On Sat, Oct 15, 2011 at 6:13 PM, Vadim Bendebury <vben...@chromium.org> wrote: > TPM (Trusted Platform Module) is an integrated circuit and > software platform that provides computer manufacturers with the > core components of a subsystem used to assure authenticity, > integrity and confidentiality. > > This driver supports version 1.2 of the TCG (Trusted Computing > Group) specifications. > > The TCG specification defines several so called localities in a > TPM chip, to be controlled by different software layers. When > used on a typical x86 platform during the firmware phase, only > locality 0 can be accessed by the CPU, so this driver even while > supporting the locality concept presumes that only locality zero > is used. > > This implementation is loosely based on the article "Writing a > TPM Device Driver" published on http://ptgmedia.pearsoncmg.com > > Compiling this driver with DEBUG defined will generate trace of > all accesses to TMP registers. > > This driver has been tested and is being used in three different > functional ChromeOS machines (Pinetrail and Sandy Bridge Intel > chipsets) all using the same Infineon SLB 9635 TT 1.2 device. > > A u-boot cli command allowing access to the TPM was also > implemented and is being submitted as a second patch. > > Change-Id: I22a33c3e5b2e20eec9557a7621bd463b30389d73 > Signed-off-by: Vadim Bendebury <vben...@chromium.org> > CC: Wolfgang Denk <w...@denx.de> > --- > Makefile | 3 + > README | 10 + > drivers/tpm/Makefile | 43 ++++ > drivers/tpm/generic_lpc_tpm.c | 485 > +++++++++++++++++++++++++++++++++++++++++ > include/tpm.h | 71 ++++++ > 5 files changed, 612 insertions(+), 0 deletions(-) > create mode 100644 drivers/tpm/Makefile > create mode 100644 drivers/tpm/generic_lpc_tpm.c > create mode 100644 include/tpm.h > > diff --git a/Makefile b/Makefile > index 5db2e0e..df86088 100644 > --- a/Makefile > +++ b/Makefile > @@ -268,6 +268,9 @@ LIBS += arch/powerpc/cpu/mpc8xxx/lib8xxx.o > endif > LIBS += drivers/rtc/librtc.o > LIBS += drivers/serial/libserial.o > +ifeq ($(CONFIG_GENERIC_LPC_TPM),y) > +LIBS += drivers/tpm/libtpm.o > +endif > LIBS += drivers/twserial/libtws.o > LIBS += drivers/usb/eth/libusb_eth.o > LIBS += drivers/usb/gadget/libusb_gadget.o > diff --git a/README b/README > index 7e032a9..bcd3695 100644 > --- a/README > +++ b/README > @@ -1018,6 +1018,16 @@ The following options need to be configured: > CONFIG_SH_ETHER_CACHE_WRITEBACK > If this option is set, the driver enables cache flush. > > +- TPM Support: > + CONFIG_GENERIC_LPC_TPM > + Support for generic parallel port TPM devices. Only one device > + per system is supported at this time. > + > + CONFIG_TPM_TIS_BASE_ADDRESS > + Base address where the generic TPM device is mapped > + to. Contemporary x86 systems usually map it at > + 0xfed40000. > + > - USB Support: > At the moment only the UHCI host controller is > supported (PIP405, MIP405, MPC5200); define > diff --git a/drivers/tpm/Makefile b/drivers/tpm/Makefile > new file mode 100644 > index 0000000..be11c8b > --- /dev/null > +++ b/drivers/tpm/Makefile > @@ -0,0 +1,43 @@ > +# Copyright (c) 2011 The Chromium OS Authors. All rights reserved. > +# > +# See file CREDITS for list of people who contributed to this > +# project. > +# > +# This program is free software; you can redistribute it and/or > +# modify it under the terms of the GNU General Public License as > +# published by the Free Software Foundation; either version 2 of > +# the License, or (at your option) any later version. > +# > +# This program is distributed in the hope that it will be useful, > +# but WITHOUT ANY WARRANTY; without even the implied warranty of > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > +# GNU General Public License for more details. > +# > +# You should have received a copy of the GNU General Public License > +# along with this program; if not, write to the Free Software > +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, > +# MA 02111-1307 USA > +# > + > +include $(TOPDIR)/config.mk > + > +LIB := $(obj)libtpm.o > + > +COBJS-$(CONFIG_GENERIC_LPC_TPM) = generic_lpc_tpm.o > + > +COBJS := $(COBJS-y) > +SRCS := $(COBJS:.o=.c) > +OBJS := $(addprefix $(obj),$(COBJS)) > + > +all: $(LIB) > + > +$(LIB): $(obj).depend $(OBJS) > + $(call cmd_link_o_target, $(OBJS)) > + > +######################################################################### > + > +include $(SRCTREE)/rules.mk > + > +sinclude $(obj).depend > + > +######################################################################### > diff --git a/drivers/tpm/generic_lpc_tpm.c b/drivers/tpm/generic_lpc_tpm.c > new file mode 100644 > index 0000000..6b58420 > --- /dev/null > +++ b/drivers/tpm/generic_lpc_tpm.c > @@ -0,0 +1,485 @@ > +/* > + * Copyright (c) 2011 The Chromium OS Authors. > + * > + * See file CREDITS for list of people who contributed to this > + * project. > + * > + * This program is free software; you can redistribute it and/or > + * modify it under the terms of the GNU General Public License as > + * published by the Free Software Foundation; either version 2 of > + * the License, or (at your option) any later version. > + * > + * This program is distributed in the hope that it will be useful, > + * but WITHOUT ANY WARRANTY; without even the implied warranty of > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > + * GNU General Public License for more details. > + * > + * You should have received a copy of the GNU General Public License > + * along with this program; if not, write to the Free Software > + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, > + * MA 02111-1307 USA > + */ > + > +/* > + * The code in this file is based on the article "Writing a TPM Device > Driver" > + * published on http://ptgmedia.pearsoncmg.com. > + * > + * One principal difference is that in the simplest config the other than 0 > + * TPM localities do not get mapped by some devices (for instance, by > Infineon > + * slb9635), so this driver provides access to locality 0 only. > + */ > + > +#include <common.h> > +#include <asm/io.h> > +#include <tpm.h> > + > +#define PREFIX "lpc_tpm: " > + > +#define TPM_TOTAL_LOCALITIES 5 > +struct tpm_locality { > + u32 access; > + u8 padding0[4]; > + u32 int_enable; > + u8 vector; > + u8 padding1[3]; > + u32 int_status; > + u32 int_capability; > + u32 tpm_status; > + u8 padding2[8]; > + u8 data; > + u8 padding3[3803]; > + u32 did_vid; > + u8 rid; > + u8 padding4[251]; > +}; > + > +struct lpc_tpm { > + struct tpm_locality locality[TPM_TOTAL_LOCALITIES]; > +}; > + > +static struct lpc_tpm *lpc_tpm_dev = > + (struct lpc_tpm *)CONFIG_TPM_TIS_BASE_ADDRESS; > + > +/* Some registers' bit field definitions */ > +#define TIS_STS_VALID (1 << 7) /* 0x80 */ > +#define TIS_STS_COMMAND_READY (1 << 6) /* 0x40 */ > +#define TIS_STS_TPM_GO (1 << 5) /* 0x20 */ > +#define TIS_STS_DATA_AVAILABLE (1 << 4) /* 0x10 */ > +#define TIS_STS_EXPECT (1 << 3) /* 0x08 */ > +#define TIS_STS_RESPONSE_RETRY (1 << 1) /* 0x02 */ > + > +#define TIS_ACCESS_TPM_REG_VALID_STS (1 << 7) /* 0x80 */ > +#define TIS_ACCESS_ACTIVE_LOCALITY (1 << 5) /* 0x20 */ > +#define TIS_ACCESS_BEEN_SEIZED (1 << 4) /* 0x10 */ > +#define TIS_ACCESS_SEIZE (1 << 3) /* 0x08 */ > +#define TIS_ACCESS_PENDING_REQUEST (1 << 2) /* 0x04 */ > +#define TIS_ACCESS_REQUEST_USE (1 << 1) /* 0x02 */ > +#define TIS_ACCESS_TPM_ESTABLISHMENT (1 << 0) /* 0x01 */ > + > +#define TIS_STS_BURST_COUNT_MASK (0xffff) > +#define TIS_STS_BURST_COUNT_SHIFT (8) > + > +/* > + * Error value returned if a tpm register does not enter the expected state > + * after continuous polling. No actual TPM register reading ever returns -1, > + * so this value is a safe error indication to be mixed with possible status > + * register values. > + */ > +#define TPM_TIMEOUT_ERR (-1) > + > +/* Error value returned on various TPM driver errors. */ > +#define TPM_DRIVER_ERR (1) > + > + /* 1 second is plenty for anything TPM does. */ > +#define MAX_DELAY_US (1000 * 1000) > + > +/* Retrieve burst count value out of the status register contents. */ > +#define BURST_COUNT(status) ((u16)(((status) >> TIS_STS_BURST_COUNT_SHIFT) & > \ > + TIS_STS_BURST_COUNT_MASK)) > + > +/* > + * Structures defined below allow creating descriptions of TPM vendor/device > + * ID information for run time discovery. The only device the system knows > + * about at this time is Infineon slb9635. > + */ > +struct device_name { > + u16 dev_id; > + const char * const dev_name; > +}; > + > +struct vendor_name { > + u16 vendor_id; > + const char *vendor_name; > + const struct device_name *dev_names; > +}; > + > +static const struct device_name infineon_devices[] = { > + {0xb, "SLB9635 TT 1.2"}, > + {0} > +}; > + > +static const struct vendor_name vendor_names[] = { > + {0x15d1, "Infineon", infineon_devices}, > +}; > + > +/* > + * Cached vendor/device ID pair to indicate that the device has been already > + * discovered. > + */ > +static u32 vendor_dev_id; > + > +/* TPM access going through macros to make tracing easier. */ > +#define tpm_read(ptr) ({ \ > + u32 __ret; \ > + __ret = (sizeof(*ptr) == 1) ? readb(ptr) : readl(ptr); \ > + debug(PREFIX "Read reg 0x%x returns 0x%x\n", \ > + (u32)ptr - (u32)lpc_tpm_dev, __ret); \ > + __ret; }) > + > +#define tpm_write(value, ptr) do { \ > + u32 __v = value; \ > + debug(PREFIX "Write reg 0x%x with 0x%x\n", \ > + (u32)ptr - (u32)lpc_tpm_dev, __v); \ > + if (sizeof(*ptr) == 1) \ > + writeb(__v, ptr); \ > + else \ > + writel(__v, ptr); } \ > + while (0) > + > +/* > + * tis_wait_reg() > + * > + * Wait for at least a second for a register to change its state to match the > + * expected state. Normally the transition happens within microseconds. > + * > + * @reg - the TPM register offset > + * @locality - locality > + * @mask - bitmask for the bitfield(s) to watch > + * @expected - value the field(s) are supposed to be set to > + * > + * Returns the register contents in case the expected value was found in the > + * appropriate register bits, or TPM_TIMEOUT_ERR on timeout. > + */ > +static u32 tis_wait_reg(u32 *reg, u8 mask, u8 expected) > +{ > + u32 time_us = MAX_DELAY_US; > + > + while (time_us > 0) { > + u32 value = tpm_read(reg); > + if ((value & mask) == expected) > + return value; > + udelay(1); /* 1 us */ > + time_us--; > + } > + return TPM_TIMEOUT_ERR; > +} > + > +/* > + * Probe the TPM device and try determining its manufacturer/device name. > + * > + * Returns 0 on success (the device is found or was found during an earlier > + * invocation) or TPM_DRIVER_ERR if the device is not found. > + */ > +int tis_init(void) > +{ > + u32 didvid = tpm_read(&lpc_tpm_dev->locality[0].did_vid); > + int i; > + const char *device_name = "unknown"; > + const char *vendor_name = device_name; > + u16 vid, did; > + > + if (vendor_dev_id) > + return 0; /* Already probed. */ > + > + if (!didvid || (didvid == 0xffffffff)) { > + printf("%s: No TPM device found\n", __func__); > + return TPM_DRIVER_ERR; > + } > + > + vendor_dev_id = didvid; > + > + vid = didvid & 0xffff; > + did = (didvid >> 16) & 0xffff; > + for (i = 0; i < ARRAY_SIZE(vendor_names); i++) { > + int j = 0; > + u16 known_did; > + > + if (vid == vendor_names[i].vendor_id) > + vendor_name = vendor_names[i].vendor_name; > + > + while ((known_did = vendor_names[i].dev_names[j].dev_id) != > 0) { > + if (known_did == did) { > + device_name = > + vendor_names[i].dev_names[j].dev_name; > + break; > + } > + j++; > + } > + break; > + } > + > + printf("Found TPM %s by %s\n", device_name, vendor_name); > + return 0; > +} > + > +/* > + * tis_senddata() > + * > + * send the passed in data to the TPM device. > + * > + * @data - address of the data to send, byte by byte > + * @len - length of the data to send > + * > + * Returns 0 on success, TPM_DRIVER_ERR on error (in case the device does > + * not accept the entire command). > + */ > +static u32 tis_senddata(const u8 * const data, u32 len) > +{ > + u32 offset = 0; > + u16 burst = 0; > + u32 max_cycles = 0; > + u8 locality = 0; > + u32 value; > + > + value = tis_wait_reg(&lpc_tpm_dev->locality[locality].tpm_status, > + TIS_STS_COMMAND_READY, TIS_STS_COMMAND_READY); > + if (value == TPM_TIMEOUT_ERR) { > + printf("%s:%d - failed to get 'command_ready' status\n", > + __FILE__, __LINE__); > + return TPM_DRIVER_ERR; > + } > + burst = BURST_COUNT(value); > + > + while (1) { > + unsigned count; > + > + /* Wait till the device is ready to accept more data. */ > + while (!burst) { > + if (max_cycles++ == MAX_DELAY_US) { > + printf("%s:%d failed to feed %d bytes of > %d\n", > + __FILE__, __LINE__, len - offset, len); > + return TPM_DRIVER_ERR; > + } > + udelay(1); > + burst = BURST_COUNT(tpm_read(&lpc_tpm_dev->locality > + [locality].tpm_status)); > + } > + > + max_cycles = 0; > + > + /* > + * Calculate number of bytes the TPM is ready to accept in one > + * shot. > + * > + * We want to send the last byte outside of the loop (hence > + * the -1 below) to make sure that the 'expected' status bit > + * changes to zero exactly after the last byte is fed into the > + * FIFO. > + */ > + count = min(burst, len - offset - 1); > + while (count--) > + tpm_write(data[offset++], > + &lpc_tpm_dev->locality[locality].data); > + > + value = tis_wait_reg(&lpc_tpm_dev->locality > + [locality].tpm_status, > + TIS_STS_VALID, TIS_STS_VALID); > + > + if ((value == TPM_TIMEOUT_ERR) || !(value & TIS_STS_EXPECT)) { > + printf("%s:%d TPM command feed overflow\n", > + __FILE__, __LINE__); > + return TPM_DRIVER_ERR; > + } > + > + burst = BURST_COUNT(value); > + if ((offset == (len - 1)) && burst) { > + /* > + * We need to be able to send the last byte to the > + * device, so burst size must be nonzero before we > + * break out. > + */ > + break; > + } > + } > + > + /* Send the last byte. */ > + tpm_write(data[offset++], &lpc_tpm_dev->locality[locality].data); > + /* > + * Verify that TPM does not expect any more data as part of this > + * command. > + */ > + value = tis_wait_reg(&lpc_tpm_dev->locality[locality].tpm_status, > + TIS_STS_VALID, TIS_STS_VALID); > + if ((value == TPM_TIMEOUT_ERR) || (value & TIS_STS_EXPECT)) { > + printf("%s:%d unexpected TPM status 0x%x\n", > + __FILE__, __LINE__, value); > + return TPM_DRIVER_ERR; > + } > + > + /* OK, sitting pretty, let's start the command execution. */ > + tpm_write(TIS_STS_TPM_GO, > &lpc_tpm_dev->locality[locality].tpm_status); > + return 0; > +} > + > +/* > + * tis_readresponse() > + * > + * read the TPM device response after a command was issued. > + * > + * @buffer - address where to read the response, byte by byte. > + * @len - pointer to the size of buffer > + * > + * On success stores the number of received bytes to len and returns 0. On > + * errors (misformatted TPM data or synchronization problems) returns > + * TPM_DRIVER_ERR. > + */ > +static u32 tis_readresponse(u8 *buffer, u32 *len) > +{ > + u16 burst_count; > + u32 value; > + u32 offset = 0; > + u8 locality = 0; > + const u32 has_data = TIS_STS_DATA_AVAILABLE | TIS_STS_VALID; > + u32 expected_count = *len; > + int max_cycles = 0; > + > + /* Wait for the TPM to process the command. */ > + value = tis_wait_reg(&lpc_tpm_dev->locality[locality].tpm_status, > + has_data, has_data); > + if (value == TPM_TIMEOUT_ERR) { > + printf("%s:%d failed processing command\n", > + __FILE__, __LINE__); > + return TPM_DRIVER_ERR; > + } > + > + do { > + while ((burst_count = BURST_COUNT(value)) == 0) { > + if (max_cycles++ == MAX_DELAY_US) { > + printf("%s:%d TPM stuck on read\n", > + __FILE__, __LINE__); > + return TPM_DRIVER_ERR; > + } > + udelay(1); > + value = tpm_read(&lpc_tpm_dev->locality > + [locality].tpm_status); > + } > + > + max_cycles = 0; > + > + while (burst_count-- && (offset < expected_count)) { > + buffer[offset++] = (u8) > tpm_read(&lpc_tpm_dev->locality > + [locality].data); > + > + if (offset == 6) { > + /* > + * We got the first six bytes of the reply, > + * let's figure out how many bytes to expect > + * total - it is stored as a 4 byte number in > + * network order, starting with offset 2 into > + * the body of the reply. > + */ > + u32 real_length; > + memcpy(&real_length, > + buffer + 2, > + sizeof(real_length)); > + expected_count = be32_to_cpu(real_length); > + > + if ((expected_count < offset) || > + (expected_count > *len)) { > + printf("%s:%d bad response size %d\n", > + __FILE__, __LINE__, > + expected_count); > + return TPM_DRIVER_ERR; > + } > + } > + } > + > + /* Wait for the next portion. */ > + value = tis_wait_reg(&lpc_tpm_dev->locality > + [locality].tpm_status, > + TIS_STS_VALID, TIS_STS_VALID); > + if (value == TPM_TIMEOUT_ERR) { > + printf("%s:%d failed to read response\n", > + __FILE__, __LINE__); > + return TPM_DRIVER_ERR; > + } > + > + if (offset == expected_count) > + break; /* We got all we needed. */ > + > + } while ((value & has_data) == has_data); > + > + /* > + * Make sure we indeed read all there was. The TIS_STS_VALID bit is > + * known to be set. > + */ > + if (value & TIS_STS_DATA_AVAILABLE) { > + printf("%s:%d wrong receive status %x\n", > + __FILE__, __LINE__, value); > + return TPM_DRIVER_ERR; > + } > + > + /* Tell the TPM that we are done. */ > + tpm_write(TIS_STS_COMMAND_READY, &lpc_tpm_dev->locality > + [locality].tpm_status); > + *len = offset; > + return 0; > +} > + > +int tis_open(void) > +{ > + u8 locality = 0; /* we use locality zero for everything. */ > + > + if (tis_close()) > + return TPM_DRIVER_ERR; > + > + /* now request access to locality. */ > + tpm_write(TIS_ACCESS_REQUEST_USE, > + &lpc_tpm_dev->locality[locality].access); > + > + > + /* did we get a lock? */ > + if (tis_wait_reg(&lpc_tpm_dev->locality[locality].access, > + TIS_ACCESS_ACTIVE_LOCALITY, > + TIS_ACCESS_ACTIVE_LOCALITY) == TPM_TIMEOUT_ERR) { > + printf("%s:%d - failed to lock locality %d\n", > + __FILE__, __LINE__, locality); > + return TPM_DRIVER_ERR; > + } > + > + tpm_write(TIS_STS_COMMAND_READY, > + &lpc_tpm_dev->locality[locality].tpm_status); > + return 0; > +} > + > +int tis_close(void) > +{ > + u8 locality = 0; > + > + if (tpm_read(&lpc_tpm_dev->locality[locality].access) & > + TIS_ACCESS_ACTIVE_LOCALITY) { > + tpm_write(TIS_ACCESS_ACTIVE_LOCALITY, > + &lpc_tpm_dev->locality[locality].access); > + > + if (tis_wait_reg(&lpc_tpm_dev->locality[locality].access, > + TIS_ACCESS_ACTIVE_LOCALITY, 0) == > + TPM_TIMEOUT_ERR) { > + printf("%s:%d - failed to release locality %d\n", > + __FILE__, __LINE__, locality); > + return TPM_DRIVER_ERR; > + } > + } > + return 0; > +} > + > +int tis_sendrecv(const u8 *sendbuf, size_t send_size, > + u8 *recvbuf, size_t *recv_len) > +{ > + if (tis_senddata(sendbuf, send_size)) { > + printf("%s:%d failed sending data to TPM\n", > + __FILE__, __LINE__); > + return TPM_DRIVER_ERR; > + } > + > + return tis_readresponse(recvbuf, recv_len); > +} > diff --git a/include/tpm.h b/include/tpm.h > new file mode 100644 > index 0000000..6b21e9c > --- /dev/null > +++ b/include/tpm.h > @@ -0,0 +1,71 @@ > +/* > + * Copyright (c) 2011 The Chromium OS Authors. > + * > + * See file CREDITS for list of people who contributed to this > + * project. > + * > + * This program is free software; you can redistribute it and/or > + * modify it under the terms of the GNU General Public License as > + * published by the Free Software Foundation; either version 2 of > + * the License, or (at your option) any later version. > + * > + * This program is distributed in the hope that it will be useful, > + * but WITHOUT ANY WARRANTY; without even the implied warranty of > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > + * GNU General Public License for more details. > + * > + * You should have received a copy of the GNU General Public License > + * along with this program; if not, write to the Free Software > + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, > + * MA 02111-1307 USA > + */ > + > +#ifndef _INCLUDE_TPM_H_ > +#define _INCLUDE_TPM_H_ > + > +#include <common.h> > + > +/* > + * tis_init() > + * > + * Initialize the TPM device. Returns 0 on success or -1 on > + * failure (in case device probing did not succeed). > + */ > +int tis_init(void); > + > +/* > + * tis_open() > + * > + * Requests access to locality 0 for the caller. After all commands have been > + * completed the caller is supposed to call tis_close(). > + * > + * Returns 0 on success, -1 on failure. > + */ > +int tis_open(void); > + > +/* > + * tis_close() > + * > + * terminate the currect session with the TPM by releasing the locked > + * locality. Returns 0 on success of -1 on failure (in case lock > + * removal did not succeed). > + */ > +int tis_close(void); > + > +/* > + * tis_sendrecv() > + * > + * Send the requested data to the TPM and then try to get its response > + * > + * @sendbuf - buffer of the data to send > + * @send_size size of the data to send > + * @recvbuf - memory to save the response to > + * @recv_len - pointer to the size of the response buffer > + * > + * Returns 0 on success (and places the number of response bytes at recv_len) > + * or -1 on failure. > + */ > +int tis_sendrecv(const uint8_t *sendbuf, size_t send_size, uint8_t *recvbuf, > + size_t *recv_len); > + > +#endif /* _INCLUDE_TPM_H_ */ > -- > 1.7.3.1 > >
sorry, sent this and the other patchset with a wrong version number, will resend with the correct number. BTW, here one can see the differences between v2 and v3 http://review-t.appspot.com/23001 and http://review-t.appspot.com/24001. Among other things this app allows adding comments while reviewing the diffs (just doubleclick on the side by side diffs page). Has it been ever discussed - setting up a tool like this for u-boot? cheers, /vb _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
