[U-Boot] [PATCH 2/3] tpm: Add i2c TPM driver

Che-Liang Chiou clchiou at chromium.org
Tue Dec 13 12:51:01 CET 2011


Peter Huewe implemented the original driver; this patch only reorganizes
the code structure of the driver, and does not make logical changes.

tpm.c implements the interface defined in tpm.h based on underlying
LPC or i2C TPM driver.  tpm.c and the underlying driver communicate
throught tpm_private.h.

This patch is tested on a tegra2-based machine, where the i2c driver is
not upstreamed yet.

Note: Merging the LPC driver with tpm.c is left to future patches.

Signed-off-by: Peter Huewe <huewe.external at infineon.com>
---
 drivers/tpm/Makefile      |    5 +-
 drivers/tpm/tpm.c         |  457 +++++++++++++++++++++++++++++++++++
 drivers/tpm/tpm_private.h |  131 ++++++++++
 drivers/tpm/tpm_tis_i2c.c |  584 +++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 1176 insertions(+), 1 deletions(-)
 create mode 100644 drivers/tpm/tpm.c
 create mode 100644 drivers/tpm/tpm_private.h
 create mode 100644 drivers/tpm/tpm_tis_i2c.c

diff --git a/drivers/tpm/Makefile b/drivers/tpm/Makefile
index 47d09de..cb29bab 100644
--- a/drivers/tpm/Makefile
+++ b/drivers/tpm/Makefile
@@ -23,7 +23,10 @@ include $(TOPDIR)/config.mk
 
 LIB := $(obj)libtpm.o
 
-COBJS-$(CONFIG_TPM_TIS_LPC) = tpm_tis_lpc.o
+# TODO(clchiou): Merge tpm_tis_lpc.c with tpm.c
+COBJS-$(CONFIG_TPM_TIS_I2C) += tpm.o
+COBJS-$(CONFIG_TPM_TIS_I2C) += tpm_tis_i2c.o
+COBJS-$(CONFIG_TPM_TIS_LPC) += tpm_tis_lpc.o
 
 COBJS	:= $(COBJS-y)
 SRCS	:= $(COBJS:.o=.c)
diff --git a/drivers/tpm/tpm.c b/drivers/tpm/tpm.c
new file mode 100644
index 0000000..457deaa
--- /dev/null
+++ b/drivers/tpm/tpm.c
@@ -0,0 +1,457 @@
+/*
+ * Copyright (C) 2011 Infineon Technologies
+ *
+ * Authors:
+ * Peter Huewe <huewe.external at infineon.com>
+ *
+ * Description:
+ * Device driver for TCG/TCPA TPM (trusted platform module).
+ * Specifications at www.trustedcomputinggroup.org
+ *
+ * It is based on the Linux kernel driver tpm.c from Leendert van
+ * Dorn, Dave Safford, Reiner Sailer, and Kyleen Hall.
+ *
+ * Version: 2.1.1
+ *
+ * See file CREDITS for list of people who contributed to this
+ * project.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation, version 2 of the
+ * License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston,
+ * MA 02111-1307 USA
+ */
+
+#include <common.h>
+#include <compiler.h>
+#include <i2c.h>
+#include <tpm.h>
+#include <asm-generic/errno.h>
+#include <linux/types.h>
+#include <linux/unaligned/be_byteshift.h>
+
+#include "tpm_private.h"
+
+/* Global structure for tpm chip data */
+static struct tpm_chip tpm_chip;
+
+enum tpm_duration {
+	TPM_SHORT = 0,
+	TPM_MEDIUM = 1,
+	TPM_LONG = 2,
+	TPM_UNDEFINED,
+};
+
+/* Extended error numbers from linux (see errno.h) */
+#define	ECANCELED	125	/* Operation Canceled */
+
+/* Timer frequency. Corresponds to msec timer resolution*/
+#define HZ 1000
+
+#define TPM_MAX_ORDINAL			243
+#define TPM_MAX_PROTECTED_ORDINAL	12
+#define TPM_PROTECTED_ORDINAL_MASK	0xFF
+
+#define TPM_CMD_COUNT_BYTE	2
+#define TPM_CMD_ORDINAL_BYTE	6
+
+/*
+ * Array with one entry per ordinal defining the maximum amount
+ * of time the chip could take to return the result.  The ordinal
+ * designation of short, medium or long is defined in a table in
+ * TCG Specification TPM Main Part 2 TPM Structures Section 17. The
+ * values of the SHORT, MEDIUM, and LONG durations are retrieved
+ * from the chip during initialization with a call to tpm_get_timeouts.
+ */
+static const u8 tpm_protected_ordinal_duration[TPM_MAX_PROTECTED_ORDINAL] = {
+	TPM_UNDEFINED,		/* 0 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 5 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 10 */
+	TPM_SHORT,
+};
+
+static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = {
+	TPM_UNDEFINED,		/* 0 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 5 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 10 */
+	TPM_SHORT,
+	TPM_MEDIUM,
+	TPM_LONG,
+	TPM_LONG,
+	TPM_MEDIUM,		/* 15 */
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_MEDIUM,
+	TPM_LONG,
+	TPM_SHORT,		/* 20 */
+	TPM_SHORT,
+	TPM_MEDIUM,
+	TPM_MEDIUM,
+	TPM_MEDIUM,
+	TPM_SHORT,		/* 25 */
+	TPM_SHORT,
+	TPM_MEDIUM,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_MEDIUM,		/* 30 */
+	TPM_LONG,
+	TPM_MEDIUM,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,		/* 35 */
+	TPM_MEDIUM,
+	TPM_MEDIUM,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_MEDIUM,		/* 40 */
+	TPM_LONG,
+	TPM_MEDIUM,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,		/* 45 */
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_LONG,
+	TPM_MEDIUM,		/* 50 */
+	TPM_MEDIUM,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 55 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_MEDIUM,		/* 60 */
+	TPM_MEDIUM,
+	TPM_MEDIUM,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_MEDIUM,		/* 65 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 70 */
+	TPM_SHORT,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 75 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_LONG,		/* 80 */
+	TPM_UNDEFINED,
+	TPM_MEDIUM,
+	TPM_LONG,
+	TPM_SHORT,
+	TPM_UNDEFINED,		/* 85 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 90 */
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_UNDEFINED,		/* 95 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_MEDIUM,		/* 100 */
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 105 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 110 */
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,		/* 115 */
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_LONG,		/* 120 */
+	TPM_LONG,
+	TPM_MEDIUM,
+	TPM_UNDEFINED,
+	TPM_SHORT,
+	TPM_SHORT,		/* 125 */
+	TPM_SHORT,
+	TPM_LONG,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,		/* 130 */
+	TPM_MEDIUM,
+	TPM_UNDEFINED,
+	TPM_SHORT,
+	TPM_MEDIUM,
+	TPM_UNDEFINED,		/* 135 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 140 */
+	TPM_SHORT,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 145 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 150 */
+	TPM_MEDIUM,
+	TPM_MEDIUM,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_UNDEFINED,		/* 155 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 160 */
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 165 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_LONG,		/* 170 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 175 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_MEDIUM,		/* 180 */
+	TPM_SHORT,
+	TPM_MEDIUM,
+	TPM_MEDIUM,
+	TPM_MEDIUM,
+	TPM_MEDIUM,		/* 185 */
+	TPM_SHORT,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 190 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 195 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 200 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,
+	TPM_SHORT,		/* 205 */
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_MEDIUM,		/* 210 */
+	TPM_UNDEFINED,
+	TPM_MEDIUM,
+	TPM_MEDIUM,
+	TPM_MEDIUM,
+	TPM_UNDEFINED,		/* 215 */
+	TPM_MEDIUM,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,
+	TPM_SHORT,		/* 220 */
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_UNDEFINED,		/* 225 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 230 */
+	TPM_LONG,
+	TPM_MEDIUM,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 235 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 240 */
+	TPM_UNDEFINED,
+	TPM_MEDIUM,
+};
+
+/* Returns max number of milliseconds to wait */
+static
+unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
+{
+	int duration_idx = TPM_UNDEFINED;
+	int duration = 0;
+
+	if (ordinal < TPM_MAX_ORDINAL)
+		duration_idx = tpm_ordinal_duration[ordinal];
+	else if ((ordinal & TPM_PROTECTED_ORDINAL_MASK) <
+			TPM_MAX_PROTECTED_ORDINAL)
+		duration_idx = tpm_protected_ordinal_duration[ordinal &
+			TPM_PROTECTED_ORDINAL_MASK];
+
+	if (duration_idx != TPM_UNDEFINED)
+		duration = chip->vendor.duration[duration_idx];
+	if (duration <= 0)
+		return 2 * 60 * HZ;  /* Two minutes timeout */
+	else
+		return duration;
+}
+
+int tis_sendrecv(const uint8_t *sendbuf, size_t send_size, uint8_t *recvbuf,
+		size_t *recv_len)
+{
+	ssize_t rc;
+	u32 count, ordinal;
+	unsigned long start, stop;
+
+	if (send_size < max(TPM_CMD_COUNT_BYTE, TPM_CMD_ORDINAL_BYTE) + 4) {
+		error("%s: invalid send_size %zx\n", __func__, send_size);
+		return -EOVERFLOW;
+	}
+
+	/* Switch endianess: big->little */
+	count = get_unaligned_be32(sendbuf + TPM_CMD_COUNT_BYTE);
+	ordinal = get_unaligned_be32(sendbuf + TPM_CMD_ORDINAL_BYTE);
+	if (count == 0) {
+		error("%s: no data\n", __func__);
+		return -ENODATA;
+	}
+	if (count > send_size) {
+		error("%s: invalid count value %x %zx\n", __func__,
+				count, send_size);
+		return -EOVERFLOW;
+	}
+
+	rc = tpm_chip.vendor.send(&tpm_chip, (u8 *)sendbuf, count);
+	if (rc < 0) {
+		error("%s: tpm_send: error %zd\n", __func__, rc);
+		goto out;
+	}
+
+	start = get_timer(0);
+	stop = tpm_calc_ordinal_duration(&tpm_chip, ordinal);
+	do {
+		debug("%s: waiting for status...\n", __func__);
+		u8 status = tpm_chip.vendor.status(&tpm_chip);
+		if ((status & tpm_chip.vendor.req_complete_mask) ==
+				tpm_chip.vendor.req_complete_val) {
+			debug("%s: ...got it;\n", __func__);
+			goto out_recv;
+		}
+
+		if ((status == tpm_chip.vendor.req_canceled)) {
+			error("%s: operation canceled\n", __func__);
+			rc = -ECANCELED;
+			goto out;
+		}
+		udelay(TPM_TIMEOUT * 1000);
+	} while (get_timer(start) < stop);
+
+	tpm_chip.vendor.cancel(&tpm_chip);
+	error("%s: operation timed out\n", __func__);
+	rc = -ETIME;
+	goto out;
+
+out_recv:
+	debug("%s: out_recv: reading response...\n", __func__);
+	rc = tpm_chip.vendor.recv(&tpm_chip, (u8 *)recvbuf, *recv_len);
+	if (rc >= 0)
+		*recv_len = rc;
+	else
+		error("%s: tpm_recv: error %zd\n", __func__, rc);
+
+out:
+	return rc >= 0 ? 0 : rc;
+}
+
+struct tpm_chip *tpm_register_hardware(const struct tpm_vendor_specific *vendor)
+{
+	/* Driver specific per-device data */
+	memcpy(&tpm_chip.vendor, vendor, sizeof(*vendor));
+	tpm_chip.is_open = 1;
+	return &tpm_chip;
+}
+
+int tis_init(void)
+{
+	return tpm_vendor_init();
+}
+
+int tis_open(void)
+{
+	int rc;
+	if (tpm_chip.is_open)
+		return -EBUSY;
+	rc = tpm_vendor_open();
+	if (rc < 0)
+		tpm_chip.is_open = 0;
+	return rc;
+}
+
+int tis_close(void)
+{
+	if (!tpm_chip.is_open)
+		return -EIO;
+	tpm_vendor_cleanup(&tpm_chip);
+	tpm_chip.is_open = 0;
+	return 0;
+}
diff --git a/drivers/tpm/tpm_private.h b/drivers/tpm/tpm_private.h
new file mode 100644
index 0000000..44d34a7
--- /dev/null
+++ b/drivers/tpm/tpm_private.h
@@ -0,0 +1,131 @@
+/*
+ * Copyright (C) 2011 Infineon Technologies
+ *
+ * Authors:
+ * Peter Huewe <huewe.external at infineon.com>
+ *
+ * Version: 2.1.1
+ *
+ * Description:
+ * Device driver for TCG/TCPA TPM (trusted platform module).
+ * Specifications at www.trustedcomputinggroup.org
+ *
+ * It is based on the Linux kernel driver tpm.c from Leendert van
+ * Dorn, Dave Safford, Reiner Sailer, and Kyleen Hall.
+ *
+ *
+ * See file CREDITS for list of people who contributed to this
+ * project.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation, version 2 of the
+ * License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston,
+ * MA 02111-1307 USA
+ */
+
+#ifndef _TPM_PRIVATE_H_
+#define _TPM_PRIVATE_H_
+
+enum tpm_timeout {
+	TPM_TIMEOUT = 5,	/* msecs */
+};
+
+/* Index of Count field in TPM response buffer */
+#define TPM_RSP_SIZE_BYTE	2
+#define TPM_RSP_RC_BYTE		6
+
+struct tpm_chip;
+
+struct tpm_vendor_specific {
+	const u8 req_complete_mask;
+	const u8 req_complete_val;
+	const u8 req_canceled;
+	int (*recv) (struct tpm_chip *, u8 *, size_t);
+	int (*send) (struct tpm_chip *, u8 *, size_t);
+	void (*cancel) (struct tpm_chip *);
+	u8(*status) (struct tpm_chip *);
+	int locality;
+	unsigned long timeout_a, timeout_b, timeout_c, timeout_d;  /* msec */
+	unsigned long duration[3];  /* msec */
+};
+
+struct tpm_chip {
+	int is_open;
+	struct tpm_vendor_specific vendor;
+};
+
+struct tpm_input_header {
+	__be16 tag;
+	__be32 length;
+	__be32 ordinal;
+} __packed;
+
+struct tpm_output_header {
+	__be16 tag;
+	__be32 length;
+	__be32 return_code;
+} __packed;
+
+struct timeout_t {
+	__be32 a;
+	__be32 b;
+	__be32 c;
+	__be32 d;
+} __packed;
+
+struct duration_t {
+	__be32 tpm_short;
+	__be32 tpm_medium;
+	__be32 tpm_long;
+} __packed;
+
+union cap_t {
+	struct timeout_t timeout;
+	struct duration_t duration;
+};
+
+struct tpm_getcap_params_in {
+	__be32 cap;
+	__be32 subcap_size;
+	__be32 subcap;
+} __packed;
+
+struct tpm_getcap_params_out {
+	__be32 cap_size;
+	union cap_t cap;
+} __packed;
+
+union tpm_cmd_header {
+	struct tpm_input_header in;
+	struct tpm_output_header out;
+};
+
+union tpm_cmd_params {
+	struct tpm_getcap_params_out getcap_out;
+	struct tpm_getcap_params_in getcap_in;
+};
+
+struct tpm_cmd_t {
+	union tpm_cmd_header header;
+	union tpm_cmd_params params;
+} __packed;
+
+struct tpm_chip *tpm_register_hardware(const struct tpm_vendor_specific *);
+
+int tpm_vendor_init(void);
+
+int tpm_vendor_open(void);
+
+void tpm_vendor_cleanup(struct tpm_chip *chip);
+
+#endif  /* _TPM_PRIVATE_H_ */
diff --git a/drivers/tpm/tpm_tis_i2c.c b/drivers/tpm/tpm_tis_i2c.c
new file mode 100644
index 0000000..7fe8179
--- /dev/null
+++ b/drivers/tpm/tpm_tis_i2c.c
@@ -0,0 +1,584 @@
+/*
+ * Copyright (C) 2011 Infineon Technologies
+ *
+ * Authors:
+ * Peter Huewe <huewe.external at infineon.com>
+ *
+ * Description:
+ * Device driver for TCG/TCPA TPM (trusted platform module).
+ * Specifications at www.trustedcomputinggroup.org
+ *
+ * This device driver implements the TPM interface as defined in
+ * the TCG TPM Interface Spec version 1.2, revision 1.0 and the
+ * Infineon I2C Protocol Stack Specification v0.20.
+ *
+ * It is based on the Linux kernel driver tpm.c from Leendert van
+ * Dorn, Dave Safford, Reiner Sailer, and Kyleen Hall.
+ *
+ * Version: 2.1.1
+ *
+ * See file CREDITS for list of people who contributed to this
+ * project.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation, version 2 of the
+ * License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston,
+ * MA 02111-1307 USA
+ */
+
+#include <common.h>
+#include <compiler.h>
+#include <i2c.h>
+#include <tpm.h>
+#include <asm-generic/errno.h>
+#include <linux/types.h>
+#include <linux/unaligned/be_byteshift.h>
+
+#include "tpm_private.h"
+
+/* Max buffer size supported by our tpm */
+#define TPM_DEV_BUFSIZE		1260
+
+/* Max number of iterations after i2c NAK */
+#define MAX_COUNT		3
+/*
+ * Max number of iterations after i2c NAK for 'long' commands
+ *
+ * We need this especially for sending TPM_READY, since the cleanup after the
+ * transtion to the ready state may take some time, but it is unpredictable
+ * how long it will take.
+ */
+#define MAX_COUNT_LONG		50
+
+#define SLEEP_DURATION		60	/* in usec */
+#define SLEEP_DURATION_LONG	210	/* in usec */
+
+#define TPM_HEADER_SIZE		10
+
+/*
+ * Expected value for DIDVID register
+ *
+ * The only device the system knows about at this moment is Infineon slb9635.
+ */
+#define TPM_TIS_I2C_DID_VID	0x000b15d1L
+
+enum tis_access {
+	TPM_ACCESS_VALID		= 0x80,
+	TPM_ACCESS_ACTIVE_LOCALITY	= 0x20,
+	TPM_ACCESS_REQUEST_PENDING	= 0x04,
+	TPM_ACCESS_REQUEST_USE		= 0x02,
+};
+
+enum tis_status {
+	TPM_STS_VALID			= 0x80,
+	TPM_STS_COMMAND_READY		= 0x40,
+	TPM_STS_GO			= 0x20,
+	TPM_STS_DATA_AVAIL		= 0x10,
+	TPM_STS_DATA_EXPECT		= 0x08,
+};
+
+enum tis_defaults {
+	TIS_SHORT_TIMEOUT		= 750,	/* ms */
+	TIS_LONG_TIMEOUT		= 2000,	/* 2 sec */
+};
+
+/*
+ * XXX: WARNING: i2c read/write functions must be able to NOT prepending slave
+ * register address to payload, when addr=alen=0, because TPM chip expects
+ * messages not coming with a register address.
+ */
+#define TPM_TIS_I2C_READ(chip, buf, len) i2c_read(chip, 0, 0, buf, len)
+#define TPM_TIS_I2C_WRITE(chip, buf, len) i2c_write(chip, 0, 0, buf, len)
+
+#define TPM_ACCESS(l)			(0x0000 | ((l) << 4))
+#define TPM_STS(l)			(0x0001 | ((l) << 4))
+#define TPM_DATA_FIFO(l)		(0x0005 | ((l) << 4))
+#define TPM_DID_VID(l)			(0x0006 | ((l) << 4))
+
+/* Structure to store I2C TPM specific stuff */
+struct tpm_dev {
+	uint addr;
+	u8 buf[TPM_DEV_BUFSIZE + sizeof(u8)];  /* Max buffer size + addr */
+};
+
+static struct tpm_dev tpm_dev = {
+	.addr = CONFIG_TPM_TIS_I2C_SLAVE_ADDRESS
+};
+
+/*
+ * iic_tpm_read() - read from TPM register
+ * @addr: register address to read from
+ * @buffer: provided by caller
+ * @len: number of bytes to read
+ *
+ * Read len bytes from TPM register and put them into
+ * buffer (little-endian format, i.e. first byte is put into buffer[0]).
+ *
+ * NOTE: TPM is big-endian for multi-byte values. Multi-byte
+ * values have to be swapped.
+ *
+ * Return -EIO on error, 0 on success.
+ */
+static int iic_tpm_read(u8 addr, u8 *buffer, size_t len)
+{
+	int rc;
+	int count;
+	uint32_t addrbuf = addr;
+
+	for (count = 0; count < MAX_COUNT; count++) {
+		rc = TPM_TIS_I2C_WRITE(tpm_dev.addr, (uchar *)&addrbuf, 1);
+		if (rc == 0)
+			break;  /* Success, break to skip sleep */
+		udelay(SLEEP_DURATION);
+	}
+	if (rc)
+		return -rc;
+
+	/*
+	 * After the TPM has successfully received the register address it needs
+	 * some time, thus we're sleeping here again, before retrieving the data
+	 */
+	for (count = 0; count < MAX_COUNT; count++) {
+		udelay(SLEEP_DURATION);
+		rc = TPM_TIS_I2C_READ(tpm_dev.addr, buffer, len);
+		if (rc == 0)
+			break;  /* Success, break to skip sleep */
+	}
+	if (rc)
+		return -rc;
+
+	return 0;
+}
+
+static int iic_tpm_write_generic(u8 addr, u8 *buffer, size_t len,
+		unsigned int sleep_time, u8 max_count)
+{
+	int rc = 0;
+	int count;
+
+	/* Prepare send buffer */
+	tpm_dev.buf[0] = addr;
+	memcpy(&(tpm_dev.buf[1]), buffer, len);
+
+	for (count = 0; count < max_count; count++) {
+		rc = TPM_TIS_I2C_WRITE(tpm_dev.addr, tpm_dev.buf, len + 1);
+		if (rc == 0)
+			break;  /* Success, break to skip sleep */
+		udelay(sleep_time);
+	}
+	if (rc)
+		return -rc;
+
+	return 0;
+}
+
+/*
+ * iic_tpm_write() - write to TPM register
+ * @addr: register address to write to
+ * @buffer: containing data to be written
+ * @len: number of bytes to write
+ *
+ * Write len bytes from provided buffer to TPM register (little
+ * endian format, i.e. buffer[0] is written as first byte).
+ *
+ * NOTE: TPM is big-endian for multi-byte values. Multi-byte
+ * values have to be swapped.
+ *
+ * NOTE: use this function instead of the iic_tpm_write_generic function.
+ *
+ * Return -EIO on error, 0 on success
+ */
+static int iic_tpm_write(u8 addr, u8 *buffer, size_t len)
+{
+	return iic_tpm_write_generic(addr, buffer, len, SLEEP_DURATION,
+			MAX_COUNT);
+}
+
+/*
+ * This function is needed especially for the cleanup situation after
+ * sending TPM_READY
+ */
+static int iic_tpm_write_long(u8 addr, u8 *buffer, size_t len)
+{
+	return iic_tpm_write_generic(addr, buffer, len, SLEEP_DURATION_LONG,
+			MAX_COUNT_LONG);
+}
+
+static int check_locality(struct tpm_chip *chip, int loc)
+{
+	const u8 mask = TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID;
+	u8 buf;
+	int rc;
+
+	rc = iic_tpm_read(TPM_ACCESS(loc), &buf, 1);
+	if (rc < 0)
+		return rc;
+
+	if ((buf & mask) == mask) {
+		chip->vendor.locality = loc;
+		return loc;
+	}
+
+	return -1;
+}
+
+static void release_locality(struct tpm_chip *chip, int loc, int force)
+{
+	const u8 mask = TPM_ACCESS_REQUEST_PENDING | TPM_ACCESS_VALID;
+	u8 buf;
+	if (iic_tpm_read(TPM_ACCESS(loc), &buf, 1) < 0)
+		return;
+
+	if (force || (buf & mask) == mask) {
+		buf = TPM_ACCESS_ACTIVE_LOCALITY;
+		iic_tpm_write(TPM_ACCESS(loc), &buf, 1);
+	}
+}
+
+static int request_locality(struct tpm_chip *chip, int loc)
+{
+	unsigned long start, stop;
+	u8 buf = TPM_ACCESS_REQUEST_USE;
+
+	if (check_locality(chip, loc) >= 0)
+		return loc;  /* We already have the locality */
+
+	iic_tpm_write(TPM_ACCESS(loc), &buf, 1);
+
+	/* Wait for burstcount */
+	start = get_timer(0);
+	stop = chip->vendor.timeout_a;
+	do {
+		if (check_locality(chip, loc) >= 0)
+			return loc;
+		udelay(TPM_TIMEOUT * 1000);
+	} while (get_timer(start) < stop);
+
+	return -1;
+}
+
+static u8 tpm_tis_i2c_status(struct tpm_chip *chip)
+{
+	/* NOTE: Since i2c read may fail, return 0 in this case --> time-out */
+	u8 buf;
+	if (iic_tpm_read(TPM_STS(chip->vendor.locality), &buf, 1) < 0)
+		return 0;
+	else
+		return buf;
+}
+
+static void tpm_tis_i2c_ready(struct tpm_chip *chip)
+{
+	/* This causes the current command to be aborted */
+	u8 buf = TPM_STS_COMMAND_READY;
+	iic_tpm_write_long(TPM_STS(chip->vendor.locality), &buf, 1);
+}
+
+static ssize_t get_burstcount(struct tpm_chip *chip)
+{
+	unsigned long start, stop;
+	ssize_t burstcnt;
+	u8 addr, buf[3];
+
+	/* Wait for burstcount */
+	/* XXX: Which timeout value? Spec has 2 answers (c & d) */
+	start = get_timer(0);
+	stop = chip->vendor.timeout_d;
+	do {
+		/* Note: STS is little endian */
+		addr = TPM_STS(chip->vendor.locality) + 1;
+		if (iic_tpm_read(addr, buf, 3) < 0)
+			burstcnt = 0;
+		else
+			burstcnt = (buf[2] << 16) + (buf[1] << 8) + buf[0];
+
+		if (burstcnt)
+			return burstcnt;
+		udelay(TPM_TIMEOUT * 1000);
+	} while (get_timer(start) < stop);
+
+	return -EBUSY;
+}
+
+static int wait_for_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout,
+		int *status)
+{
+	unsigned long start, stop;
+
+	/* Check current status */
+	*status = tpm_tis_i2c_status(chip);
+	if ((*status & mask) == mask)
+		return 0;
+
+	start = get_timer(0);
+	stop = timeout;
+	do {
+		udelay(TPM_TIMEOUT * 1000);
+		*status = tpm_tis_i2c_status(chip);
+		if ((*status & mask) == mask)
+			return 0;
+	} while (get_timer(start) < stop);
+
+	return -ETIME;
+}
+
+static int recv_data(struct tpm_chip *chip, u8 *buf, size_t count)
+{
+	size_t size = 0;
+	ssize_t burstcnt;
+	int rc;
+
+	while (size < count) {
+		burstcnt = get_burstcount(chip);
+
+		/* burstcount < 0 -> tpm is busy */
+		if (burstcnt < 0)
+			return burstcnt;
+
+		/* Limit received data to max left */
+		if (burstcnt > (count - size))
+			burstcnt = count - size;
+
+		rc = iic_tpm_read(TPM_DATA_FIFO(chip->vendor.locality),
+				&(buf[size]), burstcnt);
+		if (rc == 0)
+			size += burstcnt;
+	}
+
+	return size;
+}
+
+static int tpm_tis_i2c_recv(struct tpm_chip *chip, u8 *buf, size_t count)
+{
+	int size = 0;
+	int expected, status;
+
+	if (count < TPM_HEADER_SIZE) {
+		size = -EIO;
+		goto out;
+	}
+
+	/* Read first 10 bytes, including tag, paramsize, and result */
+	size = recv_data(chip, buf, TPM_HEADER_SIZE);
+	if (size < TPM_HEADER_SIZE) {
+		error("Unable to read header\n");
+		goto out;
+	}
+
+	expected = get_unaligned_be32(buf + TPM_RSP_SIZE_BYTE);
+	if ((size_t)expected > count) {
+		size = -EIO;
+		goto out;
+	}
+
+	size += recv_data(chip, &buf[TPM_HEADER_SIZE],
+			expected - TPM_HEADER_SIZE);
+	if (size < expected) {
+		error("Unable to read remainder of result\n");
+		size = -ETIME;
+		goto out;
+	}
+
+	wait_for_stat(chip, TPM_STS_VALID, chip->vendor.timeout_c, &status);
+	if (status & TPM_STS_DATA_AVAIL) {  /* Retry? */
+		error("Error left over data\n");
+		size = -EIO;
+		goto out;
+	}
+
+out:
+	tpm_tis_i2c_ready(chip);
+	/*
+	 * The TPM needs some time to clean up here,
+	 * so we sleep rather than keeping the bus busy
+	 */
+	udelay(2000);
+	release_locality(chip, chip->vendor.locality, 0);
+
+	return size;
+}
+
+static int tpm_tis_i2c_send(struct tpm_chip *chip, u8 *buf, size_t len)
+{
+	int rc, status;
+	ssize_t burstcnt;
+	size_t count = 0;
+	int retry = 0;
+	u8 sts = TPM_STS_GO;
+
+	if (len > TPM_DEV_BUFSIZE)
+		return -E2BIG;  /* Command is too long for our tpm, sorry */
+
+	if (request_locality(chip, 0) < 0)
+		return -EBUSY;
+
+	status = tpm_tis_i2c_status(chip);
+	if ((status & TPM_STS_COMMAND_READY) == 0) {
+		tpm_tis_i2c_ready(chip);
+		if (wait_for_stat(chip, TPM_STS_COMMAND_READY,
+					chip->vendor.timeout_b, &status) < 0) {
+			rc = -ETIME;
+			goto out_err;
+		}
+	}
+
+	burstcnt = get_burstcount(chip);
+
+	/* burstcount < 0 = tpm is busy */
+	if (burstcnt < 0)
+		return burstcnt;
+
+	while (count < len - 1) {
+		if (burstcnt > (len-1-count))
+			burstcnt = len-1-count;
+
+#ifdef CONFIG_TPM_TIS_I2C_BURST_LIMITATION
+		if (retry && burstcnt > CONFIG_TPM_TIS_I2C_BURST_LIMITATION)
+			burstcnt = CONFIG_TPM_TIS_I2C_BURST_LIMITATION;
+#endif /* CONFIG_TPM_TIS_I2C_BURST_LIMITATION */
+
+		rc = iic_tpm_write(TPM_DATA_FIFO(chip->vendor.locality),
+				&(buf[count]), burstcnt);
+		if (rc == 0)
+			count += burstcnt;
+		else {
+			retry++;
+			wait_for_stat(chip, TPM_STS_VALID,
+					chip->vendor.timeout_c, &status);
+
+			if ((status & TPM_STS_DATA_EXPECT) == 0) {
+				rc = -EIO;
+				goto out_err;
+			}
+		}
+
+	}
+
+	/* Write last byte */
+	iic_tpm_write(TPM_DATA_FIFO(chip->vendor.locality), &(buf[count]), 1);
+	wait_for_stat(chip, TPM_STS_VALID, chip->vendor.timeout_c, &status);
+	if ((status & TPM_STS_DATA_EXPECT) != 0) {
+		rc = -EIO;
+		goto out_err;
+	}
+
+	/* Go and do it */
+	iic_tpm_write(TPM_STS(chip->vendor.locality), &sts, 1);
+
+	return len;
+
+out_err:
+	tpm_tis_i2c_ready(chip);
+	/*
+	 * The TPM needs some time to clean up here,
+	 * so we sleep rather than keeping the bus busy
+	 */
+	udelay(2000);
+	release_locality(chip, chip->vendor.locality, 0);
+
+	return rc;
+}
+
+static struct tpm_vendor_specific tpm_tis_i2c = {
+	.status = tpm_tis_i2c_status,
+	.recv = tpm_tis_i2c_recv,
+	.send = tpm_tis_i2c_send,
+	.cancel = tpm_tis_i2c_ready,
+	.req_complete_mask = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
+	.req_complete_val = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
+	.req_canceled = TPM_STS_COMMAND_READY,
+};
+
+int tpm_vendor_init(void)
+{
+	int rc;
+
+	rc = i2c_set_bus_num(CONFIG_TPM_TIS_I2C_BUS_NUMBER);
+	if (rc) {
+		debug("%s: fail: i2c_set_bus_num(0x%x) return %d\n", __func__,
+				CONFIG_TPM_TIS_I2C_BUS_NUMBER, rc);
+		return rc;
+	}
+
+	/*
+	 * i2c_probe() could fail in the first time because TPM chip may fall
+	 * asleep sometimes.  But the TPM chip should wake up on the first i2c
+	 * probe, and the second i2c probe should succeed.
+	 */
+	if (i2c_probe(CONFIG_TPM_TIS_I2C_SLAVE_ADDRESS)) {
+		rc = i2c_probe(CONFIG_TPM_TIS_I2C_SLAVE_ADDRESS);
+		if (rc) {
+			debug("%s: fail: i2c_probe(0x%x) return %d\n", __func__,
+					CONFIG_TPM_TIS_I2C_SLAVE_ADDRESS, rc);
+			return rc;
+		}
+	}
+
+	return 0;
+}
+
+int tpm_vendor_open(void)
+{
+	u32 vendor;
+	int rc = 0;
+	struct tpm_chip *chip;
+
+	chip = tpm_register_hardware(&tpm_tis_i2c);
+	if (!chip) {
+		rc = -ENODEV;
+		goto out_err;
+	}
+
+	/* Default timeouts */
+	chip->vendor.timeout_a = TIS_SHORT_TIMEOUT;
+	chip->vendor.timeout_b = TIS_LONG_TIMEOUT;
+	chip->vendor.timeout_c = TIS_SHORT_TIMEOUT;
+	chip->vendor.timeout_d = TIS_SHORT_TIMEOUT;
+
+	if (request_locality(chip, 0) < 0) {
+		rc = -ENODEV;
+		goto out_err;
+	}
+
+	/* Read four bytes from DID_VID register */
+	if (iic_tpm_read(TPM_DID_VID(0), (uchar *)&vendor, 4) < 0) {
+		rc = -EIO;
+		goto out_release;
+	}
+	/* Create DID_VID register value, after swapping to little-endian */
+	vendor = be32_to_cpu(vendor);
+	if (vendor != TPM_TIS_I2C_DID_VID) {
+		rc = -ENODEV;
+		goto out_release;
+	}
+
+	debug("1.2 TPM (device-id 0x%X)\n", vendor >> 16);
+
+	/*
+	 * A timeout query to TPM can be placed here.
+	 * Standard timeout values are used so far
+	 */
+
+	return 0;
+
+out_release:
+	release_locality(chip, 0, 1);
+
+out_err:
+	return rc;
+}
+
+void tpm_vendor_cleanup(struct tpm_chip *chip)
+{
+	release_locality(chip, chip->vendor.locality, 1);
+}
-- 
1.7.3.1



More information about the U-Boot mailing list