc;
174 } else
175 printk(BIOS_ERR,
176 "TPM failed to reset after %lld ms, status: %#x\n",
177 stopwatch_duration_msecs(&sw), access);
178 return TPM_CB_FAIL;
182 * Locality could be already claimed (if this is a later coreboot stage and
183 * the RO did not release it), or not yet claimed, if this is verstage or the
184 * older RO did release it.
186 * Returns TSS Return Code from TCG TPM Structures. See tss_errors.h
188 static tpm_result_t claim_locality(void)
190 uint8_t access;
191 const uint8_t mask = TPM_ACCESS_VALID | TPM_ACCESS_ACTIVE_LOCALITY;
192 tpm_result_t rc = TPM_SUCCESS;
194 rc = cr50_i2c_read(TPM_ACCESS(0), &access, sizeof(access));
195 if (rc)
196 return rc;
198 if ((access & mask) == mask) {
199 printk(BIOS_INFO, "Locality already claimed\n");
200 return TPM_SUCCESS;
203 access = TPM_ACCESS_REQUEST_USE;
204 rc = cr50_i2c_write(TPM_ACCESS(0),
205 &access, sizeof(access));
206 if (rc)
207 return rc;
209 rc = cr50_i2c_read(TPM_ACCESS(0), &access, sizeof(access));
210 if (rc)
211 return rc;
213 if ((access & mask) != mask) {
214 printk(BIOS_INFO, "Failed to claim locality.\n");
215 return TPM_CB_FAIL;
218 return TPM_SUCCESS;
222 * cr50 requires all 4 bytes of status register to be read
224 * Returns lowest 8-bits of the TIS Status register value
225 * see tis_status bit mask enumerated type in tis.h.
226 * Return 0 on error.
228 static uint8_t cr50_i2c_tis_status(void)
230 uint8_t buf[4];
231 tpm_result_t rc = cr50_i2c_read(TPM_STS(tpm_dev.locality), buf, sizeof(buf));
232 if (rc) {
233 printk(BIOS_ERR, "%s: Failed to read status with error %#x\n", __func__, rc);
234 return 0;
236 return buf[0];
239 /* cr50 requires all 4 bytes of status register to be written */
240 static void cr50_i2c_tis_ready(void)
242 uint8_t buf[4] = { TPM_STS_COMMAND_READY };
243 cr50_i2c_write(TPM_STS(tpm_dev.locality), buf, sizeof(buf));
244 mdelay(CR50_TIMEOUT_SHORT_MS);
247 /* cr50 uses bytes 3:2 of status register for burst count and
248 * all 4 bytes must be read
250 * Returns TSS Return Code from TCG TPM Structures. See tss_errors.h
252 static tpm_result_t cr50_i2c_wait_burststs(uint8_t mask, size_t *burst, int *status)
254 uint8_t buf[4];
255 struct stopwatch sw;
256 tpm_result_t rc = TPM_SUCCESS;
258 stopwatch_init_msecs_expire(&sw, CR50_TIMEOUT_LONG_MS);
260 while (!stopwatch_expired(&sw)) {
261 rc = cr50_i2c_read(TPM_STS(tpm_dev.locality), buf, sizeof(buf));
262 if (rc) {
263 mdelay(CR50_TIMEOUT_SHORT_MS);
264 continue;
267 *status = buf[0];
268 *burst = read_le16(&buf[1]);
270 /* Check if mask matches and burst is valid */
271 if ((*status & mask) == mask &&
272 *burst > 0 && *burst <= CR50_MAX_BUFSIZE)
273 return TPM_SUCCESS;
275 mdelay(CR50_TIMEOUT_SHORT_MS);
277 printk(BIOS_ERR, "%s: Timeout reading burst and status with error %#x\n", __func__, rc);
278 if (rc)
279 return rc;
280 return TPM_CB_COMMUNICATION_ERROR;
283 static int cr50_i2c_tis_recv(uint8_t *buf, size_t buf_len)
285 size_t burstcnt, current, len, expected;
286 uint8_t addr = TPM_DATA_FIFO(tpm_dev.locality);
287 uint8_t mask = TPM_STS_VALID | TPM_STS_DATA_AVAIL;
288 int status;
289 tpm_result_t rc = TPM_SUCCESS;
291 if (buf_len < TPM_HEADER_SIZE)
292 goto out_err;
294 rc = cr50_i2c_wait_burststs(mask, &burstcnt, &status);
295 if (rc) {
296 printk(BIOS_ERR, "%s: First chunk not available with error %#x\n", __func__, rc);
297 goto out_err;
300 /* Read first chunk of burstcnt bytes */
301 rc = cr50_i2c_read(addr, buf, burstcnt);
302 if (rc) {
303 printk(BIOS_ERR, "%s: Read failed with error %#x\n", __func__, rc);
304 goto out_err;
307 /* Determine expected data in the return buffer */
308 expected = read_be32(buf + TPM_RSP_SIZE_BYTE);
309 if (expected > buf_len) {
310 printk(BIOS_ERR, "%s: Too much data: %zu > %zu\n",
311 __func__, expected, buf_len);
312 goto out_err;
315 /* Now read the rest of the data */
316 current = burstcnt;
317 while (current < expected) {
318 /* Read updated burst count and check status */
319 if (cr50_i2c_wait_burststs(mask, &burstcnt, &status))
320 goto out_err;
322 len = MIN(burstcnt, expected - current);
323 rc = cr50_i2c_read(addr, buf + current, len);
324 if (rc) {
325 printk(BIOS_ERR, "%s: Read failed with error %#x\n", __func__, rc);
326 goto out_err;
329 current += len;
332 /* Ensure TPM is done reading data */
333 if (cr50_i2c_wait_burststs(TPM_STS_VALID, &burstcnt, &status))
334 goto out_err;
335 if (status & TPM_STS_DATA_AVAIL) {
336 printk(BIOS_ERR, "%s: Data still available\n", __func__);
337 goto out_err;
340 return current;
342 out_err:
343 /* Abort current transaction if still pending */
344 if (cr50_i2c_tis_status() & TPM_STS_COMMAND_READY)
345 cr50_i2c_tis_ready();
346 return -1;
349 static int cr50_i2c_tis_send(uint8_t *buf, size_t len)
351 int status;
352 size_t burstcnt, limit, sent = 0;
353 uint8_t tpm_go[4] = { TPM_STS_GO };
354 struct stopwatch sw;
355 tpm_result_t rc = TPM_SUCCESS;
357 stopwatch_init_msecs_expire(&sw, CR50_TIMEOUT_LONG_MS);
359 /* Wait until TPM is ready for a command */
360 while (!(cr50_i2c_tis_status() & TPM_STS_COMMAND_READY)) {
361 if (stopwatch_expired(&sw)) {
362 printk(BIOS_ERR, "%s: Command ready timeout\n",
363 __func__);
364 return -1;
367 cr50_i2c_tis_ready();
370 while (len > 0) {
371 uint8_t mask = TPM_STS_VALID;
373 /* Wait for data if this is not the first chunk */
374 if (sent > 0)
375 mask |= TPM_STS_DATA_EXPECT;
377 /* Read burst count and check status */
378 if (cr50_i2c_wait_burststs(mask, &burstcnt, &status))
379 goto out_err;
381 /* Use burstcnt - 1 to account for the address byte
382 * that is inserted by cr50_i2c_write() */
383 limit = MIN(burstcnt - 1, len);
384 rc = cr50_i2c_write(TPM_DATA_FIFO(tpm_dev.locality), &buf[sent], limit);
385 if (rc) {
386 printk(BIOS_ERR, "%s: Write failed with error %#x\n", __func__, rc);
387 goto out_err;
390 sent += limit;
391 len -= limit;
394 /* Ensure TPM is not expecting more data */
395 if (cr50_i2c_wait_burststs(TPM_STS_VALID, &burstcnt, &status))
396 goto out_err;
397 if (status & TPM_STS_DATA_EXPECT) {
398 printk(BIOS_ERR, "%s: Data still expected\n", __func__);
399 goto out_err;
402 /* Start the TPM command */
403 rc = cr50_i2c_write(TPM_STS(tpm_dev.locality), tpm_go, sizeof(tpm_go));
404 if (rc) {
405 printk(BIOS_ERR, "%s: Start command failed with error %#x\n", __func__, rc);
406 goto out_err;
408 return sent;
410 out_err:
411 /* Abort current transaction if still pending */
412 if (cr50_i2c_tis_status() & TPM_STS_COMMAND_READY)
413 cr50_i2c_tis_ready();
414 return -1;
417 static void cr50_vendor_init(struct tpm_chip *chip)
419 chip->req_complete_mask = TPM_STS_DATA_AVAIL | TPM_STS_VALID;
420 chip->req_complete_val = TPM_STS_DATA_AVAIL | TPM_STS_VALID;
421 chip->req_canceled = TPM_STS_COMMAND_READY;
422 chip->status = &cr50_i2c_tis_status;
423 chip->recv = &cr50_i2c_tis_recv;
424 chip->send = &cr50_i2c_tis_send;
425 chip->cancel = &cr50_i2c_tis_ready;
428 tpm_result_t tpm_vendor_probe(unsigned int bus, uint32_t addr, enum tpm_family *family)
430 /* cr50 is TPM2 */
431 if (family != NULL)
432 *family = TPM_2;
433 return TPM_SUCCESS;
436 static tpm_result_t cr50_i2c_probe(uint32_t *did_vid)
438 int retries;
439 tpm_result_t rc = TPM_SUCCESS;
442 * 1s should be enough to synchronize with the TPM even under the
443 * worst nested reset request conditions. In vast majority of cases
444 * there would be no wait at all. If this probe fails, boot likely
445 * cannot proceed, so an extra long timeout is appropriate.
447 printk(BIOS_INFO, "Probing TPM I2C: ");
449 for (retries = 100; retries > 0; retries--) {
450 rc = cr50_i2c_read(TPM_DID_VID(0), (uint8_t *)did_vid, 4);
452 /* Exit once DID and VID verified */
453 if (!rc && (*did_vid == CR50_DID_VID || *did_vid == TI50_DT_DID_VID ||
454 *did_vid == TI50_OT_DID_VID)) {
455 printk(BIOS_INFO, "done! DID_VID 0x%08x\n", *did_vid);
456 return TPM_SUCCESS;
459 /* TPM might be resetting, let's retry in a bit. */
460 mdelay(10);
461 printk(BIOS_INFO, ".");
465 * I2C reads failed, or the DID and VID didn't match
467 if (!rc) {
468 printk(BIOS_ERR, "DID_VID 0x%08x not recognized\n", *did_vid);
469 return TPM_CB_FAIL;
471 return TPM_CB_COMMUNICATION_ERROR;
474 tpm_result_t tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr)
476 uint32_t did_vid = 0;
477 tpm_result_t rc = TPM_SUCCESS;
479 if (dev_addr == 0) {
480 printk(BIOS_ERR, "%s: missing device address\n", __func__);
481 return TPM_CB_INVALID_ARG;
484 tpm_dev.bus = bus;
485 tpm_dev.addr = dev_addr;
487 cr50_vendor_init(chip);
489 rc = cr50_i2c_probe(&did_vid);
490 if (rc)
491 return rc;
493 if (ENV_SEPARATE_VERSTAGE || ENV_BOOTBLOCK) {
494 rc = process_reset();
495 if (rc)
496 return rc;
499 rc = claim_locality();
500 if (rc)
501 return rc;
503 printk(BIOS_DEBUG, "GSC TPM 2.0 (i2c %u:0x%02x id %#x)\n",
504 bus, dev_addr, did_vid >> 16);
506 if (tpm_first_access_this_boot()) {
507 /* This is called for the side-effect of printing the version string. */
508 cr50_get_firmware_version(NULL);
509 cr50_set_board_cfg();
512 return TPM_SUCCESS;
515 enum cb_err tis_vendor_write(unsigned int addr, const void *buffer, size_t bytes)
517 return cr50_i2c_write(addr & 0xff, buffer, bytes) ? CB_ERR : CB_SUCCESS;
520 enum cb_err tis_vendor_read(unsigned int addr, void *buffer, size_t bytes)
522 return cr50_i2c_read(addr & 0xff, buffer, bytes) ? CB_ERR : CB_SUCCESS;