[U-Boot] tpm: Add ST33ZP24 TPM SPI & SPI drivers
This set of patch offer ST33ZP24 TPM support to U-Boot. There is SPI and I2C driver.
Best Regards,
Jean-Luc BLANC TPM Application STMicroelectronics
This driver add support to STMicroelectronics ST33ZP24 SPI TPM.
Signed-off-by: Jean-Luc BLANC jean-luc.blanc@st.com --- README | 12 + drivers/tpm/Makefile | 1 + drivers/tpm/tpm_spi_stm_st33.c | 671 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 684 insertions(+) create mode 100644 drivers/tpm/tpm_spi_stm_st33.c
diff --git a/README b/README index aea82be..e04866d 100644 --- a/README +++ b/README @@ -1322,6 +1322,18 @@ The following options need to be configured: Define this to enable authorized functions in the TPM library. Requires CONFIG_TPM and CONFIG_SHA1.
+ CONFIG_TPM_ST_SPI + Support SPI STMicroelectronics TPM. Require SPI support + + TPM0_SPI_MAX_SPEED + Define SPI frequency for TPM, 10000000 Hz max + + TPM0_SPI_BUS_NUM + Define SPI Bus ID connected to TPM + + TPM0_SPI_CS + Define SPI Chip Select ID connected to TPM + - USB Support: At the moment only the UHCI host controller is supported (PIP405, MIP405, MPC5200); define diff --git a/drivers/tpm/Makefile b/drivers/tpm/Makefile index 150570e..1ee707e 100644 --- a/drivers/tpm/Makefile +++ b/drivers/tpm/Makefile @@ -9,3 +9,4 @@ obj-$(CONFIG_TPM_TIS_I2C) += tpm.o obj-$(CONFIG_TPM_TIS_I2C) += tpm_tis_i2c.o obj-$(CONFIG_TPM_TIS_LPC) += tpm_tis_lpc.o obj-$(CONFIG_TPM_TIS_SANDBOX) += tpm_tis_sandbox.o +obj-$(CONFIG_TPM_ST_SPI) += tpm_spi_stm_st33.o diff --git a/drivers/tpm/tpm_spi_stm_st33.c b/drivers/tpm/tpm_spi_stm_st33.c new file mode 100644 index 0000000..78a4e54 --- /dev/null +++ b/drivers/tpm/tpm_spi_stm_st33.c @@ -0,0 +1,671 @@ +/* + * STMicroelectronics TPM SPI UBOOT Linux driver for TPM ST33ZP24 + * Copyright (C) 2014 STMicroelectronics + + * + * Description: Device driver for ST33ZP24 SPI TPM TCG. + * + * This device driver implements the TPM interface as defined in + * the TCG TPM Interface Spec version 1.21, revision 1.0 and the + * STMicroelectronics SPI Protocol Stack Specification version 1.2.0. + * + * SPDX-License-Identifier: GPL-2.0+ + * + * @Author: Jean-Luc BLANC jean-luc.blanc@st.com + * + * @File: tpm_spi_stm_st33.c + */ + +#include <common.h> +#include <spi.h> +#include <linux/types.h> +#include <tpm.h> +#include <errno.h> +#include <asm/unaligned.h> + +#define TPM_ACCESS (0x0) +#define TPM_STS (0x18) +#define TPM_HASH_END (0x20) +#define TPM_DATA_FIFO (0x24) +#define TPM_HASH_DATA (0x24) +#define TPM_HASH_START (0x28) +#define TPM_INTF_CAPABILITY (0x14) +#define TPM_INT_STATUS (0x10) +#define TPM_INT_ENABLE (0x08) + +#define TPM_DUMMY_BYTE 0x00 +#define TPM_WRITE_DIRECTION 0x80 +#define TPM_HEADER_SIZE 10 +#define TPM_BUFSIZE 2048 + +#define LOCALITY0 0 +#define LOCALITY1 1 +#define LOCALITY2 2 +#define LOCALITY3 3 +#define LOCALITY4 4 + +/* Index of Count field in TPM response buffer */ +#define TPM_RSP_SIZE_BYTE 2 + +#define MAX_NUMBER_TPM_ONBOARD 2 + +#define SPI_WRITE_HEADER_SIZE 4 + +struct tpm_chip { + int latency; + int is_open; + bool bchipf; + int locality; + u8 buf[TPM_BUFSIZE]; + unsigned long timeout_a, timeout_b, timeout_c, timeout_d; /* msec */ + unsigned long duration; /* msec */ + struct spi_slave *tpm_dev_spi_info; +}; + +struct tpm_chip tpm_st33_spi_board_info[1]; + +struct tpm_chip *active_tpm; + +/* Error value returned on various TPM driver errors. */ +#define TPM_DRIVER_ERR (1) + +/* Maximum command duration */ +#define TPM_MAX_COMMAND_DURATION 120000 + +#define min_t(type, x, y) ({ \ + type __min1 = (x); \ + type __min2 = (y); \ + __min1 < __min2 ? __min1 : __min2; }) + +enum stm33zp24_access { + TPM_ACCESS_VALID = 0x80, + TPM_ACCESS_ACTIVE_LOCALITY = 0x20, + TPM_ACCESS_REQUEST_PENDING = 0x04, + TPM_ACCESS_REQUEST_USE = 0x02, +}; + +enum stm33zp24_status { + TPM_STS_VALID = 0x80, + TPM_STS_COMMAND_READY = 0x40, + TPM_STS_GO = 0x20, + TPM_STS_DATA_AVAIL = 0x10, + TPM_STS_DATA_EXPECT = 0x08, +}; + +enum stm33zp24_int_flags { + TPM_GLOBAL_INT_ENABLE = 0x80, + TPM_INTF_CMD_READY_INT = 0x80, + TPM_INTF_FIFO_AVALAIBLE_INT = 0x40, + TPM_INTF_WAKE_UP_READY_INT = 0x20, + TPM_INTF_LOC4SOFTRELEASE_INT = 0x08, + TPM_INTF_LOCALITY_CHANGE_INT = 0x04, + TPM_INTF_STS_VALID_INT = 0x02, + TPM_INTF_DATA_AVAIL_INT = 0x01, +}; + +enum tis_defaults { + TIS_SHORT_TIMEOUT = 750, /* ms */ + TIS_LONG_TIMEOUT = 2000, /* 2 sec */ +}; + + +/* + * spi_write8_reg + * Send byte to the TIS register according to the ST33ZP24 SPI protocol. + * @param: tpm, the chip description + * @param: tpm_register, the tpm tis register where the data should be written + * @param: tpm_data, the tpm_data to write inside the tpm_register + * @param: tpm_size, The length of the data + * @return: should be zero if success else a negative error code. + */ +static int spi_write8_reg(struct tpm_chip *tpm, u8 tpm_register, + const u8 *tpm_data, u16 tpm_size) +{ + u8 data = 0; + int total_length = 0, nbr_dummy_bytes = 0; + int value = 0; + u8 tx_buffer[TPM_BUFSIZE + SPI_WRITE_HEADER_SIZE]; + + data = TPM_WRITE_DIRECTION | tpm->locality; + memcpy(tx_buffer + total_length, &data, sizeof(data)); + total_length++; + data = tpm_register; + memcpy(tx_buffer + total_length, &data, sizeof(data)); + total_length++; + + if (tpm_size > 0 && ((tpm_register == TPM_DATA_FIFO) + || (tpm_register == TPM_HASH_DATA))) { + tx_buffer[total_length++] = tpm_size >> 8; + tx_buffer[total_length++] = tpm_size; + } + memcpy(tx_buffer + total_length, tpm_data, tpm_size); + total_length += tpm_size; + nbr_dummy_bytes = tpm->latency + 1; + memset(tx_buffer + total_length, TPM_DUMMY_BYTE, nbr_dummy_bytes); + + spi_claim_bus(tpm->tpm_dev_spi_info); + value = spi_xfer(tpm->tpm_dev_spi_info, + (total_length + nbr_dummy_bytes)*8, tx_buffer, + tx_buffer, SPI_XFER_BEGIN | SPI_XFER_END); + spi_release_bus(tpm->tpm_dev_spi_info); + + return value; +} /* spi_write8_reg() */ + +/* + * spi_read8_reg + * Recv byte from the TIS register according to the ST33ZP24 SPI protocol. + * @param: tpm, the chip description + * @param: tpm_loc, the locality to read register from + * @param: tpm_register, the tpm tis register where the data should be read + * @param: tpm_data, the TPM response + * @param: tpm_size, tpm TPM response size to read. + * @return: should be zero if success else a negative error code. + */ +static u8 spi_read8_reg(struct tpm_chip *tpm, u8 tpm_loc, u8 tpm_register, + u8 *tpm_data, u16 tpm_size) +{ + u8 data = 0; + int total_length = 0, nbr_dummy_bytes; + int value = 0; + u8 *data_buffer; + + data_buffer = tpm_data; + /* SPI read message is : locality & direction */ + data = tpm_loc; + memcpy(data_buffer + total_length, &data, sizeof(data)); + total_length++; + /* + TPM target register */ + data = tpm_register; + memcpy(data_buffer + total_length, &data, sizeof(data)); + total_length++; + /* + TPM latency (2B) + Status byte (1B) + Nb to read (tpm_size) */ + nbr_dummy_bytes = tpm->latency + 1 + tpm_size; + memset(&data_buffer[total_length], TPM_DUMMY_BYTE, nbr_dummy_bytes); + + spi_claim_bus(tpm->tpm_dev_spi_info); + value = spi_xfer(tpm->tpm_dev_spi_info, + (total_length + nbr_dummy_bytes)*8, + data_buffer, tpm_data, SPI_XFER_BEGIN | SPI_XFER_END); + spi_release_bus(tpm->tpm_dev_spi_info); + + if (tpm_size > 0 && value == 0) { + if (tpm_data[tpm->latency + 2] == 0x5A) + memcpy(tpm_data, + tpm_data + total_length + nbr_dummy_bytes - tpm_size, + tpm_size); + else { + printf("Error in the TPM command, TPM status byte = "); + printf("%x\n", tpm_data[tpm->latency + tpm_size + 1]); + value = -TPM_DRIVER_ERR; + } + } + return value; +} /* spi_read8_reg() */ + +/* + * tpm_stm_spi_cancel_or_command_ready, cancel command or move TPM in + * Command Ready state + * @param: chip, the tpm chip description as specified in + * driver/char/tpm/tpm.h. + */ +static void tpm_stm_spi_cancel_or_command_ready(struct tpm_chip *chip) +{ + u8 data = TPM_STS_COMMAND_READY; + + spi_write8_reg(chip, TPM_STS, &data, 1); +} /* tpm_stm_spi_cancel() */ + +/* + * tpm_stm_spi_status return the TPM_STS register + * @param: chip, the tpm chip description + * @return: the TPM_STS register value. + */ +static u8 tpm_stm_spi_status(struct tpm_chip *chip) +{ + spi_read8_reg(chip, active_tpm->locality, TPM_STS, active_tpm->buf, 1); + return active_tpm->buf[0]; +} /* tpm_stm_spi_status() */ + +/* + * check_locality if the locality is active + * @param: chip, the tpm chip description + * @return: the active locality or -1 if no locality active. + */ +static int check_locality(struct tpm_chip *chip) +{ + u8 status; + int ret, loc_to_check = 0; + + do { + status = spi_read8_reg(chip, loc_to_check, TPM_ACCESS, + active_tpm->buf, 1); + if ((status == 0) && (active_tpm->buf[0] & + (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID)) == + (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID)) + break; + loc_to_check++; + } while (loc_to_check < 5); + if (loc_to_check == 5) + ret = -TPM_DRIVER_ERR; + else + ret = loc_to_check; + return ret; +} /* check_locality() */ + +/* + * request_locality request the TPM locality + * @param: chip, the chip description + * @return: the active locality or -TPM_DRIVER_ERR. + */ +static int request_locality(struct tpm_chip *chip) +{ + unsigned long start, stop; + int rc; + u8 data = 0; + + /* Check locality */ + if (check_locality(chip) == chip->locality) + return chip->locality; + + /* Request locality */ + data = TPM_ACCESS_REQUEST_USE; + rc = spi_write8_reg(chip, TPM_ACCESS, &data, 1); + if (rc < 0) + goto end; + + /* wait for locality activated */ + start = get_timer(0); + stop = chip->timeout_a; + do { + if (check_locality(chip) == chip->locality) + return chip->locality; + } while (get_timer(start) < stop); + rc = -TPM_DRIVER_ERR; +end: + return rc; +} /* request_locality() */ + +/* + * release_locality release the active locality + * @param: chip, the tpm chip description. + * @return: should be zero if success else a negative error code. + */ +static int release_locality(struct tpm_chip *chip) +{ + u8 data = 0; + + data = TPM_ACCESS_ACTIVE_LOCALITY; + return spi_write8_reg(chip, TPM_ACCESS, &data, 1); +} /* release_locality()*/ + +/* + * get_burstcount return the burstcount address 0x19 0x1A + * @param: chip, the chip description + * @return: the burstcount. + */ +static int get_burstcount(struct tpm_chip *chip) +{ + unsigned long start, stop; + u32 burstcnt; + u8 tpm_reg; + long status = 0; + int ret; + + /* wait for burstcount */ + start = get_timer(0); + stop = chip->timeout_d; + do { + tpm_reg = TPM_STS + 1; + status = spi_read8_reg(chip, active_tpm->locality, tpm_reg, + active_tpm->buf, 1); + if (status < 0) + return -EBUSY; + + burstcnt = active_tpm->buf[0]; + status = spi_read8_reg(chip, active_tpm->locality, ++tpm_reg, + active_tpm->buf, 1); + if (status < 0) + return -EBUSY; + + burstcnt |= active_tpm->buf[0] << 8; + if (burstcnt) { + ret = burstcnt; + goto end; + } + } while (get_timer(start) < stop); + ret = -TPM_DRIVER_ERR; +end: + return ret; +} /* get_burstcount() */ + +/* + * wait_for_stat wait for a TPM_STS value + * @param: chip, the tpm chip description + * @param: mask, the value mask to wait + * @param: timeout, the timeout + * @param: queue, the wait queue. + * @return: 0 if success, -ETIME if timeout is reached. + */ +static int wait_for_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout) +{ + unsigned long start, stop; + u8 status; + + /* check current status */ + status = tpm_stm_spi_status(chip); + if ((status & mask) == mask) + return 0; + + start = get_timer(0); + stop = chip->timeout_d; + do { + status = tpm_stm_spi_status(chip); + if ((status & mask) == mask) + return 0; + } while (get_timer(start) < stop); +return -ETIME; +} /* wait_for_stat() */ + + +/* + * recv_data receive data + * @param: chip, the tpm chip description + * @param: buf, the buffer where the data are received + * @param: count, the number of data to receive + * @return: number of byte read on success, minus error code otherwise. + */ +static int recv_data(struct tpm_chip *chip, u8 *buf, size_t count) +{ + int size = 0, burstcnt, len; + long status = 0; + + while (size < count && + wait_for_stat(chip, TPM_STS_DATA_AVAIL | TPM_STS_VALID, + chip->timeout_c) == 0) { + burstcnt = get_burstcount(chip); + len = min_t(int, burstcnt, count - size); + status = spi_read8_reg(chip, active_tpm->locality, + TPM_DATA_FIFO, buf + size, len); + if (status < 0) + return status; + size += len; + } +return size; +} /* recv_data() */ + + +/* + * tpm_stm_spi_send send TPM commands through the SPI bus. + * @param: chip, the tpm chip description + * @param: buf, the tpm command buffer + * @param: len, the tpm command size + * @return: 0 if success else the negative error code. + */ +static int tpm_stm_spi_send(struct tpm_chip *chip, const unsigned char *buf, + size_t len) +{ + u32 burstcnt = 0, i, size = 0; + u8 data = 0; + long status = 0, ret = 0; + + if (chip == NULL) + return -EINVAL; + if (len < TPM_HEADER_SIZE) + return -EINVAL; + + ret = request_locality(chip); + if (ret < 0) + return ret; + + status = tpm_stm_spi_status(chip); + if ((status & TPM_STS_COMMAND_READY) == 0) { + tpm_stm_spi_cancel_or_command_ready(chip); + if (wait_for_stat(chip, TPM_STS_COMMAND_READY, + chip->timeout_b) < 0) { + ret = -ETIME; + goto out_err; + } + } + + for (i = 0; i < len - 1;) { + burstcnt = get_burstcount(chip); + size = min_t(int, len - i - 1, burstcnt); + ret = spi_write8_reg(chip, TPM_DATA_FIFO, buf, size); + if (ret < 0) + goto out_err; + i += size; + } + + status = tpm_stm_spi_status(chip); + if ((status & TPM_STS_DATA_EXPECT) == 0) { + ret = -EIO; + goto out_err; + } + + /* write last byte */ + spi_write8_reg(chip, TPM_DATA_FIFO, buf + len - 1, 1); + + status = tpm_stm_spi_status(chip); + if ((status & TPM_STS_DATA_EXPECT) != 0) { + ret = -EIO; + goto out_err; + } + + /* go and do it */ + data = TPM_STS_GO; + ret = spi_write8_reg(chip, TPM_STS, &data, 1); + if (ret < 0) + goto out_err; + + return len; +out_err: + tpm_stm_spi_cancel_or_command_ready(chip); + release_locality(chip); + return ret; +} + +/* + * tpm_stm_spi_send_hash send TPM locality 4 hash datas through the SPI bus + * to update the PCR[17]. + * @param: chip, the tpm_chip description. + * @param: buf, the data buffer to send. + * @param: len, the number of bytes to send. + * @return: 0 in case of success else the negative error code. + */ +static int tpm_stm_spi_send_hash(struct tpm_chip *chip, const uint8_t *buf, + size_t len) +{ + int ret = 0; + u8 data; + + if (chip == NULL) + return -EBUSY; + + release_locality(chip); + chip->locality = LOCALITY4; + if (request_locality(chip) != LOCALITY4) { + printf("Failed to select locality 4, hash abort\n"); + return -TPM_DRIVER_ERR; + } + + data = TPM_DUMMY_BYTE; + ret = spi_write8_reg(chip, TPM_HASH_START, &data, 1); + if (ret != 0) + goto end; + ret = spi_write8_reg(chip, TPM_DATA_FIFO, buf, len); + if (ret != 0) + goto end; + ret = spi_write8_reg(chip, TPM_HASH_END, &data, 1); + if (ret != 0) + goto end; + +end: + release_locality(chip); + chip->locality = LOCALITY0; + ret |= request_locality(chip); + return ret; +} /* tpm_stm_spi_send_hash */ + + +/* + * tpm_stm_spi_recv received TPM response through the SPI bus. + * @param: chip, the tpm chip description + * @param: buf, the tpm command buffer + * @param: len, the tpm command size +* @return: 0 if success else the negative error code. + */ +static int tpm_stm_spi_recv(struct tpm_chip *chip, unsigned char *buf, + size_t count) +{ + int size = 0; + int expected; + u8 rx_buffer[TPM_BUFSIZE]; + + if (chip == NULL) + return -EINVAL; + if (count < TPM_HEADER_SIZE) { + size = -EIO; + goto out; + } + + size = recv_data(chip, buf, TPM_HEADER_SIZE); + + /* read first 10 bytes, including tag, paramsize, and result */ + if (size < TPM_HEADER_SIZE) { + printf("TPM error, unable to read header\n"); + goto out; + } + memcpy(rx_buffer, buf, TPM_HEADER_SIZE); + expected = get_unaligned_be32(rx_buffer + TPM_RSP_SIZE_BYTE); + if (expected > count) { + size = -EIO; + goto out; + } + + size += recv_data(chip, buf, expected - TPM_HEADER_SIZE); + if (size < expected) { + printf("TPM error, unable to read remaining bytes of result\n"); + size = -ETIME; + goto out; + } + memcpy(rx_buffer+TPM_HEADER_SIZE, buf, expected - TPM_HEADER_SIZE); + memcpy(buf, rx_buffer, expected); +out: + tpm_stm_spi_cancel_or_command_ready(chip); + release_locality(chip); + return size; +} + +/* + * tis_init() setup the SPI bus and check TPM(s) presence on it + * @return: 0 on success (the device is found or was found during an earlier + * invocation) or -ENODEV if the device is not found. + * Upon exit, TPM0 is the one active if present. + */ +int tis_init(void) +{ + int rc = 0; + struct spi_slave *slave; + + slave = spi_setup_slave(TPM0_SPI_BUS_NUM, TPM0_SPI_CS, + TPM0_SPI_MAX_SPEED, SPI_MODE_0); + if (slave != NULL) { + active_tpm = &tpm_st33_spi_board_info[0]; + active_tpm->timeout_a = TIS_SHORT_TIMEOUT; + active_tpm->timeout_b = TIS_LONG_TIMEOUT; + active_tpm->timeout_c = TIS_SHORT_TIMEOUT; + active_tpm->timeout_d = TIS_SHORT_TIMEOUT; + active_tpm->locality = LOCALITY0; + active_tpm->duration = TPM_MAX_COMMAND_DURATION; + active_tpm->tpm_dev_spi_info = slave; + active_tpm->latency = 2; + if (spi_read8_reg(active_tpm, active_tpm->locality, + TPM_ACCESS, active_tpm->buf, 1) != 0) { + rc = -TPM_DRIVER_ERR; + active_tpm->is_open = 0; + goto out_err; + } + active_tpm->is_open = 1; + printf("ST33ZP24 SPI TPM from STMicroelectronics found\n"); + } +out_err: + return rc; +} /* tis_init() */ + +/* + * tis_sendrecv() send the requested data to the TPM and then try read response + * @param: sendbuf - buffer of the data to send + * @param: send_size size of the data to send + * @param: recvbuf - memory to save the response to + * @param: recv_len - pointer to the size of the response buffer + * @return: 0 on success (and places the number of response bytes at recv_len) + * or -TPM_DRIVER_ERR on failure. + */ +int tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, + uint8_t *recvbuf, size_t *rbuf_len) +{ + int len; + + if (active_tpm->is_open == 0) + return -TPM_DRIVER_ERR; + + if (sizeof(active_tpm->buf) < sbuf_size) + return -TPM_DRIVER_ERR; + len = tpm_stm_spi_send(active_tpm, sendbuf, sbuf_size); + + if (len < sbuf_size) { + printf("TPM error, command not fully transmitted"); + printf(", only %d sent where expect %d\n", len, sbuf_size); + return -TPM_DRIVER_ERR; + } + if (wait_for_stat(active_tpm, TPM_STS_DATA_AVAIL | TPM_STS_VALID, + active_tpm->timeout_c) != 0) + return -TPM_DRIVER_ERR; + + len = tpm_stm_spi_recv(active_tpm, active_tpm->buf, + sizeof(active_tpm->buf)); + if (len < 10) { + *rbuf_len = 0; + return -TPM_DRIVER_ERR; + } + if (recvbuf != NULL) { + memcpy(recvbuf, active_tpm->buf, len); + *rbuf_len = len; + } else { + printf("recvbuf is NULL, drop the TPM answer\n"); + } + + return 0; +} /* tis_sendrecv() */ + +/* + * tis_open() requests access to locality 0. After all commands have been + * completed the caller is supposed to call tis_close(). + * @param: chip_number, the tpm chip to activate (0 or 1) + * @return: 0 on success, -TPM_DRIVER_ERR if an error occur + */ +int tis_open(void) +{ + if (tis_close()) + return -TPM_DRIVER_ERR; + /* now request access to locality. */ + if (request_locality(active_tpm) != 0) { + printf("%s:%d - failed to lock locality 0\n", + __FILE__, __LINE__); + return -TPM_DRIVER_ERR; + } + return 0; +} /* tis_open() */ + +/* + * tis_close() terminate the current session with the TPM by releasing the + * locked locality. + * @return: Returns 0 on success or TPM_DRIVER_ERR on failure (in case lock + * removal did not succeed). + */ +int tis_close(void) +{ + return release_locality(active_tpm); +} /* tis_close() */ +
In order to support 2 SPI TPMs on same platform, add spi_select() to tpm command set. Selection is done at driver level to keep compatibility with standard tpm commands. --- README | 13 ++++++++++++ common/cmd_tpm.c | 31 ++++++++++++++++++++++++++++ drivers/tpm/tpm_spi_stm_st33.c | 44 ++++++++++++++++++++++++++++++++++++++++ include/tpm.h | 10 +++++++++ lib/tpm.c | 13 ++++++++++++ 5 files changed, 111 insertions(+)
diff --git a/README b/README index e04866d..ef66550 100644 --- a/README +++ b/README @@ -1334,6 +1334,19 @@ The following options need to be configured: TPM0_SPI_CS Define SPI Chip Select ID connected to TPM
+ CONFIG_TPM_ST_2TPM + Support additional STMicoelectronics SPI TPM. + Require CONFIG_TPM_ST_SPI + + TPM1_SPI_MAX_SPEED + Define SPI frequency for TPM, 10000000 Hz max + + TPM1_SPI_BUS_NUM + Define SPI Bus ID connected to TPM + + TPM1_SPI_CS + Define SPI Chip Select ID connected to TPM + - USB Support: At the moment only the UHCI host controller is supported (PIP405, MIP405, MPC5200); define diff --git a/common/cmd_tpm.c b/common/cmd_tpm.c index 0294952..3085d34 100644 --- a/common/cmd_tpm.c +++ b/common/cmd_tpm.c @@ -355,6 +355,27 @@ static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag, return convert_return_code(rc); }
+#ifdef CONFIG_TPM_ST_2TPM +static int do_tpm_spi_select(cmd_tbl_t *cmdtp, int flag, + int argc, char * const argv[]) +{ + uint32_t rc, spi_number; + + if (argc != 2) + return CMD_RET_USAGE; + + spi_number = simple_strtoul(argv[1], NULL, 0); + + if ((spi_number == 0) | (spi_number == 1)) { + rc = tpm_spi_select(spi_number); + } else { + printf("Couldn't parse argument %s\n", argv[1]); + return CMD_RET_FAILURE; + } + return convert_return_code(rc); +} +#endif /* CONFIG_TPM_ST_2TPM */ + static int do_tpm_tsc_physical_presence(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { @@ -631,6 +652,10 @@ static cmd_tbl_t tpm_commands[] = { do_tpm_extend, "", ""), U_BOOT_CMD_MKENT(pcr_read, 0, 1, do_tpm_pcr_read, "", ""), +#ifdef CONFIG_TPM_ST_2TPM + U_BOOT_CMD_MKENT(spi_select, 0, 1, + do_tpm_spi_select, "", ""), +#endif /* CONFIG_TPM_ST_2TPM */ U_BOOT_CMD_MKENT(tsc_physical_presence, 0, 1, do_tpm_tsc_physical_presence, "", ""), U_BOOT_CMD_MKENT(read_pubek, 0, 1, @@ -754,4 +779,10 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, " - Read from space <index> to environment variables <vars...>.\n" " nv_write types_string index values...\n" " - Write to space <index> from values <values...>.\n" +#ifdef CONFIG_TPM_ST_2TPM +"TPM Select Command:\n" +" spi_select <TPM_ID>\n" +" - In platform with multiple SPI TPM, activate <TPM_ID> for coming\n" +" TPM operations. 0 or 1 are recognized <TPM_ID>\n" +#endif /* CONFIG_TPM_ST_2TPM */ ); diff --git a/drivers/tpm/tpm_spi_stm_st33.c b/drivers/tpm/tpm_spi_stm_st33.c index 78a4e54..d7b4d65 100644 --- a/drivers/tpm/tpm_spi_stm_st33.c +++ b/drivers/tpm/tpm_spi_stm_st33.c @@ -62,7 +62,11 @@ struct tpm_chip { struct spi_slave *tpm_dev_spi_info; };
+#ifdef CONFIG_TPM_ST_2TPM /* 2 TPM on board */ +struct tpm_chip tpm_st33_spi_board_info[2]; +#else /* Only 1 TPM on board */ struct tpm_chip tpm_st33_spi_board_info[1]; +#endif
struct tpm_chip *active_tpm;
@@ -589,6 +593,30 @@ int tis_init(void) active_tpm->is_open = 1; printf("ST33ZP24 SPI TPM from STMicroelectronics found\n"); } +#ifdef CONFIG_TPM_ST_2TPM + slave = spi_setup_slave(TPM1_SPI_BUS_NUM, TPM1_SPI_CS, + TPM1_SPI_MAX_SPEED, SPI_MODE_0); + if (slave != NULL) { + active_tpm = &tpm_st33_spi_board_info[1]; + active_tpm->timeout_a = TIS_SHORT_TIMEOUT; + active_tpm->timeout_b = TIS_LONG_TIMEOUT; + active_tpm->timeout_c = TIS_SHORT_TIMEOUT; + active_tpm->timeout_d = TIS_SHORT_TIMEOUT; + active_tpm->locality = LOCALITY0; + active_tpm->duration = TPM_MAX_COMMAND_DURATION; + active_tpm->tpm_dev_spi_info = slave; + active_tpm->latency = 2; + if (spi_read8_reg(active_tpm, active_tpm->locality, + TPM_ACCESS, active_tpm->buf, 1) != 0) { + rc = -TPM_DRIVER_ERR; + active_tpm->is_open = 0; + goto out_err; + } + active_tpm->is_open = 1; + printf("ST33ZP24 2nd SPI TPM from STMicroelectronics found\n"); + active_tpm = &tpm_st33_spi_board_info[0]; + } +#endif out_err: return rc; } /* tis_init() */ @@ -669,3 +697,19 @@ int tis_close(void) return release_locality(active_tpm); } /* tis_close() */
+/* + * tis_select_tpm() switch the active TPM to "chip_number" + * removal did not succeed). + * @param: chip_number, the tpm chip to activate (0 or 1) + * @return: 0 on success, -TPM_DRIVER_ERR if an error occur + */ +int tis_select_tpm(int chip_number) +{ + if (chip_number > MAX_NUMBER_TPM_ONBOARD - 1) { + printf("Error, trying to select a TPM number that not exist\n"); + return -TPM_DRIVER_ERR; + } + active_tpm = &tpm_st33_spi_board_info[chip_number]; + return 0; +} + diff --git a/include/tpm.h b/include/tpm.h index 88aeba2..b726142 100644 --- a/include/tpm.h +++ b/include/tpm.h @@ -239,6 +239,16 @@ uint32_t tpm_extend(uint32_t index, const void *in_digest, void *out_digest); */ uint32_t tpm_pcr_read(uint32_t index, void *data, size_t count);
+#ifdef CONFIG_TPM_ST_2TPM +/** + * On platform with 2 declared SPI TPM, select one or the other. + * + * @param TPM ID to select (0 or 1) + * @return 0 if success, otherwise means an error occurs. + */ +uint32_t tpm_spi_select(int selected_tpm); +#endif /* CONFIG_TPM_ST_2TPM */ + /** * Issue a TSC_PhysicalPresence command. TPM physical presence flag * is bit-wise OR'ed of flags listed in enum tpm_physical_presence. diff --git a/lib/tpm.c b/lib/tpm.c index 967c8e6..bc8524e 100644 --- a/lib/tpm.c +++ b/lib/tpm.c @@ -459,6 +459,19 @@ uint32_t tpm_pcr_read(uint32_t index, void *data, size_t count) return 0; }
+#ifdef CONFIG_TPM_ST_2TPM +uint32_t tpm_spi_select(int selected_tpm) +{ + uint32_t err; + + err = tis_select_tpm(selected_tpm); + if (err) + return err; + + return 0; +} +#endif /* CONFIG_TPM_ST_2TPM */ + uint32_t tpm_tsc_physical_presence(uint16_t presence) { const uint8_t command[12] = {
Add the support of direct hash function in locality 4. hash_loc4() command added in TPM command set.
Signed-off-by: Jean-Luc BLANC jean-luc.blanc@st.com --- README | 4 ++++ common/cmd_tpm.c | 32 ++++++++++++++++++++++++++++++++ drivers/tpm/tpm_spi_stm_st33.c | 18 ++++++++++++++++++ include/tis.h | 11 ++++++++++- include/tpm.h | 12 ++++++++++++ lib/tpm.c | 13 +++++++++++++ 6 files changed, 89 insertions(+), 1 deletion(-)
diff --git a/README b/README index ef66550..56c398a 100644 --- a/README +++ b/README @@ -1347,6 +1347,10 @@ The following options need to be configured: TPM1_SPI_CS Define SPI Chip Select ID connected to TPM
+ CONFIG_TPM_ST + Support additional hash in locality 4 command for + STMicroelectronics TPMs (SPI or I2C). Require CONFIG_CMD_TPM. + - USB Support: At the moment only the UHCI host controller is supported (PIP405, MIP405, MPC5200); define diff --git a/common/cmd_tpm.c b/common/cmd_tpm.c index 3085d34..7ca9257 100644 --- a/common/cmd_tpm.c +++ b/common/cmd_tpm.c @@ -334,6 +334,29 @@ static int do_tpm_extend(cmd_tbl_t *cmdtp, int flag, return convert_return_code(rc); }
+#ifdef CONFIG_TPM_ST +static int do_tpm_hash_loc4(cmd_tbl_t *cmdtp, int flag, + int argc, char * const argv[]) +{ + uint32_t rc; + size_t count; + void *data; + + if (argc != 2) + return CMD_RET_USAGE; + + data = parse_byte_string(argv[1], NULL, &count); + if (!data) { + printf("Couldn't parse byte string %s\n", argv[1]); + return CMD_RET_FAILURE; + } + + rc = tpm_hash_loc4(data, count); + free(data); + return convert_return_code(rc); +} +#endif /* CONFIG_TPM_ST */ + static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { @@ -650,6 +673,10 @@ static cmd_tbl_t tpm_commands[] = { do_tpm_nv_write_value, "", ""), U_BOOT_CMD_MKENT(extend, 0, 1, do_tpm_extend, "", ""), +#ifdef CONFIG_TPM_ST + U_BOOT_CMD_MKENT(hash_loc4, 0, 1, + do_tpm_hash_loc4, "", ""), +#endif /* CONFIG_TPM_ST */ U_BOOT_CMD_MKENT(pcr_read, 0, 1, do_tpm_pcr_read, "", ""), #ifdef CONFIG_TPM_ST_2TPM @@ -748,6 +775,11 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, " extend index digest_hex_string\n" " - Add a new measurement to a PCR. Update PCR <index> with the 20-bytes\n" " <digest_hex_string>\n" +#ifdef CONFIG_TPM_ST +" hash_loc4 digest_hex_string\n" +" - Add a mesurement in PCR17. Update PCR 17 with the digest\n" +" of <digest_hex_string>\n" +#endif /* CONFIG_TPM_ST */ " pcr_read index addr count\n" " - Read <count> bytes from PCR <index> to memory address <addr>.\n" #ifdef CONFIG_TPM_AUTH_SESSIONS diff --git a/drivers/tpm/tpm_spi_stm_st33.c b/drivers/tpm/tpm_spi_stm_st33.c index d7b4d65..34746f2 100644 --- a/drivers/tpm/tpm_spi_stm_st33.c +++ b/drivers/tpm/tpm_spi_stm_st33.c @@ -668,6 +668,24 @@ int tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, } /* tis_sendrecv() */
/* + * tis_sendhashloc4() perform a hash in locality 4 in order to extend PCR17 + * @param: sendbuf - buffer of the data to send + * @param: send_size size of the data to send + * @return: 0 on success or -TPM_DRIVER_ERR on failure. + */ +int tis_sendhashloc4(const uint8_t *sendbuf, size_t sbuf_size) +{ + int ret; + + if (active_tpm->is_open == 0) { + printf("TPM not yet initialized, perform "tpm init" first\n"); + return -TPM_DRIVER_ERR; + } + ret = tpm_stm_spi_send_hash(active_tpm, sendbuf, sbuf_size); + return ret; +} /* tis_sendhashloc4() */ + +/* * tis_open() requests access to locality 0. After all commands have been * completed the caller is supposed to call tis_close(). * @param: chip_number, the tpm chip to activate (0 or 1) diff --git a/include/tis.h b/include/tis.h index 40a1f86..f2b2df3 100644 --- a/include/tis.h +++ b/include/tis.h @@ -53,5 +53,14 @@ int tis_close(void); */ int tis_sendrecv(const uint8_t *sendbuf, size_t send_size, uint8_t *recvbuf, size_t *recv_len); - +#ifdef CONFIG_TPM_ST +/* + * tis_sendhashloc4() perform a hash in locality 4 in order to extend PCR17 + * @param: sendbuf - buffer of the data to send + * @param: send_size size of the data to send + * + * @return: 0 on success or -TPM_DRIVER_ERR on failure. + */ +int tis_sendhashloc4(const uint8_t *sendbuf, size_t sbuf_size); +#endif /* CONFIG_TPM_ST */ #endif /* __TIS_H */ diff --git a/include/tpm.h b/include/tpm.h index b726142..90ae922 100644 --- a/include/tpm.h +++ b/include/tpm.h @@ -229,6 +229,18 @@ uint32_t tpm_nv_write_value(uint32_t index, const void *data, uint32_t length); */ uint32_t tpm_extend(uint32_t index, const void *in_digest, void *out_digest);
+#ifdef CONFIG_TPM_ST +/** + * Issue a TPM hash in locality4 command. + * + * @param in_digest any size value representing the event to be + * recorded + * @param length length of data bytes of input buffer + * @return 0 if success, otherwise means an error occurs. + */ +uint32_t tpm_hash_loc4(const void *in_digest, uint32_t length); +#endif /* CONFIG_TPM_ST */ + /** * Issue a TPM_PCRRead command. * diff --git a/lib/tpm.c b/lib/tpm.c index bc8524e..ea574f4 100644 --- a/lib/tpm.c +++ b/lib/tpm.c @@ -431,6 +431,19 @@ uint32_t tpm_extend(uint32_t index, const void *in_digest, void *out_digest) return 0; }
+#ifdef CONFIG_TPM_ST +uint32_t tpm_hash_loc4(const void *in_digest, uint32_t length) +{ + uint32_t err; + + err = tis_sendhashloc4(in_digest, length); + if (err) + return err; + + return 0; +} +#endif /* CONFIG_TPM_ST */ + uint32_t tpm_pcr_read(uint32_t index, void *data, size_t count) { const uint8_t command[14] = {
Hi Jean-Luc,
On 1 April 2014 06:05, Jean-Luc BLANC stmicroelectronics.tpm@gmail.comwrote:
Add the support of direct hash function in locality 4. hash_loc4() command added in TPM command set.
Signed-off-by: Jean-Luc BLANC jean-luc.blanc@st.com
A nit below, but otherwise:
Acked-by: Simon Glass sjg@chromium.org
README | 4 ++++ common/cmd_tpm.c | 32 ++++++++++++++++++++++++++++++++ drivers/tpm/tpm_spi_stm_st33.c | 18 ++++++++++++++++++ include/tis.h | 11 ++++++++++- include/tpm.h | 12 ++++++++++++ lib/tpm.c | 13 +++++++++++++ 6 files changed, 89 insertions(+), 1 deletion(-)
diff --git a/README b/README index ef66550..56c398a 100644 --- a/README +++ b/README @@ -1347,6 +1347,10 @@ The following options need to be configured: TPM1_SPI_CS Define SPI Chip Select ID connected to TPM
CONFIG_TPM_STSupport additional hash in locality 4 command forSTMicroelectronics TPMs (SPI or I2C). RequireCONFIG_CMD_TPM.
- USB Support: At the moment only the UHCI host controller is supported (PIP405, MIP405, MPC5200); define
diff --git a/common/cmd_tpm.c b/common/cmd_tpm.c index 3085d34..7ca9257 100644 --- a/common/cmd_tpm.c +++ b/common/cmd_tpm.c @@ -334,6 +334,29 @@ static int do_tpm_extend(cmd_tbl_t *cmdtp, int flag, return convert_return_code(rc); }
+#ifdef CONFIG_TPM_ST +static int do_tpm_hash_loc4(cmd_tbl_t *cmdtp, int flag,
int argc, char * const argv[])+{
uint32_t rc;size_t count;void *data;if (argc != 2)return CMD_RET_USAGE;data = parse_byte_string(argv[1], NULL, &count);if (!data) {printf("Couldn't parse byte string %s\n", argv[1]);return CMD_RET_FAILURE;}rc = tpm_hash_loc4(data, count);free(data);return convert_return_code(rc);+} +#endif /* CONFIG_TPM_ST */
static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { @@ -650,6 +673,10 @@ static cmd_tbl_t tpm_commands[] = { do_tpm_nv_write_value, "", ""), U_BOOT_CMD_MKENT(extend, 0, 1, do_tpm_extend, "", ""), +#ifdef CONFIG_TPM_ST
U_BOOT_CMD_MKENT(hash_loc4, 0, 1,do_tpm_hash_loc4, "", ""),+#endif /* CONFIG_TPM_ST */ U_BOOT_CMD_MKENT(pcr_read, 0, 1, do_tpm_pcr_read, "", ""), #ifdef CONFIG_TPM_ST_2TPM @@ -748,6 +775,11 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, " extend index digest_hex_string\n" " - Add a new measurement to a PCR. Update PCR <index> with the 20-bytes\n" " <digest_hex_string>\n" +#ifdef CONFIG_TPM_ST +" hash_loc4 digest_hex_string\n" +" - Add a mesurement in PCR17. Update PCR 17 with the digest\n" +" of <digest_hex_string>\n" +#endif /* CONFIG_TPM_ST */ " pcr_read index addr count\n" " - Read <count> bytes from PCR <index> to memory address <addr>.\n" #ifdef CONFIG_TPM_AUTH_SESSIONS diff --git a/drivers/tpm/tpm_spi_stm_st33.c b/drivers/tpm/tpm_spi_stm_st33.c index d7b4d65..34746f2 100644 --- a/drivers/tpm/tpm_spi_stm_st33.c +++ b/drivers/tpm/tpm_spi_stm_st33.c @@ -668,6 +668,24 @@ int tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, } /* tis_sendrecv() */
/*
- tis_sendhashloc4() perform a hash in locality 4 in order to extend
PCR17
- @param: sendbuf - buffer of the data to send
- @param: send_size size of the data to send
- @return: 0 on success or -TPM_DRIVER_ERR on failure.
- */
+int tis_sendhashloc4(const uint8_t *sendbuf, size_t sbuf_size) +{
int ret;if (active_tpm->is_open == 0) {printf("TPM not yet initialized, perform \"tpm init\"first\n");
return -TPM_DRIVER_ERR;}ret = tpm_stm_spi_send_hash(active_tpm, sendbuf, sbuf_size);return ret;+} /* tis_sendhashloc4() */
+/*
- tis_open() requests access to locality 0. After all commands have been
- completed the caller is supposed to call tis_close().
- @param: chip_number, the tpm chip to activate (0 or 1)
diff --git a/include/tis.h b/include/tis.h index 40a1f86..f2b2df3 100644 --- a/include/tis.h +++ b/include/tis.h @@ -53,5 +53,14 @@ int tis_close(void); */ int tis_sendrecv(const uint8_t *sendbuf, size_t send_size, uint8_t *recvbuf, size_t *recv_len);
+#ifdef CONFIG_TPM_ST
Probably don't need this #ifdef in the header file.
+/*
- tis_sendhashloc4() perform a hash in locality 4 in order to extend
PCR17
- @param: sendbuf - buffer of the data to send
- @param: send_size size of the data to send
- @return: 0 on success or -TPM_DRIVER_ERR on failure.
- */
+int tis_sendhashloc4(const uint8_t *sendbuf, size_t sbuf_size); +#endif /* CONFIG_TPM_ST */ #endif /* __TIS_H */ diff --git a/include/tpm.h b/include/tpm.h index b726142..90ae922 100644 --- a/include/tpm.h +++ b/include/tpm.h @@ -229,6 +229,18 @@ uint32_t tpm_nv_write_value(uint32_t index, const void *data, uint32_t length); */ uint32_t tpm_extend(uint32_t index, const void *in_digest, void *out_digest);
+#ifdef CONFIG_TPM_ST +/**
- Issue a TPM hash in locality4 command.
- @param in_digest any size value representing the event to be
recorded
- @param length length of data bytes of input buffer
- @return 0 if success, otherwise means an error occurs.
- */
+uint32_t tpm_hash_loc4(const void *in_digest, uint32_t length); +#endif /* CONFIG_TPM_ST */
/**
- Issue a TPM_PCRRead command.
diff --git a/lib/tpm.c b/lib/tpm.c index bc8524e..ea574f4 100644 --- a/lib/tpm.c +++ b/lib/tpm.c @@ -431,6 +431,19 @@ uint32_t tpm_extend(uint32_t index, const void *in_digest, void *out_digest) return 0; }
+#ifdef CONFIG_TPM_ST +uint32_t tpm_hash_loc4(const void *in_digest, uint32_t length) +{
uint32_t err;err = tis_sendhashloc4(in_digest, length);if (err)return err;return 0;+} +#endif /* CONFIG_TPM_ST */
uint32_t tpm_pcr_read(uint32_t index, void *data, size_t count) { const uint8_t command[14] = { -- 1.7.9.5
Regards, Simon
This driver add support to STMicroelectronics ST33ZP24 I2C TPM.
Signed-off-by: Jean-Luc BLANC jean-luc.blanc@st.com --- README | 7 + drivers/tpm/tpm_i2c_stm_st33.c | 659 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 666 insertions(+) create mode 100644 drivers/tpm/tpm_i2c_stm_st33.c
diff --git a/README b/README index 56c398a..a1eae3e 100644 --- a/README +++ b/README @@ -1351,6 +1351,13 @@ The following options need to be configured: Support additional hash in locality 4 command for STMicroelectronics TPMs (SPI or I2C). Require CONFIG_CMD_TPM.
+ CONFIG_TPM_ST_I2C + Support I2C STMicroelectronics TPM. Require I2C support + + CONFIG_TPM_I2C_BUS + Define the i2c bus number for the TPM device + + - USB Support: At the moment only the UHCI host controller is supported (PIP405, MIP405, MPC5200); define diff --git a/drivers/tpm/tpm_i2c_stm_st33.c b/drivers/tpm/tpm_i2c_stm_st33.c new file mode 100644 index 0000000..ff257af --- /dev/null +++ b/drivers/tpm/tpm_i2c_stm_st33.c @@ -0,0 +1,659 @@ +/* + * STMicroelectronics TPM I2C UBOOT Linux driver for TPM ST33ZP24 + * Copyright (C) 2014 STMicroelectronics + + * + * Description: Device driver for ST33ZP24 I2C TPM TCG. + * + * This device driver implements the TPM interface as defined in + * the TCG TPM Interface Spec version 1.21, revision 1.0 and the + * STMicroelectronics I2C Protocol Stack Specification version 1.2.0. + * + * SPDX-License-Identifier: GPL-2.0+ + * + * @Author: Jean-Luc BLANC jean-luc.blanc@st.com + * + * @File: tpm_i2c_stm_st33.c + */ + +#include <common.h> +#include <i2c.h> +#include <linux/types.h> +#include <tpm.h> +#include <errno.h> +#include <asm/unaligned.h> + +#define MINOR_NUM_I2C 224 + +#define TPM_ACCESS (0x0) +#define TPM_STS (0x18) +#define TPM_HASH_END (0x20) +#define TPM_DATA_FIFO (0x24) +#define TPM_HASH_DATA (0x24) +#define TPM_HASH_START (0x28) +#define TPM_INTF_CAPABILITY (0x14) +#define TPM_INT_STATUS (0x10) +#define TPM_INT_ENABLE (0x08) + +#define TPM_DUMMY_BYTE 0xAA +#define TPM_WRITE_DIRECTION 0x80 +#define TPM_HEADER_SIZE 10 +#define TPM_BUFSIZE 2048 + +#define LOCALITY0 0 +#define LOCALITY4 4 +#define LOCALITY0_I2C_ADDR 0x13 +#define LOCALITY4_I2C_ADDR 0x1B + +/* Index of Count field in TPM response buffer */ +#define TPM_RSP_SIZE_BYTE 2 + +/* Error value returned on various TPM driver errors. */ +#define TPM_DRIVER_ERR (1) + +/* Maximum command duration */ +#define TPM_MAX_COMMAND_DURATION 120000 + +enum stm33zp24_access { + TPM_ACCESS_VALID = 0x80, + TPM_ACCESS_ACTIVE_LOCALITY = 0x20, + TPM_ACCESS_REQUEST_PENDING = 0x04, + TPM_ACCESS_REQUEST_USE = 0x02, +}; + +enum stm33zp24_status { + TPM_STS_VALID = 0x80, + TPM_STS_COMMAND_READY = 0x40, + TPM_STS_GO = 0x20, + TPM_STS_DATA_AVAIL = 0x10, + TPM_STS_DATA_EXPECT = 0x08, +}; + +enum stm33zp24_int_flags { + TPM_GLOBAL_INT_ENABLE = 0x80, + TPM_INTF_CMD_READY_INT = 0x080, + TPM_INTF_FIFO_AVALAIBLE_INT = 0x040, + TPM_INTF_WAKE_UP_READY_INT = 0x020, + TPM_INTF_LOCTPM_BUFSIZE4SOFTRELEASE_INT = 0x008, + TPM_INTF_LOCALITY_CHANGE_INT = 0x004, + TPM_INTF_STS_VALID_INT = 0x002, + TPM_INTF_DATA_AVAIL_INT = 0x001, +}; + +enum tis_defaults { + TIS_SHORT_TIMEOUT = 750, /* ms */ + TIS_LONG_TIMEOUT = 2000, /* 2 sec */ +}; + +struct tpm_chip { + uint addr; + uint i2c_bus; + int is_open; + u8 buf[TPM_BUFSIZE]; + int locality; + unsigned long timeout_a, timeout_b, timeout_c, timeout_d; /* msec */ + unsigned long duration; /* msec */ +}; + +static struct tpm_chip tpm_dev; + +/* + * write8_reg + * Send byte to the TIS register according to the ST33ZP24 I2C protocol. + * @param: tpm_register, the tpm tis register where the data should be written + * @param: tpm_data, the tpm_data to write inside the tpm_register + * @param: tpm_size, The length of the data + * @return: Returns zero in case of success else the negative error code. + */ +static int write8_reg(u8 addr, u8 tpm_register, + const u8 *tpm_data, u16 tpm_size) +{ + u8 data; + + data = tpm_register; + memcpy(&(tpm_dev.buf[0]), &data, sizeof(data)); + memcpy(&(tpm_dev.buf[0])+1, tpm_data, tpm_size); + return i2c_write(addr, 0, 0, &tpm_dev.buf[0], + tpm_size + 1); +} /* write8_reg() */ + +/* +* read8_reg +* Recv byte from the TIS register according to the ST33ZP24 I2C protocol. +* @param: tpm_register, the tpm tis register where the data should be read +* @param: tpm_data, the TPM response +* @param: tpm_size, tpm TPM response size to read. +* @return: Returns zero in case of success else the negative error code. +*/ +static int read8_reg(u8 addr, u8 tpm_register, +u8 *tpm_data, int tpm_size) +{ + u8 status = 0; + u8 data; + + data = TPM_DUMMY_BYTE; + status = write8_reg(addr, tpm_register, &data, 1); + if (status == 0) + status = i2c_read(addr, 0, 0, tpm_data, tpm_size); +return status; +} /* read8_reg() */ + +/* + * I2C_WRITE_DATA + * Send byte to the TIS register according to the ST33ZP24 I2C protocol. + * @param: client, the chip description + * @param: tpm_register, the tpm tis register where the data should be written + * @param: tpm_data, the tpm_data to write inside the tpm_register + * @param: tpm_size, The length of the data + * @return: Returns zero in case of success else the negative error code. + */ +#define I2C_WRITE_DATA(client, tpm_register, tpm_data, tpm_size)\ + (write8_reg(client, tpm_register | \ + TPM_WRITE_DIRECTION, tpm_data, tpm_size)) + +/* + * I2C_READ_DATA + * Recv byte from the TIS register according to the ST33ZP24 I2C protocol. + * @param: tpm, the chip description + * @param: tpm_register, the tpm tis register where the data should be read + * @param: tpm_data, the TPM response + * @param: tpm_size, tpm TPM response size to read. + * @return: Returns zero in case of success else the negative error code. + */ +#define I2C_READ_DATA(client, tpm_register, tpm_data, tpm_size)\ + (read8_reg(client, tpm_register, tpm_data, tpm_size)) + +/* + * release_locality release the active locality + * @param: chip, the tpm chip description. + * @return: Returns zero in case of success else the negative error code. + */ +static int release_locality(struct tpm_chip *chip) +{ + u8 data = TPM_ACCESS_ACTIVE_LOCALITY; + + return I2C_WRITE_DATA(tpm_dev.addr, TPM_ACCESS, &data, 1); +} /* release_locality() */ + + +/* + * check_locality if the locality is active + * @param: chip, the tpm chip description + * @return: the active locality or -TPM_DRIVER_ERR. + */ +static int check_locality(struct tpm_chip *chip) +{ + u8 data; + u8 status; + + status = I2C_READ_DATA(chip->addr, TPM_ACCESS, &data, 1); + if ((status == 0) && (data & + (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID)) == + (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID)) + return chip->locality; + return -TPM_DRIVER_ERR; +} /* check_locality() */ + +/* + * request_locality request the TPM locality + * @param: chip, the chip description + * @return: the active locality or -TPM_DRIVER_ERR. + */ +static int request_locality(struct tpm_chip *chip) +{ + unsigned long start, stop; + long rc; + u8 data; + + if (check_locality(chip) == chip->locality) + return chip->locality; + + data = TPM_ACCESS_REQUEST_USE; + rc = I2C_WRITE_DATA(chip->addr, TPM_ACCESS, &data, 1); + if (rc < 0) + goto end; + + /* wait for locality activated */ + start = get_timer(0); + stop = chip->timeout_a; + do { + if (check_locality(chip) >= 0) + return chip->locality; + } while (get_timer(start) < stop); + rc = -TPM_DRIVER_ERR; +end: + return rc; +} /* request_locality() */ + +/* + * tpm_stm_spi_status return the TPM_STS register + * @param: chip, the tpm chip descriptionc + * @return: the TPM_STS register value. + */ +static u8 tpm_stm_i2c_status(struct tpm_chip *chip) +{ + u8 data; + + I2C_READ_DATA(chip->addr, TPM_STS, &data, 1); + return data; +} /* tpm_stm_i2c_status() */ + +/* + * get_burstcount return the burstcount address 0x19 0x1A + * @param: chip, the chip description + * return: the burstcount or -TPM_DRIVER_ERR in case of error. + */ +static int get_burstcount(struct tpm_chip *chip) +{ + unsigned long start, stop; + int burstcnt, status, ret; + u8 tpm_reg, temp; + + /* wait for burstcount */ + start = get_timer(0); + stop = chip->timeout_d; + do { + tpm_reg = TPM_STS + 1; + status = I2C_READ_DATA(chip->addr, tpm_reg, &temp, 1); + if (status < 0) + break; + + tpm_reg = tpm_reg + 1; + burstcnt = temp; + status = I2C_READ_DATA(chip->addr, tpm_reg, &temp, 1); + if (status < 0) + break; + + burstcnt |= temp << 8; + if (burstcnt) { + ret = burstcnt; + goto end; + } + udelay(TIS_SHORT_TIMEOUT*1000); + } while (get_timer(start) < stop); + ret = -TPM_DRIVER_ERR; +end: + return ret; +} /* get_burstcount() */ + +/* + * tpm_stm_i2c_command_ready, move TPM state to Command Ready state. + * @param: chip, tpm_chip description. + * return: 0 on success or -TPM_DRIVER_ERR in case of error. + */ +static int tpm_stm_i2c_command_ready(struct tpm_chip *chip) +{ + unsigned long start, stop; + int ret; + u8 status; + u8 data; + + data = TPM_STS_COMMAND_READY; + I2C_WRITE_DATA(chip->addr, TPM_STS, &data, 1); + start = get_timer(0); + stop = tpm_dev.timeout_b; + do { + status = tpm_stm_i2c_status(chip); + printf("status = %d\n", status); + if ((status & data) == data) + return 0; + } while (get_timer(start) < stop); + ret = -TPM_DRIVER_ERR; +return ret; +} /* tpm_stm_i2c_command_ready() */ + +/* + * recv_data receive data + * @param: chip, the tpm chip description + * @param: buf, the buffer where the data are received + * @param: count, the number of data to receive + * @return: the number of bytes read from TPM FIFO. + */ +static int recv_data(struct tpm_chip *chip, u8 *buf, size_t count) +{ + int size = 0, burstcnt, len; + + while (size < count) { + burstcnt = get_burstcount(chip); + len = count - size; + if ((len) > burstcnt) + len = burstcnt; + if ( + I2C_READ_DATA(chip->addr, TPM_DATA_FIFO, buf + size, len) == 0) + size += len; + else + break; + } + return size; +} /* recv_data() */ + +/* + * tpm_stm_i2c_pool_command_completion pool the TPM_STS register until + * command execution complete + * @param: chip, the chip description + * @return: O when TPM complete command execution or -TPM_DRIVER_ERR. + */ +static int tpm_stm_i2c_pool_command_completion(struct tpm_chip *chip) +{ + unsigned long start, stop; + long rc; + u8 status; + + start = get_timer(0); + stop = tpm_dev.duration; + do { + status = tpm_stm_i2c_status(chip); + if ((status & TPM_STS_DATA_AVAIL) == TPM_STS_DATA_AVAIL) + return 0; + } while (get_timer(start) < stop); + + rc = -TPM_DRIVER_ERR; + return rc; +} /* tpm_stm_i2c_pool_command_completion() */ + +/* + * tpm_stm_i2c_recv received TPM response through the I2C bus. + * @param: chip, tpm_chip description. + * @param: buf, the buffer to store data. + * @param: count, the number of bytes that can received (sizeof buf). + * @return: Returns zero in case of success else -EIO. + */ +static int tpm_stm_i2c_recv(struct tpm_chip *chip, unsigned char *buf, + size_t count) +{ + int size = 0; + int expected; + + if (chip == NULL) + return -ENODEV; + + if (count < TPM_HEADER_SIZE) { + size = -EIO; + goto out; + } + size = recv_data(chip, buf, TPM_HEADER_SIZE); + if (size < TPM_HEADER_SIZE) { + printf("TPM error, unable to read header\n"); + goto out; + } + expected = get_unaligned_be32(buf + TPM_RSP_SIZE_BYTE); + if (expected > count) { + size = -EIO; + goto out; + } + size += recv_data(chip, &buf[TPM_HEADER_SIZE], + expected - TPM_HEADER_SIZE); + if (size < expected) { + printf("TPM error, unable to read remaining bytes of result\n"); + size = -EIO; + goto out; + } + +out: + tpm_stm_i2c_command_ready(chip); + release_locality(chip); + return size; +} /* tpm_stm_i2c_recv() */ + +/* + * tpm_stm_i2c_send send TPM commands through the I2C bus. + * + * @param: chip, tpm_chip description. + * @param: buf, the buffer to send. + * @param: len, the number of bytes to send. + * @return: Returns zero in case of success else the negative error code. + */ +static int tpm_stm_i2c_send(struct tpm_chip *chip, u8 *buf, + size_t len) +{ + u32 ret = 0, + status, + burstcnt = 0, i, size; + u8 data; + + if (chip == NULL) + return -ENODEV; + if (len < TPM_HEADER_SIZE) + return -EIO; + + ret = request_locality(chip); + if (ret < 0) + return ret; + + status = tpm_stm_i2c_status(chip); + if ((status & TPM_STS_COMMAND_READY) == 0) + ret = tpm_stm_i2c_command_ready(chip); + if (ret < 0) + goto out_err; + for (i = 0; i < len - 1;) { + burstcnt = get_burstcount(chip); + size = len - i - 1; + if ((size) > burstcnt) + size = burstcnt; + ret = I2C_WRITE_DATA(chip->addr, TPM_DATA_FIFO, buf, size); + if (ret < 0) + goto out_err; + i += size; + } + + status = tpm_stm_i2c_status(chip); + if ((status & TPM_STS_DATA_EXPECT) == 0) { + ret = -EIO; + goto out_err; + } + + ret = I2C_WRITE_DATA(chip->addr, TPM_DATA_FIFO, buf + len - 1, 1); + if (ret < 0) + goto out_err; + + status = tpm_stm_i2c_status(chip); + if ((status & TPM_STS_DATA_EXPECT) != 0) { + ret = -EIO; + goto out_err; + } + + data = TPM_STS_GO; + ret = I2C_WRITE_DATA(chip->addr, TPM_STS, &data, 1); + if (ret < 0) + goto out_err; + return len; + +out_err: + ret = tpm_stm_i2c_command_ready(chip); + release_locality(chip); + return ret; +} /* tpm_stm_i2c_send() */ + +/* + * tpm_stm_i2c_send_hash send TPM locality 4 hash datas through the I2C bus + * to update the PCR[17]. + * @param: chip, the tpm_chip description. + * @param: buf, the data buffer to send. + * @param: len, the number of bytes to send. + * @return: Returns zero in case of success else the negative error code. + */ +static int tpm_stm_i2c_send_hash(struct tpm_chip *chip, const uint8_t *buf, + size_t len) +{ + int ret = 0; + u8 data; + + if (chip == NULL) + return -EBUSY; + + release_locality(chip); + chip->addr = LOCALITY4_I2C_ADDR; + chip->locality = LOCALITY4; + data = TPM_DUMMY_BYTE; + ret = I2C_WRITE_DATA(chip->addr, TPM_HASH_START, &data, 1); + if (ret != 0) + goto end; + ret = I2C_WRITE_DATA(chip->addr, TPM_DATA_FIFO, buf, len); + if (ret != 0) + goto end; + ret = I2C_WRITE_DATA(chip->addr, TPM_HASH_END, &data, 1); + if (ret != 0) + goto end; + +end: + release_locality(chip); + chip->locality = LOCALITY0; + chip->addr = LOCALITY0_I2C_ADDR; + ret |= request_locality(chip); + return ret; +} /* tpm_stm_i2c_send_hash */ + +/* + * tpm_vendor_init initialize the TPM device + * @param: dev_addr, the i2c address of the tpm. + * @return: 0 in case of success, -ENODEV or TPM_DRIVER_ERR in case of error + */ +int tpm_vendor_init(uint32_t dev_addr, uint32_t dev_bus) +{ + int rc = 0; + + tpm_dev.addr = dev_addr; + tpm_dev.i2c_bus = dev_bus; + if (i2c_set_bus_num(tpm_dev.i2c_bus) != 0) { + rc = -ENODEV; + goto out_err; + } + + /* Default timeouts */ + tpm_dev.timeout_a = TIS_SHORT_TIMEOUT; + tpm_dev.timeout_b = TIS_LONG_TIMEOUT; + tpm_dev.timeout_c = TIS_SHORT_TIMEOUT; + tpm_dev.timeout_d = TIS_SHORT_TIMEOUT; + + tpm_dev.locality = LOCALITY0; + + tpm_dev.duration = TPM_MAX_COMMAND_DURATION; + + if (request_locality(&tpm_dev) != 0) { + rc = -TPM_DRIVER_ERR; + goto out_err; + } + + tpm_dev.is_open = 1; + printf("ST33ZP24 I2C TPM from STMicroelectronics found\n"); + return 0; + +out_err: + tpm_dev.is_open = 0; + return rc; +} /* tpm_vendor_init() */ + + +/* + * tis_init() verify presence of ST33ZP24 I2C TPM device and configure driver + * for it. + * @return: 0 on success (the device is found or was found during an earlier + * invocation) or -ENODEV if the device is not found. + */ +int tis_init(void) +{ + int rc; + uint32_t dev_addr, dev_bus; + + dev_addr = LOCALITY0_I2C_ADDR; + dev_bus = CONFIG_TPM_I2C_BUS; + + rc = tpm_vendor_init(dev_addr, dev_bus); + return rc; +} /* tis_init() */ + +/* + * tis_sendrecv() send the requested data to the TPM and then try to get + * its response + * @param: sendbuf - buffer of the data to send + * @param: send_size size of the data to send + * @param: recvbuf - memory to save the response to + * @param: recv_len - pointer to the size of the response buffer + * + * @return: 0 on success (and places the number of response bytes at recv_len) + * or -TPM_DRIVER_ERR on failure. + */ +int tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, + uint8_t *recvbuf, size_t *rbuf_len) +{ + int len, i; + uint8_t buf[TPM_BUFSIZE]; + + if (tpm_dev.is_open == 0) + return -TPM_DRIVER_ERR; + + if (sizeof(buf) < sbuf_size) + return -TPM_DRIVER_ERR; + + memcpy(buf, sendbuf, sbuf_size); + len = tpm_stm_i2c_send(&tpm_dev, buf, sbuf_size); + if (len != sbuf_size) { + printf(" TPM error, command not fully transmitted\n"); + return -TPM_DRIVER_ERR; + } + + if (tpm_stm_i2c_pool_command_completion(&tpm_dev) != 0) + return -TPM_DRIVER_ERR; + + len = tpm_stm_i2c_recv(&tpm_dev, buf, sizeof(buf)); + if (len < 10) { + *rbuf_len = 0; + return -TPM_DRIVER_ERR; + } + + memcpy(recvbuf, buf, len); + *rbuf_len = len; + return 0; +} /* tis_sendrecv() */ + +/* + * tis_sendhashloc4() perform a hash in locality 4 in order to extend PCR17 + * @param: sendbuf - buffer of the data to send + * @param: send_size size of the data to send + * + * @return: 0 on success or -TPM_DRIVER_ERR on failure. + */ +int tis_sendhashloc4(const uint8_t *sendbuf, size_t sbuf_size) +{ + int ret; + + if (tpm_dev.is_open == 0) { + printf("TPM not yet initialized, perform "tpm init" first\n"); + return -TPM_DRIVER_ERR; + } + ret = tpm_stm_i2c_send_hash(&tpm_dev, sendbuf, sbuf_size); + return ret; +} /* tis_sendhashloc4() */ + +/* + * tis_open() requests access to locality 0 for the caller. After all + * commands have beencompleted the caller is supposed to call tis_close(). + * + * @return: 0 on success, -TPM_DRIVER_ERR on failure. + */ +int tis_open(void) +{ + if (tis_close()) + return -TPM_DRIVER_ERR; + + /* now request access to locality. */ + if (request_locality(&tpm_dev) != 0) { + printf("%s:%d - failed to lock locality 0\n", + __FILE__, __LINE__); + return -TPM_DRIVER_ERR; + } + return 0; +} /* tis_open() */ + +/* + * tis_close() terminate the current session with the TPM by releasing + * the locked locality. Returns 0 on success or TPM_DRIVER_ERR on failure + * (in case lock removal did not succeed). + */ +int tis_close(void) +{ + int ret; + + ret = release_locality(&tpm_dev); + return ret; +} /* tis_close() */
Hi Jean-Luc,
On 1 April 2014 06:05, Jean-Luc BLANC stmicroelectronics.tpm@gmail.comwrote:
This driver add support to STMicroelectronics ST33ZP24 I2C TPM.
See my comments on the SPI driver, some of which apply here.
Signed-off-by: Jean-Luc BLANC jean-luc.blanc@st.com
README | 7 + drivers/tpm/tpm_i2c_stm_st33.c | 659 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 666 insertions(+) create mode 100644 drivers/tpm/tpm_i2c_stm_st33.c
diff --git a/README b/README index 56c398a..a1eae3e 100644 --- a/README +++ b/README @@ -1351,6 +1351,13 @@ The following options need to be configured: Support additional hash in locality 4 command for STMicroelectronics TPMs (SPI or I2C). Require CONFIG_CMD_TPM.
CONFIG_TPM_ST_I2CSupport I2C STMicroelectronics TPM. Require I2C supportCONFIG_TPM_I2C_BUSDefine the i2c bus number for the TPM device
- USB Support: At the moment only the UHCI host controller is supported (PIP405, MIP405, MPC5200); define
diff --git a/drivers/tpm/tpm_i2c_stm_st33.c b/drivers/tpm/tpm_i2c_stm_st33.c new file mode 100644 index 0000000..ff257af --- /dev/null +++ b/drivers/tpm/tpm_i2c_stm_st33.c @@ -0,0 +1,659 @@ +/*
- STMicroelectronics TPM I2C UBOOT Linux driver for TPM ST33ZP24
- Copyright (C) 2014 STMicroelectronics
- Description: Device driver for ST33ZP24 I2C TPM TCG.
- This device driver implements the TPM interface as defined in
- the TCG TPM Interface Spec version 1.21, revision 1.0 and the
- STMicroelectronics I2C Protocol Stack Specification version 1.2.0.
- SPDX-License-Identifier: GPL-2.0+
- @Author: Jean-Luc BLANC jean-luc.blanc@st.com
- @File: tpm_i2c_stm_st33.c
- */
+#include <common.h> +#include <i2c.h> +#include <linux/types.h> +#include <tpm.h> +#include <errno.h> +#include <asm/unaligned.h>
+#define MINOR_NUM_I2C 224
+#define TPM_ACCESS (0x0) +#define TPM_STS (0x18) +#define TPM_HASH_END (0x20) +#define TPM_DATA_FIFO (0x24) +#define TPM_HASH_DATA (0x24) +#define TPM_HASH_START (0x28) +#define TPM_INTF_CAPABILITY (0x14) +#define TPM_INT_STATUS (0x10) +#define TPM_INT_ENABLE (0x08)
Haven't you got duplicate defines here? They should go in a private header file I think.
+#define TPM_DUMMY_BYTE 0xAA +#define TPM_WRITE_DIRECTION 0x80 +#define TPM_HEADER_SIZE 10 +#define TPM_BUFSIZE 2048
+#define LOCALITY0 0 +#define LOCALITY4 4 +#define LOCALITY0_I2C_ADDR 0x13 +#define LOCALITY4_I2C_ADDR 0x1B
+/* Index of Count field in TPM response buffer */ +#define TPM_RSP_SIZE_BYTE 2
+/* Error value returned on various TPM driver errors. */ +#define TPM_DRIVER_ERR (1)
+/* Maximum command duration */ +#define TPM_MAX_COMMAND_DURATION 120000
+enum stm33zp24_access {
TPM_ACCESS_VALID = 0x80,TPM_ACCESS_ACTIVE_LOCALITY = 0x20,TPM_ACCESS_REQUEST_PENDING = 0x04,TPM_ACCESS_REQUEST_USE = 0x02,+};
+enum stm33zp24_status {
TPM_STS_VALID = 0x80,TPM_STS_COMMAND_READY = 0x40,TPM_STS_GO = 0x20,TPM_STS_DATA_AVAIL = 0x10,TPM_STS_DATA_EXPECT = 0x08,+};
+enum stm33zp24_int_flags {
TPM_GLOBAL_INT_ENABLE = 0x80,TPM_INTF_CMD_READY_INT = 0x080,TPM_INTF_FIFO_AVALAIBLE_INT = 0x040,TPM_INTF_WAKE_UP_READY_INT = 0x020,TPM_INTF_LOCTPM_BUFSIZE4SOFTRELEASE_INT = 0x008,TPM_INTF_LOCALITY_CHANGE_INT = 0x004,TPM_INTF_STS_VALID_INT = 0x002,TPM_INTF_DATA_AVAIL_INT = 0x001,+};
+enum tis_defaults {
TIS_SHORT_TIMEOUT = 750, /* ms */TIS_LONG_TIMEOUT = 2000, /* 2 sec */+};
+struct tpm_chip {
uint addr;uint i2c_bus;int is_open;u8 buf[TPM_BUFSIZE];int locality;unsigned long timeout_a, timeout_b, timeout_c, timeout_d; /* msec*/
unsigned long duration; /* msec */+};
+static struct tpm_chip tpm_dev;
+/*
- write8_reg
- Send byte to the TIS register according to the ST33ZP24 I2C protocol.
- @param: tpm_register, the tpm tis register where the data should be
written
- @param: tpm_data, the tpm_data to write inside the tpm_register
- @param: tpm_size, The length of the data
- @return: Returns zero in case of success else the negative error code.
- */
+static int write8_reg(u8 addr, u8 tpm_register,
const u8 *tpm_data, u16 tpm_size)+{
u8 data;data = tpm_register;memcpy(&(tpm_dev.buf[0]), &data, sizeof(data));memcpy(&(tpm_dev.buf[0])+1, tpm_data, tpm_size);return i2c_write(addr, 0, 0, &tpm_dev.buf[0],tpm_size + 1);+} /* write8_reg() */
+/* +* read8_reg +* Recv byte from the TIS register according to the ST33ZP24 I2C protocol. +* @param: tpm_register, the tpm tis register where the data should be read +* @param: tpm_data, the TPM response +* @param: tpm_size, tpm TPM response size to read. +* @return: Returns zero in case of success else the negative error code. +*/ +static int read8_reg(u8 addr, u8 tpm_register, +u8 *tpm_data, int tpm_size) +{
u8 status = 0;u8 data;data = TPM_DUMMY_BYTE;status = write8_reg(addr, tpm_register, &data, 1);if (status == 0)status = i2c_read(addr, 0, 0, tpm_data, tpm_size);+return status; +} /* read8_reg() */
+/*
- I2C_WRITE_DATA
- Send byte to the TIS register according to the ST33ZP24 I2C protocol.
- @param: client, the chip description
- @param: tpm_register, the tpm tis register where the data should be
written
- @param: tpm_data, the tpm_data to write inside the tpm_register
- @param: tpm_size, The length of the data
- @return: Returns zero in case of success else the negative error code.
- */
+#define I2C_WRITE_DATA(client, tpm_register, tpm_data, tpm_size)\
(write8_reg(client, tpm_register | \TPM_WRITE_DIRECTION, tpm_data, tpm_size))+/*
- I2C_READ_DATA
- Recv byte from the TIS register according to the ST33ZP24 I2C protocol.
- @param: tpm, the chip description
- @param: tpm_register, the tpm tis register where the data should be
read
- @param: tpm_data, the TPM response
- @param: tpm_size, tpm TPM response size to read.
- @return: Returns zero in case of success else the negative error code.
- */
+#define I2C_READ_DATA(client, tpm_register, tpm_data, tpm_size)\
(read8_reg(client, tpm_register, tpm_data, tpm_size))+/*
- release_locality release the active locality
- @param: chip, the tpm chip description.
- @return: Returns zero in case of success else the negative error code.
- */
+static int release_locality(struct tpm_chip *chip) +{
u8 data = TPM_ACCESS_ACTIVE_LOCALITY;return I2C_WRITE_DATA(tpm_dev.addr, TPM_ACCESS, &data, 1);+} /* release_locality() */
+/*
- check_locality if the locality is active
- @param: chip, the tpm chip description
- @return: the active locality or -TPM_DRIVER_ERR.
- */
+static int check_locality(struct tpm_chip *chip) +{
u8 data;u8 status;status = I2C_READ_DATA(chip->addr, TPM_ACCESS, &data, 1);if ((status == 0) && (data &(TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID)) ==(TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID))return chip->locality;return -TPM_DRIVER_ERR;+} /* check_locality() */
+/*
- request_locality request the TPM locality
- @param: chip, the chip description
- @return: the active locality or -TPM_DRIVER_ERR.
- */
+static int request_locality(struct tpm_chip *chip) +{
unsigned long start, stop;long rc;u8 data;if (check_locality(chip) == chip->locality)return chip->locality;data = TPM_ACCESS_REQUEST_USE;rc = I2C_WRITE_DATA(chip->addr, TPM_ACCESS, &data, 1);if (rc < 0)goto end;/* wait for locality activated */start = get_timer(0);stop = chip->timeout_a;do {if (check_locality(chip) >= 0)return chip->locality;} while (get_timer(start) < stop);rc = -TPM_DRIVER_ERR;+end:
return rc;+} /* request_locality() */
+/*
- tpm_stm_spi_status return the TPM_STS register
- @param: chip, the tpm chip descriptionc
- @return: the TPM_STS register value.
- */
+static u8 tpm_stm_i2c_status(struct tpm_chip *chip) +{
u8 data;I2C_READ_DATA(chip->addr, TPM_STS, &data, 1);return data;+} /* tpm_stm_i2c_status() */
+/*
- get_burstcount return the burstcount address 0x19 0x1A
- @param: chip, the chip description
- return: the burstcount or -TPM_DRIVER_ERR in case of error.
- */
+static int get_burstcount(struct tpm_chip *chip) +{
unsigned long start, stop;int burstcnt, status, ret;u8 tpm_reg, temp;/* wait for burstcount */start = get_timer(0);stop = chip->timeout_d;do {tpm_reg = TPM_STS + 1;status = I2C_READ_DATA(chip->addr, tpm_reg, &temp, 1);
Why do you need tpm_reg here?
if (status < 0)break;tpm_reg = tpm_reg + 1;burstcnt = temp;status = I2C_READ_DATA(chip->addr, tpm_reg, &temp, 1);if (status < 0)break;burstcnt |= temp << 8;if (burstcnt) {ret = burstcnt;goto end;}udelay(TIS_SHORT_TIMEOUT*1000);} while (get_timer(start) < stop);ret = -TPM_DRIVER_ERR;+end:
return ret;+} /* get_burstcount() */
+/*
- tpm_stm_i2c_command_ready, move TPM state to Command Ready state.
- @param: chip, tpm_chip description.
- return: 0 on success or -TPM_DRIVER_ERR in case of error.
- */
+static int tpm_stm_i2c_command_ready(struct tpm_chip *chip) +{
unsigned long start, stop;int ret;u8 status;u8 data;data = TPM_STS_COMMAND_READY;I2C_WRITE_DATA(chip->addr, TPM_STS, &data, 1);start = get_timer(0);stop = tpm_dev.timeout_b;do {status = tpm_stm_i2c_status(chip);printf("status = %d\n", status);if ((status & data) == data)return 0;} while (get_timer(start) < stop);ret = -TPM_DRIVER_ERR;+return ret; +} /* tpm_stm_i2c_command_ready() */
+/*
- recv_data receive data
- @param: chip, the tpm chip description
- @param: buf, the buffer where the data are received
- @param: count, the number of data to receive
- @return: the number of bytes read from TPM FIFO.
- */
+static int recv_data(struct tpm_chip *chip, u8 *buf, size_t count) +{
int size = 0, burstcnt, len;while (size < count) {burstcnt = get_burstcount(chip);len = count - size;if ((len) > burstcnt)len = burstcnt;if (I2C_READ_DATA(chip->addr, TPM_DATA_FIFO, buf + size, len) == 0)size += len;elsebreak;}return size;+} /* recv_data() */
+/*
- tpm_stm_i2c_pool_command_completion pool the TPM_STS register until
- command execution complete
- @param: chip, the chip description
- @return: O when TPM complete command execution or -TPM_DRIVER_ERR.
- */
+static int tpm_stm_i2c_pool_command_completion(struct tpm_chip *chip) +{
unsigned long start, stop;long rc;u8 status;start = get_timer(0);stop = tpm_dev.duration;do {status = tpm_stm_i2c_status(chip);if ((status & TPM_STS_DATA_AVAIL) ==TPM_STS_DATA_AVAIL)
return 0;} while (get_timer(start) < stop);rc = -TPM_DRIVER_ERR;return rc;+} /* tpm_stm_i2c_pool_command_completion() */
+/*
- tpm_stm_i2c_recv received TPM response through the I2C bus.
- @param: chip, tpm_chip description.
- @param: buf, the buffer to store data.
- @param: count, the number of bytes that can received (sizeof buf).
- @return: Returns zero in case of success else -EIO.
- */
+static int tpm_stm_i2c_recv(struct tpm_chip *chip, unsigned char *buf,
size_t count)+{
int size = 0;int expected;if (chip == NULL)return -ENODEV;if (count < TPM_HEADER_SIZE) {size = -EIO;goto out;}size = recv_data(chip, buf, TPM_HEADER_SIZE);if (size < TPM_HEADER_SIZE) {printf("TPM error, unable to read header\n");goto out;}expected = get_unaligned_be32(buf + TPM_RSP_SIZE_BYTE);if (expected > count) {size = -EIO;goto out;}size += recv_data(chip, &buf[TPM_HEADER_SIZE],expected - TPM_HEADER_SIZE);if (size < expected) {printf("TPM error, unable to read remaining bytes ofresult\n");
size = -EIO;goto out;}+out:
tpm_stm_i2c_command_ready(chip);release_locality(chip);return size;+} /* tpm_stm_i2c_recv() */
+/*
- tpm_stm_i2c_send send TPM commands through the I2C bus.
- @param: chip, tpm_chip description.
- @param: buf, the buffer to send.
- @param: len, the number of bytes to send.
- @return: Returns zero in case of success else the negative error code.
- */
+static int tpm_stm_i2c_send(struct tpm_chip *chip, u8 *buf,
size_t len)+{
u32 ret = 0,status,burstcnt = 0, i, size;u8 data;if (chip == NULL)return -ENODEV;if (len < TPM_HEADER_SIZE)return -EIO;ret = request_locality(chip);if (ret < 0)return ret;status = tpm_stm_i2c_status(chip);if ((status & TPM_STS_COMMAND_READY) == 0)ret = tpm_stm_i2c_command_ready(chip);if (ret < 0)goto out_err;for (i = 0; i < len - 1;) {burstcnt = get_burstcount(chip);size = len - i - 1;if ((size) > burstcnt)size = burstcnt;ret = I2C_WRITE_DATA(chip->addr, TPM_DATA_FIFO, buf, size);if (ret < 0)goto out_err;i += size;}status = tpm_stm_i2c_status(chip);if ((status & TPM_STS_DATA_EXPECT) == 0) {ret = -EIO;goto out_err;}ret = I2C_WRITE_DATA(chip->addr, TPM_DATA_FIFO, buf + len - 1, 1);if (ret < 0)goto out_err;status = tpm_stm_i2c_status(chip);if ((status & TPM_STS_DATA_EXPECT) != 0) {ret = -EIO;goto out_err;}data = TPM_STS_GO;ret = I2C_WRITE_DATA(chip->addr, TPM_STS, &data, 1);if (ret < 0)goto out_err;return len;+out_err:
ret = tpm_stm_i2c_command_ready(chip);release_locality(chip);return ret;+} /* tpm_stm_i2c_send() */
+/*
- tpm_stm_i2c_send_hash send TPM locality 4 hash datas through the I2C
bus
- to update the PCR[17].
- @param: chip, the tpm_chip description.
- @param: buf, the data buffer to send.
- @param: len, the number of bytes to send.
- @return: Returns zero in case of success else the negative error code.
- */
+static int tpm_stm_i2c_send_hash(struct tpm_chip *chip, const uint8_t *buf,
size_t len)+{
int ret = 0;u8 data;if (chip == NULL)return -EBUSY;release_locality(chip);chip->addr = LOCALITY4_I2C_ADDR;chip->locality = LOCALITY4;data = TPM_DUMMY_BYTE;ret = I2C_WRITE_DATA(chip->addr, TPM_HASH_START, &data, 1);if (ret != 0)goto end;ret = I2C_WRITE_DATA(chip->addr, TPM_DATA_FIFO, buf, len);if (ret != 0)goto end;ret = I2C_WRITE_DATA(chip->addr, TPM_HASH_END, &data, 1);if (ret != 0)goto end;+end:
release_locality(chip);chip->locality = LOCALITY0;chip->addr = LOCALITY0_I2C_ADDR;ret |= request_locality(chip);return ret;+} /* tpm_stm_i2c_send_hash */
+/*
- tpm_vendor_init initialize the TPM device
- @param: dev_addr, the i2c address of the tpm.
- @return: 0 in case of success, -ENODEV or TPM_DRIVER_ERR in case of
error
- */
+int tpm_vendor_init(uint32_t dev_addr, uint32_t dev_bus) +{
int rc = 0;tpm_dev.addr = dev_addr;tpm_dev.i2c_bus = dev_bus;if (i2c_set_bus_num(tpm_dev.i2c_bus) != 0) {rc = -ENODEV;goto out_err;}/* Default timeouts */tpm_dev.timeout_a = TIS_SHORT_TIMEOUT;tpm_dev.timeout_b = TIS_LONG_TIMEOUT;tpm_dev.timeout_c = TIS_SHORT_TIMEOUT;tpm_dev.timeout_d = TIS_SHORT_TIMEOUT;tpm_dev.locality = LOCALITY0;tpm_dev.duration = TPM_MAX_COMMAND_DURATION;if (request_locality(&tpm_dev) != 0) {rc = -TPM_DRIVER_ERR;goto out_err;}tpm_dev.is_open = 1;printf("ST33ZP24 I2C TPM from STMicroelectronics found\n");return 0;+out_err:
tpm_dev.is_open = 0;return rc;+} /* tpm_vendor_init() */
+/*
- tis_init() verify presence of ST33ZP24 I2C TPM device and configure
driver
- for it.
- @return: 0 on success (the device is found or was found during an
earlier
- invocation) or -ENODEV if the device is not found.
- */
+int tis_init(void) +{
int rc;uint32_t dev_addr, dev_bus;dev_addr = LOCALITY0_I2C_ADDR;dev_bus = CONFIG_TPM_I2C_BUS;rc = tpm_vendor_init(dev_addr, dev_bus);return rc;+} /* tis_init() */
+/*
- tis_sendrecv() send the requested data to the TPM and then try to get
- its response
- @param: sendbuf - buffer of the data to send
- @param: send_size size of the data to send
- @param: recvbuf - memory to save the response to
- @param: recv_len - pointer to the size of the response buffer
- @return: 0 on success (and places the number of response bytes at
recv_len)
- or -TPM_DRIVER_ERR on failure.
- */
+int tis_sendrecv(const uint8_t *sendbuf, size_t sbuf_size,
uint8_t *recvbuf, size_t *rbuf_len)+{
int len, i;uint8_t buf[TPM_BUFSIZE];if (tpm_dev.is_open == 0)return -TPM_DRIVER_ERR;if (sizeof(buf) < sbuf_size)return -TPM_DRIVER_ERR;memcpy(buf, sendbuf, sbuf_size);len = tpm_stm_i2c_send(&tpm_dev, buf, sbuf_size);if (len != sbuf_size) {printf(" TPM error, command not fully transmitted\n");return -TPM_DRIVER_ERR;}if (tpm_stm_i2c_pool_command_completion(&tpm_dev) != 0)return -TPM_DRIVER_ERR;len = tpm_stm_i2c_recv(&tpm_dev, buf, sizeof(buf));if (len < 10) {*rbuf_len = 0;return -TPM_DRIVER_ERR;}memcpy(recvbuf, buf, len);*rbuf_len = len;return 0;+} /* tis_sendrecv() */
+/*
- tis_sendhashloc4() perform a hash in locality 4 in order to extend
PCR17
- @param: sendbuf - buffer of the data to send
- @param: send_size size of the data to send
- @return: 0 on success or -TPM_DRIVER_ERR on failure.
- */
+int tis_sendhashloc4(const uint8_t *sendbuf, size_t sbuf_size) +{
int ret;if (tpm_dev.is_open == 0) {printf("TPM not yet initialized, perform \"tpm init\"first\n");
return -TPM_DRIVER_ERR;}ret = tpm_stm_i2c_send_hash(&tpm_dev, sendbuf, sbuf_size);return ret;+} /* tis_sendhashloc4() */
+/*
- tis_open() requests access to locality 0 for the caller. After all
- commands have beencompleted the caller is supposed to call tis_close().
- @return: 0 on success, -TPM_DRIVER_ERR on failure.
- */
+int tis_open(void) +{
if (tis_close())return -TPM_DRIVER_ERR;/* now request access to locality. */if (request_locality(&tpm_dev) != 0) {printf("%s:%d - failed to lock locality 0\n",__FILE__, __LINE__);return -TPM_DRIVER_ERR;}return 0;+} /* tis_open() */
+/*
- tis_close() terminate the current session with the TPM by releasing
- the locked locality. Returns 0 on success or TPM_DRIVER_ERR on failure
- (in case lock removal did not succeed).
- */
+int tis_close(void) +{
int ret;ret = release_locality(&tpm_dev);return ret;+} /* tis_close() */
1.7.9.5
Regards, Simon
participants (2)
-
Jean-Luc BLANC -
Simon Glass