1 /*
2 * tpm_tis_i2c.c - QEMU's TPM TIS I2C Device
3 *
4 * Copyright (c) 2023 IBM Corporation
5 *
6 * Authors:
7 * Ninad Palsule <ninad@linux.ibm.com>
8 *
9 * This work is licensed under the terms of the GNU GPL, version 2 or later.
10 * See the COPYING file in the top-level directory.
11 *
12 * TPM I2C implementation follows TCG TPM I2c Interface specification,
13 * Family 2.0, Level 00, Revision 1.00
14 *
15 * TPM TIS for TPM 2 implementation following TCG PC Client Platform
16 * TPM Profile (PTP) Specification, Family 2.0, Revision 00.43
17 *
18 */
19
20 #include "qemu/osdep.h"
21 #include "hw/i2c/i2c.h"
22 #include "hw/sysbus.h"
23 #include "hw/acpi/tpm.h"
24 #include "migration/vmstate.h"
25 #include "tpm_prop.h"
26 #include "qemu/log.h"
27 #include "trace.h"
28 #include "tpm_tis.h"
29
30 /* Operations */
31 #define OP_SEND 1
32 #define OP_RECV 2
33
34 /* Is locality valid */
35 #define TPM_TIS_I2C_IS_VALID_LOCTY(x) TPM_TIS_IS_VALID_LOCTY(x)
36
37 typedef struct TPMStateI2C {
38 /*< private >*/
39 I2CSlave parent_obj;
40
41 uint8_t offset; /* offset into data[] */
42 uint8_t operation; /* OP_SEND & OP_RECV */
43 uint8_t data[5]; /* Data */
44
45 /* i2c registers */
46 uint8_t loc_sel; /* Current locality */
47 uint8_t csum_enable; /* Is checksum enabled */
48
49 /* Derived from the above */
50 const char *reg_name; /* Register name */
51 uint32_t tis_addr; /* Converted tis address including locty */
52
53 /*< public >*/
54 TPMState state; /* not a QOM object */
55
56 } TPMStateI2C;
57
58 DECLARE_INSTANCE_CHECKER(TPMStateI2C, TPM_TIS_I2C,
59 TYPE_TPM_TIS_I2C)
60
61 /* Prototype */
62 static inline void tpm_tis_i2c_to_tis_reg(TPMStateI2C *i2cst, uint8_t i2c_reg);
63
64 /* Register map */
65 typedef struct regMap {
66 uint8_t i2c_reg; /* I2C register */
67 uint16_t tis_reg; /* TIS register */
68 const char *reg_name; /* Register name */
69 } I2CRegMap;
70
71 /*
72 * The register values in the common code is different than the latest
73 * register numbers as per the spec hence add the conversion map
74 */
75 static const I2CRegMap tpm_tis_reg_map[] = {
76 /*
77 * These registers are sent to TIS layer. The register with UNKNOWN
78 * mapping are not sent to TIS layer and handled in I2c layer.
79 * NOTE: Adding frequently used registers at the start
80 */
81 { TPM_I2C_REG_DATA_FIFO, TPM_TIS_REG_DATA_FIFO, "FIFO", },
82 { TPM_I2C_REG_STS, TPM_TIS_REG_STS, "STS", },
83 { TPM_I2C_REG_DATA_CSUM_GET, TPM_I2C_REG_UNKNOWN, "CSUM_GET", },
84 { TPM_I2C_REG_LOC_SEL, TPM_I2C_REG_UNKNOWN, "LOC_SEL", },
85 { TPM_I2C_REG_ACCESS, TPM_TIS_REG_ACCESS, "ACCESS", },
86 { TPM_I2C_REG_INT_ENABLE, TPM_TIS_REG_INT_ENABLE, "INTR_ENABLE",},
87 { TPM_I2C_REG_INT_CAPABILITY, TPM_I2C_REG_UNKNOWN, "INTR_CAP", },
88 { TPM_I2C_REG_INTF_CAPABILITY, TPM_TIS_REG_INTF_CAPABILITY, "INTF_CAP", },
89 { TPM_I2C_REG_DID_VID, TPM_TIS_REG_DID_VID, "DID_VID", },
90 { TPM_I2C_REG_RID, TPM_TIS_REG_RID, "RID", },
91 { TPM_I2C_REG_I2C_DEV_ADDRESS, TPM_I2C_REG_UNKNOWN, "DEV_ADDRESS",},
92 { TPM_I2C_REG_DATA_CSUM_ENABLE, TPM_I2C_REG_UNKNOWN, "CSUM_ENABLE",},
93 };
94
tpm_tis_i2c_pre_save(void * opaque)95 static int tpm_tis_i2c_pre_save(void *opaque)
96 {
97 TPMStateI2C *i2cst = opaque;
98
99 return tpm_tis_pre_save(&i2cst->state);
100 }
101
tpm_tis_i2c_post_load(void * opaque,int version_id)102 static int tpm_tis_i2c_post_load(void *opaque, int version_id)
103 {
104 TPMStateI2C *i2cst = opaque;
105
106 if (i2cst->offset >= 1) {
107 tpm_tis_i2c_to_tis_reg(i2cst, i2cst->data[0]);
108 }
109
110 return 0;
111 }
112
113 static const VMStateDescription vmstate_tpm_tis_i2c = {
114 .name = "tpm-tis-i2c",
115 .version_id = 0,
116 .pre_save = tpm_tis_i2c_pre_save,
117 .post_load = tpm_tis_i2c_post_load,
118 .fields = (const VMStateField[]) {
119 VMSTATE_BUFFER(state.buffer, TPMStateI2C),
120 VMSTATE_UINT16(state.rw_offset, TPMStateI2C),
121 VMSTATE_UINT8(state.active_locty, TPMStateI2C),
122 VMSTATE_UINT8(state.aborting_locty, TPMStateI2C),
123 VMSTATE_UINT8(state.next_locty, TPMStateI2C),
124
125 VMSTATE_STRUCT_ARRAY(state.loc, TPMStateI2C, TPM_TIS_NUM_LOCALITIES, 0,
126 vmstate_locty, TPMLocality),
127
128 /* i2c specifics */
129 VMSTATE_UINT8(offset, TPMStateI2C),
130 VMSTATE_UINT8(operation, TPMStateI2C),
131 VMSTATE_BUFFER(data, TPMStateI2C),
132 VMSTATE_UINT8(loc_sel, TPMStateI2C),
133 VMSTATE_UINT8(csum_enable, TPMStateI2C),
134
135 VMSTATE_END_OF_LIST()
136 }
137 };
138
139 /*
140 * Set data value. The i2cst->offset is not updated as called in
141 * the read path.
142 */
tpm_tis_i2c_set_data(TPMStateI2C * i2cst,uint32_t data)143 static void tpm_tis_i2c_set_data(TPMStateI2C *i2cst, uint32_t data)
144 {
145 i2cst->data[1] = data;
146 i2cst->data[2] = data >> 8;
147 i2cst->data[3] = data >> 16;
148 i2cst->data[4] = data >> 24;
149 }
150 /*
151 * Generate interface capability based on what is returned by TIS and what is
152 * expected by I2C. Save the capability in the data array overwriting the TIS
153 * capability.
154 */
tpm_tis_i2c_interface_capability(TPMStateI2C * i2cst,uint32_t tis_cap)155 static uint32_t tpm_tis_i2c_interface_capability(TPMStateI2C *i2cst,
156 uint32_t tis_cap)
157 {
158 uint32_t i2c_cap;
159
160 /* Now generate i2c capability */
161 i2c_cap = (TPM_I2C_CAP_INTERFACE_TYPE |
162 TPM_I2C_CAP_INTERFACE_VER |
163 TPM_I2C_CAP_TPM2_FAMILY |
164 TPM_I2C_CAP_LOCALITY_CAP |
165 TPM_I2C_CAP_BUS_SPEED |
166 TPM_I2C_CAP_DEV_ADDR_CHANGE);
167
168 /* Now check the TIS and set some capabilities */
169
170 /* Static burst count set */
171 if (tis_cap & TPM_TIS_CAP_BURST_COUNT_STATIC) {
172 i2c_cap |= TPM_I2C_CAP_BURST_COUNT_STATIC;
173 }
174
175 return i2c_cap;
176 }
177
178 /* Convert I2C register to TIS address and returns the name of the register */
tpm_tis_i2c_to_tis_reg(TPMStateI2C * i2cst,uint8_t i2c_reg)179 static inline void tpm_tis_i2c_to_tis_reg(TPMStateI2C *i2cst, uint8_t i2c_reg)
180 {
181 const I2CRegMap *reg_map;
182 int i;
183
184 i2cst->tis_addr = 0xffffffff;
185
186 /* Special case for the STS register. */
187 if (i2c_reg >= TPM_I2C_REG_STS && i2c_reg <= TPM_I2C_REG_STS + 3) {
188 i2c_reg = TPM_I2C_REG_STS;
189 }
190
191 for (i = 0; i < ARRAY_SIZE(tpm_tis_reg_map); i++) {
192 reg_map = &tpm_tis_reg_map[i];
193 if (reg_map->i2c_reg == i2c_reg) {
194 i2cst->reg_name = reg_map->reg_name;
195 i2cst->tis_addr = reg_map->tis_reg;
196
197 /* Include the locality in the address. */
198 assert(TPM_TIS_I2C_IS_VALID_LOCTY(i2cst->loc_sel));
199 i2cst->tis_addr += (i2cst->loc_sel << TPM_TIS_LOCALITY_SHIFT);
200 break;
201 }
202 }
203 }
204
205 /* Clear some fields from the structure. */
tpm_tis_i2c_clear_data(TPMStateI2C * i2cst)206 static inline void tpm_tis_i2c_clear_data(TPMStateI2C *i2cst)
207 {
208 /* Clear operation and offset */
209 i2cst->operation = 0;
210 i2cst->offset = 0;
211 i2cst->tis_addr = 0xffffffff;
212 i2cst->reg_name = NULL;
213 memset(i2cst->data, 0, sizeof(i2cst->data));
214 }
215
216 /* Send data to TPM */
tpm_tis_i2c_tpm_send(TPMStateI2C * i2cst)217 static inline void tpm_tis_i2c_tpm_send(TPMStateI2C *i2cst)
218 {
219 uint32_t data;
220 size_t offset = 0;
221 uint32_t sz = 4;
222
223 if ((i2cst->operation == OP_SEND) && (i2cst->offset > 1)) {
224
225 switch (i2cst->data[0]) {
226 case TPM_I2C_REG_DATA_CSUM_ENABLE:
227 /*
228 * Checksum is not handled by TIS code hence we will consume the
229 * register here.
230 */
231 i2cst->csum_enable = i2cst->data[1] & TPM_DATA_CSUM_ENABLED;
232 break;
233 case TPM_I2C_REG_DATA_FIFO:
234 /* Handled in the main i2c_send function */
235 break;
236 case TPM_I2C_REG_LOC_SEL:
237 /*
238 * This register is not handled by TIS so save the locality
239 * locally
240 */
241 if (TPM_TIS_I2C_IS_VALID_LOCTY(i2cst->data[1])) {
242 i2cst->loc_sel = i2cst->data[1];
243 }
244 break;
245 default:
246 /* We handle non-FIFO here */
247
248 /* Index 0 is a register. Convert byte stream to uint32_t */
249 data = i2cst->data[1];
250 data |= i2cst->data[2] << 8;
251 data |= i2cst->data[3] << 16;
252 data |= i2cst->data[4] << 24;
253
254 /* Add register specific masking */
255 switch (i2cst->data[0]) {
256 case TPM_I2C_REG_INT_ENABLE:
257 data &= TPM_I2C_INT_ENABLE_MASK;
258 break;
259 case TPM_I2C_REG_STS ... TPM_I2C_REG_STS + 3:
260 /*
261 * STS register has 4 bytes data.
262 * As per the specs following writes must be allowed.
263 * - From base address 1 to 4 bytes are allowed.
264 * - Single byte write to first or last byte must
265 * be allowed.
266 */
267 offset = i2cst->data[0] - TPM_I2C_REG_STS;
268 if (offset > 0) {
269 sz = 1;
270 }
271 data &= (TPM_I2C_STS_WRITE_MASK >> (offset * 8));
272 break;
273 }
274
275 tpm_tis_write_data(&i2cst->state, i2cst->tis_addr + offset, data,
276 sz);
277 break;
278 }
279
280 tpm_tis_i2c_clear_data(i2cst);
281 }
282 }
283
284 /* Callback from TPM to indicate that response is copied */
tpm_tis_i2c_request_completed(TPMIf * ti,int ret)285 static void tpm_tis_i2c_request_completed(TPMIf *ti, int ret)
286 {
287 TPMStateI2C *i2cst = TPM_TIS_I2C(ti);
288 TPMState *s = &i2cst->state;
289
290 /* Inform the common code. */
291 tpm_tis_request_completed(s, ret);
292 }
293
tpm_tis_i2c_get_tpm_version(TPMIf * ti)294 static enum TPMVersion tpm_tis_i2c_get_tpm_version(TPMIf *ti)
295 {
296 TPMStateI2C *i2cst = TPM_TIS_I2C(ti);
297 TPMState *s = &i2cst->state;
298
299 return tpm_tis_get_tpm_version(s);
300 }
301
tpm_tis_i2c_event(I2CSlave * i2c,enum i2c_event event)302 static int tpm_tis_i2c_event(I2CSlave *i2c, enum i2c_event event)
303 {
304 TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
305 int ret = 0;
306
307 switch (event) {
308 case I2C_START_RECV:
309 trace_tpm_tis_i2c_event("START_RECV");
310 break;
311 case I2C_START_SEND:
312 trace_tpm_tis_i2c_event("START_SEND");
313 tpm_tis_i2c_clear_data(i2cst);
314 break;
315 case I2C_FINISH:
316 trace_tpm_tis_i2c_event("FINISH");
317 if (i2cst->operation == OP_SEND) {
318 tpm_tis_i2c_tpm_send(i2cst);
319 } else {
320 tpm_tis_i2c_clear_data(i2cst);
321 }
322 break;
323 default:
324 break;
325 }
326
327 return ret;
328 }
329
330 /*
331 * If data is for FIFO then it is received from tpm_tis_common buffer
332 * otherwise it will be handled using single call to common code and
333 * cached in the local buffer.
334 */
tpm_tis_i2c_recv(I2CSlave * i2c)335 static uint8_t tpm_tis_i2c_recv(I2CSlave *i2c)
336 {
337 int ret = 0;
338 uint32_t data_read;
339 TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
340 TPMState *s = &i2cst->state;
341 uint16_t i2c_reg = i2cst->data[0];
342 size_t offset;
343
344 if (i2cst->operation == OP_RECV) {
345
346 /* Do not cache FIFO data. */
347 if (i2cst->data[0] == TPM_I2C_REG_DATA_FIFO) {
348 data_read = tpm_tis_read_data(s, i2cst->tis_addr, 1);
349 ret = (data_read & 0xff);
350 } else if (i2cst->offset < sizeof(i2cst->data)) {
351 ret = i2cst->data[i2cst->offset++];
352 }
353
354 } else if ((i2cst->operation == OP_SEND) && (i2cst->offset < 2)) {
355 /* First receive call after send */
356
357 i2cst->operation = OP_RECV;
358
359 switch (i2c_reg) {
360 case TPM_I2C_REG_LOC_SEL:
361 /* Location selection register is managed by i2c */
362 tpm_tis_i2c_set_data(i2cst, i2cst->loc_sel);
363 break;
364 case TPM_I2C_REG_DATA_FIFO:
365 /* FIFO data is directly read from TPM TIS */
366 data_read = tpm_tis_read_data(s, i2cst->tis_addr, 1);
367 tpm_tis_i2c_set_data(i2cst, (data_read & 0xff));
368 break;
369 case TPM_I2C_REG_DATA_CSUM_ENABLE:
370 tpm_tis_i2c_set_data(i2cst, i2cst->csum_enable);
371 break;
372 case TPM_I2C_REG_INT_CAPABILITY:
373 /*
374 * Interrupt is not supported in the linux kernel hence we cannot
375 * test this model with interrupts.
376 */
377 tpm_tis_i2c_set_data(i2cst, TPM_I2C_INT_ENABLE_MASK);
378 break;
379 case TPM_I2C_REG_DATA_CSUM_GET:
380 /*
381 * Checksum registers are not supported by common code hence
382 * call a common code to get the checksum.
383 */
384 data_read = tpm_tis_get_checksum(s);
385
386 /* Save the byte stream in data field */
387 tpm_tis_i2c_set_data(i2cst, data_read);
388 break;
389 default:
390 data_read = tpm_tis_read_data(s, i2cst->tis_addr, 4);
391
392 switch (i2c_reg) {
393 case TPM_I2C_REG_INTF_CAPABILITY:
394 /* Prepare the capabilities as per I2C interface */
395 data_read = tpm_tis_i2c_interface_capability(i2cst,
396 data_read);
397 break;
398 case TPM_I2C_REG_STS ... TPM_I2C_REG_STS + 3:
399 offset = i2c_reg - TPM_I2C_REG_STS;
400 /*
401 * As per specs, STS bit 31:26 are reserved and must
402 * be set to 0
403 */
404 data_read &= TPM_I2C_STS_READ_MASK;
405 /*
406 * STS register has 4 bytes data.
407 * As per the specs following reads must be allowed.
408 * - From base address 1 to 4 bytes are allowed.
409 * - Last byte must be allowed to read as a single byte
410 * - Second and third byte must be allowed to read as two
411 * two bytes.
412 */
413 data_read >>= (offset * 8);
414 break;
415 }
416
417 /* Save byte stream in data[] */
418 tpm_tis_i2c_set_data(i2cst, data_read);
419 break;
420 }
421
422 /* Return first byte with this call */
423 i2cst->offset = 1; /* keep the register value intact for debug */
424 ret = i2cst->data[i2cst->offset++];
425 } else {
426 i2cst->operation = OP_RECV;
427 }
428
429 trace_tpm_tis_i2c_recv(ret);
430
431 return ret;
432 }
433
434 /*
435 * Send function only remembers data in the buffer and then calls
436 * TPM TIS common code during FINISH event.
437 */
tpm_tis_i2c_send(I2CSlave * i2c,uint8_t data)438 static int tpm_tis_i2c_send(I2CSlave *i2c, uint8_t data)
439 {
440 TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
441
442 /* Reject non-supported registers. */
443 if (i2cst->offset == 0) {
444 /* Convert I2C register to TIS register */
445 tpm_tis_i2c_to_tis_reg(i2cst, data);
446 if (i2cst->tis_addr == 0xffffffff) {
447 return 0xffffffff;
448 }
449
450 trace_tpm_tis_i2c_send_reg(i2cst->reg_name, data);
451
452 /* We do not support device address change */
453 if (data == TPM_I2C_REG_I2C_DEV_ADDRESS) {
454 qemu_log_mask(LOG_UNIMP, "%s: Device address change "
455 "is not supported.\n", __func__);
456 return 0xffffffff;
457 }
458 } else {
459 trace_tpm_tis_i2c_send(data);
460 }
461
462 if (i2cst->offset < sizeof(i2cst->data)) {
463 i2cst->operation = OP_SEND;
464
465 /*
466 * In two cases, we save values in the local buffer.
467 * 1) The first value is always a register.
468 * 2) In case of non-FIFO multibyte registers, TIS expects full
469 * register value hence I2C layer cache the register value and send
470 * to TIS during FINISH event.
471 */
472 if ((i2cst->offset == 0) ||
473 (i2cst->data[0] != TPM_I2C_REG_DATA_FIFO)) {
474 i2cst->data[i2cst->offset++] = data;
475 } else {
476 /*
477 * The TIS can process FIFO data one byte at a time hence the FIFO
478 * data is sent to TIS directly.
479 */
480 tpm_tis_write_data(&i2cst->state, i2cst->tis_addr, data, 1);
481 }
482
483 return 0;
484 }
485
486 /* Return non-zero to indicate NAK */
487 return 1;
488 }
489
490 static const Property tpm_tis_i2c_properties[] = {
491 DEFINE_PROP_TPMBE("tpmdev", TPMStateI2C, state.be_driver),
492 };
493
tpm_tis_i2c_realizefn(DeviceState * dev,Error ** errp)494 static void tpm_tis_i2c_realizefn(DeviceState *dev, Error **errp)
495 {
496 TPMStateI2C *i2cst = TPM_TIS_I2C(dev);
497 TPMState *s = &i2cst->state;
498
499 if (!tpm_find()) {
500 error_setg(errp, "at most one TPM device is permitted");
501 return;
502 }
503
504 /*
505 * Get the backend pointer. It is not initialized properly during
506 * device_class_set_props
507 */
508 s->be_driver = qemu_find_tpm_be("tpm0");
509
510 if (!s->be_driver) {
511 error_setg(errp, "'tpmdev' property is required");
512 return;
513 }
514 }
515
tpm_tis_i2c_reset(DeviceState * dev)516 static void tpm_tis_i2c_reset(DeviceState *dev)
517 {
518 TPMStateI2C *i2cst = TPM_TIS_I2C(dev);
519 TPMState *s = &i2cst->state;
520
521 tpm_tis_i2c_clear_data(i2cst);
522
523 i2cst->csum_enable = 0;
524 i2cst->loc_sel = 0x00;
525
526 return tpm_tis_reset(s);
527 }
528
tpm_tis_i2c_class_init(ObjectClass * klass,const void * data)529 static void tpm_tis_i2c_class_init(ObjectClass *klass, const void *data)
530 {
531 DeviceClass *dc = DEVICE_CLASS(klass);
532 I2CSlaveClass *k = I2C_SLAVE_CLASS(klass);
533 TPMIfClass *tc = TPM_IF_CLASS(klass);
534
535 dc->realize = tpm_tis_i2c_realizefn;
536 device_class_set_legacy_reset(dc, tpm_tis_i2c_reset);
537 dc->vmsd = &vmstate_tpm_tis_i2c;
538 device_class_set_props(dc, tpm_tis_i2c_properties);
539 set_bit(DEVICE_CATEGORY_MISC, dc->categories);
540
541 k->event = tpm_tis_i2c_event;
542 k->recv = tpm_tis_i2c_recv;
543 k->send = tpm_tis_i2c_send;
544
545 tc->model = TPM_MODEL_TPM_TIS;
546 tc->request_completed = tpm_tis_i2c_request_completed;
547 tc->get_version = tpm_tis_i2c_get_tpm_version;
548 }
549
550 static const TypeInfo tpm_tis_i2c_info = {
551 .name = TYPE_TPM_TIS_I2C,
552 .parent = TYPE_I2C_SLAVE,
553 .instance_size = sizeof(TPMStateI2C),
554 .class_init = tpm_tis_i2c_class_init,
555 .interfaces = (const InterfaceInfo[]) {
556 { TYPE_TPM_IF },
557 { }
558 }
559 };
560
tpm_tis_i2c_register_types(void)561 static void tpm_tis_i2c_register_types(void)
562 {
563 type_register_static(&tpm_tis_i2c_info);
564 }
565
566 type_init(tpm_tis_i2c_register_types)
567