drivers/char/tpm/tpm_crb.c

   1 /*
   2  * Copyright (C) 2014 Intel Corporation
   3  *
   4  * Authors:
   5  * Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
   6  *
   7  * Maintained by: <tpmdd-devel@lists.sourceforge.net>
   8  *
   9  * This device driver implements the TPM interface as defined in
  10  * the TCG CRB 2.0 TPM specification.
  11  *
  12  * This program is free software; you can redistribute it and/or
  13  * modify it under the terms of the GNU General Public License
  14  * as published by the Free Software Foundation; version 2
  15  * of the License.
  16  */
  17
  18 #include <linux/acpi.h>
  19 #include <linux/highmem.h>
  20 #include <linux/rculist.h>
  21 #include <linux/module.h>
  22 #include <linux/platform_device.h>
  23 #include "tpm.h"
  24
  25 #define ACPI_SIG_TPM2 "TPM2"
  26
  27 static const u8 CRB_ACPI_START_UUID[] = {
  28         /* 0000 */ 0xAB, 0x6C, 0xBF, 0x6B, 0x63, 0x54, 0x14, 0x47,
  29         /* 0008 */ 0xB7, 0xCD, 0xF0, 0x20, 0x3C, 0x03, 0x68, 0xD4
  30 };
  31
  32 enum crb_defaults {
  33         CRB_ACPI_START_REVISION_ID = 1,
  34         CRB_ACPI_START_INDEX = 1,
  35 };
  36
  37 enum crb_ca_request {
  38         CRB_CA_REQ_GO_IDLE      = BIT(0),
  39         CRB_CA_REQ_CMD_READY    = BIT(1),
  40 };
  41
  42 enum crb_ca_status {
  43         CRB_CA_STS_ERROR        = BIT(0),
  44         CRB_CA_STS_TPM_IDLE     = BIT(1),
  45 };
  46
  47 enum crb_start {
  48         CRB_START_INVOKE        = BIT(0),
  49 };
  50
  51 enum crb_cancel {
  52         CRB_CANCEL_INVOKE       = BIT(0),
  53 };
  54
  55 struct crb_control_area {
  56         u32 req;
  57         u32 sts;
  58         u32 cancel;
  59         u32 start;
  60         u32 int_enable;
  61         u32 int_sts;
  62         u32 cmd_size;
  63         u32 cmd_pa_low;
  64         u32 cmd_pa_high;
  65         u32 rsp_size;
  66         u64 rsp_pa;
  67 } __packed;
  68
  69 enum crb_status {
  70         CRB_STS_COMPLETE        = BIT(0),
  71 };
  72
  73 enum crb_flags {
  74         CRB_FL_ACPI_START       = BIT(0),
  75         CRB_FL_CRB_START        = BIT(1),
  76 };
  77
  78 struct crb_priv {
  79         unsigned int flags;
  80         struct resource res;
  81         void __iomem *iobase;
  82         struct crb_control_area __iomem *cca;
  83         u8 __iomem *cmd;
  84         u8 __iomem *rsp;
  85 };
  86
  87 static SIMPLE_DEV_PM_OPS(crb_pm, tpm_pm_suspend, tpm_pm_resume);
  88
  89 static u8 crb_status(struct tpm_chip *chip)
  90 {
  91         struct crb_priv *priv = chip->vendor.priv;
  92         u8 sts = 0;
  93
  94         if ((ioread32(&priv->cca->start) & CRB_START_INVOKE) !=
  95             CRB_START_INVOKE)
  96                 sts |= CRB_STS_COMPLETE;
  97
  98         return sts;
  99 }
 100
 101 static int crb_recv(struct tpm_chip *chip, u8 *buf, size_t count)
 102 {
 103         struct crb_priv *priv = chip->vendor.priv;
 104         unsigned int expected;
 105
 106         /* sanity check */
 107         if (count < 6)
 108                 return -EIO;
 109
 110         if (ioread32(&priv->cca->sts) & CRB_CA_STS_ERROR)
 111                 return -EIO;
 112
 113         memcpy_fromio(buf, priv->rsp, 6);
 114         expected = be32_to_cpup((__be32 *) &buf[2]);
 115
 116         if (expected > count)
 117                 return -EIO;
 118
 119         memcpy_fromio(&buf[6], &priv->rsp[6], expected - 6);
 120
 121         return expected;
 122 }
 123
 124 static int crb_do_acpi_start(struct tpm_chip *chip)
 125 {
 126         union acpi_object *obj;
 127         int rc;
 128
 129         obj = acpi_evaluate_dsm(chip->acpi_dev_handle,
 130                                 CRB_ACPI_START_UUID,
 131                                 CRB_ACPI_START_REVISION_ID,
 132                                 CRB_ACPI_START_INDEX,
 133                                 NULL);
 134         if (!obj)
 135                 return -ENXIO;
 136         rc = obj->integer.value == 0 ? 0 : -ENXIO;
 137         ACPI_FREE(obj);
 138         return rc;
 139 }
 140
 141 static int crb_send(struct tpm_chip *chip, u8 *buf, size_t len)
 142 {
 143         struct crb_priv *priv = chip->vendor.priv;
 144         int rc = 0;
 145
 146         if (len > ioread32(&priv->cca->cmd_size)) {
 147                 dev_err(&chip->dev,
 148                         "invalid command count value %x %zx\n",
 149                         (unsigned int) len,
 150                         (size_t) ioread32(&priv->cca->cmd_size));
 151                 return -E2BIG;
 152         }
 153
 154         memcpy_toio(priv->cmd, buf, len);
 155
 156         /* Make sure that cmd is populated before issuing start. */
 157         wmb();
 158
 159         if (priv->flags & CRB_FL_CRB_START)
 160                 iowrite32(cpu_to_le32(CRB_START_INVOKE), &priv->cca->start);
 161
 162         if (priv->flags & CRB_FL_ACPI_START)
 163                 rc = crb_do_acpi_start(chip);
 164
 165         return rc;
 166 }
 167
 168 static void crb_cancel(struct tpm_chip *chip)
 169 {
 170         struct crb_priv *priv = chip->vendor.priv;
 171
 172         iowrite32(cpu_to_le32(CRB_CANCEL_INVOKE), &priv->cca->cancel);
 173
 174         /* Make sure that cmd is populated before issuing cancel. */
 175         wmb();
 176
 177         if ((priv->flags & CRB_FL_ACPI_START) && crb_do_acpi_start(chip))
 178                 dev_err(&chip->dev, "ACPI Start failed\n");
 179
 180         iowrite32(0, &priv->cca->cancel);
 181 }
 182
 183 static bool crb_req_canceled(struct tpm_chip *chip, u8 status)
 184 {
 185         struct crb_priv *priv = chip->vendor.priv;
 186         u32 cancel = ioread32(&priv->cca->cancel);
 187
 188         return (cancel & CRB_CANCEL_INVOKE) == CRB_CANCEL_INVOKE;
 189 }
 190
 191 static const struct tpm_class_ops tpm_crb = {
 192         .status = crb_status,
 193         .recv = crb_recv,
 194         .send = crb_send,
 195         .cancel = crb_cancel,
 196         .req_canceled = crb_req_canceled,
 197         .req_complete_mask = CRB_STS_COMPLETE,
 198         .req_complete_val = CRB_STS_COMPLETE,
 199 };
 200
 201 static int crb_init(struct acpi_device *device, struct crb_priv *priv)
 202 {
 203         struct tpm_chip *chip;
 204         int rc;
 205
 206         chip = tpmm_chip_alloc(&device->dev, &tpm_crb);
 207         if (IS_ERR(chip))
 208                 return PTR_ERR(chip);
 209
 210         chip->vendor.priv = priv;
 211         chip->acpi_dev_handle = device->handle;
 212         chip->flags = TPM_CHIP_FLAG_TPM2;
 213
 214         rc = tpm_get_timeouts(chip);
 215         if (rc)
 216                 return rc;
 217
 218         rc = tpm2_do_selftest(chip);
 219         if (rc)
 220                 return rc;
 221
 222         return tpm_chip_register(chip);
 223 }
 224
 225 static int crb_check_resource(struct acpi_resource *ares, void *data)
 226 {
 227         struct crb_priv *priv = data;
 228         struct resource res;
 229
 230         if (acpi_dev_resource_memory(ares, &res)) {
 231                 priv->res = res;
 232                 priv->res.name = NULL;
 233         }
 234
 235         return 1;
 236 }
 237
 238 static void __iomem *crb_map_res(struct device *dev, struct crb_priv *priv,
 239                                  u64 start, u32 size)
 240 {
 241         struct resource new_res = {
 242                 .start  = start,
 243                 .end    = start + size - 1,
 244                 .flags  = IORESOURCE_MEM,
 245         };
 246
 247         /* Detect a 64 bit address on a 32 bit system */
 248         if (start != new_res.start)
 249                 return ERR_PTR(-EINVAL);
 250
 251         if (!resource_contains(&priv->res, &new_res))
 252                 return devm_ioremap_resource(dev, &new_res);
 253
 254         return priv->iobase + (new_res.start - priv->res.start);
 255 }
 256
 257 static int crb_map_io(struct acpi_device *device, struct crb_priv *priv,
 258                       struct acpi_table_tpm2 *buf)
 259 {
 260         struct list_head resources;
 261         struct device *dev = &device->dev;
 262         u64 pa;
 263         int ret;
 264
 265         INIT_LIST_HEAD(&resources);
 266         ret = acpi_dev_get_resources(device, &resources, crb_check_resource,
 267                                      priv);
 268         if (ret < 0)
 269                 return ret;
 270         acpi_dev_free_resource_list(&resources);
 271
 272         if (resource_type(&priv->res) != IORESOURCE_MEM) {
 273                 dev_err(dev,
 274                         FW_BUG "TPM2 ACPI table does not define a memory resource\n");
 275                 return -EINVAL;
 276         }
 277
 278         priv->iobase = devm_ioremap_resource(dev, &priv->res);
 279         if (IS_ERR(priv->iobase))
 280                 return PTR_ERR(priv->iobase);
 281
 282         priv->cca = crb_map_res(dev, priv, buf->control_address, 0x1000);
 283         if (IS_ERR(priv->cca))
 284                 return PTR_ERR(priv->cca);
 285
 286         pa = ((u64) ioread32(&priv->cca->cmd_pa_high) << 32) |
 287               (u64) ioread32(&priv->cca->cmd_pa_low);
 288         priv->cmd = crb_map_res(dev, priv, pa, ioread32(&priv->cca->cmd_size));
 289         if (IS_ERR(priv->cmd))
 290                 return PTR_ERR(priv->cmd);
 291
 292         memcpy_fromio(&pa, &priv->cca->rsp_pa, 8);
 293         pa = le64_to_cpu(pa);
 294         priv->rsp = crb_map_res(dev, priv, pa, ioread32(&priv->cca->rsp_size));
 295         return PTR_ERR_OR_ZERO(priv->rsp);
 296 }
 297
 298 static int crb_acpi_add(struct acpi_device *device)
 299 {
 300         struct acpi_table_tpm2 *buf;
 301         struct crb_priv *priv;
 302         struct device *dev = &device->dev;
 303         acpi_status status;
 304         u32 sm;
 305         int rc;
 306
 307         status = acpi_get_table(ACPI_SIG_TPM2, 1,
 308                                 (struct acpi_table_header **) &buf);
 309         if (ACPI_FAILURE(status) || buf->header.length < sizeof(*buf)) {
 310                 dev_err(dev, FW_BUG "failed to get TPM2 ACPI table\n");
 311                 return -EINVAL;
 312         }
 313
 314         /* Should the FIFO driver handle this? */
 315         sm = buf->start_method;
 316         if (sm == ACPI_TPM2_MEMORY_MAPPED)
 317                 return -ENODEV;
 318
 319         priv = devm_kzalloc(dev, sizeof(struct crb_priv), GFP_KERNEL);
 320         if (!priv)
 321                 return -ENOMEM;
 322
 323         /* The reason for the extra quirk is that the PTT in 4th Gen Core CPUs
 324          * report only ACPI start but in practice seems to require both
 325          * ACPI start and CRB start.
 326          */
 327         if (sm == ACPI_TPM2_COMMAND_BUFFER || sm == ACPI_TPM2_MEMORY_MAPPED ||
 328             !strcmp(acpi_device_hid(device), "MSFT0101"))
 329                 priv->flags |= CRB_FL_CRB_START;
 330
 331         if (sm == ACPI_TPM2_START_METHOD ||
 332             sm == ACPI_TPM2_COMMAND_BUFFER_WITH_START_METHOD)
 333                 priv->flags |= CRB_FL_ACPI_START;
 334
 335         rc = crb_map_io(device, priv, buf);
 336         if (rc)
 337                 return rc;
 338
 339         return crb_init(device, priv);
 340 }
 341
 342 static int crb_acpi_remove(struct acpi_device *device)
 343 {
 344         struct device *dev = &device->dev;
 345         struct tpm_chip *chip = dev_get_drvdata(dev);
 346
 347         if (chip->flags & TPM_CHIP_FLAG_TPM2)
 348                 tpm2_shutdown(chip, TPM2_SU_CLEAR);
 349
 350         tpm_chip_unregister(chip);
 351
 352         return 0;
 353 }
 354
 355 static struct acpi_device_id crb_device_ids[] = {
 356         {"MSFT0101", 0},
 357         {"", 0},
 358 };
 359 MODULE_DEVICE_TABLE(acpi, crb_device_ids);
 360
 361 static struct acpi_driver crb_acpi_driver = {
 362         .name = "tpm_crb",
 363         .ids = crb_device_ids,
 364         .ops = {
 365                 .add = crb_acpi_add,
 366                 .remove = crb_acpi_remove,
 367         },
 368         .drv = {
 369                 .pm = &crb_pm,
 370         },
 371 };
 372
 373 module_acpi_driver(crb_acpi_driver);
 374 MODULE_AUTHOR("Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>");
 375 MODULE_DESCRIPTION("TPM2 Driver");
 376 MODULE_VERSION("0.1");
 377 MODULE_LICENSE("GPL");