From patchwork Wed Nov 3 15:09:05 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ilias Apalodimas X-Patchwork-Id: 516764 Delivered-To: patch@linaro.org Received: by 2002:adf:eccd:0:0:0:0:0 with SMTP id s13csp712477wro; Wed, 3 Nov 2021 08:10:03 -0700 (PDT) X-Google-Smtp-Source: ABdhPJznaGolA6m9+ngpoXTJqQXAXYjyOKBlHcjPpSc1nDdIj1GuRaFnAeZugDRiQgR0CMJq+p91 X-Received: by 2002:a5d:5151:: with SMTP id u17mr28134395wrt.126.1635952203295; Wed, 03 Nov 2021 08:10:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1635952203; cv=none; d=google.com; s=arc-20160816; b=pdmZSLvDDNRKhySTXoWsptKUN/diOfM10Np9GpyjM9HUx2H2KkeuXf30+UXhEN693e t8yk4J5KJOKlUXqdbxTShgh1xPIIGczHbqB0+MErh/q9QUccYIAOM7yNPxyUoUgcpcWL FoIBL6fa59yG/d25+Ihoq1xV8I+otOTGLLg8qpD4+E7sZd7msqxGn30HM+OI3emTMWkZ cYcFuJtDwBhtbERU/tyiuG/QIDHY2VKa+fuIu6MesWLEAnxNS6hZgV1DNfGBVFb2wPhn AQ0rh9WPXN6zRWM8NvyUb5wAb8fPvGaAY2k6o2KW++aO6EdFaJ3aHtuZ5q9mOTAUl80i PrsQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=9MqBSGEpFGRQirYA73Kf7VVfUQBLvF7x46M5u73GGJ4=; b=vH/zGmW14dOlgIZ4lnJ5BD8IzHflgAf5aQN+xCH1CncpE17OTGQ4KZO46/JnOS+BTN jBXFHnPMe+uLOpUMqdFNm8fLlOe73f5a2K4sdSQ5W61eqkK5cvLb0V2UvV1TXU3rArOK KH2uE8HBcCqJgOAsb74xv23CJ1qxWMIhoc1Ut25u8Z92r468UflGKoWQXrdoORT/m8T0 glQFyVo18opTFDjnrn555s39KldockMrUN7RD15EoJt9YqdSK4egzgkmP4mCRy6yo1IC R2rk1Yn10jtiiSBdN0+Co+F/lKvrzn2GxRugrMNCz7wXJz9hnVZqrxHPo7vbgwSgusgX TFuQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ocWgLiCB; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id a5si3619441ejf.478.2021.11.03.08.10.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 03 Nov 2021 08:10:03 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ocWgLiCB; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 829B883633; Wed, 3 Nov 2021 16:09:46 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="ocWgLiCB"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id C5DA38342C; Wed, 3 Nov 2021 16:09:40 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-wr1-x432.google.com (mail-wr1-x432.google.com [IPv6:2a00:1450:4864:20::432]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id F335E82DB4 for ; Wed, 3 Nov 2021 16:09:35 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org Received: by mail-wr1-x432.google.com with SMTP id t30so4046299wra.10 for ; Wed, 03 Nov 2021 08:09:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=9MqBSGEpFGRQirYA73Kf7VVfUQBLvF7x46M5u73GGJ4=; b=ocWgLiCB3gt8pm5+L5b2CYW7qM1Zy47xkq2dsWQMX4YQeb8LhbqLGkuZwzF2xYJsE8 7eF6BW5XwTNsmxrqwCpZPcDhoTO/Ul5IBM322kL8RJizo8PQZUK3ql9Yv71APxcEDJOh dzYfoTzICq6sgMU8bkUF4qKXJpLwZeNsgz0grInREfKVZVO7R0AOyb+qS6sn92W21Rzv /aoYF7iJ61ZHj7R5swgNk0yjmGT7gpKV1QVu4314FpzkDprgNVAt1sdxKl2eGRq/DXvN 1acP8oruh/uuFtnZe+hOLxJIm9AZdvxa4XWu+IdlBp8mAGmGbOlgeQzLAT8iA3gO8ijP PKnQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=9MqBSGEpFGRQirYA73Kf7VVfUQBLvF7x46M5u73GGJ4=; b=6UjnLAQlX+nvW7tDPzIgjoS9ETVMxuHRXgNlrboX34WirisSbMWpL1+8m5LgN6+sfI wHyAP7YN09F4k7HpDHejIP2FW++offHjIIXeRdVjkcMM7YhvITM3xofFT78pCxDRMCRr 4/0k9ArR8Mtj+mnoUpZUql4i6Z4RgnF1tEWlXsxiNiwsjyLVcg4+mQFsYY+Qy1yckN9B BeJeWjoSMASIDt+Sitd38Zt2Mzsb+6QYXmYytmhlT33u4B40+LbiSLWuBE8bCzqVjJUN UFJlJmwo+yzBxxT9GcvIHrUmK5qSTBb/g/Fp+UU0HotCWqQ+WDjcCuYoLu2kprbe9dHE sIyg== X-Gm-Message-State: AOAM530tWG01ypl5LIq+R2s044P5krU6Trz2hezXZeGvjCGD49F5nsh2 1ZGc7b2rDWNlJ5gb3MJaPvuX9IG4IlldVA== X-Received: by 2002:adf:e109:: with SMTP id t9mr24074672wrz.387.1635952175470; Wed, 03 Nov 2021 08:09:35 -0700 (PDT) Received: from apalos.home ([2a02:587:4682:26e0:2e56:dcff:fe9a:8f06]) by smtp.gmail.com with ESMTPSA id f19sm2094947wmq.34.2021.11.03.08.09.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 03 Nov 2021 08:09:34 -0700 (PDT) From: Ilias Apalodimas To: u-boot@lists.denx.de Cc: trini@konsulko.com, Ilias Apalodimas , Rick Chen , Sean Anderson , Simon Glass , Heinrich Schuchardt , Masahisa Kojima Subject: [PATCH 2/6 v4] tpm2: Add a TPMv2 MMIO TIS driver Date: Wed, 3 Nov 2021 17:09:05 +0200 Message-Id: <20211103150910.69732-3-ilias.apalodimas@linaro.org> X-Mailer: git-send-email 2.33.1 In-Reply-To: <20211103150910.69732-1-ilias.apalodimas@linaro.org> References: <20211103150910.69732-1-ilias.apalodimas@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Add support for devices that expose a TPMv2 though MMIO. Apart from those devices, we can use the driver in our QEMU setups and test TPM related code which is difficult to achieve using the sandbox driver (e.g test the EFI TCG2 protocol). It's worth noting that a previous patch added TPMv2 TIS core functions, which the current driver is consuming. Signed-off-by: Ilias Apalodimas --- drivers/tpm/Kconfig | 9 +++ drivers/tpm/Makefile | 1 + drivers/tpm/tpm2_tis_mmio.c | 152 ++++++++++++++++++++++++++++++++++++ 3 files changed, 162 insertions(+) create mode 100644 drivers/tpm/tpm2_tis_mmio.c -- 2.33.1 diff --git a/drivers/tpm/Kconfig b/drivers/tpm/Kconfig index 9eebab5cfd90..406ee8716e1e 100644 --- a/drivers/tpm/Kconfig +++ b/drivers/tpm/Kconfig @@ -161,6 +161,15 @@ config TPM2_FTPM_TEE help This driver supports firmware TPM running in TEE. +config TPM2_MMIO + bool "MMIO based TPM2 Interface" + depends on TPM_V2 + help + This driver supports firmware TPM2.0 MMIO interface. + The usual TPM operations and the 'tpm' command can be used to talk + to the device using the standard TPM Interface Specification (TIS) + protocol. + endif # TPM_V2 endmenu diff --git a/drivers/tpm/Makefile b/drivers/tpm/Makefile index c65be5267002..494aa5a46d30 100644 --- a/drivers/tpm/Makefile +++ b/drivers/tpm/Makefile @@ -14,3 +14,4 @@ obj-$(CONFIG_$(SPL_TPL_)TPM2_CR50_I2C) += cr50_i2c.o obj-$(CONFIG_TPM2_TIS_SANDBOX) += tpm2_tis_sandbox.o sandbox_common.o obj-$(CONFIG_TPM2_TIS_SPI) += tpm2_tis_spi.o obj-$(CONFIG_TPM2_FTPM_TEE) += tpm2_ftpm_tee.o +obj-$(CONFIG_TPM2_MMIO) += tpm2_tis_core.o tpm2_tis_mmio.o diff --git a/drivers/tpm/tpm2_tis_mmio.c b/drivers/tpm/tpm2_tis_mmio.c new file mode 100644 index 000000000000..3bd0b0871a83 --- /dev/null +++ b/drivers/tpm/tpm2_tis_mmio.c @@ -0,0 +1,152 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * driver for mmio TCG/TIS TPM (trusted platform module). + * + * Specifications at www.trustedcomputinggroup.org + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "tpm_tis.h" +#include "tpm_internal.h" + +/** + * struct tpm_tis_chip_data - Information about an MMIO TPM + * @pcr_count: Number of PCR per bank + * @pcr_select_min: Minimum size in bytes of the pcrSelect array + * @iobase: Base address + */ +struct tpm_tis_chip_data { + unsigned int pcr_count; + unsigned int pcr_select_min; + void __iomem *iobase; +}; + +static int mmio_read_bytes(struct udevice *udev, u32 addr, u16 len, + u8 *result) +{ + struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev); + + while (len--) + *result++ = ioread8(drv_data->iobase + addr); + return 0; +} + +static int mmio_write_bytes(struct udevice *udev, u32 addr, u16 len, + const u8 *value) +{ + struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev); + + while (len--) + iowrite8(*value++, drv_data->iobase + addr); + return 0; +} + +static int mmio_read32(struct udevice *udev, u32 addr, u32 *result) +{ + struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev); + + *result = ioread32(drv_data->iobase + addr); + return 0; +} + +static int mmio_write32(struct udevice *udev, u32 addr, u32 value) +{ + struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev); + + iowrite32(value, drv_data->iobase + addr); + return 0; +} + +static struct tpm_tis_phy_ops phy_ops = { + .read_bytes = mmio_read_bytes, + .write_bytes = mmio_write_bytes, + .read32 = mmio_read32, + .write32 = mmio_write32, +}; + +static int tpm_tis_probe(struct udevice *udev) +{ + struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev); + struct tpm_chip_priv *priv = dev_get_uclass_priv(udev); + int ret = 0; + fdt_addr_t ioaddr; + u64 sz; + + ioaddr = dev_read_addr(udev); + if (ioaddr == FDT_ADDR_T_NONE) + return log_msg_ret("ioaddr", -EINVAL); + + ret = dev_read_u64(udev, "reg", &sz); + if (ret) + return -EINVAL; + + drv_data->iobase = ioremap(ioaddr, sz); + log_debug("Remapped TPM2 base: 0x%llx size: 0x%llx\n", ioaddr, sz); + tpm_tis_ops_register(udev, &phy_ops); + ret = tpm_tis_init(udev); + if (ret) + goto iounmap; + + priv->pcr_count = drv_data->pcr_count; + priv->pcr_select_min = drv_data->pcr_select_min; + /* + * Although the driver probably works with a TPMv1 our Kconfig + * limits the driver to TPMv2 only + */ + priv->version = TPM_V2; + + return ret; +iounmap: + iounmap(drv_data->iobase); + return -EINVAL; +} + +static int tpm_tis_remove(struct udevice *udev) +{ + struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev); + + iounmap(drv_data->iobase); + return tpm_tis_cleanup(udev); +} + +static const struct tpm_ops tpm_tis_ops = { + .open = tpm_tis_open, + .close = tpm_tis_close, + .get_desc = tpm_tis_get_desc, + .send = tpm_tis_send, + .recv = tpm_tis_recv, + .cleanup = tpm_tis_cleanup, +}; + +static const struct tpm_tis_chip_data tpm_tis_std_chip_data = { + .pcr_count = 24, + .pcr_select_min = 3, +}; + +static const struct udevice_id tpm_tis_ids[] = { + { + .compatible = "tcg,tpm-tis-mmio", + .data = (ulong)&tpm_tis_std_chip_data, + }, + { } +}; + +U_BOOT_DRIVER(tpm_tis_mmio) = { + .name = "tpm_tis_mmio", + .id = UCLASS_TPM, + .of_match = tpm_tis_ids, + .ops = &tpm_tis_ops, + .probe = tpm_tis_probe, + .remove = tpm_tis_remove, + .priv_auto = sizeof(struct tpm_chip), +};