1 /* SPDX-License-Identifier: GPL-2.0-only */
2
3 #ifndef TIS_H_
4 #define TIS_H_
5
6 #include <security/tpm/tss_errors.h>
7 #include <types.h>
8
9 enum tis_access {
10 TPM_ACCESS_VALID = (1 << 7),
11 TPM_ACCESS_ACTIVE_LOCALITY = (1 << 5),
12 TPM_ACCESS_REQUEST_PENDING = (1 << 2),
13 TPM_ACCESS_REQUEST_USE = (1 << 1),
14 TPM_ACCESS_ESTABLISHMENT = (1 << 0),
15 };
16
17 enum tis_status {
18 TPM_STS_FAMILY_SHIFT = 26,
19 TPM_STS_FAMILY_MASK = (0x3 << TPM_STS_FAMILY_SHIFT),
20 TPM_STS_FAMILY_TPM_2_0 = (1 << TPM_STS_FAMILY_SHIFT),
21 TPM_STS_FAMILY_TPM_1_2 = (0 << TPM_STS_FAMILY_SHIFT),
22 TPM_STS_RESET_ESTABLISHMENT = (1 << 25),
23 TPM_STS_COMMAND_CANCEL = (1 << 24),
24 TPM_STS_BURST_COUNT_SHIFT = 8,
25 TPM_STS_BURST_COUNT_MASK = (0xFFFF << TPM_STS_BURST_COUNT_SHIFT),
26 TPM_STS_VALID = (1 << 7),
27 TPM_STS_COMMAND_READY = (1 << 6),
28 TPM_STS_GO = (1 << 5),
29 TPM_STS_DATA_AVAIL = (1 << 4),
30 TPM_STS_DATA_EXPECT = (1 << 3),
31 TPM_STS_SELF_TEST_DONE = (1 << 2),
32 TPM_STS_RESPONSE_RETRY = (1 << 1),
33 };
34
35 enum tpm_family {
36 TPM_UNKNOWN = 0,
37 TPM_1 = 1,
38 TPM_2 = 2,
39 };
40
41 /*
42 * tis_sendrecv()
43 *
44 * Send the requested data to the TPM and then try to get its response
45 *
46 * @sendbuf - buffer of the data to send
47 * @send_size size of the data to send
48 * @recvbuf - memory to save the response to
49 * @recv_len - pointer to the size of the response buffer
50 *
51 * Returns TSS Return Code from TCG TPM Structures. See tss_errors.h
52 */
53 typedef tpm_result_t (*tis_sendrecv_fn)(const u8 *sendbuf, size_t send_size, u8 *recvbuf,
54 size_t *recv_len);
55
56 /*
57 * Probe for the TPM device and set it up for use within locality 0.
58 *
59 * @family - pointer which is set to TPM family of the device
60 *
61 * Returns pointer to send-receive function on success or NULL on failure.
62 *
63 * Do not call this explicitly, it's meant to be used exclusively by TSS
64 * implementation (tlcl_lib_init() function to be specific).
65 */
66 typedef tis_sendrecv_fn (*tis_probe_fn)(enum tpm_family *family);
67
68 /*
69 * tis_vendor_write()
70 *
71 * Vendor-specific function to send the requested data to the TPM.
72 *
73 * @addr - address of the register to write to
74 * @sendbuf - buffer of the data to send
75 * @send_size - size of the data to send
76 *
77 * Returns CB_SUCCESS 0 on success, CB_ERR on failure.
78 */
79 enum cb_err tis_vendor_write(unsigned int addr, const void *sendbuf, size_t send_size);
80
81 /*
82 * tis_vendor_read()
83 *
84 * Vendor-specific function to read the requested data from the TPM.
85 *
86 * @addr - address of the register to read from
87 * @recvbuf - buffer of the data to read
88 * @recv_size - size of the output buffer
89 *
90 * Returns CB_SUCCESS on success or -1 on failure.
91 */
92 enum cb_err tis_vendor_read(unsigned int addr, void *recvbuf, size_t recv_size);
93
tpm_first_access_this_boot(void)94 static inline bool tpm_first_access_this_boot(void)
95 {
96 return ENV_SEPARATE_VERSTAGE || ENV_BOOTBLOCK || !CONFIG(VBOOT);
97 }
98
99 #endif /* TIS_H_ */
100