1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright (C) 2005, 2006 IBM Corporation
4 * Copyright (C) 2014, 2015 Intel Corporation
5 *
6 * Authors:
7 * Leendert van Doorn <leendert@watson.ibm.com>
8 * Kylene Hall <kjhall@us.ibm.com>
9 *
10 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
11 *
12 * Device driver for TCG/TCPA TPM (trusted platform module).
13 * Specifications at www.trustedcomputinggroup.org
14 *
15 * This device driver implements the TPM interface as defined in
16 * the TCG TPM Interface Spec version 1.2, revision 1.0.
17 */
18 #include <linux/init.h>
19 #include <linux/module.h>
20 #include <linux/moduleparam.h>
21 #include <linux/pnp.h>
22 #include <linux/slab.h>
23 #include <linux/interrupt.h>
24 #include <linux/wait.h>
25 #include <linux/acpi.h>
26 #include <linux/freezer.h>
27 #include "tpm.h"
28 #include "tpm_tis_core.h"
29
30 static void tpm_tis_clkrun_enable(struct tpm_chip *chip, bool value);
31
wait_for_tpm_stat_cond(struct tpm_chip * chip,u8 mask,bool check_cancel,bool * canceled)32 static bool wait_for_tpm_stat_cond(struct tpm_chip *chip, u8 mask,
33 bool check_cancel, bool *canceled)
34 {
35 u8 status = chip->ops->status(chip);
36
37 *canceled = false;
38 if ((status & mask) == mask)
39 return true;
40 if (check_cancel && chip->ops->req_canceled(chip, status)) {
41 *canceled = true;
42 return true;
43 }
44 return false;
45 }
46
wait_for_tpm_stat(struct tpm_chip * chip,u8 mask,unsigned long timeout,wait_queue_head_t * queue,bool check_cancel)47 static int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask,
48 unsigned long timeout, wait_queue_head_t *queue,
49 bool check_cancel)
50 {
51 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
52 unsigned long stop;
53 long rc;
54 u8 status;
55 bool canceled = false;
56
57 /* check current status */
58 status = chip->ops->status(chip);
59 if ((status & mask) == mask)
60 return 0;
61
62 stop = jiffies + timeout;
63
64 if (chip->flags & TPM_CHIP_FLAG_IRQ) {
65 again:
66 timeout = stop - jiffies;
67 if ((long)timeout <= 0)
68 return -ETIME;
69 rc = wait_event_interruptible_timeout(*queue,
70 wait_for_tpm_stat_cond(chip, mask, check_cancel,
71 &canceled),
72 timeout);
73 if (rc > 0) {
74 if (canceled)
75 return -ECANCELED;
76 return 0;
77 }
78 if (rc == -ERESTARTSYS && freezing(current)) {
79 clear_thread_flag(TIF_SIGPENDING);
80 goto again;
81 }
82 } else {
83 do {
84 usleep_range(priv->timeout_min,
85 priv->timeout_max);
86 status = chip->ops->status(chip);
87 if ((status & mask) == mask)
88 return 0;
89 } while (time_before(jiffies, stop));
90 }
91 return -ETIME;
92 }
93
94 /* Before we attempt to access the TPM we must see that the valid bit is set.
95 * The specification says that this bit is 0 at reset and remains 0 until the
96 * 'TPM has gone through its self test and initialization and has established
97 * correct values in the other bits.'
98 */
wait_startup(struct tpm_chip * chip,int l)99 static int wait_startup(struct tpm_chip *chip, int l)
100 {
101 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
102 unsigned long stop = jiffies + chip->timeout_a;
103
104 do {
105 int rc;
106 u8 access;
107
108 rc = tpm_tis_read8(priv, TPM_ACCESS(l), &access);
109 if (rc < 0)
110 return rc;
111
112 if (access & TPM_ACCESS_VALID)
113 return 0;
114 tpm_msleep(TPM_TIMEOUT);
115 } while (time_before(jiffies, stop));
116 return -1;
117 }
118
check_locality(struct tpm_chip * chip,int l)119 static bool check_locality(struct tpm_chip *chip, int l)
120 {
121 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
122 int rc;
123 u8 access;
124
125 rc = tpm_tis_read8(priv, TPM_ACCESS(l), &access);
126 if (rc < 0)
127 return false;
128
129 if ((access & (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID
130 | TPM_ACCESS_REQUEST_USE)) ==
131 (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID)) {
132 priv->locality = l;
133 return true;
134 }
135
136 return false;
137 }
138
release_locality(struct tpm_chip * chip,int l)139 static int release_locality(struct tpm_chip *chip, int l)
140 {
141 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
142
143 tpm_tis_write8(priv, TPM_ACCESS(l), TPM_ACCESS_ACTIVE_LOCALITY);
144
145 return 0;
146 }
147
request_locality(struct tpm_chip * chip,int l)148 static int request_locality(struct tpm_chip *chip, int l)
149 {
150 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
151 unsigned long stop, timeout;
152 long rc;
153
154 if (check_locality(chip, l))
155 return l;
156
157 rc = tpm_tis_write8(priv, TPM_ACCESS(l), TPM_ACCESS_REQUEST_USE);
158 if (rc < 0)
159 return rc;
160
161 stop = jiffies + chip->timeout_a;
162
163 if (chip->flags & TPM_CHIP_FLAG_IRQ) {
164 again:
165 timeout = stop - jiffies;
166 if ((long)timeout <= 0)
167 return -1;
168 rc = wait_event_interruptible_timeout(priv->int_queue,
169 (check_locality
170 (chip, l)),
171 timeout);
172 if (rc > 0)
173 return l;
174 if (rc == -ERESTARTSYS && freezing(current)) {
175 clear_thread_flag(TIF_SIGPENDING);
176 goto again;
177 }
178 } else {
179 /* wait for burstcount */
180 do {
181 if (check_locality(chip, l))
182 return l;
183 tpm_msleep(TPM_TIMEOUT);
184 } while (time_before(jiffies, stop));
185 }
186 return -1;
187 }
188
tpm_tis_status(struct tpm_chip * chip)189 static u8 tpm_tis_status(struct tpm_chip *chip)
190 {
191 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
192 int rc;
193 u8 status;
194
195 rc = tpm_tis_read8(priv, TPM_STS(priv->locality), &status);
196 if (rc < 0)
197 return 0;
198
199 if (unlikely((status & TPM_STS_READ_ZERO) != 0)) {
200 if (!test_and_set_bit(TPM_TIS_INVALID_STATUS, &priv->flags)) {
201 /*
202 * If this trips, the chances are the read is
203 * returning 0xff because the locality hasn't been
204 * acquired. Usually because tpm_try_get_ops() hasn't
205 * been called before doing a TPM operation.
206 */
207 dev_err(&chip->dev, "invalid TPM_STS.x 0x%02x, dumping stack for forensics\n",
208 status);
209
210 /*
211 * Dump stack for forensics, as invalid TPM_STS.x could be
212 * potentially triggered by impaired tpm_try_get_ops() or
213 * tpm_find_get_ops().
214 */
215 dump_stack();
216 }
217
218 return 0;
219 }
220
221 return status;
222 }
223
tpm_tis_ready(struct tpm_chip * chip)224 static void tpm_tis_ready(struct tpm_chip *chip)
225 {
226 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
227
228 /* this causes the current command to be aborted */
229 tpm_tis_write8(priv, TPM_STS(priv->locality), TPM_STS_COMMAND_READY);
230 }
231
get_burstcount(struct tpm_chip * chip)232 static int get_burstcount(struct tpm_chip *chip)
233 {
234 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
235 unsigned long stop;
236 int burstcnt, rc;
237 u32 value;
238
239 /* wait for burstcount */
240 if (chip->flags & TPM_CHIP_FLAG_TPM2)
241 stop = jiffies + chip->timeout_a;
242 else
243 stop = jiffies + chip->timeout_d;
244 do {
245 rc = tpm_tis_read32(priv, TPM_STS(priv->locality), &value);
246 if (rc < 0)
247 return rc;
248
249 burstcnt = (value >> 8) & 0xFFFF;
250 if (burstcnt)
251 return burstcnt;
252 usleep_range(TPM_TIMEOUT_USECS_MIN, TPM_TIMEOUT_USECS_MAX);
253 } while (time_before(jiffies, stop));
254 return -EBUSY;
255 }
256
recv_data(struct tpm_chip * chip,u8 * buf,size_t count)257 static int recv_data(struct tpm_chip *chip, u8 *buf, size_t count)
258 {
259 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
260 int size = 0, burstcnt, rc;
261
262 while (size < count) {
263 rc = wait_for_tpm_stat(chip,
264 TPM_STS_DATA_AVAIL | TPM_STS_VALID,
265 chip->timeout_c,
266 &priv->read_queue, true);
267 if (rc < 0)
268 return rc;
269 burstcnt = get_burstcount(chip);
270 if (burstcnt < 0) {
271 dev_err(&chip->dev, "Unable to read burstcount\n");
272 return burstcnt;
273 }
274 burstcnt = min_t(int, burstcnt, count - size);
275
276 rc = tpm_tis_read_bytes(priv, TPM_DATA_FIFO(priv->locality),
277 burstcnt, buf + size);
278 if (rc < 0)
279 return rc;
280
281 size += burstcnt;
282 }
283 return size;
284 }
285
tpm_tis_recv(struct tpm_chip * chip,u8 * buf,size_t count)286 static int tpm_tis_recv(struct tpm_chip *chip, u8 *buf, size_t count)
287 {
288 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
289 int size = 0;
290 int status;
291 u32 expected;
292
293 if (count < TPM_HEADER_SIZE) {
294 size = -EIO;
295 goto out;
296 }
297
298 size = recv_data(chip, buf, TPM_HEADER_SIZE);
299 /* read first 10 bytes, including tag, paramsize, and result */
300 if (size < TPM_HEADER_SIZE) {
301 dev_err(&chip->dev, "Unable to read header\n");
302 goto out;
303 }
304
305 expected = be32_to_cpu(*(__be32 *) (buf + 2));
306 if (expected > count || expected < TPM_HEADER_SIZE) {
307 size = -EIO;
308 goto out;
309 }
310
311 size += recv_data(chip, &buf[TPM_HEADER_SIZE],
312 expected - TPM_HEADER_SIZE);
313 if (size < expected) {
314 dev_err(&chip->dev, "Unable to read remainder of result\n");
315 size = -ETIME;
316 goto out;
317 }
318
319 if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
320 &priv->int_queue, false) < 0) {
321 size = -ETIME;
322 goto out;
323 }
324 status = tpm_tis_status(chip);
325 if (status & TPM_STS_DATA_AVAIL) { /* retry? */
326 dev_err(&chip->dev, "Error left over data\n");
327 size = -EIO;
328 goto out;
329 }
330
331 out:
332 tpm_tis_ready(chip);
333 return size;
334 }
335
336 /*
337 * If interrupts are used (signaled by an irq set in the vendor structure)
338 * tpm.c can skip polling for the data to be available as the interrupt is
339 * waited for here
340 */
tpm_tis_send_data(struct tpm_chip * chip,const u8 * buf,size_t len)341 static int tpm_tis_send_data(struct tpm_chip *chip, const u8 *buf, size_t len)
342 {
343 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
344 int rc, status, burstcnt;
345 size_t count = 0;
346 bool itpm = priv->flags & TPM_TIS_ITPM_WORKAROUND;
347
348 status = tpm_tis_status(chip);
349 if ((status & TPM_STS_COMMAND_READY) == 0) {
350 tpm_tis_ready(chip);
351 if (wait_for_tpm_stat
352 (chip, TPM_STS_COMMAND_READY, chip->timeout_b,
353 &priv->int_queue, false) < 0) {
354 rc = -ETIME;
355 goto out_err;
356 }
357 }
358
359 while (count < len - 1) {
360 burstcnt = get_burstcount(chip);
361 if (burstcnt < 0) {
362 dev_err(&chip->dev, "Unable to read burstcount\n");
363 rc = burstcnt;
364 goto out_err;
365 }
366 burstcnt = min_t(int, burstcnt, len - count - 1);
367 rc = tpm_tis_write_bytes(priv, TPM_DATA_FIFO(priv->locality),
368 burstcnt, buf + count);
369 if (rc < 0)
370 goto out_err;
371
372 count += burstcnt;
373
374 if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
375 &priv->int_queue, false) < 0) {
376 rc = -ETIME;
377 goto out_err;
378 }
379 status = tpm_tis_status(chip);
380 if (!itpm && (status & TPM_STS_DATA_EXPECT) == 0) {
381 rc = -EIO;
382 goto out_err;
383 }
384 }
385
386 /* write last byte */
387 rc = tpm_tis_write8(priv, TPM_DATA_FIFO(priv->locality), buf[count]);
388 if (rc < 0)
389 goto out_err;
390
391 if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
392 &priv->int_queue, false) < 0) {
393 rc = -ETIME;
394 goto out_err;
395 }
396 status = tpm_tis_status(chip);
397 if (!itpm && (status & TPM_STS_DATA_EXPECT) != 0) {
398 rc = -EIO;
399 goto out_err;
400 }
401
402 return 0;
403
404 out_err:
405 tpm_tis_ready(chip);
406 return rc;
407 }
408
disable_interrupts(struct tpm_chip * chip)409 static void disable_interrupts(struct tpm_chip *chip)
410 {
411 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
412 u32 intmask;
413 int rc;
414
415 if (priv->irq == 0)
416 return;
417
418 rc = tpm_tis_read32(priv, TPM_INT_ENABLE(priv->locality), &intmask);
419 if (rc < 0)
420 intmask = 0;
421
422 intmask &= ~TPM_GLOBAL_INT_ENABLE;
423 rc = tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality), intmask);
424
425 devm_free_irq(chip->dev.parent, priv->irq, chip);
426 priv->irq = 0;
427 chip->flags &= ~TPM_CHIP_FLAG_IRQ;
428 }
429
430 /*
431 * If interrupts are used (signaled by an irq set in the vendor structure)
432 * tpm.c can skip polling for the data to be available as the interrupt is
433 * waited for here
434 */
tpm_tis_send_main(struct tpm_chip * chip,const u8 * buf,size_t len)435 static int tpm_tis_send_main(struct tpm_chip *chip, const u8 *buf, size_t len)
436 {
437 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
438 int rc;
439 u32 ordinal;
440 unsigned long dur;
441
442 rc = tpm_tis_send_data(chip, buf, len);
443 if (rc < 0)
444 return rc;
445
446 /* go and do it */
447 rc = tpm_tis_write8(priv, TPM_STS(priv->locality), TPM_STS_GO);
448 if (rc < 0)
449 goto out_err;
450
451 if (chip->flags & TPM_CHIP_FLAG_IRQ) {
452 ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
453
454 dur = tpm_calc_ordinal_duration(chip, ordinal);
455 if (wait_for_tpm_stat
456 (chip, TPM_STS_DATA_AVAIL | TPM_STS_VALID, dur,
457 &priv->read_queue, false) < 0) {
458 rc = -ETIME;
459 goto out_err;
460 }
461 }
462 return 0;
463 out_err:
464 tpm_tis_ready(chip);
465 return rc;
466 }
467
tpm_tis_send(struct tpm_chip * chip,u8 * buf,size_t len)468 static int tpm_tis_send(struct tpm_chip *chip, u8 *buf, size_t len)
469 {
470 int rc, irq;
471 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
472
473 if (!(chip->flags & TPM_CHIP_FLAG_IRQ) || priv->irq_tested)
474 return tpm_tis_send_main(chip, buf, len);
475
476 /* Verify receipt of the expected IRQ */
477 irq = priv->irq;
478 priv->irq = 0;
479 chip->flags &= ~TPM_CHIP_FLAG_IRQ;
480 rc = tpm_tis_send_main(chip, buf, len);
481 priv->irq = irq;
482 chip->flags |= TPM_CHIP_FLAG_IRQ;
483 if (!priv->irq_tested)
484 tpm_msleep(1);
485 if (!priv->irq_tested)
486 disable_interrupts(chip);
487 priv->irq_tested = true;
488 return rc;
489 }
490
491 struct tis_vendor_durations_override {
492 u32 did_vid;
493 struct tpm1_version version;
494 unsigned long durations[3];
495 };
496
497 static const struct tis_vendor_durations_override vendor_dur_overrides[] = {
498 /* STMicroelectronics 0x104a */
499 { 0x0000104a,
500 { 1, 2, 8, 28 },
501 { (2 * 60 * HZ), (2 * 60 * HZ), (2 * 60 * HZ) } },
502 };
503
tpm_tis_update_durations(struct tpm_chip * chip,unsigned long * duration_cap)504 static void tpm_tis_update_durations(struct tpm_chip *chip,
505 unsigned long *duration_cap)
506 {
507 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
508 struct tpm1_version *version;
509 u32 did_vid;
510 int i, rc;
511 cap_t cap;
512
513 chip->duration_adjusted = false;
514
515 if (chip->ops->clk_enable != NULL)
516 chip->ops->clk_enable(chip, true);
517
518 rc = tpm_tis_read32(priv, TPM_DID_VID(0), &did_vid);
519 if (rc < 0) {
520 dev_warn(&chip->dev, "%s: failed to read did_vid. %d\n",
521 __func__, rc);
522 goto out;
523 }
524
525 /* Try to get a TPM version 1.2 or 1.1 TPM_CAP_VERSION_INFO */
526 rc = tpm1_getcap(chip, TPM_CAP_VERSION_1_2, &cap,
527 "attempting to determine the 1.2 version",
528 sizeof(cap.version2));
529 if (!rc) {
530 version = &cap.version2.version;
531 } else {
532 rc = tpm1_getcap(chip, TPM_CAP_VERSION_1_1, &cap,
533 "attempting to determine the 1.1 version",
534 sizeof(cap.version1));
535
536 if (rc)
537 goto out;
538
539 version = &cap.version1;
540 }
541
542 for (i = 0; i != ARRAY_SIZE(vendor_dur_overrides); i++) {
543 if (vendor_dur_overrides[i].did_vid != did_vid)
544 continue;
545
546 if ((version->major ==
547 vendor_dur_overrides[i].version.major) &&
548 (version->minor ==
549 vendor_dur_overrides[i].version.minor) &&
550 (version->rev_major ==
551 vendor_dur_overrides[i].version.rev_major) &&
552 (version->rev_minor ==
553 vendor_dur_overrides[i].version.rev_minor)) {
554
555 memcpy(duration_cap,
556 vendor_dur_overrides[i].durations,
557 sizeof(vendor_dur_overrides[i].durations));
558
559 chip->duration_adjusted = true;
560 goto out;
561 }
562 }
563
564 out:
565 if (chip->ops->clk_enable != NULL)
566 chip->ops->clk_enable(chip, false);
567 }
568
569 struct tis_vendor_timeout_override {
570 u32 did_vid;
571 unsigned long timeout_us[4];
572 };
573
574 static const struct tis_vendor_timeout_override vendor_timeout_overrides[] = {
575 /* Atmel 3204 */
576 { 0x32041114, { (TIS_SHORT_TIMEOUT*1000), (TIS_LONG_TIMEOUT*1000),
577 (TIS_SHORT_TIMEOUT*1000), (TIS_SHORT_TIMEOUT*1000) } },
578 };
579
tpm_tis_update_timeouts(struct tpm_chip * chip,unsigned long * timeout_cap)580 static void tpm_tis_update_timeouts(struct tpm_chip *chip,
581 unsigned long *timeout_cap)
582 {
583 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
584 int i, rc;
585 u32 did_vid;
586
587 chip->timeout_adjusted = false;
588
589 if (chip->ops->clk_enable != NULL)
590 chip->ops->clk_enable(chip, true);
591
592 rc = tpm_tis_read32(priv, TPM_DID_VID(0), &did_vid);
593 if (rc < 0) {
594 dev_warn(&chip->dev, "%s: failed to read did_vid: %d\n",
595 __func__, rc);
596 goto out;
597 }
598
599 for (i = 0; i != ARRAY_SIZE(vendor_timeout_overrides); i++) {
600 if (vendor_timeout_overrides[i].did_vid != did_vid)
601 continue;
602 memcpy(timeout_cap, vendor_timeout_overrides[i].timeout_us,
603 sizeof(vendor_timeout_overrides[i].timeout_us));
604 chip->timeout_adjusted = true;
605 }
606
607 out:
608 if (chip->ops->clk_enable != NULL)
609 chip->ops->clk_enable(chip, false);
610
611 return;
612 }
613
614 /*
615 * Early probing for iTPM with STS_DATA_EXPECT flaw.
616 * Try sending command without itpm flag set and if that
617 * fails, repeat with itpm flag set.
618 */
probe_itpm(struct tpm_chip * chip)619 static int probe_itpm(struct tpm_chip *chip)
620 {
621 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
622 int rc = 0;
623 static const u8 cmd_getticks[] = {
624 0x00, 0xc1, 0x00, 0x00, 0x00, 0x0a,
625 0x00, 0x00, 0x00, 0xf1
626 };
627 size_t len = sizeof(cmd_getticks);
628 u16 vendor;
629
630 if (priv->flags & TPM_TIS_ITPM_WORKAROUND)
631 return 0;
632
633 rc = tpm_tis_read16(priv, TPM_DID_VID(0), &vendor);
634 if (rc < 0)
635 return rc;
636
637 /* probe only iTPMS */
638 if (vendor != TPM_VID_INTEL)
639 return 0;
640
641 if (request_locality(chip, 0) != 0)
642 return -EBUSY;
643
644 rc = tpm_tis_send_data(chip, cmd_getticks, len);
645 if (rc == 0)
646 goto out;
647
648 tpm_tis_ready(chip);
649
650 priv->flags |= TPM_TIS_ITPM_WORKAROUND;
651
652 rc = tpm_tis_send_data(chip, cmd_getticks, len);
653 if (rc == 0)
654 dev_info(&chip->dev, "Detected an iTPM.\n");
655 else {
656 priv->flags &= ~TPM_TIS_ITPM_WORKAROUND;
657 rc = -EFAULT;
658 }
659
660 out:
661 tpm_tis_ready(chip);
662 release_locality(chip, priv->locality);
663
664 return rc;
665 }
666
tpm_tis_req_canceled(struct tpm_chip * chip,u8 status)667 static bool tpm_tis_req_canceled(struct tpm_chip *chip, u8 status)
668 {
669 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
670
671 switch (priv->manufacturer_id) {
672 case TPM_VID_WINBOND:
673 return ((status == TPM_STS_VALID) ||
674 (status == (TPM_STS_VALID | TPM_STS_COMMAND_READY)));
675 case TPM_VID_STM:
676 return (status == (TPM_STS_VALID | TPM_STS_COMMAND_READY));
677 default:
678 return (status == TPM_STS_COMMAND_READY);
679 }
680 }
681
tis_int_handler(int dummy,void * dev_id)682 static irqreturn_t tis_int_handler(int dummy, void *dev_id)
683 {
684 struct tpm_chip *chip = dev_id;
685 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
686 u32 interrupt;
687 int i, rc;
688
689 rc = tpm_tis_read32(priv, TPM_INT_STATUS(priv->locality), &interrupt);
690 if (rc < 0)
691 return IRQ_NONE;
692
693 if (interrupt == 0)
694 return IRQ_NONE;
695
696 priv->irq_tested = true;
697 if (interrupt & TPM_INTF_DATA_AVAIL_INT)
698 wake_up_interruptible(&priv->read_queue);
699 if (interrupt & TPM_INTF_LOCALITY_CHANGE_INT)
700 for (i = 0; i < 5; i++)
701 if (check_locality(chip, i))
702 break;
703 if (interrupt &
704 (TPM_INTF_LOCALITY_CHANGE_INT | TPM_INTF_STS_VALID_INT |
705 TPM_INTF_CMD_READY_INT))
706 wake_up_interruptible(&priv->int_queue);
707
708 /* Clear interrupts handled with TPM_EOI */
709 rc = tpm_tis_write32(priv, TPM_INT_STATUS(priv->locality), interrupt);
710 if (rc < 0)
711 return IRQ_NONE;
712
713 tpm_tis_read32(priv, TPM_INT_STATUS(priv->locality), &interrupt);
714 return IRQ_HANDLED;
715 }
716
tpm_tis_gen_interrupt(struct tpm_chip * chip)717 static int tpm_tis_gen_interrupt(struct tpm_chip *chip)
718 {
719 const char *desc = "attempting to generate an interrupt";
720 u32 cap2;
721 cap_t cap;
722 int ret;
723
724 ret = request_locality(chip, 0);
725 if (ret < 0)
726 return ret;
727
728 if (chip->flags & TPM_CHIP_FLAG_TPM2)
729 ret = tpm2_get_tpm_pt(chip, 0x100, &cap2, desc);
730 else
731 ret = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, desc, 0);
732
733 release_locality(chip, 0);
734
735 return ret;
736 }
737
738 /* Register the IRQ and issue a command that will cause an interrupt. If an
739 * irq is seen then leave the chip setup for IRQ operation, otherwise reverse
740 * everything and leave in polling mode. Returns 0 on success.
741 */
tpm_tis_probe_irq_single(struct tpm_chip * chip,u32 intmask,int flags,int irq)742 static int tpm_tis_probe_irq_single(struct tpm_chip *chip, u32 intmask,
743 int flags, int irq)
744 {
745 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
746 u8 original_int_vec;
747 int rc;
748 u32 int_status;
749
750 if (devm_request_irq(chip->dev.parent, irq, tis_int_handler, flags,
751 dev_name(&chip->dev), chip) != 0) {
752 dev_info(&chip->dev, "Unable to request irq: %d for probe\n",
753 irq);
754 return -1;
755 }
756 priv->irq = irq;
757
758 rc = tpm_tis_read8(priv, TPM_INT_VECTOR(priv->locality),
759 &original_int_vec);
760 if (rc < 0)
761 return rc;
762
763 rc = tpm_tis_write8(priv, TPM_INT_VECTOR(priv->locality), irq);
764 if (rc < 0)
765 return rc;
766
767 rc = tpm_tis_read32(priv, TPM_INT_STATUS(priv->locality), &int_status);
768 if (rc < 0)
769 return rc;
770
771 /* Clear all existing */
772 rc = tpm_tis_write32(priv, TPM_INT_STATUS(priv->locality), int_status);
773 if (rc < 0)
774 return rc;
775
776 /* Turn on */
777 rc = tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality),
778 intmask | TPM_GLOBAL_INT_ENABLE);
779 if (rc < 0)
780 return rc;
781
782 priv->irq_tested = false;
783
784 /* Generate an interrupt by having the core call through to
785 * tpm_tis_send
786 */
787 rc = tpm_tis_gen_interrupt(chip);
788 if (rc < 0)
789 return rc;
790
791 /* tpm_tis_send will either confirm the interrupt is working or it
792 * will call disable_irq which undoes all of the above.
793 */
794 if (!(chip->flags & TPM_CHIP_FLAG_IRQ)) {
795 rc = tpm_tis_write8(priv, original_int_vec,
796 TPM_INT_VECTOR(priv->locality));
797 if (rc < 0)
798 return rc;
799
800 return 1;
801 }
802
803 return 0;
804 }
805
806 /* Try to find the IRQ the TPM is using. This is for legacy x86 systems that
807 * do not have ACPI/etc. We typically expect the interrupt to be declared if
808 * present.
809 */
tpm_tis_probe_irq(struct tpm_chip * chip,u32 intmask)810 static void tpm_tis_probe_irq(struct tpm_chip *chip, u32 intmask)
811 {
812 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
813 u8 original_int_vec;
814 int i, rc;
815
816 rc = tpm_tis_read8(priv, TPM_INT_VECTOR(priv->locality),
817 &original_int_vec);
818 if (rc < 0)
819 return;
820
821 if (!original_int_vec) {
822 if (IS_ENABLED(CONFIG_X86))
823 for (i = 3; i <= 15; i++)
824 if (!tpm_tis_probe_irq_single(chip, intmask, 0,
825 i))
826 return;
827 } else if (!tpm_tis_probe_irq_single(chip, intmask, 0,
828 original_int_vec))
829 return;
830 }
831
tpm_tis_remove(struct tpm_chip * chip)832 void tpm_tis_remove(struct tpm_chip *chip)
833 {
834 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
835 u32 reg = TPM_INT_ENABLE(priv->locality);
836 u32 interrupt;
837 int rc;
838
839 tpm_tis_clkrun_enable(chip, true);
840
841 rc = tpm_tis_read32(priv, reg, &interrupt);
842 if (rc < 0)
843 interrupt = 0;
844
845 tpm_tis_write32(priv, reg, ~TPM_GLOBAL_INT_ENABLE & interrupt);
846
847 tpm_tis_clkrun_enable(chip, false);
848
849 if (priv->ilb_base_addr)
850 iounmap(priv->ilb_base_addr);
851 }
852 EXPORT_SYMBOL_GPL(tpm_tis_remove);
853
854 /**
855 * tpm_tis_clkrun_enable() - Keep clkrun protocol disabled for entire duration
856 * of a single TPM command
857 * @chip: TPM chip to use
858 * @value: 1 - Disable CLKRUN protocol, so that clocks are free running
859 * 0 - Enable CLKRUN protocol
860 * Call this function directly in tpm_tis_remove() in error or driver removal
861 * path, since the chip->ops is set to NULL in tpm_chip_unregister().
862 */
tpm_tis_clkrun_enable(struct tpm_chip * chip,bool value)863 static void tpm_tis_clkrun_enable(struct tpm_chip *chip, bool value)
864 {
865 struct tpm_tis_data *data = dev_get_drvdata(&chip->dev);
866 u32 clkrun_val;
867
868 if (!IS_ENABLED(CONFIG_X86) || !is_bsw() ||
869 !data->ilb_base_addr)
870 return;
871
872 if (value) {
873 data->clkrun_enabled++;
874 if (data->clkrun_enabled > 1)
875 return;
876 clkrun_val = ioread32(data->ilb_base_addr + LPC_CNTRL_OFFSET);
877
878 /* Disable LPC CLKRUN# */
879 clkrun_val &= ~LPC_CLKRUN_EN;
880 iowrite32(clkrun_val, data->ilb_base_addr + LPC_CNTRL_OFFSET);
881
882 /*
883 * Write any random value on port 0x80 which is on LPC, to make
884 * sure LPC clock is running before sending any TPM command.
885 */
886 outb(0xCC, 0x80);
887 } else {
888 data->clkrun_enabled--;
889 if (data->clkrun_enabled)
890 return;
891
892 clkrun_val = ioread32(data->ilb_base_addr + LPC_CNTRL_OFFSET);
893
894 /* Enable LPC CLKRUN# */
895 clkrun_val |= LPC_CLKRUN_EN;
896 iowrite32(clkrun_val, data->ilb_base_addr + LPC_CNTRL_OFFSET);
897
898 /*
899 * Write any random value on port 0x80 which is on LPC, to make
900 * sure LPC clock is running before sending any TPM command.
901 */
902 outb(0xCC, 0x80);
903 }
904 }
905
906 static const struct tpm_class_ops tpm_tis = {
907 .flags = TPM_OPS_AUTO_STARTUP,
908 .status = tpm_tis_status,
909 .recv = tpm_tis_recv,
910 .send = tpm_tis_send,
911 .cancel = tpm_tis_ready,
912 .update_timeouts = tpm_tis_update_timeouts,
913 .update_durations = tpm_tis_update_durations,
914 .req_complete_mask = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
915 .req_complete_val = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
916 .req_canceled = tpm_tis_req_canceled,
917 .request_locality = request_locality,
918 .relinquish_locality = release_locality,
919 .clk_enable = tpm_tis_clkrun_enable,
920 };
921
tpm_tis_core_init(struct device * dev,struct tpm_tis_data * priv,int irq,const struct tpm_tis_phy_ops * phy_ops,acpi_handle acpi_dev_handle)922 int tpm_tis_core_init(struct device *dev, struct tpm_tis_data *priv, int irq,
923 const struct tpm_tis_phy_ops *phy_ops,
924 acpi_handle acpi_dev_handle)
925 {
926 u32 vendor;
927 u32 intfcaps;
928 u32 intmask;
929 u32 clkrun_val;
930 u8 rid;
931 int rc, probe;
932 struct tpm_chip *chip;
933
934 chip = tpmm_chip_alloc(dev, &tpm_tis);
935 if (IS_ERR(chip))
936 return PTR_ERR(chip);
937
938 #ifdef CONFIG_ACPI
939 chip->acpi_dev_handle = acpi_dev_handle;
940 #endif
941
942 chip->hwrng.quality = priv->rng_quality;
943
944 /* Maximum timeouts */
945 chip->timeout_a = msecs_to_jiffies(TIS_TIMEOUT_A_MAX);
946 chip->timeout_b = msecs_to_jiffies(TIS_TIMEOUT_B_MAX);
947 chip->timeout_c = msecs_to_jiffies(TIS_TIMEOUT_C_MAX);
948 chip->timeout_d = msecs_to_jiffies(TIS_TIMEOUT_D_MAX);
949 priv->timeout_min = TPM_TIMEOUT_USECS_MIN;
950 priv->timeout_max = TPM_TIMEOUT_USECS_MAX;
951 priv->phy_ops = phy_ops;
952
953 rc = tpm_tis_read32(priv, TPM_DID_VID(0), &vendor);
954 if (rc < 0)
955 goto out_err;
956
957 priv->manufacturer_id = vendor;
958
959 if (priv->manufacturer_id == TPM_VID_ATML &&
960 !(chip->flags & TPM_CHIP_FLAG_TPM2)) {
961 priv->timeout_min = TIS_TIMEOUT_MIN_ATML;
962 priv->timeout_max = TIS_TIMEOUT_MAX_ATML;
963 }
964
965 dev_set_drvdata(&chip->dev, priv);
966
967 if (is_bsw()) {
968 priv->ilb_base_addr = ioremap(INTEL_LEGACY_BLK_BASE_ADDR,
969 ILB_REMAP_SIZE);
970 if (!priv->ilb_base_addr)
971 return -ENOMEM;
972
973 clkrun_val = ioread32(priv->ilb_base_addr + LPC_CNTRL_OFFSET);
974 /* Check if CLKRUN# is already not enabled in the LPC bus */
975 if (!(clkrun_val & LPC_CLKRUN_EN)) {
976 iounmap(priv->ilb_base_addr);
977 priv->ilb_base_addr = NULL;
978 }
979 }
980
981 if (chip->ops->clk_enable != NULL)
982 chip->ops->clk_enable(chip, true);
983
984 if (wait_startup(chip, 0) != 0) {
985 rc = -ENODEV;
986 goto out_err;
987 }
988
989 /* Take control of the TPM's interrupt hardware and shut it off */
990 rc = tpm_tis_read32(priv, TPM_INT_ENABLE(priv->locality), &intmask);
991 if (rc < 0)
992 goto out_err;
993
994 intmask |= TPM_INTF_CMD_READY_INT | TPM_INTF_LOCALITY_CHANGE_INT |
995 TPM_INTF_DATA_AVAIL_INT | TPM_INTF_STS_VALID_INT;
996 intmask &= ~TPM_GLOBAL_INT_ENABLE;
997 tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality), intmask);
998
999 rc = tpm_chip_start(chip);
1000 if (rc)
1001 goto out_err;
1002 rc = tpm2_probe(chip);
1003 tpm_chip_stop(chip);
1004 if (rc)
1005 goto out_err;
1006
1007 rc = tpm_tis_read8(priv, TPM_RID(0), &rid);
1008 if (rc < 0)
1009 goto out_err;
1010
1011 dev_info(dev, "%s TPM (device-id 0x%X, rev-id %d)\n",
1012 (chip->flags & TPM_CHIP_FLAG_TPM2) ? "2.0" : "1.2",
1013 vendor >> 16, rid);
1014
1015 probe = probe_itpm(chip);
1016 if (probe < 0) {
1017 rc = -ENODEV;
1018 goto out_err;
1019 }
1020
1021 /* Figure out the capabilities */
1022 rc = tpm_tis_read32(priv, TPM_INTF_CAPS(priv->locality), &intfcaps);
1023 if (rc < 0)
1024 goto out_err;
1025
1026 dev_dbg(dev, "TPM interface capabilities (0x%x):\n",
1027 intfcaps);
1028 if (intfcaps & TPM_INTF_BURST_COUNT_STATIC)
1029 dev_dbg(dev, "\tBurst Count Static\n");
1030 if (intfcaps & TPM_INTF_CMD_READY_INT)
1031 dev_dbg(dev, "\tCommand Ready Int Support\n");
1032 if (intfcaps & TPM_INTF_INT_EDGE_FALLING)
1033 dev_dbg(dev, "\tInterrupt Edge Falling\n");
1034 if (intfcaps & TPM_INTF_INT_EDGE_RISING)
1035 dev_dbg(dev, "\tInterrupt Edge Rising\n");
1036 if (intfcaps & TPM_INTF_INT_LEVEL_LOW)
1037 dev_dbg(dev, "\tInterrupt Level Low\n");
1038 if (intfcaps & TPM_INTF_INT_LEVEL_HIGH)
1039 dev_dbg(dev, "\tInterrupt Level High\n");
1040 if (intfcaps & TPM_INTF_LOCALITY_CHANGE_INT)
1041 dev_dbg(dev, "\tLocality Change Int Support\n");
1042 if (intfcaps & TPM_INTF_STS_VALID_INT)
1043 dev_dbg(dev, "\tSts Valid Int Support\n");
1044 if (intfcaps & TPM_INTF_DATA_AVAIL_INT)
1045 dev_dbg(dev, "\tData Avail Int Support\n");
1046
1047 /* INTERRUPT Setup */
1048 init_waitqueue_head(&priv->read_queue);
1049 init_waitqueue_head(&priv->int_queue);
1050 if (irq != -1) {
1051 /*
1052 * Before doing irq testing issue a command to the TPM in polling mode
1053 * to make sure it works. May as well use that command to set the
1054 * proper timeouts for the driver.
1055 */
1056
1057 rc = request_locality(chip, 0);
1058 if (rc < 0)
1059 goto out_err;
1060
1061 rc = tpm_get_timeouts(chip);
1062
1063 release_locality(chip, 0);
1064
1065 if (rc) {
1066 dev_err(dev, "Could not get TPM timeouts and durations\n");
1067 rc = -ENODEV;
1068 goto out_err;
1069 }
1070
1071 if (irq) {
1072 tpm_tis_probe_irq_single(chip, intmask, IRQF_SHARED,
1073 irq);
1074 if (!(chip->flags & TPM_CHIP_FLAG_IRQ)) {
1075 dev_err(&chip->dev, FW_BUG
1076 "TPM interrupt not working, polling instead\n");
1077
1078 disable_interrupts(chip);
1079 }
1080 } else {
1081 tpm_tis_probe_irq(chip, intmask);
1082 }
1083 }
1084
1085 rc = tpm_chip_register(chip);
1086 if (rc)
1087 goto out_err;
1088
1089 if (chip->ops->clk_enable != NULL)
1090 chip->ops->clk_enable(chip, false);
1091
1092 return 0;
1093 out_err:
1094 if (chip->ops->clk_enable != NULL)
1095 chip->ops->clk_enable(chip, false);
1096
1097 tpm_tis_remove(chip);
1098
1099 return rc;
1100 }
1101 EXPORT_SYMBOL_GPL(tpm_tis_core_init);
1102
1103 #ifdef CONFIG_PM_SLEEP
tpm_tis_reenable_interrupts(struct tpm_chip * chip)1104 static void tpm_tis_reenable_interrupts(struct tpm_chip *chip)
1105 {
1106 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
1107 u32 intmask;
1108 int rc;
1109
1110 if (chip->ops->clk_enable != NULL)
1111 chip->ops->clk_enable(chip, true);
1112
1113 /* reenable interrupts that device may have lost or
1114 * BIOS/firmware may have disabled
1115 */
1116 rc = tpm_tis_write8(priv, TPM_INT_VECTOR(priv->locality), priv->irq);
1117 if (rc < 0)
1118 goto out;
1119
1120 rc = tpm_tis_read32(priv, TPM_INT_ENABLE(priv->locality), &intmask);
1121 if (rc < 0)
1122 goto out;
1123
1124 intmask |= TPM_INTF_CMD_READY_INT
1125 | TPM_INTF_LOCALITY_CHANGE_INT | TPM_INTF_DATA_AVAIL_INT
1126 | TPM_INTF_STS_VALID_INT | TPM_GLOBAL_INT_ENABLE;
1127
1128 tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality), intmask);
1129
1130 out:
1131 if (chip->ops->clk_enable != NULL)
1132 chip->ops->clk_enable(chip, false);
1133
1134 return;
1135 }
1136
tpm_tis_resume(struct device * dev)1137 int tpm_tis_resume(struct device *dev)
1138 {
1139 struct tpm_chip *chip = dev_get_drvdata(dev);
1140 int ret;
1141
1142 if (chip->flags & TPM_CHIP_FLAG_IRQ)
1143 tpm_tis_reenable_interrupts(chip);
1144
1145 ret = tpm_pm_resume(dev);
1146 if (ret)
1147 return ret;
1148
1149 /*
1150 * TPM 1.2 requires self-test on resume. This function actually returns
1151 * an error code but for unknown reason it isn't handled.
1152 */
1153 if (!(chip->flags & TPM_CHIP_FLAG_TPM2)) {
1154 ret = request_locality(chip, 0);
1155 if (ret < 0)
1156 return ret;
1157
1158 tpm1_do_selftest(chip);
1159
1160 release_locality(chip, 0);
1161 }
1162
1163 return 0;
1164 }
1165 EXPORT_SYMBOL_GPL(tpm_tis_resume);
1166 #endif
1167
1168 MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)");
1169 MODULE_DESCRIPTION("TPM Driver");
1170 MODULE_VERSION("2.0");
1171 MODULE_LICENSE("GPL");
1172