drivers/crb/tis.c

/* SPDX-License-Identifier: GPL-2.0-only */

#include <console/console.h>
#include <security/tpm/tis.h>
#include <acpi/acpigen.h>
#include <device/device.h>
#include <drivers/intel/ptt/ptt.h>
#include <drivers/tpm/tpm_ppi.h>
#include <security/tpm/tss.h>
#include <endian.h>
#include <smbios.h>
#include <string.h>

#include "tpm.h"
#include "chip.h"

static const struct {
	uint16_t vid;
	uint16_t did;
	const char *device_name;
} dev_map[] = {
	{0x1ae0, 0x0028, "CR50"},
	{0xa13a, 0x8086, "Intel iTPM"}
};

static const char *tis_get_dev_name(struct crb_tpm_info *info)
{
	int i;

	for (i = 0; i < ARRAY_SIZE(dev_map); i++)
		if ((dev_map[i].vid == info->vendor_id) && (dev_map[i].did == info->device_id))
			return dev_map[i].device_name;
	return "Unknown";
}

static tpm_result_t crb_tpm_sendrecv(const uint8_t *sendbuf, size_t sbuf_size, uint8_t *recvbuf,
				     size_t *rbuf_len)
{
	int len = crb_tpm_process_command(sendbuf, sbuf_size, recvbuf, *rbuf_len);

	if (len == 0)
		return TPM_CB_FAIL;

	*rbuf_len = len;

	return TPM_SUCCESS;
}

tis_sendrecv_fn crb_tis_probe(enum tpm_family *family)
{
	struct crb_tpm_info info;

	if (CONFIG(HAVE_INTEL_PTT)) {
		if (!ptt_active()) {
			printk(BIOS_ERR, "%s: Intel PTT is not active.\n", __func__);
			return NULL;
		}
		printk(BIOS_DEBUG, "%s: Intel PTT is active.\n", __func__);
	}

	/* Wake TPM up (if necessary) */
	if (crb_tpm_init())
		return NULL;

	/* CRB interface exists only in TPM2 */
	if (family != NULL)
		*family = TPM_2;

	crb_tpm_get_info(&info);

	printk(BIOS_INFO, "Initialized TPM device %s revision %d\n", tis_get_dev_name(&info),
	       info.revision);

	return &crb_tpm_sendrecv;
}

static void crb_tpm_fill_ssdt(const struct device *dev)
{
	const char *path = acpi_device_path(dev);
	if (!path) {
		path = "\\_SB_.TPM";
		printk(BIOS_DEBUG, "Using default TPM2 ACPI path: '%s'\n", path);
	}

	/* Device */
	acpigen_write_device(path);

	acpigen_write_name_string("_HID", "MSFT0101");
	acpigen_write_name_string("_CID", "MSFT0101");

	acpi_device_write_uid(dev);

	acpigen_write_STA(ACPI_STATUS_DEVICE_ALL_ON);

	/* Resources */
	acpigen_write_name("_CRS");
	acpigen_write_resourcetemplate_header();
	acpigen_write_mem32fixed(1, TPM_CRB_BASE_ADDRESS, 0x5000);

	acpigen_write_resourcetemplate_footer();

	if (!CONFIG(CHROMEOS) && CONFIG(TPM_PPI))
		tpm_ppi_acpi_fill_ssdt(dev);

	acpigen_pop_len(); /* Device */
}

static const char *crb_tpm_acpi_name(const struct device *dev)
{
	return "TPM";
}

#if CONFIG(GENERATE_SMBIOS_TABLES) && CONFIG(TPM2)
static tpm_result_t tpm_get_cap(uint32_t property, uint32_t *value)
{
	TPMS_CAPABILITY_DATA cap_data;
	int i;
	tpm_result_t rc;

	if (!value)
		return TPM_CB_INVALID_ARG;

	rc = tlcl2_get_capability(TPM_CAP_TPM_PROPERTIES, property, 1, &cap_data);

	if (rc)
		return rc;

	for (i = 0 ; i < cap_data.data.tpmProperties.count; i++) {
		if (cap_data.data.tpmProperties.tpmProperty[i].property == property) {
			*value = cap_data.data.tpmProperties.tpmProperty[i].value;
			return TPM_SUCCESS;
		}
	}

	return TPM_CB_FAIL;
}

static int smbios_write_type43_tpm(struct device *dev, int *handle, unsigned long *current)
{
	struct crb_tpm_info info;
	uint32_t tpm_manuf, tpm_family;
	uint32_t fw_ver1, fw_ver2;
	uint8_t major_spec_ver, minor_spec_ver;

	if (tlcl_get_family() == TPM_1)
		return 0;

	crb_tpm_get_info(&info);

	/* If any of these have invalid values, assume TPM not present or disabled */
	if (info.vendor_id == 0 || info.vendor_id == 0xFFFF ||
	    info.device_id == 0 || info.device_id == 0xFFFF) {
		printk(BIOS_DEBUG, "%s: Invalid Vendor ID/Device ID\n", __func__);
		return 0;
	}

	/* Vendor ID is the value returned by TPM2_GetCapabiltiy TPM_PT_MANUFACTURER */
	if (tpm_get_cap(TPM_PT_MANUFACTURER, &tpm_manuf)) {
		printk(BIOS_DEBUG, "TPM2_GetCap TPM_PT_MANUFACTURER failed\n");
		return 0;
	}

	tpm_manuf = be32toh(tpm_manuf);

	if (tpm_get_cap(TPM_PT_FIRMWARE_VERSION_1, &fw_ver1)) {
		printk(BIOS_DEBUG, "TPM2_GetCap TPM_PT_FIRMWARE_VERSION_1 failed\n");
		return 0;
	}

	if (tpm_get_cap(TPM_PT_FIRMWARE_VERSION_2, &fw_ver2)) {
		printk(BIOS_DEBUG, "TPM2_GetCap TPM_PT_FIRMWARE_VERSION_2 failed\n");
		return 0;
	}

	if (tpm_get_cap(TPM_PT_FAMILY_INDICATOR, &tpm_family)) {
		printk(BIOS_DEBUG, "TPM2_GetCap TPM_PT_FAMILY_INDICATOR failed\n");
		return 0;
	}

	tpm_family = be32toh(tpm_family);

	if (!strncmp((char *)&tpm_family, "2.0", 4)) {
		major_spec_ver = 2;
		minor_spec_ver = 0;
	} else {
		printk(BIOS_ERR, "%s: Invalid TPM family\n", __func__);
		return 0;
	}

	return smbios_write_type43(current, handle, tpm_manuf, major_spec_ver, minor_spec_ver,
				   fw_ver1, fw_ver2, tis_get_dev_name(&info),
				   SMBIOS_TPM_DEVICE_CHARACTERISTICS_NOT_SUPPORTED, 0);
}
#endif

static struct device_operations __maybe_unused crb_ops = {
	.read_resources = noop_read_resources,
	.set_resources = noop_set_resources,
#if CONFIG(HAVE_ACPI_TABLES)
	.acpi_name = crb_tpm_acpi_name,
	.acpi_fill_ssdt = crb_tpm_fill_ssdt,
#endif
#if CONFIG(GENERATE_SMBIOS_TABLES) && CONFIG(TPM2)
	.get_smbios_data	= smbios_write_type43_tpm,
#endif
};

static void enable_dev(struct device *dev)
{
	if (crb_tis_probe(NULL) == NULL) {
		dev->enabled = 0;
		return;
	}

#if !DEVTREE_EARLY
	dev->ops = &crb_ops;
#endif
}

struct chip_operations drivers_crb_ops = {
	.name = "CRB TPM",
	.enable_dev = enable_dev
};