Commit graph

136 commits

Author SHA1 Message Date
Heinrich Schuchardt
c3de051c41 tis: fix tpm_tis_remove()
tpm_tis_remove() leads to calling tpm_tis_ready() with the IO region
unmapped and chip->locality == -1 (locality released). This leads to a
crash in mmio_write_bytes().

The patch implements these changes:

tpm_tis_remove(): Unmap the IO region after calling tpm_tis_cleanup().

tpm_tis_cleanup(): Request locality before IO output and releasing
locality.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-11-30 14:11:05 +02:00
Mathew McBride
4a08dba019 drivers: tpm: atmel_twi: fix printf specifier compile warning
%d was being used as the specifier for size_t, leading to a
compiler warning

Signed-off-by: Mathew McBride <matt@traverse.com.au>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-11-17 13:47:36 +02:00
Mathew McBride
fb30d99df8 drivers: tpm: atmel_twi: implement get_desc operation
Without get_desc, the tpm command will not provide a
description of the device in 'tpm device' or 'tpm info'.

Due to the characteristics of the Atmel TPM it isn't
possible to determine certain attributes (e.g open/close
status) without using the TPM stack (compare Infineon
and ST TPM drivers), so just print out the chip model
and udevice name as the identifier.

Signed-off-by: Mathew McBride <matt@traverse.com.au>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-11-17 13:47:33 +02:00
Mathew McBride
fdb4a5fcd7 drivers: tpm: atmel_twi: do not use an offset byte
This driver was broken due to an empty offset byte being prepended
at the start of every transmission.

The hardware does not mimic an EEPROM device with registers so
an offset byte is not required.

Signed-off-by: Mathew McBride <matt@traverse.com.au>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-11-17 13:47:31 +02:00
Mathew McBride
02f50d8ebb drivers: tpm: atmel_twi: drop non-DM_I2C compatibility
There are no users of this driver without DM_I2C

Signed-off-by: Mathew McBride <matt@traverse.com.au>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-11-17 13:47:29 +02:00
Ilias Apalodimas
a5c30c26b2 tpm: Use the new API on tpm2 spi driver
Convert our SPI TPM driver and use the newly added API

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-11-10 20:57:54 +01:00
Ilias Apalodimas
e0ff348997 tpm2: Add a TPMv2 MMIO TIS driver
Add support for devices that expose a TPMv2 though MMIO.
Apart from those devices, we can use the driver in our QEMU setups and
test TPM related code which is difficult to achieve using the sandbox
driver (e.g test the EFI TCG2 protocol).

It's worth noting that a previous patch added TPMv2 TIS core functions,
which the current driver is consuming.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-11-10 20:57:54 +01:00
Ilias Apalodimas
2c9626c463 tpm2: Introduce TIS tpm core
There's a lot of code duplication in U-Boot right now.  All the TPM TIS
compatible drivers we have at the moment have their own copy of a TIS
implementation.

So let's create a common layer which implements the core TIS functions.
Any driver added from now own, which is compatible with the TIS spec, will
only have to provide the underlying bus communication mechanisms.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-11-10 20:57:54 +01:00
Ilias Apalodimas
c9e6d9c8e5 tpm: refactor function names for LPC based TPMs
With the upcoming TPM2 API, some of the functions name are part of the new
header file.  So switch conflicting internal function names and defines.

Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canaonical.com>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-11-10 20:57:54 +01:00
Ilias Apalodimas
07b6b15bb2 tpm: refactor function names and macros for infineon v1.2 TPM
With the upcoming TPM2 API, some of the functions name are part of the new
header file.  So switch conflicting internal function names and defines.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-11-10 20:57:54 +01:00
Simon Glass
414cc15144 treewide: Simply conditions with the new OF_REAL
Use this new Kconfig to simplify the compilation conditions where
appropriate.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-25 09:46:15 -06:00
Jorge Ramirez-Ortiz
cc5afabc9d drivers: tpm2: update reset gpio semantics
Use the more generic reset-gpios property name.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Michal Simek <michal.simek@xilinx.com>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-09-24 14:36:50 -04:00
Simon Glass
1c6608bd92 sandbox: tpm: Support extending a PCR multiple times
It is fairly easy to handle this case and it makes the emulator more
useful, since PCRs are commonly extended several times.

Add support for this, using U-Boot's sha256 support.

For now sandbox only supports a single PCR, but that is enough for the
tests that currently exist.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-08-01 09:05:24 -06:00
Simon Glass
9f0b53564f sandbox: tpm: Correct handling of SANDBOX_TPM_PCR_NB
This is the number of PCRs, so the current check is off by one. Also the
map itself should not be checked, just the resulting pcr_index, to avoid
confusing people who read the code.

Fix these problems.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-08-01 09:05:24 -06:00
Simon Glass
a986216e34 sandbox: tpm: Support storing device state in tpm2
At present the tpm2 emulator does not support storing the device state.
Add this so we can handle the normal vboot flow through the sandbox
executables (VPL->SPL etc.) with the TPM contents staying in place.

Note: sandbox has not yet been converted to use livetree for the state
information, since livetree does not yet support writing to the tree.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-08-01 09:05:24 -06:00
Simon Glass
d8f105dd71 sandbox: tpm: Support nvdata in TPM2
Add support for this feature in the TPM2 emulator, to support Chromium OS
vboot.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-08-01 09:05:24 -06:00
Simon Glass
0c0ddada65 sandbox: tpm: Track whether the state is valid
Add checking as to whether the current TPM state is valid, so we can
implement reading/writing the state.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-08-01 09:05:24 -06:00
Simon Glass
46aed06cb7 sandbox: tpm: Finish comments for struct sandbox_tpm2
Tidy up the missing comments for this struct.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-08-01 09:05:24 -06:00
Simon Glass
7f350a959c sandbox: tpm: Correct handling of get-capability
This function current handles the kernel case incorrectly. Fix it, and
use the shorter TPM_HDR_LEN while we are here.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-08-01 09:05:24 -06:00
Simon Glass
f9143c1200 sandbox: tpm: Support the define-space command
Add support for this command, moving away from the previous approach of
hard-coding the initial data in the driver, now that the kernel-space data
has to be set up by the higher-level vboot code.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-08-01 09:05:24 -06:00
Simon Glass
1db235a186 sandbox: tpm: Tidy up reading and writing of device state
At present this code assumes that the TPM data has been read but this may
not be the case. Refactor the code to use a separate pointer so we know
the current state of the data.

Add error checking for the data size.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-08-01 09:05:24 -06:00
Simon Glass
974c98f26c sandbox: tpm: Split out common nvdata code
We want to support nvdata in TPM2 as well. To avoid code duplicating the
associated code, move it into a common file.

Drop the special-case logic for the kernel space. This can be handled by
the higher-level code now, i.e. in vboot itself.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-08-01 09:05:24 -06:00
Simon Glass
bca2d579f4 tpm: cr50: Drop unnecessary coral headers
These headers are not actually used. Drop them so that this driver can
be used by other boards, e.g. coreboot.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2021-07-15 19:49:56 +08:00
Simon Glass
e7c920a228 tpm: Correct warning on 32-bit build
Fix the warning:

drivers/tpm/tpm2_tis_sandbox.c: In function ‘sandbox_tpm2_xfer’:
drivers/tpm/tpm2_tis_sandbox.c:288:48: warning: format ‘%ld’ expects
	argument of type ‘long int’, but argument 2 has type ‘size_t’
	{aka ‘unsigned int’} [-Wformat=]
   printf("TPM2: Unmatching length, received: %ld, expected: %d\n",
                                              ~~^
                                              %d
          send_size, length);
          ~~~~~~~~~

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-13 13:14:52 -05:00
Simon Glass
d5cb6687c5 tpm: Use logging in the uclass
Update this to use log_debug() instead of the old debug().

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-03-02 15:53:37 -05:00
Simon Glass
13ad993fc7 tpm: Don't include cr50 in TPL/SPL
At present the security chip is not used in these U-Boot phases. Update
the Makefile to exclude it.

Fix a few logging statements while we are here.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-03-02 15:53:37 -05:00
Igor Opaniuk
2147a16983 dm: i2c: use CONFIG_IS_ENABLED macro for DM_I2C/DM_I2C_GPIO
Use CONFIG_IS_ENABLED() macro, which provides more convenient
way to check $(SPL)DM_I2C/$(SPL)DM_I2C_GPIO configs
for both SPL and U-Boot proper.

CONFIG_IS_ENABLED(DM_I2C) expands to:
- 1 if CONFIG_SPL_BUILD is undefined and CONFIG_DM_I2C is set to 'y',
- 1 if CONFIG_SPL_BUILD is defined and CONFIG_SPL_DM_I2C is set to 'y',
- 0 otherwise.

All occurences were replaced automatically using these bash cmds:
$ find . -type f -exec sed -i
     's/ifndef CONFIG_DM_I2C/if !CONFIG_IS_ENABLED(DM_I2C)/g' {} +
$ find . -type f -exec sed -i
    's/ifdef CONFIG_DM_I2C/if CONFIG_IS_ENABLED(DM_I2C)/g' {} +
$ find . -type f -exec sed -i
    's/defined(CONFIG_DM_I2C)/CONFIG_IS_ENABLED(DM_I2C)/g' {} +
$ find . -type f -exec sed -i
    's/ifndef CONFIG_DM_I2C_GPIO/if !CONFIG_IS_ENABLED(DM_I2C_GPIO)/g' {} +
$ find . -type f -exec sed -i
    's/ifdef CONFIG_DM_I2C_GPIO/if CONFIG_IS_ENABLED(DM_I2C_GPIO)/g' {} +
$ find . -type f -exec sed -i
    's/defined(CONFIG_DM_I2C_GPIO)/CONFIG_IS_ENABLED(DM_I2C_GPIO)/g' {} +

Reviewed-by: Heiko Schocher <hs@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Igor Opaniuk <igor.opaniuk@foundries.io>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
2021-02-21 06:08:00 +01:00
Simon Glass
3039fc7e96 tpm: cr50: Rename driver to work with of-platdata
Update the driver name to match the compatible string, so it can work
with of-platdata.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-01-30 14:25:41 -07:00
Simon Glass
5372fc772e tpm: cr50: Add a better description and more debug
Update the TPM description to include the interrupt mechanicm since this
is useful to know. Also add a warning if the TPM cannot be found and a
debug line if it succeeds.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-01-30 14:25:41 -07:00
Simon Glass
6208975e23 tpm: cr50: Check for valid locality
When the Cr50 starts up it doesn't have a valid locality. The driver sets
it to -1 to indicate that. Tracking this allows cr50_i2c_cleanup() to
avoid releasing a locality that was not claimed.

However the helper functions that generate the flags use a u8 type which
cannot support -1, so they return a locality of 0xff.

Fix this by updating the type. With this, 'tpm startup TPM2_SU_CLEAR'
works as expected.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-01-30 14:25:41 -07:00
Simon Glass
d1998a9fde dm: treewide: Rename ofdata_to_platdata() to of_to_plat()
This name is far too long. Rename it to remove the 'data' bits. This makes
it consistent with the platdata->plat rename.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-13 16:51:09 -07:00
Simon Glass
c69cda25c9 dm: treewide: Rename dev_get_platdata() to dev_get_plat()
Rename this to be consistent with the change from 'platdata'.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-13 16:51:09 -07:00
Simon Glass
caa4daa2ae dm: treewide: Rename 'platdata' variables to just 'plat'
We use 'priv' for private data but often use 'platdata' for platform data.
We can't really use 'pdata' since that is ambiguous (it could mean private
or platform data).

Rename some of the latter variables to end with 'plat' for consistency.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-13 16:51:08 -07:00
Simon Glass
41575d8e4c dm: treewide: Rename auto_alloc_size members to be shorter
This construct is quite long-winded. In earlier days it made some sense
since auto-allocation was a strange concept. But with driver model now
used pretty universally, we can shorten this to 'auto'. This reduces
verbosity and makes it easier to read.

Coincidentally it also ensures that every declaration is on one line,
thus making dtoc's job easier.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-13 08:00:25 -07:00
Michal Simek
d99f163792 tpm: spi: Cleanup source code
There is no need for GD to be used and priv variable is unused.

Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-11-20 10:42:54 +01:00
Simon Glass
39565cc2a9 tpm: cr50: Correct logging statements
Fix up some logging statements in this file. Most of them should use
log_debug(), apart from one error.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-10-22 09:54:52 -04:00
Simon Glass
eaac971736 tpm: cr50: Add ACPI support
Generate ACPI information for this device so that Linux can use it
correctly.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-09-25 11:27:21 +08:00
Walter Lozano
e3e2470fdd drivers: rename drivers to match compatible string
When using OF_PLATDATA, the bind process between devices and drivers
is performed trying to match compatible string with driver names.
However driver names are not strictly defined, and also there are different
names used when declaring a driver with U_BOOT_DRIVER, the name of the
symbol used in the linker list and the used in the struct driver_info.

In order to make things a bit more clear, rename the drivers names. This
will also help for further OF_PLATDATA improvements, such as checking
for valid driver names.

Signed-off-by: Walter Lozano <walter.lozano@collabora.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add a fix for sandbox of-platdata to avoid using an invalid ANSI colour:
Signed-off-by: Simon Glass <sjg@chromium.org>
2020-07-09 18:57:22 -06:00
Johannes Holland
bedbb383e1 tpm: add #ifndef to fix redeclaration build errors
tpm_tis_spi.c directly includes tpm_tis.h and tpm-v2.h which both
define the same enums (see e.g. TPM_ACCESS_VALID). Add an #ifndef to
prevent redeclaration errors.

Signed-off-by: Johannes Holland <johannes.holland@infineon.com>
2020-07-08 17:21:46 -04:00
Bruno Thomsen
78cc3fcf08 tpm2: tis_spi: add linux compatible fallback string
This solves a compatibility issue with Linux device trees
that contain TPMv2.x hardware. So it's easier to import DTS
from upstream kernel when migrating board init from C code
to DTS.

The issue is that fallback binding is different between Linux
and u-Boot.

Linux: "tcg,tpm_tis-spi"
U-Boot: "tis,tpm2-spi"

As there are currently no in-tree users of the U-Boot binding,
it makes sense to use Linux fallback binding.

Signed-off-by: Bruno Thomsen <bruno.thomsen@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2020-07-08 15:38:32 -04:00
Simon Glass
cd93d625fd common: Drop linux/bitops.h from common header
Move this uncommon header out of the common header.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 21:19:23 -04:00
Simon Glass
c05ed00afb common: Drop linux/delay.h from common header
Move this uncommon header out of the common header.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 21:19:23 -04:00
Simon Glass
f7ae49fc4f common: Drop log.h from common header
Move this header out of the common header.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 21:19:18 -04:00
Simon Glass
88307654af tpm: Don't cleanup unless an error happens
At present the cleanup() method is called on every transfer. It should
only be called on failing transfers. Fix this and tidy up the error
handling a little.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-04-16 14:36:28 +08:00
Simon Glass
32e8ee004a tpm: cr50: Use the correct GPIO binding
This device should use ready-gpios rather than ready-gpio. Fix it.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-04-16 14:36:28 +08:00
Simon Glass
fe6831dac4 tpm: cr50: Add a comment for cr50_priv
Add a comment for the private structure

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-04-16 14:36:28 +08:00
Simon Glass
79b7ade5b5 tpm: cr50: Release locality on exit
At present the cr50 driver claims the locality and does not release it for
Linux. This causes problems. Fix this by tracking what is claimed, and
adding a 'remove' method.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-04-16 14:36:28 +08:00
Tom Rini
9a8942b53d sandbox conversion to SDL2
TPM TEE driver
 Various minor sandbox video enhancements
 New driver model core utility functions
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAl48iogACgkQfxc6PpAI
 reaVzAf/an3/yKe6r3CVWlcRV6H/dVg1ApnnLpX7jS0p0b++oCVvOiy7z1WPXj3k
 b1SSgENDeeZ/8EHio+Gf7ZidH/TGEj7L6YEFwd1t60GMkZiWEkNf4Z53tw482YG+
 96hoPD+ySTW+ddIdVHWAFG2I4aEiKHANJAp/ItNdD+rLbrEwNQy+eiK5JTOk80B6
 /X8AJCLZeAC1s7vs+2+WolgjT78QGzA9HHalMiublcqh0ivKKk0QeQiOKKPe8JYJ
 om5YY1TxayQ60Xmo5f39/SBfzEEklxw83sU9o1tBeYzyVUpu7fQdkxiDbWdsij77
 DgwLdeYQJGbN+hdSWE0gjTqyhW+lWA==
 =KRoA
 -----END PGP SIGNATURE-----

Merge tag 'dm-pull-6feb20' of https://gitlab.denx.de/u-boot/custodians/u-boot-dm

sandbox conversion to SDL2
TPM TEE driver
Various minor sandbox video enhancements
New driver model core utility functions
2020-02-11 10:58:41 -05:00
Simon Glass
d36856a385 tpm: Add a driver for H1/Cr50
H1 is a Google security chip present in recent Chromebooks, Pixel phones
and other devices. Cr50 is the name of the software that runs on H1 in
Chromebooks.

This chip is used to handle TPM-like functionality and also has quite a
few additional features.

Add a driver for this.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-02-07 22:46:35 +08:00
Thirupathaiah Annapureddy
8d73be7a8e tpm2: ftpm: A driver for firmware TPM running inside TEE
Add a driver for a firmware TPM running inside TEE.

Documentation of the firmware TPM:
https://www.microsoft.com/en-us/research/publication/ftpm-software-implementation-tpm-chip/

Implementation of the firmware TPM:
https://github.com/Microsoft/ms-tpm-20-ref/tree/master/Samples/ARM32-FirmwareTPM

Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com>
2020-02-05 19:33:46 -07:00