From patchwork Thu Jun 25 14:46:42 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: amirmizi6@gmail.com X-Patchwork-Id: 198493 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.0 required=3.0 tests=DKIM_ADSP_CUSTOM_MED, FREEMAIL_FORGED_FROMDOMAIN, FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 82288C433DF for ; Thu, 25 Jun 2020 14:48:35 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 6B98920775 for ; Thu, 25 Jun 2020 14:48:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2405566AbgFYOs0 (ORCPT ); Thu, 25 Jun 2020 10:48:26 -0400 Received: from 212.199.177.27.static.012.net.il ([212.199.177.27]:51449 "EHLO herzl.nuvoton.co.il" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S2405531AbgFYOsP (ORCPT ); Thu, 25 Jun 2020 10:48:15 -0400 Received: from taln60.nuvoton.co.il (ntil-fw [212.199.177.25]) by herzl.nuvoton.co.il (8.13.8/8.13.8) with ESMTP id 05PEllTG015279; Thu, 25 Jun 2020 17:47:47 +0300 Received: by taln60.nuvoton.co.il (Postfix, from userid 10140) id 6B423639BE; Thu, 25 Jun 2020 17:47:47 +0300 (IDT) From: amirmizi6@gmail.com To: Eyal.Cohen@nuvoton.com, jarkko.sakkinen@linux.intel.com, oshrialkoby85@gmail.com, alexander.steffen@infineon.com, robh+dt@kernel.org, "benoit.houyere@st.com--to=mark.rutland"@arm.com, peterhuewe@gmx.de, christophe-h.richard@st.com, jgg@ziepe.ca, arnd@arndb.de, gregkh@linuxfoundation.org Cc: devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, oshri.alkoby@nuvoton.com, tmaimon77@gmail.com, gcwilson@us.ibm.com, kgoldman@us.ibm.com, Dan.Morav@nuvoton.com, oren.tanami@nuvoton.com, shmulik.hager@nuvoton.com, amir.mizinski@nuvoton.com, Amir Mizinski , Benoit Houyere Subject: [PATCH v12 2/9] tpm: tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception Date: Thu, 25 Jun 2020 17:46:42 +0300 Message-Id: <20200625144650.269719-3-amirmizi6@gmail.com> X-Mailer: git-send-email 2.22.0 In-Reply-To: <20200625144650.269719-1-amirmizi6@gmail.com> References: <20200625144650.269719-1-amirmizi6@gmail.com> MIME-Version: 1.0 Sender: devicetree-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: devicetree@vger.kernel.org From: Amir Mizinski Detected the following incorrect implementation of the send command: polling on the TPM_STS.stsValid field followed by checking the TPM_STS.expect field only once. Since TPM_STS.stsValid represents the TPM_STS.expect validity, both fields should be polled at the same time. This fix modifies the signature of 'wait_for_tpm_stat()', adding an additional "mask_result" parameter to its call and renaming it to 'tpm_tis_wait_for_stat()' for better alignment with other naming. 'tpm_tis_wait_for_stat()' is now polling the TPM_STS with a mask and waits for the value in mask_result. The fix adds the ability to check if certain TPM_STS bits have been cleared. This change is also aligned to verifying the CRC on I2C TPM. The CRC verification should be done after the TPM_STS.expect field is cleared (TPM received all expected command bytes and set the calculated CRC value in the register). In addition, the send command was changed to comply with TCG_DesignPrinciples_TPM2p0Driver_vp24_pubrev.pdf as follows: - send all command bytes in one loop - remove special handling of the last byte Suggested-by: Benoit Houyere Signed-off-by: Amir Mizinski Reviewed-by: Jarkko Sakkinen --- drivers/char/tpm/tpm_tis_core.c | 70 +++++++++++++++-------------------------- 1 file changed, 26 insertions(+), 44 deletions(-) diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c index 27c6ca0..6b33620 100644 --- a/drivers/char/tpm/tpm_tis_core.c +++ b/drivers/char/tpm/tpm_tis_core.c @@ -44,9 +44,9 @@ static bool wait_for_tpm_stat_cond(struct tpm_chip *chip, u8 mask, return false; } -static int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, - unsigned long timeout, wait_queue_head_t *queue, - bool check_cancel) +static int tpm_tis_wait_for_stat(struct tpm_chip *chip, u8 mask, u8 stat, + unsigned long timeout, + wait_queue_head_t *queue, bool check_cancel) { unsigned long stop; long rc; @@ -55,7 +55,7 @@ static int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, /* check current status */ status = chip->ops->status(chip); - if ((status & mask) == mask) + if ((status & mask) == stat) return 0; stop = jiffies + timeout; @@ -83,7 +83,7 @@ static int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, usleep_range(TPM_TIMEOUT_USECS_MIN, TPM_TIMEOUT_USECS_MAX); status = chip->ops->status(chip); - if ((status & mask) == mask) + if ((status & mask) == stat) return 0; } while (time_before(jiffies, stop)); } @@ -281,10 +281,11 @@ static int recv_data(struct tpm_chip *chip, u8 *buf, size_t count) int size = 0, burstcnt, rc; while (size < count) { - rc = wait_for_tpm_stat(chip, - TPM_STS_DATA_AVAIL | TPM_STS_VALID, - chip->timeout_c, - &priv->read_queue, true); + rc = tpm_tis_wait_for_stat(chip, + TPM_STS_DATA_AVAIL | TPM_STS_VALID, + TPM_STS_DATA_AVAIL | TPM_STS_VALID, + chip->timeout_c, &priv->read_queue, + true); if (rc < 0) return rc; burstcnt = get_burstcount(chip); @@ -337,8 +338,9 @@ static int tpm_tis_recv(struct tpm_chip *chip, u8 *buf, size_t count) goto out; } - if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c, - &priv->int_queue, false) < 0) { + if (tpm_tis_wait_for_stat(chip, TPM_STS_VALID, TPM_STS_VALID, + chip->timeout_c, &priv->int_queue, + false) < 0) { size = -ETIME; goto out; } @@ -364,61 +366,40 @@ static int tpm_tis_send_data(struct tpm_chip *chip, const u8 *buf, size_t len) struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev); int rc, status, burstcnt; size_t count = 0; - bool itpm = priv->flags & TPM_TIS_ITPM_WORKAROUND; status = tpm_tis_status(chip); if ((status & TPM_STS_COMMAND_READY) == 0) { tpm_tis_ready(chip); - if (wait_for_tpm_stat - (chip, TPM_STS_COMMAND_READY, chip->timeout_b, - &priv->int_queue, false) < 0) { + if (tpm_tis_wait_for_stat(chip, TPM_STS_COMMAND_READY, + TPM_STS_COMMAND_READY, + chip->timeout_b, &priv->int_queue, + false) < 0) { rc = -ETIME; goto out_err; } } - while (count < len - 1) { + while (count < len) { burstcnt = get_burstcount(chip); if (burstcnt < 0) { dev_err(&chip->dev, "Unable to read burstcount\n"); rc = burstcnt; goto out_err; } - burstcnt = min_t(int, burstcnt, len - count - 1); + burstcnt = min_t(int, burstcnt, len - count); rc = tpm_tis_write_bytes(priv, TPM_DATA_FIFO(priv->locality), burstcnt, buf + count); if (rc < 0) goto out_err; count += burstcnt; - - if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c, - &priv->int_queue, false) < 0) { - rc = -ETIME; - goto out_err; - } - status = tpm_tis_status(chip); - if (!itpm && (status & TPM_STS_DATA_EXPECT) == 0) { - rc = -EIO; - goto out_err; - } } - - /* write last byte */ - rc = tpm_tis_write8(priv, TPM_DATA_FIFO(priv->locality), buf[count]); - if (rc < 0) - goto out_err; - - if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c, - &priv->int_queue, false) < 0) { + if (tpm_tis_wait_for_stat(chip, TPM_STS_VALID | TPM_STS_DATA_EXPECT, + TPM_STS_VALID, chip->timeout_a, + &priv->int_queue, false) < 0) { rc = -ETIME; goto out_err; } - status = tpm_tis_status(chip); - if (!itpm && (status & TPM_STS_DATA_EXPECT) != 0) { - rc = -EIO; - goto out_err; - } return 0; @@ -470,9 +451,10 @@ static int tpm_tis_send_main(struct tpm_chip *chip, const u8 *buf, size_t len) ordinal = be32_to_cpu(*((__be32 *) (buf + 6))); dur = tpm_calc_ordinal_duration(chip, ordinal); - if (wait_for_tpm_stat - (chip, TPM_STS_DATA_AVAIL | TPM_STS_VALID, dur, - &priv->read_queue, false) < 0) { + if (tpm_tis_wait_for_stat(chip, + TPM_STS_DATA_AVAIL | TPM_STS_VALID, + TPM_STS_DATA_AVAIL | TPM_STS_VALID, + dur, &priv->read_queue, false) < 0) { rc = -ETIME; goto out_err; } From patchwork Thu Jun 25 14:46:45 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: amirmizi6@gmail.com X-Patchwork-Id: 198492 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.0 required=3.0 tests=DKIM_ADSP_CUSTOM_MED, FREEMAIL_FORGED_FROMDOMAIN, FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id ECB88C433DF for ; Thu, 25 Jun 2020 14:49:05 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C5FD1206C0 for ; Thu, 25 Jun 2020 14:49:05 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2405494AbgFYOtF (ORCPT ); Thu, 25 Jun 2020 10:49:05 -0400 Received: from 212.199.177.27.static.012.net.il ([212.199.177.27]:51464 "EHLO herzl.nuvoton.co.il" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S2405425AbgFYOtF (ORCPT ); Thu, 25 Jun 2020 10:49:05 -0400 Received: from taln60.nuvoton.co.il (ntil-fw [212.199.177.25]) by herzl.nuvoton.co.il (8.13.8/8.13.8) with ESMTP id 05PElns9015288; Thu, 25 Jun 2020 17:47:49 +0300 Received: by taln60.nuvoton.co.il (Postfix, from userid 10140) id 9D642639BE; Thu, 25 Jun 2020 17:47:49 +0300 (IDT) From: amirmizi6@gmail.com To: Eyal.Cohen@nuvoton.com, jarkko.sakkinen@linux.intel.com, oshrialkoby85@gmail.com, alexander.steffen@infineon.com, robh+dt@kernel.org, "benoit.houyere@st.com--to=mark.rutland"@arm.com, peterhuewe@gmx.de, christophe-h.richard@st.com, jgg@ziepe.ca, arnd@arndb.de, gregkh@linuxfoundation.org Cc: devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, oshri.alkoby@nuvoton.com, tmaimon77@gmail.com, gcwilson@us.ibm.com, kgoldman@us.ibm.com, Dan.Morav@nuvoton.com, oren.tanami@nuvoton.com, shmulik.hager@nuvoton.com, amir.mizinski@nuvoton.com, Amir Mizinski Subject: [PATCH v12 5/9] tpm: tpm_tis: Rewrite "tpm_tis_req_canceled()" Date: Thu, 25 Jun 2020 17:46:45 +0300 Message-Id: <20200625144650.269719-6-amirmizi6@gmail.com> X-Mailer: git-send-email 2.22.0 In-Reply-To: <20200625144650.269719-1-amirmizi6@gmail.com> References: <20200625144650.269719-1-amirmizi6@gmail.com> MIME-Version: 1.0 Sender: devicetree-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: devicetree@vger.kernel.org From: Amir Mizinski Using this function while reading/writing data resulted in an aborted operation. After investigating the issue according to the TCG TPM Profile (PTP) Specifications, I found that "request to cancel" should occur only if TPM_STS.commandReady bit is lit. Note that i couldn't find a case where the present condition (in the linux kernel) is valid, so I'm removing the case for "TPM_VID_WINBOND" since we have no need for it. Also, the default comparison is wrong. Only cmdReady bit needs to be compared instead of the full lower status register byte. Fixes: 1f866057291f (tpm: Fix cancellation of TPM commands (polling mode)) Signed-off-by: Amir Mizinski --- drivers/char/tpm/tpm_tis_core.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c index 347c020..a38465f 100644 --- a/drivers/char/tpm/tpm_tis_core.c +++ b/drivers/char/tpm/tpm_tis_core.c @@ -701,13 +701,11 @@ static bool tpm_tis_req_canceled(struct tpm_chip *chip, u8 status) struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev); switch (priv->manufacturer_id) { - case TPM_VID_WINBOND: - return ((status == TPM_STS_VALID) || - (status == (TPM_STS_VALID | TPM_STS_COMMAND_READY))); case TPM_VID_STM: return (status == (TPM_STS_VALID | TPM_STS_COMMAND_READY)); default: - return (status == TPM_STS_COMMAND_READY); + return ((status & TPM_STS_COMMAND_READY) == + TPM_STS_COMMAND_READY); } } From patchwork Thu Jun 25 14:46:48 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: amirmizi6@gmail.com X-Patchwork-Id: 198495 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.0 required=3.0 tests=DKIM_ADSP_CUSTOM_MED, FREEMAIL_FORGED_FROMDOMAIN, FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C62ACC433E0 for ; Thu, 25 Jun 2020 14:48:09 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 9D0DC206C0 for ; Thu, 25 Jun 2020 14:48:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2405511AbgFYOsI (ORCPT ); Thu, 25 Jun 2020 10:48:08 -0400 Received: from 212.199.177.27.static.012.net.il ([212.199.177.27]:51434 "EHLO herzl.nuvoton.co.il" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S2405393AbgFYOsH (ORCPT ); Thu, 25 Jun 2020 10:48:07 -0400 Received: from taln60.nuvoton.co.il (ntil-fw [212.199.177.25]) by herzl.nuvoton.co.il (8.13.8/8.13.8) with ESMTP id 05PElpeA015297; Thu, 25 Jun 2020 17:47:51 +0300 Received: by taln60.nuvoton.co.il (Postfix, from userid 10140) id A5834639BE; Thu, 25 Jun 2020 17:47:51 +0300 (IDT) From: amirmizi6@gmail.com To: Eyal.Cohen@nuvoton.com, jarkko.sakkinen@linux.intel.com, oshrialkoby85@gmail.com, alexander.steffen@infineon.com, robh+dt@kernel.org, "benoit.houyere@st.com--to=mark.rutland"@arm.com, peterhuewe@gmx.de, christophe-h.richard@st.com, jgg@ziepe.ca, arnd@arndb.de, gregkh@linuxfoundation.org Cc: devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, oshri.alkoby@nuvoton.com, tmaimon77@gmail.com, gcwilson@us.ibm.com, kgoldman@us.ibm.com, Dan.Morav@nuvoton.com, oren.tanami@nuvoton.com, shmulik.hager@nuvoton.com, amir.mizinski@nuvoton.com, Amir Mizinski , Rob Herring Subject: [PATCH v12 8/9] tpm: Add YAML schema for TPM TIS I2C options Date: Thu, 25 Jun 2020 17:46:48 +0300 Message-Id: <20200625144650.269719-9-amirmizi6@gmail.com> X-Mailer: git-send-email 2.22.0 In-Reply-To: <20200625144650.269719-1-amirmizi6@gmail.com> References: <20200625144650.269719-1-amirmizi6@gmail.com> MIME-Version: 1.0 Sender: devicetree-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: devicetree@vger.kernel.org From: Amir Mizinski Added a YAML schema to support tpm tis i2c related dt-bindings for the I2c PTP based physical layer. This patch adds the documentation for corresponding device tree bindings of I2C based Physical TPM. Refer to the 'I2C Interface Definition' section in 'TCG PC Client PlatformTPMProfile(PTP) Specification' publication for specification. Signed-off-by: Amir Mizinski Reviewed-by: Rob Herring --- .../bindings/security/tpm/tpm-tis-i2c.yaml | 50 ++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 Documentation/devicetree/bindings/security/tpm/tpm-tis-i2c.yaml diff --git a/Documentation/devicetree/bindings/security/tpm/tpm-tis-i2c.yaml b/Documentation/devicetree/bindings/security/tpm/tpm-tis-i2c.yaml new file mode 100644 index 0000000..68b13d5 --- /dev/null +++ b/Documentation/devicetree/bindings/security/tpm/tpm-tis-i2c.yaml @@ -0,0 +1,50 @@ +# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) +%YAML 1.2 +--- +$id: http://devicetree.org/schemas/security/tpm/tpm-tis-i2c.yaml# +$schema: http://devicetree.org/meta-schemas/core.yaml# + +title: I2C PTP based TPM Device Tree Bindings + +maintainers: + - Amir Mizinski + +description: + Device Tree Bindings for I2C based Trusted Platform Module(TPM). + +properties: + compatible: + items: + - enum: + # Nuvoton's Trusted Platform Module (TPM) (NPCT75x) + - nuvoton,npct75x + - const: tcg,tpm-tis-i2c + + reg: + maxItems: 1 + + interrupt: + maxItems: 1 + + crc-checksum: + $ref: /schemas/types.yaml#/definitions/flag + description: + Set this flag to enable CRC checksum. + +required: + - compatible + - reg + +examples: + - | + i2c { + #address-cells = <1>; + #size-cells = <0>; + + tpm@2e { + compatible = "nuvoton,npct75x", "tcg,tpm-tis-i2c"; + reg = <0x2e>; + crc-checksum; + }; + }; +... From patchwork Thu Jun 25 14:46:49 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: amirmizi6@gmail.com X-Patchwork-Id: 198494 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.0 required=3.0 tests=DKIM_ADSP_CUSTOM_MED, FREEMAIL_FORGED_FROMDOMAIN, FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 35D18C433DF for ; Thu, 25 Jun 2020 14:48:24 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 0D3D7206C0 for ; Thu, 25 Jun 2020 14:48:24 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2405549AbgFYOsS (ORCPT ); Thu, 25 Jun 2020 10:48:18 -0400 Received: from 212.199.177.27.static.012.net.il ([212.199.177.27]:51450 "EHLO herzl.nuvoton.co.il" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S2405537AbgFYOsR (ORCPT ); Thu, 25 Jun 2020 10:48:17 -0400 Received: from taln60.nuvoton.co.il (ntil-fw [212.199.177.25]) by herzl.nuvoton.co.il (8.13.8/8.13.8) with ESMTP id 05PElqMw015300; Thu, 25 Jun 2020 17:47:52 +0300 Received: by taln60.nuvoton.co.il (Postfix, from userid 10140) id 5D5A4639BE; Thu, 25 Jun 2020 17:47:52 +0300 (IDT) From: amirmizi6@gmail.com To: Eyal.Cohen@nuvoton.com, jarkko.sakkinen@linux.intel.com, oshrialkoby85@gmail.com, alexander.steffen@infineon.com, robh+dt@kernel.org, "benoit.houyere@st.com--to=mark.rutland"@arm.com, peterhuewe@gmx.de, christophe-h.richard@st.com, jgg@ziepe.ca, arnd@arndb.de, gregkh@linuxfoundation.org Cc: devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, oshri.alkoby@nuvoton.com, tmaimon77@gmail.com, gcwilson@us.ibm.com, kgoldman@us.ibm.com, Dan.Morav@nuvoton.com, oren.tanami@nuvoton.com, shmulik.hager@nuvoton.com, amir.mizinski@nuvoton.com, Amir Mizinski , Eddie James , Joel Stanley Subject: [PATCH v12 9/9] tpm: tpm_tis: add tpm_tis_i2c driver Date: Thu, 25 Jun 2020 17:46:49 +0300 Message-Id: <20200625144650.269719-10-amirmizi6@gmail.com> X-Mailer: git-send-email 2.22.0 In-Reply-To: <20200625144650.269719-1-amirmizi6@gmail.com> References: <20200625144650.269719-1-amirmizi6@gmail.com> MIME-Version: 1.0 Sender: devicetree-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: devicetree@vger.kernel.org From: Amir Mizinski Implements the functionality needed to communicate with an I2C TPM according to the TCG TPM I2C Interface Specification. Signed-off-by: Amir Mizinski Tested-by: Eddie James Tested-by: Joel Stanley --- drivers/char/tpm/Kconfig | 12 ++ drivers/char/tpm/Makefile | 1 + drivers/char/tpm/tpm_tis_i2c.c | 292 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 305 insertions(+) create mode 100644 drivers/char/tpm/tpm_tis_i2c.c diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig index aacdeed..2116d94 100644 --- a/drivers/char/tpm/Kconfig +++ b/drivers/char/tpm/Kconfig @@ -74,6 +74,18 @@ config TCG_TIS_SPI_CR50 If you have a H1 secure module running Cr50 firmware on SPI bus, say Yes and it will be accessible from within Linux. +config TCG_TIS_I2C + tristate "TPM I2C Interface Specification" + depends on I2C + select CRC_CCITT + select TCG_TIS_CORE + help + If you have a TPM security chip which is connected to a regular + I2C master (i.e. most embedded platforms) that is compliant with the + TCG TPM I2C Interface Specification say Yes and it will be accessible from + within Linux. To compile this driver as a module, choose M here; + the module will be called tpm_tis_i2c. + config TCG_TIS_I2C_ATMEL tristate "TPM Interface Specification 1.2 Interface (I2C - Atmel)" depends on I2C diff --git a/drivers/char/tpm/Makefile b/drivers/char/tpm/Makefile index 9567e51..97999cf 100644 --- a/drivers/char/tpm/Makefile +++ b/drivers/char/tpm/Makefile @@ -26,6 +26,7 @@ obj-$(CONFIG_TCG_TIS_SPI) += tpm_tis_spi.o tpm_tis_spi-y := tpm_tis_spi_main.o tpm_tis_spi-$(CONFIG_TCG_TIS_SPI_CR50) += tpm_tis_spi_cr50.o +obj-$(CONFIG_TCG_TIS_I2C) += tpm_tis_i2c.o obj-$(CONFIG_TCG_TIS_I2C_ATMEL) += tpm_i2c_atmel.o obj-$(CONFIG_TCG_TIS_I2C_INFINEON) += tpm_i2c_infineon.o obj-$(CONFIG_TCG_TIS_I2C_NUVOTON) += tpm_i2c_nuvoton.o diff --git a/drivers/char/tpm/tpm_tis_i2c.c b/drivers/char/tpm/tpm_tis_i2c.c new file mode 100644 index 0000000..4c9bad0 --- /dev/null +++ b/drivers/char/tpm/tpm_tis_i2c.c @@ -0,0 +1,292 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright (c) 2014-2019 Nuvoton Technology corporation + * + * TPM TIS I2C + * + * TPM TIS I2C Device Driver Interface for devices that implement the TPM I2C + * Interface defined by TCG PC Client Platform TPM Profile (PTP) Specification + * Revision 01.03 v22 at www.trustedcomputinggroup.org + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include "tpm.h" +#include "tpm_tis_core.h" + +#define TPM_LOC_SEL 0x04 +#define TPM_I2C_INTERFACE_CAPABILITY 0x30 +#define TPM_I2C_DEVICE_ADDRESS 0x38 +#define TPM_DATA_CSUM_ENABLE 0x40 +#define TPM_DATA_CSUM 0x44 +#define TPM_I2C_DID_VID 0x48 +#define TPM_I2C_RID 0x4C + +//#define I2C_IS_TPM2 1 + +struct tpm_tis_i2c_phy { + struct tpm_tis_data priv; + struct i2c_client *i2c_client; + bool data_csum; + u8 *iobuf; +}; + +static inline struct tpm_tis_i2c_phy *to_tpm_tis_i2c_phy(struct tpm_tis_data + *data) +{ + return container_of(data, struct tpm_tis_i2c_phy, priv); +} + +static u8 address_to_register(u32 addr) +{ + addr &= 0xFFF; + + switch (addr) { + // adapt register addresses that have changed compared to + // older TIS versions + case TPM_ACCESS(0): + return 0x04; + case TPM_LOC_SEL: + return 0x00; + case TPM_DID_VID(0): + return 0x48; + case TPM_RID(0): + return 0x4C; + default: + return addr; + } +} + +static int tpm_tis_i2c_read_bytes(struct tpm_tis_data *data, u32 addr, + u16 len, u8 *result) +{ + struct tpm_tis_i2c_phy *phy = to_tpm_tis_i2c_phy(data); + int ret = 0; + int i = 0; + u8 reg = address_to_register(addr); + struct i2c_msg msgs[] = { + { + .addr = phy->i2c_client->addr, + .len = sizeof(reg), + .buf = ®, + }, + { + .addr = phy->i2c_client->addr, + .len = len, + .buf = result, + .flags = I2C_M_RD, + }, + }; + + do { + ret = i2c_transfer(phy->i2c_client->adapter, msgs, + ARRAY_SIZE(msgs)); + usleep_range(250, 300); // wait default GUARD_TIME of 250µs + + } while (ret < 0 && i++ < TPM_RETRY); + + if (ret < 0) + return ret; + + return 0; +} + +static int tpm_tis_i2c_write_bytes(struct tpm_tis_data *data, u32 addr, + u16 len, const u8 *value) +{ + struct tpm_tis_i2c_phy *phy = to_tpm_tis_i2c_phy(data); + int ret = 0; + int i = 0; + + if (phy->iobuf) { + if (len > TPM_BUFSIZE - 1) + return -EIO; + + phy->iobuf[0] = address_to_register(addr); + memcpy(phy->iobuf + 1, value, len); + + { + struct i2c_msg msgs[] = { + { + .addr = phy->i2c_client->addr, + .len = len + 1, + .buf = phy->iobuf, + }, + }; + + do { + ret = i2c_transfer(phy->i2c_client->adapter, + msgs, ARRAY_SIZE(msgs)); + // wait default GUARD_TIME of 250µs + usleep_range(250, 300); + } while (ret < 0 && i++ < TPM_RETRY); + } + } else { + u8 reg = address_to_register(addr); + + struct i2c_msg msgs[] = { + { + .addr = phy->i2c_client->addr, + .len = sizeof(reg), + .buf = ®, + }, + { + .addr = phy->i2c_client->addr, + .len = len, + .buf = (u8 *)value, + .flags = I2C_M_NOSTART, + }, + }; + do { + ret = i2c_transfer(phy->i2c_client->adapter, msgs, + ARRAY_SIZE(msgs)); + // wait default GUARD_TIME of 250µs + usleep_range(250, 300); + } while (ret < 0 && i++ < TPM_RETRY); + } + + if (ret < 0) + return ret; + + return 0; +} + +static bool tpm_tis_i2c_verify_data_integrity(struct tpm_tis_data *data, + const u8 *buf, size_t len) +{ + struct tpm_tis_i2c_phy *phy = to_tpm_tis_i2c_phy(data); + u16 crc, crc_tpm; + int rc; + + if (phy->data_csum) { + crc = crc_ccitt(0x0000, buf, len); + rc = tpm_tis_read16(data, TPM_DATA_CSUM, &crc_tpm); + if (rc < 0) + return false; + + crc_tpm = be16_to_cpu(crc_tpm); + return crc == crc_tpm; + } + + return true; +} + +static SIMPLE_DEV_PM_OPS(tpm_tis_pm, tpm_pm_suspend, tpm_tis_resume); + +static int csum_state_store(struct tpm_tis_data *data, u8 new_state) +{ + struct tpm_tis_i2c_phy *phy = to_tpm_tis_i2c_phy(data); + u8 cur_state; + int rc; + + rc = tpm_tis_i2c_write_bytes(&phy->priv, TPM_DATA_CSUM_ENABLE, + 1, &new_state); + if (rc < 0) + return rc; + + rc = tpm_tis_i2c_read_bytes(&phy->priv, TPM_DATA_CSUM_ENABLE, + 1, &cur_state); + if (rc < 0) + return rc; + + if (new_state == cur_state) + phy->data_csum = (bool)new_state; + + return rc; +} + +static const struct tpm_tis_phy_ops tpm_i2c_phy_ops = { + .read_bytes = tpm_tis_i2c_read_bytes, + .write_bytes = tpm_tis_i2c_write_bytes, + .verify_data_integrity = tpm_tis_i2c_verify_data_integrity, +}; + +static int tpm_tis_i2c_probe(struct i2c_client *dev, + const struct i2c_device_id *id) +{ + struct tpm_tis_i2c_phy *phy; + int rc; + int crc_checksum = 0; + const u8 loc_init = 0; + struct device_node *np; + + phy = devm_kzalloc(&dev->dev, sizeof(struct tpm_tis_i2c_phy), + GFP_KERNEL); + if (!phy) + return -ENOMEM; + + phy->i2c_client = dev; + + if (!i2c_check_functionality(dev->adapter, I2C_FUNC_NOSTART)) { + phy->iobuf = devm_kmalloc(&dev->dev, TPM_BUFSIZE, GFP_KERNEL); + if (!phy->iobuf) + return -ENOMEM; + } + + // select locality 0 (the driver will access only via locality 0) + rc = tpm_tis_i2c_write_bytes(&phy->priv, TPM_LOC_SEL, 1, &loc_init); + if (rc < 0) + return rc; + + // set CRC checksum calculation enable + np = dev->dev.of_node; + if (of_property_read_bool(np, "crc-checksum")) + crc_checksum = 1; + + rc = csum_state_store(&phy->priv, crc_checksum); + if (rc < 0) + return rc; + + return tpm_tis_core_init(&dev->dev, &phy->priv, -1, &tpm_i2c_phy_ops, + NULL); +} + +static const struct i2c_device_id tpm_tis_i2c_id[] = { + {"tpm_tis_i2c", 0}, + {} +}; +MODULE_DEVICE_TABLE(i2c, tpm_tis_i2c_id); + +static const struct of_device_id of_tis_i2c_match[] = { + { .compatible = "nuvoton,npct75x", }, + { .compatible = "tcg,tpm-tis-i2c", }, + {} +}; +MODULE_DEVICE_TABLE(of, of_tis_i2c_match); + +static const struct acpi_device_id acpi_tis_i2c_match[] = { + {"SMO0768", 0}, + {} +}; +MODULE_DEVICE_TABLE(acpi, acpi_tis_i2c_match); + +static struct i2c_driver tpm_tis_i2c_driver = { + .driver = { + .owner = THIS_MODULE, + .name = "tpm_tis_i2c", + .pm = &tpm_tis_pm, + .of_match_table = of_match_ptr(of_tis_i2c_match), + .acpi_match_table = ACPI_PTR(acpi_tis_i2c_match), + }, + .probe = tpm_tis_i2c_probe, + .id_table = tpm_tis_i2c_id, +}; + +module_i2c_driver(tpm_tis_i2c_driver); + +MODULE_DESCRIPTION("TPM Driver"); +MODULE_LICENSE("GPL");