char/tpm/tpm_tis_core.c

0001 // SPDX-License-Identifier: GPL-2.0-only
0002 /*
0003  * Copyright (C) 2005, 2006 IBM Corporation
0004  * Copyright (C) 2014, 2015 Intel Corporation
0005  *
0006  * Authors:
0007  * Leendert van Doorn <leendert@watson.ibm.com>
0008  * Kylene Hall <kjhall@us.ibm.com>
0009  *
0010  * Maintained by: <tpmdd-devel@lists.sourceforge.net>
0011  *
0012  * Device driver for TCG/TCPA TPM (trusted platform module).
0013  * Specifications at www.trustedcomputinggroup.org
0014  *
0015  * This device driver implements the TPM interface as defined in
0016  * the TCG TPM Interface Spec version 1.2, revision 1.0.
0017  */
0018 #include <linux/init.h>
0019 #include <linux/module.h>
0020 #include <linux/moduleparam.h>
0021 #include <linux/pnp.h>
0022 #include <linux/slab.h>
0023 #include <linux/interrupt.h>
0024 #include <linux/wait.h>
0025 #include <linux/acpi.h>
0026 #include <linux/freezer.h>
0027 #include "tpm.h"
0028 #include "tpm_tis_core.h"
0029
0030 static void tpm_tis_clkrun_enable(struct tpm_chip *chip, bool value);
0031
0032 static bool wait_for_tpm_stat_cond(struct tpm_chip *chip, u8 mask,
0033                     bool check_cancel, bool *canceled)
0034 {
0035     u8 status = chip->ops->status(chip);
0036
0037     *canceled = false;
0038     if ((status & mask) == mask)
0039         return true;
0040     if (check_cancel && chip->ops->req_canceled(chip, status)) {
0041         *canceled = true;
0042         return true;
0043     }
0044     return false;
0045 }
0046
0047 static int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask,
0048         unsigned long timeout, wait_queue_head_t *queue,
0049         bool check_cancel)
0050 {
0051     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0052     unsigned long stop;
0053     long rc;
0054     u8 status;
0055     bool canceled = false;
0056
0057     /* check current status */
0058     status = chip->ops->status(chip);
0059     if ((status & mask) == mask)
0060         return 0;
0061
0062     stop = jiffies + timeout;
0063
0064     if (chip->flags & TPM_CHIP_FLAG_IRQ) {
0065 again:
0066         timeout = stop - jiffies;
0067         if ((long)timeout <= 0)
0068             return -ETIME;
0069         rc = wait_event_interruptible_timeout(*queue,
0070             wait_for_tpm_stat_cond(chip, mask, check_cancel,
0071                            &canceled),
0072             timeout);
0073         if (rc > 0) {
0074             if (canceled)
0075                 return -ECANCELED;
0076             return 0;
0077         }
0078         if (rc == -ERESTARTSYS && freezing(current)) {
0079             clear_thread_flag(TIF_SIGPENDING);
0080             goto again;
0081         }
0082     } else {
0083         do {
0084             usleep_range(priv->timeout_min,
0085                      priv->timeout_max);
0086             status = chip->ops->status(chip);
0087             if ((status & mask) == mask)
0088                 return 0;
0089         } while (time_before(jiffies, stop));
0090     }
0091     return -ETIME;
0092 }
0093
0094 /* Before we attempt to access the TPM we must see that the valid bit is set.
0095  * The specification says that this bit is 0 at reset and remains 0 until the
0096  * 'TPM has gone through its self test and initialization and has established
0097  * correct values in the other bits.'
0098  */
0099 static int wait_startup(struct tpm_chip *chip, int l)
0100 {
0101     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0102     unsigned long stop = jiffies + chip->timeout_a;
0103
0104     do {
0105         int rc;
0106         u8 access;
0107
0108         rc = tpm_tis_read8(priv, TPM_ACCESS(l), &access);
0109         if (rc < 0)
0110             return rc;
0111
0112         if (access & TPM_ACCESS_VALID)
0113             return 0;
0114         tpm_msleep(TPM_TIMEOUT);
0115     } while (time_before(jiffies, stop));
0116     return -1;
0117 }
0118
0119 static bool check_locality(struct tpm_chip *chip, int l)
0120 {
0121     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0122     int rc;
0123     u8 access;
0124
0125     rc = tpm_tis_read8(priv, TPM_ACCESS(l), &access);
0126     if (rc < 0)
0127         return false;
0128
0129     if ((access & (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID
0130                | TPM_ACCESS_REQUEST_USE)) ==
0131         (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID)) {
0132         priv->locality = l;
0133         return true;
0134     }
0135
0136     return false;
0137 }
0138
0139 static int release_locality(struct tpm_chip *chip, int l)
0140 {
0141     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0142
0143     tpm_tis_write8(priv, TPM_ACCESS(l), TPM_ACCESS_ACTIVE_LOCALITY);
0144
0145     return 0;
0146 }
0147
0148 static int request_locality(struct tpm_chip *chip, int l)
0149 {
0150     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0151     unsigned long stop, timeout;
0152     long rc;
0153
0154     if (check_locality(chip, l))
0155         return l;
0156
0157     rc = tpm_tis_write8(priv, TPM_ACCESS(l), TPM_ACCESS_REQUEST_USE);
0158     if (rc < 0)
0159         return rc;
0160
0161     stop = jiffies + chip->timeout_a;
0162
0163     if (chip->flags & TPM_CHIP_FLAG_IRQ) {
0164 again:
0165         timeout = stop - jiffies;
0166         if ((long)timeout <= 0)
0167             return -1;
0168         rc = wait_event_interruptible_timeout(priv->int_queue,
0169                               (check_locality
0170                                (chip, l)),
0171                               timeout);
0172         if (rc > 0)
0173             return l;
0174         if (rc == -ERESTARTSYS && freezing(current)) {
0175             clear_thread_flag(TIF_SIGPENDING);
0176             goto again;
0177         }
0178     } else {
0179         /* wait for burstcount */
0180         do {
0181             if (check_locality(chip, l))
0182                 return l;
0183             tpm_msleep(TPM_TIMEOUT);
0184         } while (time_before(jiffies, stop));
0185     }
0186     return -1;
0187 }
0188
0189 static u8 tpm_tis_status(struct tpm_chip *chip)
0190 {
0191     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0192     int rc;
0193     u8 status;
0194
0195     rc = tpm_tis_read8(priv, TPM_STS(priv->locality), &status);
0196     if (rc < 0)
0197         return 0;
0198
0199     if (unlikely((status & TPM_STS_READ_ZERO) != 0)) {
0200         if  (!test_and_set_bit(TPM_TIS_INVALID_STATUS, &priv->flags)) {
0201             /*
0202              * If this trips, the chances are the read is
0203              * returning 0xff because the locality hasn't been
0204              * acquired.  Usually because tpm_try_get_ops() hasn't
0205              * been called before doing a TPM operation.
0206              */
0207             dev_err(&chip->dev, "invalid TPM_STS.x 0x%02x, dumping stack for forensics\n",
0208                 status);
0209
0210             /*
0211              * Dump stack for forensics, as invalid TPM_STS.x could be
0212              * potentially triggered by impaired tpm_try_get_ops() or
0213              * tpm_find_get_ops().
0214              */
0215             dump_stack();
0216         }
0217
0218         return 0;
0219     }
0220
0221     return status;
0222 }
0223
0224 static void tpm_tis_ready(struct tpm_chip *chip)
0225 {
0226     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0227
0228     /* this causes the current command to be aborted */
0229     tpm_tis_write8(priv, TPM_STS(priv->locality), TPM_STS_COMMAND_READY);
0230 }
0231
0232 static int get_burstcount(struct tpm_chip *chip)
0233 {
0234     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0235     unsigned long stop;
0236     int burstcnt, rc;
0237     u32 value;
0238
0239     /* wait for burstcount */
0240     if (chip->flags & TPM_CHIP_FLAG_TPM2)
0241         stop = jiffies + chip->timeout_a;
0242     else
0243         stop = jiffies + chip->timeout_d;
0244     do {
0245         rc = tpm_tis_read32(priv, TPM_STS(priv->locality), &value);
0246         if (rc < 0)
0247             return rc;
0248
0249         burstcnt = (value >> 8) & 0xFFFF;
0250         if (burstcnt)
0251             return burstcnt;
0252         usleep_range(TPM_TIMEOUT_USECS_MIN, TPM_TIMEOUT_USECS_MAX);
0253     } while (time_before(jiffies, stop));
0254     return -EBUSY;
0255 }
0256
0257 static int recv_data(struct tpm_chip *chip, u8 *buf, size_t count)
0258 {
0259     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0260     int size = 0, burstcnt, rc;
0261
0262     while (size < count) {
0263         rc = wait_for_tpm_stat(chip,
0264                  TPM_STS_DATA_AVAIL | TPM_STS_VALID,
0265                  chip->timeout_c,
0266                  &priv->read_queue, true);
0267         if (rc < 0)
0268             return rc;
0269         burstcnt = get_burstcount(chip);
0270         if (burstcnt < 0) {
0271             dev_err(&chip->dev, "Unable to read burstcount\n");
0272             return burstcnt;
0273         }
0274         burstcnt = min_t(int, burstcnt, count - size);
0275
0276         rc = tpm_tis_read_bytes(priv, TPM_DATA_FIFO(priv->locality),
0277                     burstcnt, buf + size);
0278         if (rc < 0)
0279             return rc;
0280
0281         size += burstcnt;
0282     }
0283     return size;
0284 }
0285
0286 static int tpm_tis_recv(struct tpm_chip *chip, u8 *buf, size_t count)
0287 {
0288     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0289     int size = 0;
0290     int status;
0291     u32 expected;
0292     int rc;
0293
0294     if (count < TPM_HEADER_SIZE) {
0295         size = -EIO;
0296         goto out;
0297     }
0298
0299     size = recv_data(chip, buf, TPM_HEADER_SIZE);
0300     /* read first 10 bytes, including tag, paramsize, and result */
0301     if (size < TPM_HEADER_SIZE) {
0302         dev_err(&chip->dev, "Unable to read header\n");
0303         goto out;
0304     }
0305
0306     expected = be32_to_cpu(*(__be32 *) (buf + 2));
0307     if (expected > count || expected < TPM_HEADER_SIZE) {
0308         size = -EIO;
0309         goto out;
0310     }
0311
0312     size += recv_data(chip, &buf[TPM_HEADER_SIZE],
0313               expected - TPM_HEADER_SIZE);
0314     if (size < expected) {
0315         dev_err(&chip->dev, "Unable to read remainder of result\n");
0316         size = -ETIME;
0317         goto out;
0318     }
0319
0320     if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
0321                 &priv->int_queue, false) < 0) {
0322         size = -ETIME;
0323         goto out;
0324     }
0325     status = tpm_tis_status(chip);
0326     if (status & TPM_STS_DATA_AVAIL) {  /* retry? */
0327         dev_err(&chip->dev, "Error left over data\n");
0328         size = -EIO;
0329         goto out;
0330     }
0331
0332     rc = tpm_tis_verify_crc(priv, (size_t)size, buf);
0333     if (rc < 0) {
0334         dev_err(&chip->dev, "CRC mismatch for response.\n");
0335         size = rc;
0336         goto out;
0337     }
0338
0339 out:
0340     tpm_tis_ready(chip);
0341     return size;
0342 }
0343
0344 /*
0345  * If interrupts are used (signaled by an irq set in the vendor structure)
0346  * tpm.c can skip polling for the data to be available as the interrupt is
0347  * waited for here
0348  */
0349 static int tpm_tis_send_data(struct tpm_chip *chip, const u8 *buf, size_t len)
0350 {
0351     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0352     int rc, status, burstcnt;
0353     size_t count = 0;
0354     bool itpm = priv->flags & TPM_TIS_ITPM_WORKAROUND;
0355
0356     status = tpm_tis_status(chip);
0357     if ((status & TPM_STS_COMMAND_READY) == 0) {
0358         tpm_tis_ready(chip);
0359         if (wait_for_tpm_stat
0360             (chip, TPM_STS_COMMAND_READY, chip->timeout_b,
0361              &priv->int_queue, false) < 0) {
0362             rc = -ETIME;
0363             goto out_err;
0364         }
0365     }
0366
0367     while (count < len - 1) {
0368         burstcnt = get_burstcount(chip);
0369         if (burstcnt < 0) {
0370             dev_err(&chip->dev, "Unable to read burstcount\n");
0371             rc = burstcnt;
0372             goto out_err;
0373         }
0374         burstcnt = min_t(int, burstcnt, len - count - 1);
0375         rc = tpm_tis_write_bytes(priv, TPM_DATA_FIFO(priv->locality),
0376                      burstcnt, buf + count);
0377         if (rc < 0)
0378             goto out_err;
0379
0380         count += burstcnt;
0381
0382         if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
0383                     &priv->int_queue, false) < 0) {
0384             rc = -ETIME;
0385             goto out_err;
0386         }
0387         status = tpm_tis_status(chip);
0388         if (!itpm && (status & TPM_STS_DATA_EXPECT) == 0) {
0389             rc = -EIO;
0390             goto out_err;
0391         }
0392     }
0393
0394     /* write last byte */
0395     rc = tpm_tis_write8(priv, TPM_DATA_FIFO(priv->locality), buf[count]);
0396     if (rc < 0)
0397         goto out_err;
0398
0399     if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
0400                 &priv->int_queue, false) < 0) {
0401         rc = -ETIME;
0402         goto out_err;
0403     }
0404     status = tpm_tis_status(chip);
0405     if (!itpm && (status & TPM_STS_DATA_EXPECT) != 0) {
0406         rc = -EIO;
0407         goto out_err;
0408     }
0409
0410     return 0;
0411
0412 out_err:
0413     tpm_tis_ready(chip);
0414     return rc;
0415 }
0416
0417 static void disable_interrupts(struct tpm_chip *chip)
0418 {
0419     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0420     u32 intmask;
0421     int rc;
0422
0423     if (priv->irq == 0)
0424         return;
0425
0426     rc = tpm_tis_read32(priv, TPM_INT_ENABLE(priv->locality), &intmask);
0427     if (rc < 0)
0428         intmask = 0;
0429
0430     intmask &= ~TPM_GLOBAL_INT_ENABLE;
0431     rc = tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality), intmask);
0432
0433     devm_free_irq(chip->dev.parent, priv->irq, chip);
0434     priv->irq = 0;
0435     chip->flags &= ~TPM_CHIP_FLAG_IRQ;
0436 }
0437
0438 /*
0439  * If interrupts are used (signaled by an irq set in the vendor structure)
0440  * tpm.c can skip polling for the data to be available as the interrupt is
0441  * waited for here
0442  */
0443 static int tpm_tis_send_main(struct tpm_chip *chip, const u8 *buf, size_t len)
0444 {
0445     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0446     int rc;
0447     u32 ordinal;
0448     unsigned long dur;
0449
0450     rc = tpm_tis_send_data(chip, buf, len);
0451     if (rc < 0)
0452         return rc;
0453
0454     rc = tpm_tis_verify_crc(priv, len, buf);
0455     if (rc < 0) {
0456         dev_err(&chip->dev, "CRC mismatch for command.\n");
0457         return rc;
0458     }
0459
0460     /* go and do it */
0461     rc = tpm_tis_write8(priv, TPM_STS(priv->locality), TPM_STS_GO);
0462     if (rc < 0)
0463         goto out_err;
0464
0465     if (chip->flags & TPM_CHIP_FLAG_IRQ) {
0466         ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
0467
0468         dur = tpm_calc_ordinal_duration(chip, ordinal);
0469         if (wait_for_tpm_stat
0470             (chip, TPM_STS_DATA_AVAIL | TPM_STS_VALID, dur,
0471              &priv->read_queue, false) < 0) {
0472             rc = -ETIME;
0473             goto out_err;
0474         }
0475     }
0476     return 0;
0477 out_err:
0478     tpm_tis_ready(chip);
0479     return rc;
0480 }
0481
0482 static int tpm_tis_send(struct tpm_chip *chip, u8 *buf, size_t len)
0483 {
0484     int rc, irq;
0485     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0486
0487     if (!(chip->flags & TPM_CHIP_FLAG_IRQ) || priv->irq_tested)
0488         return tpm_tis_send_main(chip, buf, len);
0489
0490     /* Verify receipt of the expected IRQ */
0491     irq = priv->irq;
0492     priv->irq = 0;
0493     chip->flags &= ~TPM_CHIP_FLAG_IRQ;
0494     rc = tpm_tis_send_main(chip, buf, len);
0495     priv->irq = irq;
0496     chip->flags |= TPM_CHIP_FLAG_IRQ;
0497     if (!priv->irq_tested)
0498         tpm_msleep(1);
0499     if (!priv->irq_tested)
0500         disable_interrupts(chip);
0501     priv->irq_tested = true;
0502     return rc;
0503 }
0504
0505 struct tis_vendor_durations_override {
0506     u32 did_vid;
0507     struct tpm1_version version;
0508     unsigned long durations[3];
0509 };
0510
0511 static const struct  tis_vendor_durations_override vendor_dur_overrides[] = {
0512     /* STMicroelectronics 0x104a */
0513     { 0x0000104a,
0514       { 1, 2, 8, 28 },
0515       { (2 * 60 * HZ), (2 * 60 * HZ), (2 * 60 * HZ) } },
0516 };
0517
0518 static void tpm_tis_update_durations(struct tpm_chip *chip,
0519                      unsigned long *duration_cap)
0520 {
0521     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0522     struct tpm1_version *version;
0523     u32 did_vid;
0524     int i, rc;
0525     cap_t cap;
0526
0527     chip->duration_adjusted = false;
0528
0529     if (chip->ops->clk_enable != NULL)
0530         chip->ops->clk_enable(chip, true);
0531
0532     rc = tpm_tis_read32(priv, TPM_DID_VID(0), &did_vid);
0533     if (rc < 0) {
0534         dev_warn(&chip->dev, "%s: failed to read did_vid. %d\n",
0535              __func__, rc);
0536         goto out;
0537     }
0538
0539     /* Try to get a TPM version 1.2 or 1.1 TPM_CAP_VERSION_INFO */
0540     rc = tpm1_getcap(chip, TPM_CAP_VERSION_1_2, &cap,
0541              "attempting to determine the 1.2 version",
0542              sizeof(cap.version2));
0543     if (!rc) {
0544         version = &cap.version2.version;
0545     } else {
0546         rc = tpm1_getcap(chip, TPM_CAP_VERSION_1_1, &cap,
0547                  "attempting to determine the 1.1 version",
0548                  sizeof(cap.version1));
0549
0550         if (rc)
0551             goto out;
0552
0553         version = &cap.version1;
0554     }
0555
0556     for (i = 0; i != ARRAY_SIZE(vendor_dur_overrides); i++) {
0557         if (vendor_dur_overrides[i].did_vid != did_vid)
0558             continue;
0559
0560         if ((version->major ==
0561              vendor_dur_overrides[i].version.major) &&
0562             (version->minor ==
0563              vendor_dur_overrides[i].version.minor) &&
0564             (version->rev_major ==
0565              vendor_dur_overrides[i].version.rev_major) &&
0566             (version->rev_minor ==
0567              vendor_dur_overrides[i].version.rev_minor)) {
0568
0569             memcpy(duration_cap,
0570                    vendor_dur_overrides[i].durations,
0571                    sizeof(vendor_dur_overrides[i].durations));
0572
0573             chip->duration_adjusted = true;
0574             goto out;
0575         }
0576     }
0577
0578 out:
0579     if (chip->ops->clk_enable != NULL)
0580         chip->ops->clk_enable(chip, false);
0581 }
0582
0583 struct tis_vendor_timeout_override {
0584     u32 did_vid;
0585     unsigned long timeout_us[4];
0586 };
0587
0588 static const struct tis_vendor_timeout_override vendor_timeout_overrides[] = {
0589     /* Atmel 3204 */
0590     { 0x32041114, { (TIS_SHORT_TIMEOUT*1000), (TIS_LONG_TIMEOUT*1000),
0591             (TIS_SHORT_TIMEOUT*1000), (TIS_SHORT_TIMEOUT*1000) } },
0592 };
0593
0594 static void tpm_tis_update_timeouts(struct tpm_chip *chip,
0595                     unsigned long *timeout_cap)
0596 {
0597     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0598     int i, rc;
0599     u32 did_vid;
0600
0601     chip->timeout_adjusted = false;
0602
0603     if (chip->ops->clk_enable != NULL)
0604         chip->ops->clk_enable(chip, true);
0605
0606     rc = tpm_tis_read32(priv, TPM_DID_VID(0), &did_vid);
0607     if (rc < 0) {
0608         dev_warn(&chip->dev, "%s: failed to read did_vid: %d\n",
0609              __func__, rc);
0610         goto out;
0611     }
0612
0613     for (i = 0; i != ARRAY_SIZE(vendor_timeout_overrides); i++) {
0614         if (vendor_timeout_overrides[i].did_vid != did_vid)
0615             continue;
0616         memcpy(timeout_cap, vendor_timeout_overrides[i].timeout_us,
0617                sizeof(vendor_timeout_overrides[i].timeout_us));
0618         chip->timeout_adjusted = true;
0619     }
0620
0621 out:
0622     if (chip->ops->clk_enable != NULL)
0623         chip->ops->clk_enable(chip, false);
0624
0625     return;
0626 }
0627
0628 /*
0629  * Early probing for iTPM with STS_DATA_EXPECT flaw.
0630  * Try sending command without itpm flag set and if that
0631  * fails, repeat with itpm flag set.
0632  */
0633 static int probe_itpm(struct tpm_chip *chip)
0634 {
0635     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0636     int rc = 0;
0637     static const u8 cmd_getticks[] = {
0638         0x00, 0xc1, 0x00, 0x00, 0x00, 0x0a,
0639         0x00, 0x00, 0x00, 0xf1
0640     };
0641     size_t len = sizeof(cmd_getticks);
0642     u16 vendor;
0643
0644     if (priv->flags & TPM_TIS_ITPM_WORKAROUND)
0645         return 0;
0646
0647     rc = tpm_tis_read16(priv, TPM_DID_VID(0), &vendor);
0648     if (rc < 0)
0649         return rc;
0650
0651     /* probe only iTPMS */
0652     if (vendor != TPM_VID_INTEL)
0653         return 0;
0654
0655     if (request_locality(chip, 0) != 0)
0656         return -EBUSY;
0657
0658     rc = tpm_tis_send_data(chip, cmd_getticks, len);
0659     if (rc == 0)
0660         goto out;
0661
0662     tpm_tis_ready(chip);
0663
0664     priv->flags |= TPM_TIS_ITPM_WORKAROUND;
0665
0666     rc = tpm_tis_send_data(chip, cmd_getticks, len);
0667     if (rc == 0)
0668         dev_info(&chip->dev, "Detected an iTPM.\n");
0669     else {
0670         priv->flags &= ~TPM_TIS_ITPM_WORKAROUND;
0671         rc = -EFAULT;
0672     }
0673
0674 out:
0675     tpm_tis_ready(chip);
0676     release_locality(chip, priv->locality);
0677
0678     return rc;
0679 }
0680
0681 static bool tpm_tis_req_canceled(struct tpm_chip *chip, u8 status)
0682 {
0683     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0684
0685     switch (priv->manufacturer_id) {
0686     case TPM_VID_WINBOND:
0687         return ((status == TPM_STS_VALID) ||
0688             (status == (TPM_STS_VALID | TPM_STS_COMMAND_READY)));
0689     case TPM_VID_STM:
0690         return (status == (TPM_STS_VALID | TPM_STS_COMMAND_READY));
0691     default:
0692         return (status == TPM_STS_COMMAND_READY);
0693     }
0694 }
0695
0696 static irqreturn_t tis_int_handler(int dummy, void *dev_id)
0697 {
0698     struct tpm_chip *chip = dev_id;
0699     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0700     u32 interrupt;
0701     int i, rc;
0702
0703     rc = tpm_tis_read32(priv, TPM_INT_STATUS(priv->locality), &interrupt);
0704     if (rc < 0)
0705         return IRQ_NONE;
0706
0707     if (interrupt == 0)
0708         return IRQ_NONE;
0709
0710     priv->irq_tested = true;
0711     if (interrupt & TPM_INTF_DATA_AVAIL_INT)
0712         wake_up_interruptible(&priv->read_queue);
0713     if (interrupt & TPM_INTF_LOCALITY_CHANGE_INT)
0714         for (i = 0; i < 5; i++)
0715             if (check_locality(chip, i))
0716                 break;
0717     if (interrupt &
0718         (TPM_INTF_LOCALITY_CHANGE_INT | TPM_INTF_STS_VALID_INT |
0719          TPM_INTF_CMD_READY_INT))
0720         wake_up_interruptible(&priv->int_queue);
0721
0722     /* Clear interrupts handled with TPM_EOI */
0723     rc = tpm_tis_write32(priv, TPM_INT_STATUS(priv->locality), interrupt);
0724     if (rc < 0)
0725         return IRQ_NONE;
0726
0727     tpm_tis_read32(priv, TPM_INT_STATUS(priv->locality), &interrupt);
0728     return IRQ_HANDLED;
0729 }
0730
0731 static int tpm_tis_gen_interrupt(struct tpm_chip *chip)
0732 {
0733     const char *desc = "attempting to generate an interrupt";
0734     u32 cap2;
0735     cap_t cap;
0736     int ret;
0737
0738     ret = request_locality(chip, 0);
0739     if (ret < 0)
0740         return ret;
0741
0742     if (chip->flags & TPM_CHIP_FLAG_TPM2)
0743         ret = tpm2_get_tpm_pt(chip, 0x100, &cap2, desc);
0744     else
0745         ret = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, desc, 0);
0746
0747     release_locality(chip, 0);
0748
0749     return ret;
0750 }
0751
0752 /* Register the IRQ and issue a command that will cause an interrupt. If an
0753  * irq is seen then leave the chip setup for IRQ operation, otherwise reverse
0754  * everything and leave in polling mode. Returns 0 on success.
0755  */
0756 static int tpm_tis_probe_irq_single(struct tpm_chip *chip, u32 intmask,
0757                     int flags, int irq)
0758 {
0759     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0760     u8 original_int_vec;
0761     int rc;
0762     u32 int_status;
0763
0764     if (devm_request_irq(chip->dev.parent, irq, tis_int_handler, flags,
0765                  dev_name(&chip->dev), chip) != 0) {
0766         dev_info(&chip->dev, "Unable to request irq: %d for probe\n",
0767              irq);
0768         return -1;
0769     }
0770     priv->irq = irq;
0771
0772     rc = tpm_tis_read8(priv, TPM_INT_VECTOR(priv->locality),
0773                &original_int_vec);
0774     if (rc < 0)
0775         return rc;
0776
0777     rc = tpm_tis_write8(priv, TPM_INT_VECTOR(priv->locality), irq);
0778     if (rc < 0)
0779         return rc;
0780
0781     rc = tpm_tis_read32(priv, TPM_INT_STATUS(priv->locality), &int_status);
0782     if (rc < 0)
0783         return rc;
0784
0785     /* Clear all existing */
0786     rc = tpm_tis_write32(priv, TPM_INT_STATUS(priv->locality), int_status);
0787     if (rc < 0)
0788         return rc;
0789
0790     /* Turn on */
0791     rc = tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality),
0792                  intmask | TPM_GLOBAL_INT_ENABLE);
0793     if (rc < 0)
0794         return rc;
0795
0796     priv->irq_tested = false;
0797
0798     /* Generate an interrupt by having the core call through to
0799      * tpm_tis_send
0800      */
0801     rc = tpm_tis_gen_interrupt(chip);
0802     if (rc < 0)
0803         return rc;
0804
0805     /* tpm_tis_send will either confirm the interrupt is working or it
0806      * will call disable_irq which undoes all of the above.
0807      */
0808     if (!(chip->flags & TPM_CHIP_FLAG_IRQ)) {
0809         rc = tpm_tis_write8(priv, original_int_vec,
0810                 TPM_INT_VECTOR(priv->locality));
0811         if (rc < 0)
0812             return rc;
0813
0814         return 1;
0815     }
0816
0817     return 0;
0818 }
0819
0820 /* Try to find the IRQ the TPM is using. This is for legacy x86 systems that
0821  * do not have ACPI/etc. We typically expect the interrupt to be declared if
0822  * present.
0823  */
0824 static void tpm_tis_probe_irq(struct tpm_chip *chip, u32 intmask)
0825 {
0826     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0827     u8 original_int_vec;
0828     int i, rc;
0829
0830     rc = tpm_tis_read8(priv, TPM_INT_VECTOR(priv->locality),
0831                &original_int_vec);
0832     if (rc < 0)
0833         return;
0834
0835     if (!original_int_vec) {
0836         if (IS_ENABLED(CONFIG_X86))
0837             for (i = 3; i <= 15; i++)
0838                 if (!tpm_tis_probe_irq_single(chip, intmask, 0,
0839                                   i))
0840                     return;
0841     } else if (!tpm_tis_probe_irq_single(chip, intmask, 0,
0842                          original_int_vec))
0843         return;
0844 }
0845
0846 void tpm_tis_remove(struct tpm_chip *chip)
0847 {
0848     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
0849     u32 reg = TPM_INT_ENABLE(priv->locality);
0850     u32 interrupt;
0851     int rc;
0852
0853     tpm_tis_clkrun_enable(chip, true);
0854
0855     rc = tpm_tis_read32(priv, reg, &interrupt);
0856     if (rc < 0)
0857         interrupt = 0;
0858
0859     tpm_tis_write32(priv, reg, ~TPM_GLOBAL_INT_ENABLE & interrupt);
0860
0861     tpm_tis_clkrun_enable(chip, false);
0862
0863     if (priv->ilb_base_addr)
0864         iounmap(priv->ilb_base_addr);
0865 }
0866 EXPORT_SYMBOL_GPL(tpm_tis_remove);
0867
0868 /**
0869  * tpm_tis_clkrun_enable() - Keep clkrun protocol disabled for entire duration
0870  *                           of a single TPM command
0871  * @chip:   TPM chip to use
0872  * @value:  1 - Disable CLKRUN protocol, so that clocks are free running
0873  *      0 - Enable CLKRUN protocol
0874  * Call this function directly in tpm_tis_remove() in error or driver removal
0875  * path, since the chip->ops is set to NULL in tpm_chip_unregister().
0876  */
0877 static void tpm_tis_clkrun_enable(struct tpm_chip *chip, bool value)
0878 {
0879     struct tpm_tis_data *data = dev_get_drvdata(&chip->dev);
0880     u32 clkrun_val;
0881
0882     if (!IS_ENABLED(CONFIG_X86) || !is_bsw() ||
0883         !data->ilb_base_addr)
0884         return;
0885
0886     if (value) {
0887         data->clkrun_enabled++;
0888         if (data->clkrun_enabled > 1)
0889             return;
0890         clkrun_val = ioread32(data->ilb_base_addr + LPC_CNTRL_OFFSET);
0891
0892         /* Disable LPC CLKRUN# */
0893         clkrun_val &= ~LPC_CLKRUN_EN;
0894         iowrite32(clkrun_val, data->ilb_base_addr + LPC_CNTRL_OFFSET);
0895
0896         /*
0897          * Write any random value on port 0x80 which is on LPC, to make
0898          * sure LPC clock is running before sending any TPM command.
0899          */
0900         outb(0xCC, 0x80);
0901     } else {
0902         data->clkrun_enabled--;
0903         if (data->clkrun_enabled)
0904             return;
0905
0906         clkrun_val = ioread32(data->ilb_base_addr + LPC_CNTRL_OFFSET);
0907
0908         /* Enable LPC CLKRUN# */
0909         clkrun_val |= LPC_CLKRUN_EN;
0910         iowrite32(clkrun_val, data->ilb_base_addr + LPC_CNTRL_OFFSET);
0911
0912         /*
0913          * Write any random value on port 0x80 which is on LPC, to make
0914          * sure LPC clock is running before sending any TPM command.
0915          */
0916         outb(0xCC, 0x80);
0917     }
0918 }
0919
0920 static const struct tpm_class_ops tpm_tis = {
0921     .flags = TPM_OPS_AUTO_STARTUP,
0922     .status = tpm_tis_status,
0923     .recv = tpm_tis_recv,
0924     .send = tpm_tis_send,
0925     .cancel = tpm_tis_ready,
0926     .update_timeouts = tpm_tis_update_timeouts,
0927     .update_durations = tpm_tis_update_durations,
0928     .req_complete_mask = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
0929     .req_complete_val = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
0930     .req_canceled = tpm_tis_req_canceled,
0931     .request_locality = request_locality,
0932     .relinquish_locality = release_locality,
0933     .clk_enable = tpm_tis_clkrun_enable,
0934 };
0935
0936 int tpm_tis_core_init(struct device *dev, struct tpm_tis_data *priv, int irq,
0937               const struct tpm_tis_phy_ops *phy_ops,
0938               acpi_handle acpi_dev_handle)
0939 {
0940     u32 vendor;
0941     u32 intfcaps;
0942     u32 intmask;
0943     u32 clkrun_val;
0944     u8 rid;
0945     int rc, probe;
0946     struct tpm_chip *chip;
0947
0948     chip = tpmm_chip_alloc(dev, &tpm_tis);
0949     if (IS_ERR(chip))
0950         return PTR_ERR(chip);
0951
0952 #ifdef CONFIG_ACPI
0953     chip->acpi_dev_handle = acpi_dev_handle;
0954 #endif
0955
0956     chip->hwrng.quality = priv->rng_quality;
0957
0958     /* Maximum timeouts */
0959     chip->timeout_a = msecs_to_jiffies(TIS_TIMEOUT_A_MAX);
0960     chip->timeout_b = msecs_to_jiffies(TIS_TIMEOUT_B_MAX);
0961     chip->timeout_c = msecs_to_jiffies(TIS_TIMEOUT_C_MAX);
0962     chip->timeout_d = msecs_to_jiffies(TIS_TIMEOUT_D_MAX);
0963     priv->timeout_min = TPM_TIMEOUT_USECS_MIN;
0964     priv->timeout_max = TPM_TIMEOUT_USECS_MAX;
0965     priv->phy_ops = phy_ops;
0966
0967     dev_set_drvdata(&chip->dev, priv);
0968
0969     rc = tpm_tis_read32(priv, TPM_DID_VID(0), &vendor);
0970     if (rc < 0)
0971         return rc;
0972
0973     priv->manufacturer_id = vendor;
0974
0975     if (priv->manufacturer_id == TPM_VID_ATML &&
0976         !(chip->flags & TPM_CHIP_FLAG_TPM2)) {
0977         priv->timeout_min = TIS_TIMEOUT_MIN_ATML;
0978         priv->timeout_max = TIS_TIMEOUT_MAX_ATML;
0979     }
0980
0981     if (is_bsw()) {
0982         priv->ilb_base_addr = ioremap(INTEL_LEGACY_BLK_BASE_ADDR,
0983                     ILB_REMAP_SIZE);
0984         if (!priv->ilb_base_addr)
0985             return -ENOMEM;
0986
0987         clkrun_val = ioread32(priv->ilb_base_addr + LPC_CNTRL_OFFSET);
0988         /* Check if CLKRUN# is already not enabled in the LPC bus */
0989         if (!(clkrun_val & LPC_CLKRUN_EN)) {
0990             iounmap(priv->ilb_base_addr);
0991             priv->ilb_base_addr = NULL;
0992         }
0993     }
0994
0995     if (chip->ops->clk_enable != NULL)
0996         chip->ops->clk_enable(chip, true);
0997
0998     if (wait_startup(chip, 0) != 0) {
0999         rc = -ENODEV;
1000         goto out_err;
1001     }
1002
1003     /* Take control of the TPM's interrupt hardware and shut it off */
1004     rc = tpm_tis_read32(priv, TPM_INT_ENABLE(priv->locality), &intmask);
1005     if (rc < 0)
1006         goto out_err;
1007
1008     intmask |= TPM_INTF_CMD_READY_INT | TPM_INTF_LOCALITY_CHANGE_INT |
1009            TPM_INTF_DATA_AVAIL_INT | TPM_INTF_STS_VALID_INT;
1010     intmask &= ~TPM_GLOBAL_INT_ENABLE;
1011
1012     rc = request_locality(chip, 0);
1013     if (rc < 0) {
1014         rc = -ENODEV;
1015         goto out_err;
1016     }
1017
1018     tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality), intmask);
1019     release_locality(chip, 0);
1020
1021     rc = tpm_chip_start(chip);
1022     if (rc)
1023         goto out_err;
1024     rc = tpm2_probe(chip);
1025     tpm_chip_stop(chip);
1026     if (rc)
1027         goto out_err;
1028
1029     rc = tpm_tis_read8(priv, TPM_RID(0), &rid);
1030     if (rc < 0)
1031         goto out_err;
1032
1033     dev_info(dev, "%s TPM (device-id 0x%X, rev-id %d)\n",
1034          (chip->flags & TPM_CHIP_FLAG_TPM2) ? "2.0" : "1.2",
1035          vendor >> 16, rid);
1036
1037     probe = probe_itpm(chip);
1038     if (probe < 0) {
1039         rc = -ENODEV;
1040         goto out_err;
1041     }
1042
1043     /* Figure out the capabilities */
1044     rc = tpm_tis_read32(priv, TPM_INTF_CAPS(priv->locality), &intfcaps);
1045     if (rc < 0)
1046         goto out_err;
1047
1048     dev_dbg(dev, "TPM interface capabilities (0x%x):\n",
1049         intfcaps);
1050     if (intfcaps & TPM_INTF_BURST_COUNT_STATIC)
1051         dev_dbg(dev, "\tBurst Count Static\n");
1052     if (intfcaps & TPM_INTF_CMD_READY_INT)
1053         dev_dbg(dev, "\tCommand Ready Int Support\n");
1054     if (intfcaps & TPM_INTF_INT_EDGE_FALLING)
1055         dev_dbg(dev, "\tInterrupt Edge Falling\n");
1056     if (intfcaps & TPM_INTF_INT_EDGE_RISING)
1057         dev_dbg(dev, "\tInterrupt Edge Rising\n");
1058     if (intfcaps & TPM_INTF_INT_LEVEL_LOW)
1059         dev_dbg(dev, "\tInterrupt Level Low\n");
1060     if (intfcaps & TPM_INTF_INT_LEVEL_HIGH)
1061         dev_dbg(dev, "\tInterrupt Level High\n");
1062     if (intfcaps & TPM_INTF_LOCALITY_CHANGE_INT)
1063         dev_dbg(dev, "\tLocality Change Int Support\n");
1064     if (intfcaps & TPM_INTF_STS_VALID_INT)
1065         dev_dbg(dev, "\tSts Valid Int Support\n");
1066     if (intfcaps & TPM_INTF_DATA_AVAIL_INT)
1067         dev_dbg(dev, "\tData Avail Int Support\n");
1068
1069     /* INTERRUPT Setup */
1070     init_waitqueue_head(&priv->read_queue);
1071     init_waitqueue_head(&priv->int_queue);
1072     if (irq != -1) {
1073         /*
1074          * Before doing irq testing issue a command to the TPM in polling mode
1075          * to make sure it works. May as well use that command to set the
1076          * proper timeouts for the driver.
1077          */
1078
1079         rc = request_locality(chip, 0);
1080         if (rc < 0)
1081             goto out_err;
1082
1083         rc = tpm_get_timeouts(chip);
1084
1085         release_locality(chip, 0);
1086
1087         if (rc) {
1088             dev_err(dev, "Could not get TPM timeouts and durations\n");
1089             rc = -ENODEV;
1090             goto out_err;
1091         }
1092
1093         if (irq) {
1094             tpm_tis_probe_irq_single(chip, intmask, IRQF_SHARED,
1095                          irq);
1096             if (!(chip->flags & TPM_CHIP_FLAG_IRQ)) {
1097                 dev_err(&chip->dev, FW_BUG
1098                     "TPM interrupt not working, polling instead\n");
1099
1100                 disable_interrupts(chip);
1101             }
1102         } else {
1103             tpm_tis_probe_irq(chip, intmask);
1104         }
1105     }
1106
1107     rc = tpm_chip_register(chip);
1108     if (rc)
1109         goto out_err;
1110
1111     if (chip->ops->clk_enable != NULL)
1112         chip->ops->clk_enable(chip, false);
1113
1114     return 0;
1115 out_err:
1116     if (chip->ops->clk_enable != NULL)
1117         chip->ops->clk_enable(chip, false);
1118
1119     tpm_tis_remove(chip);
1120
1121     return rc;
1122 }
1123 EXPORT_SYMBOL_GPL(tpm_tis_core_init);
1124
1125 #ifdef CONFIG_PM_SLEEP
1126 static void tpm_tis_reenable_interrupts(struct tpm_chip *chip)
1127 {
1128     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
1129     u32 intmask;
1130     int rc;
1131
1132     if (chip->ops->clk_enable != NULL)
1133         chip->ops->clk_enable(chip, true);
1134
1135     /* reenable interrupts that device may have lost or
1136      * BIOS/firmware may have disabled
1137      */
1138     rc = tpm_tis_write8(priv, TPM_INT_VECTOR(priv->locality), priv->irq);
1139     if (rc < 0)
1140         goto out;
1141
1142     rc = tpm_tis_read32(priv, TPM_INT_ENABLE(priv->locality), &intmask);
1143     if (rc < 0)
1144         goto out;
1145
1146     intmask |= TPM_INTF_CMD_READY_INT
1147         | TPM_INTF_LOCALITY_CHANGE_INT | TPM_INTF_DATA_AVAIL_INT
1148         | TPM_INTF_STS_VALID_INT | TPM_GLOBAL_INT_ENABLE;
1149
1150     tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality), intmask);
1151
1152 out:
1153     if (chip->ops->clk_enable != NULL)
1154         chip->ops->clk_enable(chip, false);
1155
1156     return;
1157 }
1158
1159 int tpm_tis_resume(struct device *dev)
1160 {
1161     struct tpm_chip *chip = dev_get_drvdata(dev);
1162     int ret;
1163
1164     if (chip->flags & TPM_CHIP_FLAG_IRQ)
1165         tpm_tis_reenable_interrupts(chip);
1166
1167     ret = tpm_pm_resume(dev);
1168     if (ret)
1169         return ret;
1170
1171     /*
1172      * TPM 1.2 requires self-test on resume. This function actually returns
1173      * an error code but for unknown reason it isn't handled.
1174      */
1175     if (!(chip->flags & TPM_CHIP_FLAG_TPM2)) {
1176         ret = request_locality(chip, 0);
1177         if (ret < 0)
1178             return ret;
1179
1180         tpm1_do_selftest(chip);
1181
1182         release_locality(chip, 0);
1183     }
1184
1185     return 0;
1186 }
1187 EXPORT_SYMBOL_GPL(tpm_tis_resume);
1188 #endif
1189
1190 MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)");
1191 MODULE_DESCRIPTION("TPM Driver");
1192 MODULE_VERSION("2.0");
1193 MODULE_LICENSE("GPL");