1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright (C) 2005, 2006 IBM Corporation
4 * Copyright (C) 2014, 2015 Intel Corporation
5 *
6 * Authors:
7 * Leendert van Doorn <leendert@watson.ibm.com>
8 * Kylene Hall <kjhall@us.ibm.com>
9 *
10 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
11 *
12 * Device driver for TCG/TCPA TPM (trusted platform module).
13 * Specifications at www.trustedcomputinggroup.org
14 *
15 * This device driver implements the TPM interface as defined in
16 * the TCG TPM Interface Spec version 1.2, revision 1.0.
17 */
18 #include <linux/init.h>
19 #include <linux/module.h>
20 #include <linux/moduleparam.h>
21 #include <linux/pnp.h>
22 #include <linux/slab.h>
23 #include <linux/interrupt.h>
24 #include <linux/wait.h>
25 #include <linux/acpi.h>
26 #include <linux/freezer.h>
27 #include "tpm.h"
28 #include "tpm_tis_core.h"
29
30 static void tpm_tis_clkrun_enable(struct tpm_chip *chip, bool value);
31
wait_for_tpm_stat_cond(struct tpm_chip * chip,u8 mask,bool check_cancel,bool * canceled)32 static bool wait_for_tpm_stat_cond(struct tpm_chip *chip, u8 mask,
33 bool check_cancel, bool *canceled)
34 {
35 u8 status = chip->ops->status(chip);
36
37 *canceled = false;
38 if ((status & mask) == mask)
39 return true;
40 if (check_cancel && chip->ops->req_canceled(chip, status)) {
41 *canceled = true;
42 return true;
43 }
44 return false;
45 }
46
wait_for_tpm_stat(struct tpm_chip * chip,u8 mask,unsigned long timeout,wait_queue_head_t * queue,bool check_cancel)47 static int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask,
48 unsigned long timeout, wait_queue_head_t *queue,
49 bool check_cancel)
50 {
51 unsigned long stop;
52 long rc;
53 u8 status;
54 bool canceled = false;
55
56 /* check current status */
57 status = chip->ops->status(chip);
58 if ((status & mask) == mask)
59 return 0;
60
61 stop = jiffies + timeout;
62
63 if (chip->flags & TPM_CHIP_FLAG_IRQ) {
64 again:
65 timeout = stop - jiffies;
66 if ((long)timeout <= 0)
67 return -ETIME;
68 rc = wait_event_interruptible_timeout(*queue,
69 wait_for_tpm_stat_cond(chip, mask, check_cancel,
70 &canceled),
71 timeout);
72 if (rc > 0) {
73 if (canceled)
74 return -ECANCELED;
75 return 0;
76 }
77 if (rc == -ERESTARTSYS && freezing(current)) {
78 clear_thread_flag(TIF_SIGPENDING);
79 goto again;
80 }
81 } else {
82 do {
83 usleep_range(TPM_TIMEOUT_USECS_MIN,
84 TPM_TIMEOUT_USECS_MAX);
85 status = chip->ops->status(chip);
86 if ((status & mask) == mask)
87 return 0;
88 } while (time_before(jiffies, stop));
89 }
90 return -ETIME;
91 }
92
93 /* Before we attempt to access the TPM we must see that the valid bit is set.
94 * The specification says that this bit is 0 at reset and remains 0 until the
95 * 'TPM has gone through its self test and initialization and has established
96 * correct values in the other bits.'
97 */
wait_startup(struct tpm_chip * chip,int l)98 static int wait_startup(struct tpm_chip *chip, int l)
99 {
100 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
101 unsigned long stop = jiffies + chip->timeout_a;
102
103 do {
104 int rc;
105 u8 access;
106
107 rc = tpm_tis_read8(priv, TPM_ACCESS(l), &access);
108 if (rc < 0)
109 return rc;
110
111 if (access & TPM_ACCESS_VALID)
112 return 0;
113 tpm_msleep(TPM_TIMEOUT);
114 } while (time_before(jiffies, stop));
115 return -1;
116 }
117
check_locality(struct tpm_chip * chip,int l)118 static bool check_locality(struct tpm_chip *chip, int l)
119 {
120 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
121 int rc;
122 u8 access;
123
124 rc = tpm_tis_read8(priv, TPM_ACCESS(l), &access);
125 if (rc < 0)
126 return false;
127
128 if ((access & (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID)) ==
129 (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID)) {
130 priv->locality = l;
131 return true;
132 }
133
134 return false;
135 }
136
locality_inactive(struct tpm_chip * chip,int l)137 static bool locality_inactive(struct tpm_chip *chip, int l)
138 {
139 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
140 int rc;
141 u8 access;
142
143 rc = tpm_tis_read8(priv, TPM_ACCESS(l), &access);
144 if (rc < 0)
145 return false;
146
147 if ((access & (TPM_ACCESS_VALID | TPM_ACCESS_ACTIVE_LOCALITY))
148 == TPM_ACCESS_VALID)
149 return true;
150
151 return false;
152 }
153
release_locality(struct tpm_chip * chip,int l)154 static int release_locality(struct tpm_chip *chip, int l)
155 {
156 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
157 unsigned long stop, timeout;
158 long rc;
159
160 tpm_tis_write8(priv, TPM_ACCESS(l), TPM_ACCESS_ACTIVE_LOCALITY);
161
162 stop = jiffies + chip->timeout_a;
163
164 if (chip->flags & TPM_CHIP_FLAG_IRQ) {
165 again:
166 timeout = stop - jiffies;
167 if ((long)timeout <= 0)
168 return -1;
169
170 rc = wait_event_interruptible_timeout(priv->int_queue,
171 (locality_inactive(chip, l)),
172 timeout);
173
174 if (rc > 0)
175 return 0;
176
177 if (rc == -ERESTARTSYS && freezing(current)) {
178 clear_thread_flag(TIF_SIGPENDING);
179 goto again;
180 }
181 } else {
182 do {
183 if (locality_inactive(chip, l))
184 return 0;
185 tpm_msleep(TPM_TIMEOUT);
186 } while (time_before(jiffies, stop));
187 }
188 return -1;
189 }
190
request_locality(struct tpm_chip * chip,int l)191 static int request_locality(struct tpm_chip *chip, int l)
192 {
193 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
194 unsigned long stop, timeout;
195 long rc;
196
197 if (check_locality(chip, l))
198 return l;
199
200 rc = tpm_tis_write8(priv, TPM_ACCESS(l), TPM_ACCESS_REQUEST_USE);
201 if (rc < 0)
202 return rc;
203
204 stop = jiffies + chip->timeout_a;
205
206 if (chip->flags & TPM_CHIP_FLAG_IRQ) {
207 again:
208 timeout = stop - jiffies;
209 if ((long)timeout <= 0)
210 return -1;
211 rc = wait_event_interruptible_timeout(priv->int_queue,
212 (check_locality
213 (chip, l)),
214 timeout);
215 if (rc > 0)
216 return l;
217 if (rc == -ERESTARTSYS && freezing(current)) {
218 clear_thread_flag(TIF_SIGPENDING);
219 goto again;
220 }
221 } else {
222 /* wait for burstcount */
223 do {
224 if (check_locality(chip, l))
225 return l;
226 tpm_msleep(TPM_TIMEOUT);
227 } while (time_before(jiffies, stop));
228 }
229 return -1;
230 }
231
tpm_tis_status(struct tpm_chip * chip)232 static u8 tpm_tis_status(struct tpm_chip *chip)
233 {
234 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
235 int rc;
236 u8 status;
237
238 rc = tpm_tis_read8(priv, TPM_STS(priv->locality), &status);
239 if (rc < 0)
240 return 0;
241
242 if (unlikely((status & TPM_STS_READ_ZERO) != 0)) {
243 /*
244 * If this trips, the chances are the read is
245 * returning 0xff because the locality hasn't been
246 * acquired. Usually because tpm_try_get_ops() hasn't
247 * been called before doing a TPM operation.
248 */
249 WARN_ONCE(1, "TPM returned invalid status\n");
250 return 0;
251 }
252
253 return status;
254 }
255
tpm_tis_ready(struct tpm_chip * chip)256 static void tpm_tis_ready(struct tpm_chip *chip)
257 {
258 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
259
260 /* this causes the current command to be aborted */
261 tpm_tis_write8(priv, TPM_STS(priv->locality), TPM_STS_COMMAND_READY);
262 }
263
get_burstcount(struct tpm_chip * chip)264 static int get_burstcount(struct tpm_chip *chip)
265 {
266 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
267 unsigned long stop;
268 int burstcnt, rc;
269 u32 value;
270
271 /* wait for burstcount */
272 if (chip->flags & TPM_CHIP_FLAG_TPM2)
273 stop = jiffies + chip->timeout_a;
274 else
275 stop = jiffies + chip->timeout_d;
276 do {
277 rc = tpm_tis_read32(priv, TPM_STS(priv->locality), &value);
278 if (rc < 0)
279 return rc;
280
281 burstcnt = (value >> 8) & 0xFFFF;
282 if (burstcnt)
283 return burstcnt;
284 usleep_range(TPM_TIMEOUT_USECS_MIN, TPM_TIMEOUT_USECS_MAX);
285 } while (time_before(jiffies, stop));
286 return -EBUSY;
287 }
288
recv_data(struct tpm_chip * chip,u8 * buf,size_t count)289 static int recv_data(struct tpm_chip *chip, u8 *buf, size_t count)
290 {
291 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
292 int size = 0, burstcnt, rc;
293
294 while (size < count) {
295 rc = wait_for_tpm_stat(chip,
296 TPM_STS_DATA_AVAIL | TPM_STS_VALID,
297 chip->timeout_c,
298 &priv->read_queue, true);
299 if (rc < 0)
300 return rc;
301 burstcnt = get_burstcount(chip);
302 if (burstcnt < 0) {
303 dev_err(&chip->dev, "Unable to read burstcount\n");
304 return burstcnt;
305 }
306 burstcnt = min_t(int, burstcnt, count - size);
307
308 rc = tpm_tis_read_bytes(priv, TPM_DATA_FIFO(priv->locality),
309 burstcnt, buf + size);
310 if (rc < 0)
311 return rc;
312
313 size += burstcnt;
314 }
315 return size;
316 }
317
tpm_tis_recv(struct tpm_chip * chip,u8 * buf,size_t count)318 static int tpm_tis_recv(struct tpm_chip *chip, u8 *buf, size_t count)
319 {
320 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
321 int size = 0;
322 int status;
323 u32 expected;
324
325 if (count < TPM_HEADER_SIZE) {
326 size = -EIO;
327 goto out;
328 }
329
330 size = recv_data(chip, buf, TPM_HEADER_SIZE);
331 /* read first 10 bytes, including tag, paramsize, and result */
332 if (size < TPM_HEADER_SIZE) {
333 dev_err(&chip->dev, "Unable to read header\n");
334 goto out;
335 }
336
337 expected = be32_to_cpu(*(__be32 *) (buf + 2));
338 if (expected > count || expected < TPM_HEADER_SIZE) {
339 size = -EIO;
340 goto out;
341 }
342
343 size += recv_data(chip, &buf[TPM_HEADER_SIZE],
344 expected - TPM_HEADER_SIZE);
345 if (size < expected) {
346 dev_err(&chip->dev, "Unable to read remainder of result\n");
347 size = -ETIME;
348 goto out;
349 }
350
351 if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
352 &priv->int_queue, false) < 0) {
353 size = -ETIME;
354 goto out;
355 }
356 status = tpm_tis_status(chip);
357 if (status & TPM_STS_DATA_AVAIL) { /* retry? */
358 dev_err(&chip->dev, "Error left over data\n");
359 size = -EIO;
360 goto out;
361 }
362
363 out:
364 tpm_tis_ready(chip);
365 return size;
366 }
367
368 /*
369 * If interrupts are used (signaled by an irq set in the vendor structure)
370 * tpm.c can skip polling for the data to be available as the interrupt is
371 * waited for here
372 */
tpm_tis_send_data(struct tpm_chip * chip,const u8 * buf,size_t len)373 static int tpm_tis_send_data(struct tpm_chip *chip, const u8 *buf, size_t len)
374 {
375 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
376 int rc, status, burstcnt;
377 size_t count = 0;
378 bool itpm = priv->flags & TPM_TIS_ITPM_WORKAROUND;
379
380 status = tpm_tis_status(chip);
381 if ((status & TPM_STS_COMMAND_READY) == 0) {
382 tpm_tis_ready(chip);
383 if (wait_for_tpm_stat
384 (chip, TPM_STS_COMMAND_READY, chip->timeout_b,
385 &priv->int_queue, false) < 0) {
386 rc = -ETIME;
387 goto out_err;
388 }
389 }
390
391 while (count < len - 1) {
392 burstcnt = get_burstcount(chip);
393 if (burstcnt < 0) {
394 dev_err(&chip->dev, "Unable to read burstcount\n");
395 rc = burstcnt;
396 goto out_err;
397 }
398 burstcnt = min_t(int, burstcnt, len - count - 1);
399 rc = tpm_tis_write_bytes(priv, TPM_DATA_FIFO(priv->locality),
400 burstcnt, buf + count);
401 if (rc < 0)
402 goto out_err;
403
404 count += burstcnt;
405
406 if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
407 &priv->int_queue, false) < 0) {
408 rc = -ETIME;
409 goto out_err;
410 }
411 status = tpm_tis_status(chip);
412 if (!itpm && (status & TPM_STS_DATA_EXPECT) == 0) {
413 rc = -EIO;
414 goto out_err;
415 }
416 }
417
418 /* write last byte */
419 rc = tpm_tis_write8(priv, TPM_DATA_FIFO(priv->locality), buf[count]);
420 if (rc < 0)
421 goto out_err;
422
423 if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
424 &priv->int_queue, false) < 0) {
425 rc = -ETIME;
426 goto out_err;
427 }
428 status = tpm_tis_status(chip);
429 if (!itpm && (status & TPM_STS_DATA_EXPECT) != 0) {
430 rc = -EIO;
431 goto out_err;
432 }
433
434 return 0;
435
436 out_err:
437 tpm_tis_ready(chip);
438 return rc;
439 }
440
disable_interrupts(struct tpm_chip * chip)441 static void disable_interrupts(struct tpm_chip *chip)
442 {
443 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
444 u32 intmask;
445 int rc;
446
447 if (priv->irq == 0)
448 return;
449
450 rc = tpm_tis_read32(priv, TPM_INT_ENABLE(priv->locality), &intmask);
451 if (rc < 0)
452 intmask = 0;
453
454 intmask &= ~TPM_GLOBAL_INT_ENABLE;
455 rc = tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality), intmask);
456
457 devm_free_irq(chip->dev.parent, priv->irq, chip);
458 priv->irq = 0;
459 chip->flags &= ~TPM_CHIP_FLAG_IRQ;
460 }
461
462 /*
463 * If interrupts are used (signaled by an irq set in the vendor structure)
464 * tpm.c can skip polling for the data to be available as the interrupt is
465 * waited for here
466 */
tpm_tis_send_main(struct tpm_chip * chip,const u8 * buf,size_t len)467 static int tpm_tis_send_main(struct tpm_chip *chip, const u8 *buf, size_t len)
468 {
469 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
470 int rc;
471 u32 ordinal;
472 unsigned long dur;
473
474 rc = tpm_tis_send_data(chip, buf, len);
475 if (rc < 0)
476 return rc;
477
478 /* go and do it */
479 rc = tpm_tis_write8(priv, TPM_STS(priv->locality), TPM_STS_GO);
480 if (rc < 0)
481 goto out_err;
482
483 if (chip->flags & TPM_CHIP_FLAG_IRQ) {
484 ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
485
486 dur = tpm_calc_ordinal_duration(chip, ordinal);
487 if (wait_for_tpm_stat
488 (chip, TPM_STS_DATA_AVAIL | TPM_STS_VALID, dur,
489 &priv->read_queue, false) < 0) {
490 rc = -ETIME;
491 goto out_err;
492 }
493 }
494 return 0;
495 out_err:
496 tpm_tis_ready(chip);
497 return rc;
498 }
499
tpm_tis_send(struct tpm_chip * chip,u8 * buf,size_t len)500 static int tpm_tis_send(struct tpm_chip *chip, u8 *buf, size_t len)
501 {
502 int rc, irq;
503 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
504
505 if (!(chip->flags & TPM_CHIP_FLAG_IRQ) || priv->irq_tested)
506 return tpm_tis_send_main(chip, buf, len);
507
508 /* Verify receipt of the expected IRQ */
509 irq = priv->irq;
510 priv->irq = 0;
511 chip->flags &= ~TPM_CHIP_FLAG_IRQ;
512 rc = tpm_tis_send_main(chip, buf, len);
513 priv->irq = irq;
514 chip->flags |= TPM_CHIP_FLAG_IRQ;
515 if (!priv->irq_tested)
516 tpm_msleep(1);
517 if (!priv->irq_tested)
518 disable_interrupts(chip);
519 priv->irq_tested = true;
520 return rc;
521 }
522
523 struct tis_vendor_durations_override {
524 u32 did_vid;
525 struct tpm1_version version;
526 unsigned long durations[3];
527 };
528
529 static const struct tis_vendor_durations_override vendor_dur_overrides[] = {
530 /* STMicroelectronics 0x104a */
531 { 0x0000104a,
532 { 1, 2, 8, 28 },
533 { (2 * 60 * HZ), (2 * 60 * HZ), (2 * 60 * HZ) } },
534 };
535
tpm_tis_update_durations(struct tpm_chip * chip,unsigned long * duration_cap)536 static void tpm_tis_update_durations(struct tpm_chip *chip,
537 unsigned long *duration_cap)
538 {
539 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
540 struct tpm1_version *version;
541 u32 did_vid;
542 int i, rc;
543 cap_t cap;
544
545 chip->duration_adjusted = false;
546
547 if (chip->ops->clk_enable != NULL)
548 chip->ops->clk_enable(chip, true);
549
550 rc = tpm_tis_read32(priv, TPM_DID_VID(0), &did_vid);
551 if (rc < 0) {
552 dev_warn(&chip->dev, "%s: failed to read did_vid. %d\n",
553 __func__, rc);
554 goto out;
555 }
556
557 /* Try to get a TPM version 1.2 or 1.1 TPM_CAP_VERSION_INFO */
558 rc = tpm1_getcap(chip, TPM_CAP_VERSION_1_2, &cap,
559 "attempting to determine the 1.2 version",
560 sizeof(cap.version2));
561 if (!rc) {
562 version = &cap.version2.version;
563 } else {
564 rc = tpm1_getcap(chip, TPM_CAP_VERSION_1_1, &cap,
565 "attempting to determine the 1.1 version",
566 sizeof(cap.version1));
567
568 if (rc)
569 goto out;
570
571 version = &cap.version1;
572 }
573
574 for (i = 0; i != ARRAY_SIZE(vendor_dur_overrides); i++) {
575 if (vendor_dur_overrides[i].did_vid != did_vid)
576 continue;
577
578 if ((version->major ==
579 vendor_dur_overrides[i].version.major) &&
580 (version->minor ==
581 vendor_dur_overrides[i].version.minor) &&
582 (version->rev_major ==
583 vendor_dur_overrides[i].version.rev_major) &&
584 (version->rev_minor ==
585 vendor_dur_overrides[i].version.rev_minor)) {
586
587 memcpy(duration_cap,
588 vendor_dur_overrides[i].durations,
589 sizeof(vendor_dur_overrides[i].durations));
590
591 chip->duration_adjusted = true;
592 goto out;
593 }
594 }
595
596 out:
597 if (chip->ops->clk_enable != NULL)
598 chip->ops->clk_enable(chip, false);
599 }
600
601 struct tis_vendor_timeout_override {
602 u32 did_vid;
603 unsigned long timeout_us[4];
604 };
605
606 static const struct tis_vendor_timeout_override vendor_timeout_overrides[] = {
607 /* Atmel 3204 */
608 { 0x32041114, { (TIS_SHORT_TIMEOUT*1000), (TIS_LONG_TIMEOUT*1000),
609 (TIS_SHORT_TIMEOUT*1000), (TIS_SHORT_TIMEOUT*1000) } },
610 };
611
tpm_tis_update_timeouts(struct tpm_chip * chip,unsigned long * timeout_cap)612 static void tpm_tis_update_timeouts(struct tpm_chip *chip,
613 unsigned long *timeout_cap)
614 {
615 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
616 int i, rc;
617 u32 did_vid;
618
619 chip->timeout_adjusted = false;
620
621 if (chip->ops->clk_enable != NULL)
622 chip->ops->clk_enable(chip, true);
623
624 rc = tpm_tis_read32(priv, TPM_DID_VID(0), &did_vid);
625 if (rc < 0) {
626 dev_warn(&chip->dev, "%s: failed to read did_vid: %d\n",
627 __func__, rc);
628 goto out;
629 }
630
631 for (i = 0; i != ARRAY_SIZE(vendor_timeout_overrides); i++) {
632 if (vendor_timeout_overrides[i].did_vid != did_vid)
633 continue;
634 memcpy(timeout_cap, vendor_timeout_overrides[i].timeout_us,
635 sizeof(vendor_timeout_overrides[i].timeout_us));
636 chip->timeout_adjusted = true;
637 }
638
639 out:
640 if (chip->ops->clk_enable != NULL)
641 chip->ops->clk_enable(chip, false);
642
643 return;
644 }
645
646 /*
647 * Early probing for iTPM with STS_DATA_EXPECT flaw.
648 * Try sending command without itpm flag set and if that
649 * fails, repeat with itpm flag set.
650 */
probe_itpm(struct tpm_chip * chip)651 static int probe_itpm(struct tpm_chip *chip)
652 {
653 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
654 int rc = 0;
655 static const u8 cmd_getticks[] = {
656 0x00, 0xc1, 0x00, 0x00, 0x00, 0x0a,
657 0x00, 0x00, 0x00, 0xf1
658 };
659 size_t len = sizeof(cmd_getticks);
660 u16 vendor;
661
662 if (priv->flags & TPM_TIS_ITPM_WORKAROUND)
663 return 0;
664
665 rc = tpm_tis_read16(priv, TPM_DID_VID(0), &vendor);
666 if (rc < 0)
667 return rc;
668
669 /* probe only iTPMS */
670 if (vendor != TPM_VID_INTEL)
671 return 0;
672
673 if (request_locality(chip, 0) != 0)
674 return -EBUSY;
675
676 rc = tpm_tis_send_data(chip, cmd_getticks, len);
677 if (rc == 0)
678 goto out;
679
680 tpm_tis_ready(chip);
681
682 priv->flags |= TPM_TIS_ITPM_WORKAROUND;
683
684 rc = tpm_tis_send_data(chip, cmd_getticks, len);
685 if (rc == 0)
686 dev_info(&chip->dev, "Detected an iTPM.\n");
687 else {
688 priv->flags &= ~TPM_TIS_ITPM_WORKAROUND;
689 rc = -EFAULT;
690 }
691
692 out:
693 tpm_tis_ready(chip);
694 release_locality(chip, priv->locality);
695
696 return rc;
697 }
698
tpm_tis_req_canceled(struct tpm_chip * chip,u8 status)699 static bool tpm_tis_req_canceled(struct tpm_chip *chip, u8 status)
700 {
701 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
702
703 switch (priv->manufacturer_id) {
704 case TPM_VID_WINBOND:
705 return ((status == TPM_STS_VALID) ||
706 (status == (TPM_STS_VALID | TPM_STS_COMMAND_READY)));
707 case TPM_VID_STM:
708 return (status == (TPM_STS_VALID | TPM_STS_COMMAND_READY));
709 default:
710 return (status == TPM_STS_COMMAND_READY);
711 }
712 }
713
tis_int_handler(int dummy,void * dev_id)714 static irqreturn_t tis_int_handler(int dummy, void *dev_id)
715 {
716 struct tpm_chip *chip = dev_id;
717 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
718 u32 interrupt;
719 int i, rc;
720
721 rc = tpm_tis_read32(priv, TPM_INT_STATUS(priv->locality), &interrupt);
722 if (rc < 0)
723 return IRQ_NONE;
724
725 if (interrupt == 0)
726 return IRQ_NONE;
727
728 priv->irq_tested = true;
729 if (interrupt & TPM_INTF_DATA_AVAIL_INT)
730 wake_up_interruptible(&priv->read_queue);
731 if (interrupt & TPM_INTF_LOCALITY_CHANGE_INT)
732 for (i = 0; i < 5; i++)
733 if (check_locality(chip, i))
734 break;
735 if (interrupt &
736 (TPM_INTF_LOCALITY_CHANGE_INT | TPM_INTF_STS_VALID_INT |
737 TPM_INTF_CMD_READY_INT))
738 wake_up_interruptible(&priv->int_queue);
739
740 /* Clear interrupts handled with TPM_EOI */
741 rc = tpm_tis_write32(priv, TPM_INT_STATUS(priv->locality), interrupt);
742 if (rc < 0)
743 return IRQ_NONE;
744
745 tpm_tis_read32(priv, TPM_INT_STATUS(priv->locality), &interrupt);
746 return IRQ_HANDLED;
747 }
748
tpm_tis_gen_interrupt(struct tpm_chip * chip)749 static int tpm_tis_gen_interrupt(struct tpm_chip *chip)
750 {
751 const char *desc = "attempting to generate an interrupt";
752 u32 cap2;
753 cap_t cap;
754
755 if (chip->flags & TPM_CHIP_FLAG_TPM2)
756 return tpm2_get_tpm_pt(chip, 0x100, &cap2, desc);
757 else
758 return tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, desc,
759 0);
760 }
761
762 /* Register the IRQ and issue a command that will cause an interrupt. If an
763 * irq is seen then leave the chip setup for IRQ operation, otherwise reverse
764 * everything and leave in polling mode. Returns 0 on success.
765 */
tpm_tis_probe_irq_single(struct tpm_chip * chip,u32 intmask,int flags,int irq)766 static int tpm_tis_probe_irq_single(struct tpm_chip *chip, u32 intmask,
767 int flags, int irq)
768 {
769 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
770 u8 original_int_vec;
771 int rc;
772 u32 int_status;
773
774 if (devm_request_irq(chip->dev.parent, irq, tis_int_handler, flags,
775 dev_name(&chip->dev), chip) != 0) {
776 dev_info(&chip->dev, "Unable to request irq: %d for probe\n",
777 irq);
778 return -1;
779 }
780 priv->irq = irq;
781
782 rc = tpm_tis_read8(priv, TPM_INT_VECTOR(priv->locality),
783 &original_int_vec);
784 if (rc < 0)
785 return rc;
786
787 rc = tpm_tis_write8(priv, TPM_INT_VECTOR(priv->locality), irq);
788 if (rc < 0)
789 return rc;
790
791 rc = tpm_tis_read32(priv, TPM_INT_STATUS(priv->locality), &int_status);
792 if (rc < 0)
793 return rc;
794
795 /* Clear all existing */
796 rc = tpm_tis_write32(priv, TPM_INT_STATUS(priv->locality), int_status);
797 if (rc < 0)
798 return rc;
799
800 /* Turn on */
801 rc = tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality),
802 intmask | TPM_GLOBAL_INT_ENABLE);
803 if (rc < 0)
804 return rc;
805
806 priv->irq_tested = false;
807
808 /* Generate an interrupt by having the core call through to
809 * tpm_tis_send
810 */
811 rc = tpm_tis_gen_interrupt(chip);
812 if (rc < 0)
813 return rc;
814
815 /* tpm_tis_send will either confirm the interrupt is working or it
816 * will call disable_irq which undoes all of the above.
817 */
818 if (!(chip->flags & TPM_CHIP_FLAG_IRQ)) {
819 rc = tpm_tis_write8(priv, original_int_vec,
820 TPM_INT_VECTOR(priv->locality));
821 if (rc < 0)
822 return rc;
823
824 return 1;
825 }
826
827 return 0;
828 }
829
830 /* Try to find the IRQ the TPM is using. This is for legacy x86 systems that
831 * do not have ACPI/etc. We typically expect the interrupt to be declared if
832 * present.
833 */
tpm_tis_probe_irq(struct tpm_chip * chip,u32 intmask)834 static void tpm_tis_probe_irq(struct tpm_chip *chip, u32 intmask)
835 {
836 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
837 u8 original_int_vec;
838 int i, rc;
839
840 rc = tpm_tis_read8(priv, TPM_INT_VECTOR(priv->locality),
841 &original_int_vec);
842 if (rc < 0)
843 return;
844
845 if (!original_int_vec) {
846 if (IS_ENABLED(CONFIG_X86))
847 for (i = 3; i <= 15; i++)
848 if (!tpm_tis_probe_irq_single(chip, intmask, 0,
849 i))
850 return;
851 } else if (!tpm_tis_probe_irq_single(chip, intmask, 0,
852 original_int_vec))
853 return;
854 }
855
tpm_tis_remove(struct tpm_chip * chip)856 void tpm_tis_remove(struct tpm_chip *chip)
857 {
858 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
859 u32 reg = TPM_INT_ENABLE(priv->locality);
860 u32 interrupt;
861 int rc;
862
863 tpm_tis_clkrun_enable(chip, true);
864
865 rc = tpm_tis_read32(priv, reg, &interrupt);
866 if (rc < 0)
867 interrupt = 0;
868
869 tpm_tis_write32(priv, reg, ~TPM_GLOBAL_INT_ENABLE & interrupt);
870
871 tpm_tis_clkrun_enable(chip, false);
872
873 if (priv->ilb_base_addr)
874 iounmap(priv->ilb_base_addr);
875 }
876 EXPORT_SYMBOL_GPL(tpm_tis_remove);
877
878 /**
879 * tpm_tis_clkrun_enable() - Keep clkrun protocol disabled for entire duration
880 * of a single TPM command
881 * @chip: TPM chip to use
882 * @value: 1 - Disable CLKRUN protocol, so that clocks are free running
883 * 0 - Enable CLKRUN protocol
884 * Call this function directly in tpm_tis_remove() in error or driver removal
885 * path, since the chip->ops is set to NULL in tpm_chip_unregister().
886 */
tpm_tis_clkrun_enable(struct tpm_chip * chip,bool value)887 static void tpm_tis_clkrun_enable(struct tpm_chip *chip, bool value)
888 {
889 struct tpm_tis_data *data = dev_get_drvdata(&chip->dev);
890 u32 clkrun_val;
891
892 if (!IS_ENABLED(CONFIG_X86) || !is_bsw() ||
893 !data->ilb_base_addr)
894 return;
895
896 if (value) {
897 data->clkrun_enabled++;
898 if (data->clkrun_enabled > 1)
899 return;
900 clkrun_val = ioread32(data->ilb_base_addr + LPC_CNTRL_OFFSET);
901
902 /* Disable LPC CLKRUN# */
903 clkrun_val &= ~LPC_CLKRUN_EN;
904 iowrite32(clkrun_val, data->ilb_base_addr + LPC_CNTRL_OFFSET);
905
906 /*
907 * Write any random value on port 0x80 which is on LPC, to make
908 * sure LPC clock is running before sending any TPM command.
909 */
910 outb(0xCC, 0x80);
911 } else {
912 data->clkrun_enabled--;
913 if (data->clkrun_enabled)
914 return;
915
916 clkrun_val = ioread32(data->ilb_base_addr + LPC_CNTRL_OFFSET);
917
918 /* Enable LPC CLKRUN# */
919 clkrun_val |= LPC_CLKRUN_EN;
920 iowrite32(clkrun_val, data->ilb_base_addr + LPC_CNTRL_OFFSET);
921
922 /*
923 * Write any random value on port 0x80 which is on LPC, to make
924 * sure LPC clock is running before sending any TPM command.
925 */
926 outb(0xCC, 0x80);
927 }
928 }
929
930 static const struct tpm_class_ops tpm_tis = {
931 .flags = TPM_OPS_AUTO_STARTUP,
932 .status = tpm_tis_status,
933 .recv = tpm_tis_recv,
934 .send = tpm_tis_send,
935 .cancel = tpm_tis_ready,
936 .update_timeouts = tpm_tis_update_timeouts,
937 .update_durations = tpm_tis_update_durations,
938 .req_complete_mask = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
939 .req_complete_val = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
940 .req_canceled = tpm_tis_req_canceled,
941 .request_locality = request_locality,
942 .relinquish_locality = release_locality,
943 .clk_enable = tpm_tis_clkrun_enable,
944 };
945
tpm_tis_core_init(struct device * dev,struct tpm_tis_data * priv,int irq,const struct tpm_tis_phy_ops * phy_ops,acpi_handle acpi_dev_handle)946 int tpm_tis_core_init(struct device *dev, struct tpm_tis_data *priv, int irq,
947 const struct tpm_tis_phy_ops *phy_ops,
948 acpi_handle acpi_dev_handle)
949 {
950 u32 vendor;
951 u32 intfcaps;
952 u32 intmask;
953 u32 clkrun_val;
954 u8 rid;
955 int rc, probe;
956 struct tpm_chip *chip;
957
958 chip = tpmm_chip_alloc(dev, &tpm_tis);
959 if (IS_ERR(chip))
960 return PTR_ERR(chip);
961
962 #ifdef CONFIG_ACPI
963 chip->acpi_dev_handle = acpi_dev_handle;
964 #endif
965
966 chip->hwrng.quality = priv->rng_quality;
967
968 /* Maximum timeouts */
969 chip->timeout_a = msecs_to_jiffies(TIS_TIMEOUT_A_MAX);
970 chip->timeout_b = msecs_to_jiffies(TIS_TIMEOUT_B_MAX);
971 chip->timeout_c = msecs_to_jiffies(TIS_TIMEOUT_C_MAX);
972 chip->timeout_d = msecs_to_jiffies(TIS_TIMEOUT_D_MAX);
973 priv->phy_ops = phy_ops;
974 dev_set_drvdata(&chip->dev, priv);
975
976 if (is_bsw()) {
977 priv->ilb_base_addr = ioremap(INTEL_LEGACY_BLK_BASE_ADDR,
978 ILB_REMAP_SIZE);
979 if (!priv->ilb_base_addr)
980 return -ENOMEM;
981
982 clkrun_val = ioread32(priv->ilb_base_addr + LPC_CNTRL_OFFSET);
983 /* Check if CLKRUN# is already not enabled in the LPC bus */
984 if (!(clkrun_val & LPC_CLKRUN_EN)) {
985 iounmap(priv->ilb_base_addr);
986 priv->ilb_base_addr = NULL;
987 }
988 }
989
990 if (chip->ops->clk_enable != NULL)
991 chip->ops->clk_enable(chip, true);
992
993 if (wait_startup(chip, 0) != 0) {
994 rc = -ENODEV;
995 goto out_err;
996 }
997
998 /* Take control of the TPM's interrupt hardware and shut it off */
999 rc = tpm_tis_read32(priv, TPM_INT_ENABLE(priv->locality), &intmask);
1000 if (rc < 0)
1001 goto out_err;
1002
1003 intmask |= TPM_INTF_CMD_READY_INT | TPM_INTF_LOCALITY_CHANGE_INT |
1004 TPM_INTF_DATA_AVAIL_INT | TPM_INTF_STS_VALID_INT;
1005 intmask &= ~TPM_GLOBAL_INT_ENABLE;
1006 tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality), intmask);
1007
1008 rc = tpm_chip_start(chip);
1009 if (rc)
1010 goto out_err;
1011 rc = tpm2_probe(chip);
1012 tpm_chip_stop(chip);
1013 if (rc)
1014 goto out_err;
1015
1016 rc = tpm_tis_read32(priv, TPM_DID_VID(0), &vendor);
1017 if (rc < 0)
1018 goto out_err;
1019
1020 priv->manufacturer_id = vendor;
1021
1022 rc = tpm_tis_read8(priv, TPM_RID(0), &rid);
1023 if (rc < 0)
1024 goto out_err;
1025
1026 dev_info(dev, "%s TPM (device-id 0x%X, rev-id %d)\n",
1027 (chip->flags & TPM_CHIP_FLAG_TPM2) ? "2.0" : "1.2",
1028 vendor >> 16, rid);
1029
1030 probe = probe_itpm(chip);
1031 if (probe < 0) {
1032 rc = -ENODEV;
1033 goto out_err;
1034 }
1035
1036 /* Figure out the capabilities */
1037 rc = tpm_tis_read32(priv, TPM_INTF_CAPS(priv->locality), &intfcaps);
1038 if (rc < 0)
1039 goto out_err;
1040
1041 dev_dbg(dev, "TPM interface capabilities (0x%x):\n",
1042 intfcaps);
1043 if (intfcaps & TPM_INTF_BURST_COUNT_STATIC)
1044 dev_dbg(dev, "\tBurst Count Static\n");
1045 if (intfcaps & TPM_INTF_CMD_READY_INT)
1046 dev_dbg(dev, "\tCommand Ready Int Support\n");
1047 if (intfcaps & TPM_INTF_INT_EDGE_FALLING)
1048 dev_dbg(dev, "\tInterrupt Edge Falling\n");
1049 if (intfcaps & TPM_INTF_INT_EDGE_RISING)
1050 dev_dbg(dev, "\tInterrupt Edge Rising\n");
1051 if (intfcaps & TPM_INTF_INT_LEVEL_LOW)
1052 dev_dbg(dev, "\tInterrupt Level Low\n");
1053 if (intfcaps & TPM_INTF_INT_LEVEL_HIGH)
1054 dev_dbg(dev, "\tInterrupt Level High\n");
1055 if (intfcaps & TPM_INTF_LOCALITY_CHANGE_INT)
1056 dev_dbg(dev, "\tLocality Change Int Support\n");
1057 if (intfcaps & TPM_INTF_STS_VALID_INT)
1058 dev_dbg(dev, "\tSts Valid Int Support\n");
1059 if (intfcaps & TPM_INTF_DATA_AVAIL_INT)
1060 dev_dbg(dev, "\tData Avail Int Support\n");
1061
1062 /* INTERRUPT Setup */
1063 init_waitqueue_head(&priv->read_queue);
1064 init_waitqueue_head(&priv->int_queue);
1065 if (irq != -1) {
1066 /* Before doing irq testing issue a command to the TPM in polling mode
1067 * to make sure it works. May as well use that command to set the
1068 * proper timeouts for the driver.
1069 */
1070 if (tpm_get_timeouts(chip)) {
1071 dev_err(dev, "Could not get TPM timeouts and durations\n");
1072 rc = -ENODEV;
1073 goto out_err;
1074 }
1075
1076 if (irq) {
1077 tpm_tis_probe_irq_single(chip, intmask, IRQF_SHARED,
1078 irq);
1079 if (!(chip->flags & TPM_CHIP_FLAG_IRQ)) {
1080 dev_err(&chip->dev, FW_BUG
1081 "TPM interrupt not working, polling instead\n");
1082
1083 disable_interrupts(chip);
1084 }
1085 } else {
1086 tpm_tis_probe_irq(chip, intmask);
1087 }
1088 }
1089
1090 rc = tpm_chip_register(chip);
1091 if (rc)
1092 goto out_err;
1093
1094 if (chip->ops->clk_enable != NULL)
1095 chip->ops->clk_enable(chip, false);
1096
1097 return 0;
1098 out_err:
1099 if (chip->ops->clk_enable != NULL)
1100 chip->ops->clk_enable(chip, false);
1101
1102 tpm_tis_remove(chip);
1103
1104 return rc;
1105 }
1106 EXPORT_SYMBOL_GPL(tpm_tis_core_init);
1107
1108 #ifdef CONFIG_PM_SLEEP
tpm_tis_reenable_interrupts(struct tpm_chip * chip)1109 static void tpm_tis_reenable_interrupts(struct tpm_chip *chip)
1110 {
1111 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
1112 u32 intmask;
1113 int rc;
1114
1115 if (chip->ops->clk_enable != NULL)
1116 chip->ops->clk_enable(chip, true);
1117
1118 /* reenable interrupts that device may have lost or
1119 * BIOS/firmware may have disabled
1120 */
1121 rc = tpm_tis_write8(priv, TPM_INT_VECTOR(priv->locality), priv->irq);
1122 if (rc < 0)
1123 goto out;
1124
1125 rc = tpm_tis_read32(priv, TPM_INT_ENABLE(priv->locality), &intmask);
1126 if (rc < 0)
1127 goto out;
1128
1129 intmask |= TPM_INTF_CMD_READY_INT
1130 | TPM_INTF_LOCALITY_CHANGE_INT | TPM_INTF_DATA_AVAIL_INT
1131 | TPM_INTF_STS_VALID_INT | TPM_GLOBAL_INT_ENABLE;
1132
1133 tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality), intmask);
1134
1135 out:
1136 if (chip->ops->clk_enable != NULL)
1137 chip->ops->clk_enable(chip, false);
1138
1139 return;
1140 }
1141
tpm_tis_resume(struct device * dev)1142 int tpm_tis_resume(struct device *dev)
1143 {
1144 struct tpm_chip *chip = dev_get_drvdata(dev);
1145 int ret;
1146
1147 if (chip->flags & TPM_CHIP_FLAG_IRQ)
1148 tpm_tis_reenable_interrupts(chip);
1149
1150 ret = tpm_pm_resume(dev);
1151 if (ret)
1152 return ret;
1153
1154 /* TPM 1.2 requires self-test on resume. This function actually returns
1155 * an error code but for unknown reason it isn't handled.
1156 */
1157 if (!(chip->flags & TPM_CHIP_FLAG_TPM2))
1158 tpm1_do_selftest(chip);
1159
1160 return 0;
1161 }
1162 EXPORT_SYMBOL_GPL(tpm_tis_resume);
1163 #endif
1164
1165 MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)");
1166 MODULE_DESCRIPTION("TPM Driver");
1167 MODULE_VERSION("2.0");
1168 MODULE_LICENSE("GPL");
1169