Loading...
1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * Copyright (C) 2005, 2006 IBM Corporation
4 * Copyright (C) 2014, 2015 Intel Corporation
5 *
6 * Authors:
7 * Leendert van Doorn <leendert@watson.ibm.com>
8 * Kylene Hall <kjhall@us.ibm.com>
9 *
10 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
11 *
12 * Device driver for TCG/TCPA TPM (trusted platform module).
13 * Specifications at www.trustedcomputinggroup.org
14 *
15 * This device driver implements the TPM interface as defined in
16 * the TCG TPM Interface Spec version 1.2, revision 1.0.
17 */
18#include <linux/init.h>
19#include <linux/module.h>
20#include <linux/moduleparam.h>
21#include <linux/pnp.h>
22#include <linux/slab.h>
23#include <linux/interrupt.h>
24#include <linux/wait.h>
25#include <linux/acpi.h>
26#include <linux/freezer.h>
27#include <linux/dmi.h>
28#include "tpm.h"
29#include "tpm_tis_core.h"
30
31#define TPM_TIS_MAX_UNHANDLED_IRQS 1000
32
33static void tpm_tis_clkrun_enable(struct tpm_chip *chip, bool value);
34
35static bool wait_for_tpm_stat_cond(struct tpm_chip *chip, u8 mask,
36 bool check_cancel, bool *canceled)
37{
38 u8 status = chip->ops->status(chip);
39
40 *canceled = false;
41 if ((status & mask) == mask)
42 return true;
43 if (check_cancel && chip->ops->req_canceled(chip, status)) {
44 *canceled = true;
45 return true;
46 }
47 return false;
48}
49
50static u8 tpm_tis_filter_sts_mask(u8 int_mask, u8 sts_mask)
51{
52 if (!(int_mask & TPM_INTF_STS_VALID_INT))
53 sts_mask &= ~TPM_STS_VALID;
54
55 if (!(int_mask & TPM_INTF_DATA_AVAIL_INT))
56 sts_mask &= ~TPM_STS_DATA_AVAIL;
57
58 if (!(int_mask & TPM_INTF_CMD_READY_INT))
59 sts_mask &= ~TPM_STS_COMMAND_READY;
60
61 return sts_mask;
62}
63
64static int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask,
65 unsigned long timeout, wait_queue_head_t *queue,
66 bool check_cancel)
67{
68 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
69 unsigned long stop;
70 long rc;
71 u8 status;
72 bool canceled = false;
73 u8 sts_mask;
74 int ret = 0;
75
76 /* check current status */
77 status = chip->ops->status(chip);
78 if ((status & mask) == mask)
79 return 0;
80
81 sts_mask = mask & (TPM_STS_VALID | TPM_STS_DATA_AVAIL |
82 TPM_STS_COMMAND_READY);
83 /* check what status changes can be handled by irqs */
84 sts_mask = tpm_tis_filter_sts_mask(priv->int_mask, sts_mask);
85
86 stop = jiffies + timeout;
87 /* process status changes with irq support */
88 if (sts_mask) {
89 ret = -ETIME;
90again:
91 timeout = stop - jiffies;
92 if ((long)timeout <= 0)
93 return -ETIME;
94 rc = wait_event_interruptible_timeout(*queue,
95 wait_for_tpm_stat_cond(chip, sts_mask, check_cancel,
96 &canceled),
97 timeout);
98 if (rc > 0) {
99 if (canceled)
100 return -ECANCELED;
101 ret = 0;
102 }
103 if (rc == -ERESTARTSYS && freezing(current)) {
104 clear_thread_flag(TIF_SIGPENDING);
105 goto again;
106 }
107 }
108
109 if (ret)
110 return ret;
111
112 mask &= ~sts_mask;
113 if (!mask) /* all done */
114 return 0;
115 /* process status changes without irq support */
116 do {
117 status = chip->ops->status(chip);
118 if ((status & mask) == mask)
119 return 0;
120 usleep_range(priv->timeout_min,
121 priv->timeout_max);
122 } while (time_before(jiffies, stop));
123 return -ETIME;
124}
125
126/* Before we attempt to access the TPM we must see that the valid bit is set.
127 * The specification says that this bit is 0 at reset and remains 0 until the
128 * 'TPM has gone through its self test and initialization and has established
129 * correct values in the other bits.'
130 */
131static int wait_startup(struct tpm_chip *chip, int l)
132{
133 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
134 unsigned long stop = jiffies + chip->timeout_a;
135
136 do {
137 int rc;
138 u8 access;
139
140 rc = tpm_tis_read8(priv, TPM_ACCESS(l), &access);
141 if (rc < 0)
142 return rc;
143
144 if (access & TPM_ACCESS_VALID)
145 return 0;
146 tpm_msleep(TPM_TIMEOUT);
147 } while (time_before(jiffies, stop));
148 return -1;
149}
150
151static bool check_locality(struct tpm_chip *chip, int l)
152{
153 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
154 int rc;
155 u8 access;
156
157 rc = tpm_tis_read8(priv, TPM_ACCESS(l), &access);
158 if (rc < 0)
159 return false;
160
161 if ((access & (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID
162 | TPM_ACCESS_REQUEST_USE)) ==
163 (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID)) {
164 priv->locality = l;
165 return true;
166 }
167
168 return false;
169}
170
171static int __tpm_tis_relinquish_locality(struct tpm_tis_data *priv, int l)
172{
173 tpm_tis_write8(priv, TPM_ACCESS(l), TPM_ACCESS_ACTIVE_LOCALITY);
174
175 return 0;
176}
177
178static int tpm_tis_relinquish_locality(struct tpm_chip *chip, int l)
179{
180 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
181
182 mutex_lock(&priv->locality_count_mutex);
183 priv->locality_count--;
184 if (priv->locality_count == 0)
185 __tpm_tis_relinquish_locality(priv, l);
186 mutex_unlock(&priv->locality_count_mutex);
187
188 return 0;
189}
190
191static int __tpm_tis_request_locality(struct tpm_chip *chip, int l)
192{
193 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
194 unsigned long stop, timeout;
195 long rc;
196
197 if (check_locality(chip, l))
198 return l;
199
200 rc = tpm_tis_write8(priv, TPM_ACCESS(l), TPM_ACCESS_REQUEST_USE);
201 if (rc < 0)
202 return rc;
203
204 stop = jiffies + chip->timeout_a;
205
206 if (chip->flags & TPM_CHIP_FLAG_IRQ) {
207again:
208 timeout = stop - jiffies;
209 if ((long)timeout <= 0)
210 return -1;
211 rc = wait_event_interruptible_timeout(priv->int_queue,
212 (check_locality
213 (chip, l)),
214 timeout);
215 if (rc > 0)
216 return l;
217 if (rc == -ERESTARTSYS && freezing(current)) {
218 clear_thread_flag(TIF_SIGPENDING);
219 goto again;
220 }
221 } else {
222 /* wait for burstcount */
223 do {
224 if (check_locality(chip, l))
225 return l;
226 tpm_msleep(TPM_TIMEOUT);
227 } while (time_before(jiffies, stop));
228 }
229 return -1;
230}
231
232static int tpm_tis_request_locality(struct tpm_chip *chip, int l)
233{
234 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
235 int ret = 0;
236
237 mutex_lock(&priv->locality_count_mutex);
238 if (priv->locality_count == 0)
239 ret = __tpm_tis_request_locality(chip, l);
240 if (!ret)
241 priv->locality_count++;
242 mutex_unlock(&priv->locality_count_mutex);
243 return ret;
244}
245
246static u8 tpm_tis_status(struct tpm_chip *chip)
247{
248 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
249 int rc;
250 u8 status;
251
252 rc = tpm_tis_read8(priv, TPM_STS(priv->locality), &status);
253 if (rc < 0)
254 return 0;
255
256 if (unlikely((status & TPM_STS_READ_ZERO) != 0)) {
257 if (!test_and_set_bit(TPM_TIS_INVALID_STATUS, &priv->flags)) {
258 /*
259 * If this trips, the chances are the read is
260 * returning 0xff because the locality hasn't been
261 * acquired. Usually because tpm_try_get_ops() hasn't
262 * been called before doing a TPM operation.
263 */
264 dev_err(&chip->dev, "invalid TPM_STS.x 0x%02x, dumping stack for forensics\n",
265 status);
266
267 /*
268 * Dump stack for forensics, as invalid TPM_STS.x could be
269 * potentially triggered by impaired tpm_try_get_ops() or
270 * tpm_find_get_ops().
271 */
272 dump_stack();
273 }
274
275 return 0;
276 }
277
278 return status;
279}
280
281static void tpm_tis_ready(struct tpm_chip *chip)
282{
283 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
284
285 /* this causes the current command to be aborted */
286 tpm_tis_write8(priv, TPM_STS(priv->locality), TPM_STS_COMMAND_READY);
287}
288
289static int get_burstcount(struct tpm_chip *chip)
290{
291 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
292 unsigned long stop;
293 int burstcnt, rc;
294 u32 value;
295
296 /* wait for burstcount */
297 if (chip->flags & TPM_CHIP_FLAG_TPM2)
298 stop = jiffies + chip->timeout_a;
299 else
300 stop = jiffies + chip->timeout_d;
301 do {
302 rc = tpm_tis_read32(priv, TPM_STS(priv->locality), &value);
303 if (rc < 0)
304 return rc;
305
306 burstcnt = (value >> 8) & 0xFFFF;
307 if (burstcnt)
308 return burstcnt;
309 usleep_range(TPM_TIMEOUT_USECS_MIN, TPM_TIMEOUT_USECS_MAX);
310 } while (time_before(jiffies, stop));
311 return -EBUSY;
312}
313
314static int recv_data(struct tpm_chip *chip, u8 *buf, size_t count)
315{
316 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
317 int size = 0, burstcnt, rc;
318
319 while (size < count) {
320 rc = wait_for_tpm_stat(chip,
321 TPM_STS_DATA_AVAIL | TPM_STS_VALID,
322 chip->timeout_c,
323 &priv->read_queue, true);
324 if (rc < 0)
325 return rc;
326 burstcnt = get_burstcount(chip);
327 if (burstcnt < 0) {
328 dev_err(&chip->dev, "Unable to read burstcount\n");
329 return burstcnt;
330 }
331 burstcnt = min_t(int, burstcnt, count - size);
332
333 rc = tpm_tis_read_bytes(priv, TPM_DATA_FIFO(priv->locality),
334 burstcnt, buf + size);
335 if (rc < 0)
336 return rc;
337
338 size += burstcnt;
339 }
340 return size;
341}
342
343static int tpm_tis_try_recv(struct tpm_chip *chip, u8 *buf, size_t count)
344{
345 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
346 int size = 0;
347 int status;
348 u32 expected;
349 int rc;
350
351 size = recv_data(chip, buf, TPM_HEADER_SIZE);
352 /* read first 10 bytes, including tag, paramsize, and result */
353 if (size < TPM_HEADER_SIZE) {
354 dev_err(&chip->dev, "Unable to read header\n");
355 goto out;
356 }
357
358 expected = be32_to_cpu(*(__be32 *) (buf + 2));
359 if (expected > count || expected < TPM_HEADER_SIZE) {
360 size = -EIO;
361 goto out;
362 }
363
364 rc = recv_data(chip, &buf[TPM_HEADER_SIZE],
365 expected - TPM_HEADER_SIZE);
366 if (rc < 0) {
367 size = rc;
368 goto out;
369 }
370 size += rc;
371 if (size < expected) {
372 dev_err(&chip->dev, "Unable to read remainder of result\n");
373 size = -ETIME;
374 goto out;
375 }
376
377 if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
378 &priv->int_queue, false) < 0) {
379 size = -ETIME;
380 goto out;
381 }
382 status = tpm_tis_status(chip);
383 if (status & TPM_STS_DATA_AVAIL) {
384 dev_err(&chip->dev, "Error left over data\n");
385 size = -EIO;
386 goto out;
387 }
388
389 rc = tpm_tis_verify_crc(priv, (size_t)size, buf);
390 if (rc < 0) {
391 dev_err(&chip->dev, "CRC mismatch for response.\n");
392 size = rc;
393 goto out;
394 }
395
396out:
397 return size;
398}
399
400static int tpm_tis_recv(struct tpm_chip *chip, u8 *buf, size_t count)
401{
402 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
403 unsigned int try;
404 int rc = 0;
405
406 if (count < TPM_HEADER_SIZE)
407 return -EIO;
408
409 for (try = 0; try < TPM_RETRY; try++) {
410 rc = tpm_tis_try_recv(chip, buf, count);
411
412 if (rc == -EIO)
413 /* Data transfer errors, indicated by EIO, can be
414 * recovered by rereading the response.
415 */
416 tpm_tis_write8(priv, TPM_STS(priv->locality),
417 TPM_STS_RESPONSE_RETRY);
418 else
419 break;
420 }
421
422 tpm_tis_ready(chip);
423
424 return rc;
425}
426
427/*
428 * If interrupts are used (signaled by an irq set in the vendor structure)
429 * tpm.c can skip polling for the data to be available as the interrupt is
430 * waited for here
431 */
432static int tpm_tis_send_data(struct tpm_chip *chip, const u8 *buf, size_t len)
433{
434 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
435 int rc, status, burstcnt;
436 size_t count = 0;
437 bool itpm = test_bit(TPM_TIS_ITPM_WORKAROUND, &priv->flags);
438
439 status = tpm_tis_status(chip);
440 if ((status & TPM_STS_COMMAND_READY) == 0) {
441 tpm_tis_ready(chip);
442 if (wait_for_tpm_stat
443 (chip, TPM_STS_COMMAND_READY, chip->timeout_b,
444 &priv->int_queue, false) < 0) {
445 rc = -ETIME;
446 goto out_err;
447 }
448 }
449
450 while (count < len - 1) {
451 burstcnt = get_burstcount(chip);
452 if (burstcnt < 0) {
453 dev_err(&chip->dev, "Unable to read burstcount\n");
454 rc = burstcnt;
455 goto out_err;
456 }
457 burstcnt = min_t(int, burstcnt, len - count - 1);
458 rc = tpm_tis_write_bytes(priv, TPM_DATA_FIFO(priv->locality),
459 burstcnt, buf + count);
460 if (rc < 0)
461 goto out_err;
462
463 count += burstcnt;
464
465 if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
466 &priv->int_queue, false) < 0) {
467 rc = -ETIME;
468 goto out_err;
469 }
470 status = tpm_tis_status(chip);
471 if (!itpm && (status & TPM_STS_DATA_EXPECT) == 0) {
472 rc = -EIO;
473 goto out_err;
474 }
475 }
476
477 /* write last byte */
478 rc = tpm_tis_write8(priv, TPM_DATA_FIFO(priv->locality), buf[count]);
479 if (rc < 0)
480 goto out_err;
481
482 if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
483 &priv->int_queue, false) < 0) {
484 rc = -ETIME;
485 goto out_err;
486 }
487 status = tpm_tis_status(chip);
488 if (!itpm && (status & TPM_STS_DATA_EXPECT) != 0) {
489 rc = -EIO;
490 goto out_err;
491 }
492
493 rc = tpm_tis_verify_crc(priv, len, buf);
494 if (rc < 0) {
495 dev_err(&chip->dev, "CRC mismatch for command.\n");
496 goto out_err;
497 }
498
499 return 0;
500
501out_err:
502 tpm_tis_ready(chip);
503 return rc;
504}
505
506static void __tpm_tis_disable_interrupts(struct tpm_chip *chip)
507{
508 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
509 u32 int_mask = 0;
510
511 tpm_tis_read32(priv, TPM_INT_ENABLE(priv->locality), &int_mask);
512 int_mask &= ~TPM_GLOBAL_INT_ENABLE;
513 tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality), int_mask);
514
515 chip->flags &= ~TPM_CHIP_FLAG_IRQ;
516}
517
518static void tpm_tis_disable_interrupts(struct tpm_chip *chip)
519{
520 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
521
522 if (priv->irq == 0)
523 return;
524
525 __tpm_tis_disable_interrupts(chip);
526
527 devm_free_irq(chip->dev.parent, priv->irq, chip);
528 priv->irq = 0;
529}
530
531/*
532 * If interrupts are used (signaled by an irq set in the vendor structure)
533 * tpm.c can skip polling for the data to be available as the interrupt is
534 * waited for here
535 */
536static int tpm_tis_send_main(struct tpm_chip *chip, const u8 *buf, size_t len)
537{
538 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
539 int rc;
540 u32 ordinal;
541 unsigned long dur;
542 unsigned int try;
543
544 for (try = 0; try < TPM_RETRY; try++) {
545 rc = tpm_tis_send_data(chip, buf, len);
546 if (rc >= 0)
547 /* Data transfer done successfully */
548 break;
549 else if (rc != -EIO)
550 /* Data transfer failed, not recoverable */
551 return rc;
552 }
553
554 /* go and do it */
555 rc = tpm_tis_write8(priv, TPM_STS(priv->locality), TPM_STS_GO);
556 if (rc < 0)
557 goto out_err;
558
559 if (chip->flags & TPM_CHIP_FLAG_IRQ) {
560 ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
561
562 dur = tpm_calc_ordinal_duration(chip, ordinal);
563 if (wait_for_tpm_stat
564 (chip, TPM_STS_DATA_AVAIL | TPM_STS_VALID, dur,
565 &priv->read_queue, false) < 0) {
566 rc = -ETIME;
567 goto out_err;
568 }
569 }
570 return 0;
571out_err:
572 tpm_tis_ready(chip);
573 return rc;
574}
575
576static int tpm_tis_send(struct tpm_chip *chip, u8 *buf, size_t len)
577{
578 int rc, irq;
579 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
580
581 if (!(chip->flags & TPM_CHIP_FLAG_IRQ) ||
582 test_bit(TPM_TIS_IRQ_TESTED, &priv->flags))
583 return tpm_tis_send_main(chip, buf, len);
584
585 /* Verify receipt of the expected IRQ */
586 irq = priv->irq;
587 priv->irq = 0;
588 chip->flags &= ~TPM_CHIP_FLAG_IRQ;
589 rc = tpm_tis_send_main(chip, buf, len);
590 priv->irq = irq;
591 chip->flags |= TPM_CHIP_FLAG_IRQ;
592 if (!test_bit(TPM_TIS_IRQ_TESTED, &priv->flags))
593 tpm_msleep(1);
594 if (!test_bit(TPM_TIS_IRQ_TESTED, &priv->flags))
595 tpm_tis_disable_interrupts(chip);
596 set_bit(TPM_TIS_IRQ_TESTED, &priv->flags);
597 return rc;
598}
599
600struct tis_vendor_durations_override {
601 u32 did_vid;
602 struct tpm1_version version;
603 unsigned long durations[3];
604};
605
606static const struct tis_vendor_durations_override vendor_dur_overrides[] = {
607 /* STMicroelectronics 0x104a */
608 { 0x0000104a,
609 { 1, 2, 8, 28 },
610 { (2 * 60 * HZ), (2 * 60 * HZ), (2 * 60 * HZ) } },
611};
612
613static void tpm_tis_update_durations(struct tpm_chip *chip,
614 unsigned long *duration_cap)
615{
616 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
617 struct tpm1_version *version;
618 u32 did_vid;
619 int i, rc;
620 cap_t cap;
621
622 chip->duration_adjusted = false;
623
624 if (chip->ops->clk_enable != NULL)
625 chip->ops->clk_enable(chip, true);
626
627 rc = tpm_tis_read32(priv, TPM_DID_VID(0), &did_vid);
628 if (rc < 0) {
629 dev_warn(&chip->dev, "%s: failed to read did_vid. %d\n",
630 __func__, rc);
631 goto out;
632 }
633
634 /* Try to get a TPM version 1.2 or 1.1 TPM_CAP_VERSION_INFO */
635 rc = tpm1_getcap(chip, TPM_CAP_VERSION_1_2, &cap,
636 "attempting to determine the 1.2 version",
637 sizeof(cap.version2));
638 if (!rc) {
639 version = &cap.version2.version;
640 } else {
641 rc = tpm1_getcap(chip, TPM_CAP_VERSION_1_1, &cap,
642 "attempting to determine the 1.1 version",
643 sizeof(cap.version1));
644
645 if (rc)
646 goto out;
647
648 version = &cap.version1;
649 }
650
651 for (i = 0; i != ARRAY_SIZE(vendor_dur_overrides); i++) {
652 if (vendor_dur_overrides[i].did_vid != did_vid)
653 continue;
654
655 if ((version->major ==
656 vendor_dur_overrides[i].version.major) &&
657 (version->minor ==
658 vendor_dur_overrides[i].version.minor) &&
659 (version->rev_major ==
660 vendor_dur_overrides[i].version.rev_major) &&
661 (version->rev_minor ==
662 vendor_dur_overrides[i].version.rev_minor)) {
663
664 memcpy(duration_cap,
665 vendor_dur_overrides[i].durations,
666 sizeof(vendor_dur_overrides[i].durations));
667
668 chip->duration_adjusted = true;
669 goto out;
670 }
671 }
672
673out:
674 if (chip->ops->clk_enable != NULL)
675 chip->ops->clk_enable(chip, false);
676}
677
678struct tis_vendor_timeout_override {
679 u32 did_vid;
680 unsigned long timeout_us[4];
681};
682
683static const struct tis_vendor_timeout_override vendor_timeout_overrides[] = {
684 /* Atmel 3204 */
685 { 0x32041114, { (TIS_SHORT_TIMEOUT*1000), (TIS_LONG_TIMEOUT*1000),
686 (TIS_SHORT_TIMEOUT*1000), (TIS_SHORT_TIMEOUT*1000) } },
687};
688
689static void tpm_tis_update_timeouts(struct tpm_chip *chip,
690 unsigned long *timeout_cap)
691{
692 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
693 int i, rc;
694 u32 did_vid;
695
696 chip->timeout_adjusted = false;
697
698 if (chip->ops->clk_enable != NULL)
699 chip->ops->clk_enable(chip, true);
700
701 rc = tpm_tis_read32(priv, TPM_DID_VID(0), &did_vid);
702 if (rc < 0) {
703 dev_warn(&chip->dev, "%s: failed to read did_vid: %d\n",
704 __func__, rc);
705 goto out;
706 }
707
708 for (i = 0; i != ARRAY_SIZE(vendor_timeout_overrides); i++) {
709 if (vendor_timeout_overrides[i].did_vid != did_vid)
710 continue;
711 memcpy(timeout_cap, vendor_timeout_overrides[i].timeout_us,
712 sizeof(vendor_timeout_overrides[i].timeout_us));
713 chip->timeout_adjusted = true;
714 }
715
716out:
717 if (chip->ops->clk_enable != NULL)
718 chip->ops->clk_enable(chip, false);
719
720 return;
721}
722
723/*
724 * Early probing for iTPM with STS_DATA_EXPECT flaw.
725 * Try sending command without itpm flag set and if that
726 * fails, repeat with itpm flag set.
727 */
728static int probe_itpm(struct tpm_chip *chip)
729{
730 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
731 int rc = 0;
732 static const u8 cmd_getticks[] = {
733 0x00, 0xc1, 0x00, 0x00, 0x00, 0x0a,
734 0x00, 0x00, 0x00, 0xf1
735 };
736 size_t len = sizeof(cmd_getticks);
737 u16 vendor;
738
739 if (test_bit(TPM_TIS_ITPM_WORKAROUND, &priv->flags))
740 return 0;
741
742 rc = tpm_tis_read16(priv, TPM_DID_VID(0), &vendor);
743 if (rc < 0)
744 return rc;
745
746 /* probe only iTPMS */
747 if (vendor != TPM_VID_INTEL)
748 return 0;
749
750 if (tpm_tis_request_locality(chip, 0) != 0)
751 return -EBUSY;
752
753 rc = tpm_tis_send_data(chip, cmd_getticks, len);
754 if (rc == 0)
755 goto out;
756
757 tpm_tis_ready(chip);
758
759 set_bit(TPM_TIS_ITPM_WORKAROUND, &priv->flags);
760
761 rc = tpm_tis_send_data(chip, cmd_getticks, len);
762 if (rc == 0)
763 dev_info(&chip->dev, "Detected an iTPM.\n");
764 else {
765 clear_bit(TPM_TIS_ITPM_WORKAROUND, &priv->flags);
766 rc = -EFAULT;
767 }
768
769out:
770 tpm_tis_ready(chip);
771 tpm_tis_relinquish_locality(chip, priv->locality);
772
773 return rc;
774}
775
776static bool tpm_tis_req_canceled(struct tpm_chip *chip, u8 status)
777{
778 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
779
780 if (!test_bit(TPM_TIS_DEFAULT_CANCELLATION, &priv->flags)) {
781 switch (priv->manufacturer_id) {
782 case TPM_VID_WINBOND:
783 return ((status == TPM_STS_VALID) ||
784 (status == (TPM_STS_VALID | TPM_STS_COMMAND_READY)));
785 case TPM_VID_STM:
786 return (status == (TPM_STS_VALID | TPM_STS_COMMAND_READY));
787 default:
788 break;
789 }
790 }
791
792 return status == TPM_STS_COMMAND_READY;
793}
794
795static irqreturn_t tpm_tis_revert_interrupts(struct tpm_chip *chip)
796{
797 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
798 const char *product;
799 const char *vendor;
800
801 dev_warn(&chip->dev, FW_BUG
802 "TPM interrupt storm detected, polling instead\n");
803
804 vendor = dmi_get_system_info(DMI_SYS_VENDOR);
805 product = dmi_get_system_info(DMI_PRODUCT_VERSION);
806
807 if (vendor && product) {
808 dev_info(&chip->dev,
809 "Consider adding the following entry to tpm_tis_dmi_table:\n");
810 dev_info(&chip->dev, "\tDMI_SYS_VENDOR: %s\n", vendor);
811 dev_info(&chip->dev, "\tDMI_PRODUCT_VERSION: %s\n", product);
812 }
813
814 if (tpm_tis_request_locality(chip, 0) != 0)
815 return IRQ_NONE;
816
817 __tpm_tis_disable_interrupts(chip);
818 tpm_tis_relinquish_locality(chip, 0);
819
820 schedule_work(&priv->free_irq_work);
821
822 return IRQ_HANDLED;
823}
824
825static irqreturn_t tpm_tis_update_unhandled_irqs(struct tpm_chip *chip)
826{
827 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
828 irqreturn_t irqret = IRQ_HANDLED;
829
830 if (!(chip->flags & TPM_CHIP_FLAG_IRQ))
831 return IRQ_HANDLED;
832
833 if (time_after(jiffies, priv->last_unhandled_irq + HZ/10))
834 priv->unhandled_irqs = 1;
835 else
836 priv->unhandled_irqs++;
837
838 priv->last_unhandled_irq = jiffies;
839
840 if (priv->unhandled_irqs > TPM_TIS_MAX_UNHANDLED_IRQS)
841 irqret = tpm_tis_revert_interrupts(chip);
842
843 return irqret;
844}
845
846static irqreturn_t tis_int_handler(int dummy, void *dev_id)
847{
848 struct tpm_chip *chip = dev_id;
849 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
850 u32 interrupt;
851 int rc;
852
853 rc = tpm_tis_read32(priv, TPM_INT_STATUS(priv->locality), &interrupt);
854 if (rc < 0)
855 goto err;
856
857 if (interrupt == 0)
858 goto err;
859
860 set_bit(TPM_TIS_IRQ_TESTED, &priv->flags);
861 if (interrupt & TPM_INTF_DATA_AVAIL_INT)
862 wake_up_interruptible(&priv->read_queue);
863
864 if (interrupt &
865 (TPM_INTF_LOCALITY_CHANGE_INT | TPM_INTF_STS_VALID_INT |
866 TPM_INTF_CMD_READY_INT))
867 wake_up_interruptible(&priv->int_queue);
868
869 /* Clear interrupts handled with TPM_EOI */
870 tpm_tis_request_locality(chip, 0);
871 rc = tpm_tis_write32(priv, TPM_INT_STATUS(priv->locality), interrupt);
872 tpm_tis_relinquish_locality(chip, 0);
873 if (rc < 0)
874 goto err;
875
876 tpm_tis_read32(priv, TPM_INT_STATUS(priv->locality), &interrupt);
877 return IRQ_HANDLED;
878
879err:
880 return tpm_tis_update_unhandled_irqs(chip);
881}
882
883static void tpm_tis_gen_interrupt(struct tpm_chip *chip)
884{
885 const char *desc = "attempting to generate an interrupt";
886 u32 cap2;
887 cap_t cap;
888 int ret;
889
890 chip->flags |= TPM_CHIP_FLAG_IRQ;
891
892 if (chip->flags & TPM_CHIP_FLAG_TPM2)
893 ret = tpm2_get_tpm_pt(chip, 0x100, &cap2, desc);
894 else
895 ret = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, desc, 0);
896
897 if (ret)
898 chip->flags &= ~TPM_CHIP_FLAG_IRQ;
899}
900
901static void tpm_tis_free_irq_func(struct work_struct *work)
902{
903 struct tpm_tis_data *priv = container_of(work, typeof(*priv), free_irq_work);
904 struct tpm_chip *chip = priv->chip;
905
906 devm_free_irq(chip->dev.parent, priv->irq, chip);
907 priv->irq = 0;
908}
909
910/* Register the IRQ and issue a command that will cause an interrupt. If an
911 * irq is seen then leave the chip setup for IRQ operation, otherwise reverse
912 * everything and leave in polling mode. Returns 0 on success.
913 */
914static int tpm_tis_probe_irq_single(struct tpm_chip *chip, u32 intmask,
915 int flags, int irq)
916{
917 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
918 u8 original_int_vec;
919 int rc;
920 u32 int_status;
921
922 INIT_WORK(&priv->free_irq_work, tpm_tis_free_irq_func);
923
924 rc = devm_request_threaded_irq(chip->dev.parent, irq, NULL,
925 tis_int_handler, IRQF_ONESHOT | flags,
926 dev_name(&chip->dev), chip);
927 if (rc) {
928 dev_info(&chip->dev, "Unable to request irq: %d for probe\n",
929 irq);
930 return -1;
931 }
932 priv->irq = irq;
933
934 rc = tpm_tis_request_locality(chip, 0);
935 if (rc < 0)
936 return rc;
937
938 rc = tpm_tis_read8(priv, TPM_INT_VECTOR(priv->locality),
939 &original_int_vec);
940 if (rc < 0) {
941 tpm_tis_relinquish_locality(chip, priv->locality);
942 return rc;
943 }
944
945 rc = tpm_tis_write8(priv, TPM_INT_VECTOR(priv->locality), irq);
946 if (rc < 0)
947 goto restore_irqs;
948
949 rc = tpm_tis_read32(priv, TPM_INT_STATUS(priv->locality), &int_status);
950 if (rc < 0)
951 goto restore_irqs;
952
953 /* Clear all existing */
954 rc = tpm_tis_write32(priv, TPM_INT_STATUS(priv->locality), int_status);
955 if (rc < 0)
956 goto restore_irqs;
957 /* Turn on */
958 rc = tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality),
959 intmask | TPM_GLOBAL_INT_ENABLE);
960 if (rc < 0)
961 goto restore_irqs;
962
963 clear_bit(TPM_TIS_IRQ_TESTED, &priv->flags);
964
965 /* Generate an interrupt by having the core call through to
966 * tpm_tis_send
967 */
968 tpm_tis_gen_interrupt(chip);
969
970restore_irqs:
971 /* tpm_tis_send will either confirm the interrupt is working or it
972 * will call disable_irq which undoes all of the above.
973 */
974 if (!(chip->flags & TPM_CHIP_FLAG_IRQ)) {
975 tpm_tis_write8(priv, original_int_vec,
976 TPM_INT_VECTOR(priv->locality));
977 rc = -1;
978 }
979
980 tpm_tis_relinquish_locality(chip, priv->locality);
981
982 return rc;
983}
984
985/* Try to find the IRQ the TPM is using. This is for legacy x86 systems that
986 * do not have ACPI/etc. We typically expect the interrupt to be declared if
987 * present.
988 */
989static void tpm_tis_probe_irq(struct tpm_chip *chip, u32 intmask)
990{
991 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
992 u8 original_int_vec;
993 int i, rc;
994
995 rc = tpm_tis_read8(priv, TPM_INT_VECTOR(priv->locality),
996 &original_int_vec);
997 if (rc < 0)
998 return;
999
1000 if (!original_int_vec) {
1001 if (IS_ENABLED(CONFIG_X86))
1002 for (i = 3; i <= 15; i++)
1003 if (!tpm_tis_probe_irq_single(chip, intmask, 0,
1004 i))
1005 return;
1006 } else if (!tpm_tis_probe_irq_single(chip, intmask, 0,
1007 original_int_vec))
1008 return;
1009}
1010
1011void tpm_tis_remove(struct tpm_chip *chip)
1012{
1013 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
1014 u32 reg = TPM_INT_ENABLE(priv->locality);
1015 u32 interrupt;
1016 int rc;
1017
1018 tpm_tis_clkrun_enable(chip, true);
1019
1020 rc = tpm_tis_read32(priv, reg, &interrupt);
1021 if (rc < 0)
1022 interrupt = 0;
1023
1024 tpm_tis_write32(priv, reg, ~TPM_GLOBAL_INT_ENABLE & interrupt);
1025 flush_work(&priv->free_irq_work);
1026
1027 tpm_tis_clkrun_enable(chip, false);
1028
1029 if (priv->ilb_base_addr)
1030 iounmap(priv->ilb_base_addr);
1031}
1032EXPORT_SYMBOL_GPL(tpm_tis_remove);
1033
1034/**
1035 * tpm_tis_clkrun_enable() - Keep clkrun protocol disabled for entire duration
1036 * of a single TPM command
1037 * @chip: TPM chip to use
1038 * @value: 1 - Disable CLKRUN protocol, so that clocks are free running
1039 * 0 - Enable CLKRUN protocol
1040 * Call this function directly in tpm_tis_remove() in error or driver removal
1041 * path, since the chip->ops is set to NULL in tpm_chip_unregister().
1042 */
1043static void tpm_tis_clkrun_enable(struct tpm_chip *chip, bool value)
1044{
1045 struct tpm_tis_data *data = dev_get_drvdata(&chip->dev);
1046 u32 clkrun_val;
1047
1048 if (!IS_ENABLED(CONFIG_X86) || !is_bsw() ||
1049 !data->ilb_base_addr)
1050 return;
1051
1052 if (value) {
1053 data->clkrun_enabled++;
1054 if (data->clkrun_enabled > 1)
1055 return;
1056 clkrun_val = ioread32(data->ilb_base_addr + LPC_CNTRL_OFFSET);
1057
1058 /* Disable LPC CLKRUN# */
1059 clkrun_val &= ~LPC_CLKRUN_EN;
1060 iowrite32(clkrun_val, data->ilb_base_addr + LPC_CNTRL_OFFSET);
1061
1062 /*
1063 * Write any random value on port 0x80 which is on LPC, to make
1064 * sure LPC clock is running before sending any TPM command.
1065 */
1066 outb(0xCC, 0x80);
1067 } else {
1068 data->clkrun_enabled--;
1069 if (data->clkrun_enabled)
1070 return;
1071
1072 clkrun_val = ioread32(data->ilb_base_addr + LPC_CNTRL_OFFSET);
1073
1074 /* Enable LPC CLKRUN# */
1075 clkrun_val |= LPC_CLKRUN_EN;
1076 iowrite32(clkrun_val, data->ilb_base_addr + LPC_CNTRL_OFFSET);
1077
1078 /*
1079 * Write any random value on port 0x80 which is on LPC, to make
1080 * sure LPC clock is running before sending any TPM command.
1081 */
1082 outb(0xCC, 0x80);
1083 }
1084}
1085
1086static const struct tpm_class_ops tpm_tis = {
1087 .flags = TPM_OPS_AUTO_STARTUP,
1088 .status = tpm_tis_status,
1089 .recv = tpm_tis_recv,
1090 .send = tpm_tis_send,
1091 .cancel = tpm_tis_ready,
1092 .update_timeouts = tpm_tis_update_timeouts,
1093 .update_durations = tpm_tis_update_durations,
1094 .req_complete_mask = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
1095 .req_complete_val = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
1096 .req_canceled = tpm_tis_req_canceled,
1097 .request_locality = tpm_tis_request_locality,
1098 .relinquish_locality = tpm_tis_relinquish_locality,
1099 .clk_enable = tpm_tis_clkrun_enable,
1100};
1101
1102int tpm_tis_core_init(struct device *dev, struct tpm_tis_data *priv, int irq,
1103 const struct tpm_tis_phy_ops *phy_ops,
1104 acpi_handle acpi_dev_handle)
1105{
1106 u32 vendor;
1107 u32 intfcaps;
1108 u32 intmask;
1109 u32 clkrun_val;
1110 u8 rid;
1111 int rc, probe;
1112 struct tpm_chip *chip;
1113
1114 chip = tpmm_chip_alloc(dev, &tpm_tis);
1115 if (IS_ERR(chip))
1116 return PTR_ERR(chip);
1117
1118#ifdef CONFIG_ACPI
1119 chip->acpi_dev_handle = acpi_dev_handle;
1120#endif
1121
1122 chip->hwrng.quality = priv->rng_quality;
1123
1124 /* Maximum timeouts */
1125 chip->timeout_a = msecs_to_jiffies(TIS_TIMEOUT_A_MAX);
1126 chip->timeout_b = msecs_to_jiffies(TIS_TIMEOUT_B_MAX);
1127 chip->timeout_c = msecs_to_jiffies(TIS_TIMEOUT_C_MAX);
1128 chip->timeout_d = msecs_to_jiffies(TIS_TIMEOUT_D_MAX);
1129 priv->chip = chip;
1130 priv->timeout_min = TPM_TIMEOUT_USECS_MIN;
1131 priv->timeout_max = TPM_TIMEOUT_USECS_MAX;
1132 priv->phy_ops = phy_ops;
1133 priv->locality_count = 0;
1134 mutex_init(&priv->locality_count_mutex);
1135
1136 dev_set_drvdata(&chip->dev, priv);
1137
1138 rc = tpm_tis_read32(priv, TPM_DID_VID(0), &vendor);
1139 if (rc < 0)
1140 return rc;
1141
1142 priv->manufacturer_id = vendor;
1143
1144 if (priv->manufacturer_id == TPM_VID_ATML &&
1145 !(chip->flags & TPM_CHIP_FLAG_TPM2)) {
1146 priv->timeout_min = TIS_TIMEOUT_MIN_ATML;
1147 priv->timeout_max = TIS_TIMEOUT_MAX_ATML;
1148 }
1149
1150 if (is_bsw()) {
1151 priv->ilb_base_addr = ioremap(INTEL_LEGACY_BLK_BASE_ADDR,
1152 ILB_REMAP_SIZE);
1153 if (!priv->ilb_base_addr)
1154 return -ENOMEM;
1155
1156 clkrun_val = ioread32(priv->ilb_base_addr + LPC_CNTRL_OFFSET);
1157 /* Check if CLKRUN# is already not enabled in the LPC bus */
1158 if (!(clkrun_val & LPC_CLKRUN_EN)) {
1159 iounmap(priv->ilb_base_addr);
1160 priv->ilb_base_addr = NULL;
1161 }
1162 }
1163
1164 if (chip->ops->clk_enable != NULL)
1165 chip->ops->clk_enable(chip, true);
1166
1167 if (wait_startup(chip, 0) != 0) {
1168 rc = -ENODEV;
1169 goto out_err;
1170 }
1171
1172 /* Take control of the TPM's interrupt hardware and shut it off */
1173 rc = tpm_tis_read32(priv, TPM_INT_ENABLE(priv->locality), &intmask);
1174 if (rc < 0)
1175 goto out_err;
1176
1177 /* Figure out the capabilities */
1178 rc = tpm_tis_read32(priv, TPM_INTF_CAPS(priv->locality), &intfcaps);
1179 if (rc < 0)
1180 goto out_err;
1181
1182 dev_dbg(dev, "TPM interface capabilities (0x%x):\n",
1183 intfcaps);
1184 if (intfcaps & TPM_INTF_BURST_COUNT_STATIC)
1185 dev_dbg(dev, "\tBurst Count Static\n");
1186 if (intfcaps & TPM_INTF_CMD_READY_INT) {
1187 intmask |= TPM_INTF_CMD_READY_INT;
1188 dev_dbg(dev, "\tCommand Ready Int Support\n");
1189 }
1190 if (intfcaps & TPM_INTF_INT_EDGE_FALLING)
1191 dev_dbg(dev, "\tInterrupt Edge Falling\n");
1192 if (intfcaps & TPM_INTF_INT_EDGE_RISING)
1193 dev_dbg(dev, "\tInterrupt Edge Rising\n");
1194 if (intfcaps & TPM_INTF_INT_LEVEL_LOW)
1195 dev_dbg(dev, "\tInterrupt Level Low\n");
1196 if (intfcaps & TPM_INTF_INT_LEVEL_HIGH)
1197 dev_dbg(dev, "\tInterrupt Level High\n");
1198 if (intfcaps & TPM_INTF_LOCALITY_CHANGE_INT) {
1199 intmask |= TPM_INTF_LOCALITY_CHANGE_INT;
1200 dev_dbg(dev, "\tLocality Change Int Support\n");
1201 }
1202 if (intfcaps & TPM_INTF_STS_VALID_INT) {
1203 intmask |= TPM_INTF_STS_VALID_INT;
1204 dev_dbg(dev, "\tSts Valid Int Support\n");
1205 }
1206 if (intfcaps & TPM_INTF_DATA_AVAIL_INT) {
1207 intmask |= TPM_INTF_DATA_AVAIL_INT;
1208 dev_dbg(dev, "\tData Avail Int Support\n");
1209 }
1210
1211 intmask &= ~TPM_GLOBAL_INT_ENABLE;
1212
1213 rc = tpm_tis_request_locality(chip, 0);
1214 if (rc < 0) {
1215 rc = -ENODEV;
1216 goto out_err;
1217 }
1218
1219 tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality), intmask);
1220 tpm_tis_relinquish_locality(chip, 0);
1221
1222 rc = tpm_chip_start(chip);
1223 if (rc)
1224 goto out_err;
1225 rc = tpm2_probe(chip);
1226 tpm_chip_stop(chip);
1227 if (rc)
1228 goto out_err;
1229
1230 rc = tpm_tis_read8(priv, TPM_RID(0), &rid);
1231 if (rc < 0)
1232 goto out_err;
1233
1234 dev_info(dev, "%s TPM (device-id 0x%X, rev-id %d)\n",
1235 (chip->flags & TPM_CHIP_FLAG_TPM2) ? "2.0" : "1.2",
1236 vendor >> 16, rid);
1237
1238 probe = probe_itpm(chip);
1239 if (probe < 0) {
1240 rc = -ENODEV;
1241 goto out_err;
1242 }
1243
1244 /* INTERRUPT Setup */
1245 init_waitqueue_head(&priv->read_queue);
1246 init_waitqueue_head(&priv->int_queue);
1247
1248 rc = tpm_chip_bootstrap(chip);
1249 if (rc)
1250 goto out_err;
1251
1252 if (irq != -1) {
1253 /*
1254 * Before doing irq testing issue a command to the TPM in polling mode
1255 * to make sure it works. May as well use that command to set the
1256 * proper timeouts for the driver.
1257 */
1258
1259 rc = tpm_tis_request_locality(chip, 0);
1260 if (rc < 0)
1261 goto out_err;
1262
1263 rc = tpm_get_timeouts(chip);
1264
1265 tpm_tis_relinquish_locality(chip, 0);
1266
1267 if (rc) {
1268 dev_err(dev, "Could not get TPM timeouts and durations\n");
1269 rc = -ENODEV;
1270 goto out_err;
1271 }
1272
1273 if (irq)
1274 tpm_tis_probe_irq_single(chip, intmask, IRQF_SHARED,
1275 irq);
1276 else
1277 tpm_tis_probe_irq(chip, intmask);
1278
1279 if (chip->flags & TPM_CHIP_FLAG_IRQ) {
1280 priv->int_mask = intmask;
1281 } else {
1282 dev_err(&chip->dev, FW_BUG
1283 "TPM interrupt not working, polling instead\n");
1284
1285 rc = tpm_tis_request_locality(chip, 0);
1286 if (rc < 0)
1287 goto out_err;
1288 tpm_tis_disable_interrupts(chip);
1289 tpm_tis_relinquish_locality(chip, 0);
1290 }
1291 }
1292
1293 rc = tpm_chip_register(chip);
1294 if (rc)
1295 goto out_err;
1296
1297 if (chip->ops->clk_enable != NULL)
1298 chip->ops->clk_enable(chip, false);
1299
1300 return 0;
1301out_err:
1302 if (chip->ops->clk_enable != NULL)
1303 chip->ops->clk_enable(chip, false);
1304
1305 tpm_tis_remove(chip);
1306
1307 return rc;
1308}
1309EXPORT_SYMBOL_GPL(tpm_tis_core_init);
1310
1311#ifdef CONFIG_PM_SLEEP
1312static void tpm_tis_reenable_interrupts(struct tpm_chip *chip)
1313{
1314 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
1315 u32 intmask;
1316 int rc;
1317
1318 /*
1319 * Re-enable interrupts that device may have lost or BIOS/firmware may
1320 * have disabled.
1321 */
1322 rc = tpm_tis_write8(priv, TPM_INT_VECTOR(priv->locality), priv->irq);
1323 if (rc < 0) {
1324 dev_err(&chip->dev, "Setting IRQ failed.\n");
1325 return;
1326 }
1327
1328 intmask = priv->int_mask | TPM_GLOBAL_INT_ENABLE;
1329 rc = tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality), intmask);
1330 if (rc < 0)
1331 dev_err(&chip->dev, "Enabling interrupts failed.\n");
1332}
1333
1334int tpm_tis_resume(struct device *dev)
1335{
1336 struct tpm_chip *chip = dev_get_drvdata(dev);
1337 int ret;
1338
1339 ret = tpm_chip_start(chip);
1340 if (ret)
1341 return ret;
1342
1343 if (chip->flags & TPM_CHIP_FLAG_IRQ)
1344 tpm_tis_reenable_interrupts(chip);
1345
1346 /*
1347 * TPM 1.2 requires self-test on resume. This function actually returns
1348 * an error code but for unknown reason it isn't handled.
1349 */
1350 if (!(chip->flags & TPM_CHIP_FLAG_TPM2))
1351 tpm1_do_selftest(chip);
1352
1353 tpm_chip_stop(chip);
1354
1355 ret = tpm_pm_resume(dev);
1356 if (ret)
1357 return ret;
1358
1359 return 0;
1360}
1361EXPORT_SYMBOL_GPL(tpm_tis_resume);
1362#endif
1363
1364MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)");
1365MODULE_DESCRIPTION("TPM Driver");
1366MODULE_VERSION("2.0");
1367MODULE_LICENSE("GPL");
1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * Copyright (C) 2005, 2006 IBM Corporation
4 * Copyright (C) 2014, 2015 Intel Corporation
5 *
6 * Authors:
7 * Leendert van Doorn <leendert@watson.ibm.com>
8 * Kylene Hall <kjhall@us.ibm.com>
9 *
10 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
11 *
12 * Device driver for TCG/TCPA TPM (trusted platform module).
13 * Specifications at www.trustedcomputinggroup.org
14 *
15 * This device driver implements the TPM interface as defined in
16 * the TCG TPM Interface Spec version 1.2, revision 1.0.
17 */
18#include <linux/init.h>
19#include <linux/module.h>
20#include <linux/moduleparam.h>
21#include <linux/pnp.h>
22#include <linux/slab.h>
23#include <linux/interrupt.h>
24#include <linux/wait.h>
25#include <linux/acpi.h>
26#include <linux/freezer.h>
27#include "tpm.h"
28#include "tpm_tis_core.h"
29
30static void tpm_tis_clkrun_enable(struct tpm_chip *chip, bool value);
31
32static bool wait_for_tpm_stat_cond(struct tpm_chip *chip, u8 mask,
33 bool check_cancel, bool *canceled)
34{
35 u8 status = chip->ops->status(chip);
36
37 *canceled = false;
38 if ((status & mask) == mask)
39 return true;
40 if (check_cancel && chip->ops->req_canceled(chip, status)) {
41 *canceled = true;
42 return true;
43 }
44 return false;
45}
46
47static int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask,
48 unsigned long timeout, wait_queue_head_t *queue,
49 bool check_cancel)
50{
51 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
52 unsigned long stop;
53 long rc;
54 u8 status;
55 bool canceled = false;
56
57 /* check current status */
58 status = chip->ops->status(chip);
59 if ((status & mask) == mask)
60 return 0;
61
62 stop = jiffies + timeout;
63
64 if (chip->flags & TPM_CHIP_FLAG_IRQ) {
65again:
66 timeout = stop - jiffies;
67 if ((long)timeout <= 0)
68 return -ETIME;
69 rc = wait_event_interruptible_timeout(*queue,
70 wait_for_tpm_stat_cond(chip, mask, check_cancel,
71 &canceled),
72 timeout);
73 if (rc > 0) {
74 if (canceled)
75 return -ECANCELED;
76 return 0;
77 }
78 if (rc == -ERESTARTSYS && freezing(current)) {
79 clear_thread_flag(TIF_SIGPENDING);
80 goto again;
81 }
82 } else {
83 do {
84 usleep_range(priv->timeout_min,
85 priv->timeout_max);
86 status = chip->ops->status(chip);
87 if ((status & mask) == mask)
88 return 0;
89 } while (time_before(jiffies, stop));
90 }
91 return -ETIME;
92}
93
94/* Before we attempt to access the TPM we must see that the valid bit is set.
95 * The specification says that this bit is 0 at reset and remains 0 until the
96 * 'TPM has gone through its self test and initialization and has established
97 * correct values in the other bits.'
98 */
99static int wait_startup(struct tpm_chip *chip, int l)
100{
101 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
102 unsigned long stop = jiffies + chip->timeout_a;
103
104 do {
105 int rc;
106 u8 access;
107
108 rc = tpm_tis_read8(priv, TPM_ACCESS(l), &access);
109 if (rc < 0)
110 return rc;
111
112 if (access & TPM_ACCESS_VALID)
113 return 0;
114 tpm_msleep(TPM_TIMEOUT);
115 } while (time_before(jiffies, stop));
116 return -1;
117}
118
119static bool check_locality(struct tpm_chip *chip, int l)
120{
121 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
122 int rc;
123 u8 access;
124
125 rc = tpm_tis_read8(priv, TPM_ACCESS(l), &access);
126 if (rc < 0)
127 return false;
128
129 if ((access & (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID
130 | TPM_ACCESS_REQUEST_USE)) ==
131 (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID)) {
132 priv->locality = l;
133 return true;
134 }
135
136 return false;
137}
138
139static int release_locality(struct tpm_chip *chip, int l)
140{
141 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
142
143 tpm_tis_write8(priv, TPM_ACCESS(l), TPM_ACCESS_ACTIVE_LOCALITY);
144
145 return 0;
146}
147
148static int request_locality(struct tpm_chip *chip, int l)
149{
150 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
151 unsigned long stop, timeout;
152 long rc;
153
154 if (check_locality(chip, l))
155 return l;
156
157 rc = tpm_tis_write8(priv, TPM_ACCESS(l), TPM_ACCESS_REQUEST_USE);
158 if (rc < 0)
159 return rc;
160
161 stop = jiffies + chip->timeout_a;
162
163 if (chip->flags & TPM_CHIP_FLAG_IRQ) {
164again:
165 timeout = stop - jiffies;
166 if ((long)timeout <= 0)
167 return -1;
168 rc = wait_event_interruptible_timeout(priv->int_queue,
169 (check_locality
170 (chip, l)),
171 timeout);
172 if (rc > 0)
173 return l;
174 if (rc == -ERESTARTSYS && freezing(current)) {
175 clear_thread_flag(TIF_SIGPENDING);
176 goto again;
177 }
178 } else {
179 /* wait for burstcount */
180 do {
181 if (check_locality(chip, l))
182 return l;
183 tpm_msleep(TPM_TIMEOUT);
184 } while (time_before(jiffies, stop));
185 }
186 return -1;
187}
188
189static u8 tpm_tis_status(struct tpm_chip *chip)
190{
191 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
192 int rc;
193 u8 status;
194
195 rc = tpm_tis_read8(priv, TPM_STS(priv->locality), &status);
196 if (rc < 0)
197 return 0;
198
199 if (unlikely((status & TPM_STS_READ_ZERO) != 0)) {
200 if (!test_and_set_bit(TPM_TIS_INVALID_STATUS, &priv->flags)) {
201 /*
202 * If this trips, the chances are the read is
203 * returning 0xff because the locality hasn't been
204 * acquired. Usually because tpm_try_get_ops() hasn't
205 * been called before doing a TPM operation.
206 */
207 dev_err(&chip->dev, "invalid TPM_STS.x 0x%02x, dumping stack for forensics\n",
208 status);
209
210 /*
211 * Dump stack for forensics, as invalid TPM_STS.x could be
212 * potentially triggered by impaired tpm_try_get_ops() or
213 * tpm_find_get_ops().
214 */
215 dump_stack();
216 }
217
218 return 0;
219 }
220
221 return status;
222}
223
224static void tpm_tis_ready(struct tpm_chip *chip)
225{
226 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
227
228 /* this causes the current command to be aborted */
229 tpm_tis_write8(priv, TPM_STS(priv->locality), TPM_STS_COMMAND_READY);
230}
231
232static int get_burstcount(struct tpm_chip *chip)
233{
234 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
235 unsigned long stop;
236 int burstcnt, rc;
237 u32 value;
238
239 /* wait for burstcount */
240 if (chip->flags & TPM_CHIP_FLAG_TPM2)
241 stop = jiffies + chip->timeout_a;
242 else
243 stop = jiffies + chip->timeout_d;
244 do {
245 rc = tpm_tis_read32(priv, TPM_STS(priv->locality), &value);
246 if (rc < 0)
247 return rc;
248
249 burstcnt = (value >> 8) & 0xFFFF;
250 if (burstcnt)
251 return burstcnt;
252 usleep_range(TPM_TIMEOUT_USECS_MIN, TPM_TIMEOUT_USECS_MAX);
253 } while (time_before(jiffies, stop));
254 return -EBUSY;
255}
256
257static int recv_data(struct tpm_chip *chip, u8 *buf, size_t count)
258{
259 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
260 int size = 0, burstcnt, rc;
261
262 while (size < count) {
263 rc = wait_for_tpm_stat(chip,
264 TPM_STS_DATA_AVAIL | TPM_STS_VALID,
265 chip->timeout_c,
266 &priv->read_queue, true);
267 if (rc < 0)
268 return rc;
269 burstcnt = get_burstcount(chip);
270 if (burstcnt < 0) {
271 dev_err(&chip->dev, "Unable to read burstcount\n");
272 return burstcnt;
273 }
274 burstcnt = min_t(int, burstcnt, count - size);
275
276 rc = tpm_tis_read_bytes(priv, TPM_DATA_FIFO(priv->locality),
277 burstcnt, buf + size);
278 if (rc < 0)
279 return rc;
280
281 size += burstcnt;
282 }
283 return size;
284}
285
286static int tpm_tis_recv(struct tpm_chip *chip, u8 *buf, size_t count)
287{
288 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
289 int size = 0;
290 int status;
291 u32 expected;
292 int rc;
293
294 if (count < TPM_HEADER_SIZE) {
295 size = -EIO;
296 goto out;
297 }
298
299 size = recv_data(chip, buf, TPM_HEADER_SIZE);
300 /* read first 10 bytes, including tag, paramsize, and result */
301 if (size < TPM_HEADER_SIZE) {
302 dev_err(&chip->dev, "Unable to read header\n");
303 goto out;
304 }
305
306 expected = be32_to_cpu(*(__be32 *) (buf + 2));
307 if (expected > count || expected < TPM_HEADER_SIZE) {
308 size = -EIO;
309 goto out;
310 }
311
312 size += recv_data(chip, &buf[TPM_HEADER_SIZE],
313 expected - TPM_HEADER_SIZE);
314 if (size < expected) {
315 dev_err(&chip->dev, "Unable to read remainder of result\n");
316 size = -ETIME;
317 goto out;
318 }
319
320 if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
321 &priv->int_queue, false) < 0) {
322 size = -ETIME;
323 goto out;
324 }
325 status = tpm_tis_status(chip);
326 if (status & TPM_STS_DATA_AVAIL) { /* retry? */
327 dev_err(&chip->dev, "Error left over data\n");
328 size = -EIO;
329 goto out;
330 }
331
332 rc = tpm_tis_verify_crc(priv, (size_t)size, buf);
333 if (rc < 0) {
334 dev_err(&chip->dev, "CRC mismatch for response.\n");
335 size = rc;
336 goto out;
337 }
338
339out:
340 tpm_tis_ready(chip);
341 return size;
342}
343
344/*
345 * If interrupts are used (signaled by an irq set in the vendor structure)
346 * tpm.c can skip polling for the data to be available as the interrupt is
347 * waited for here
348 */
349static int tpm_tis_send_data(struct tpm_chip *chip, const u8 *buf, size_t len)
350{
351 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
352 int rc, status, burstcnt;
353 size_t count = 0;
354 bool itpm = priv->flags & TPM_TIS_ITPM_WORKAROUND;
355
356 status = tpm_tis_status(chip);
357 if ((status & TPM_STS_COMMAND_READY) == 0) {
358 tpm_tis_ready(chip);
359 if (wait_for_tpm_stat
360 (chip, TPM_STS_COMMAND_READY, chip->timeout_b,
361 &priv->int_queue, false) < 0) {
362 rc = -ETIME;
363 goto out_err;
364 }
365 }
366
367 while (count < len - 1) {
368 burstcnt = get_burstcount(chip);
369 if (burstcnt < 0) {
370 dev_err(&chip->dev, "Unable to read burstcount\n");
371 rc = burstcnt;
372 goto out_err;
373 }
374 burstcnt = min_t(int, burstcnt, len - count - 1);
375 rc = tpm_tis_write_bytes(priv, TPM_DATA_FIFO(priv->locality),
376 burstcnt, buf + count);
377 if (rc < 0)
378 goto out_err;
379
380 count += burstcnt;
381
382 if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
383 &priv->int_queue, false) < 0) {
384 rc = -ETIME;
385 goto out_err;
386 }
387 status = tpm_tis_status(chip);
388 if (!itpm && (status & TPM_STS_DATA_EXPECT) == 0) {
389 rc = -EIO;
390 goto out_err;
391 }
392 }
393
394 /* write last byte */
395 rc = tpm_tis_write8(priv, TPM_DATA_FIFO(priv->locality), buf[count]);
396 if (rc < 0)
397 goto out_err;
398
399 if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
400 &priv->int_queue, false) < 0) {
401 rc = -ETIME;
402 goto out_err;
403 }
404 status = tpm_tis_status(chip);
405 if (!itpm && (status & TPM_STS_DATA_EXPECT) != 0) {
406 rc = -EIO;
407 goto out_err;
408 }
409
410 return 0;
411
412out_err:
413 tpm_tis_ready(chip);
414 return rc;
415}
416
417static void disable_interrupts(struct tpm_chip *chip)
418{
419 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
420 u32 intmask;
421 int rc;
422
423 if (priv->irq == 0)
424 return;
425
426 rc = tpm_tis_read32(priv, TPM_INT_ENABLE(priv->locality), &intmask);
427 if (rc < 0)
428 intmask = 0;
429
430 intmask &= ~TPM_GLOBAL_INT_ENABLE;
431 rc = tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality), intmask);
432
433 devm_free_irq(chip->dev.parent, priv->irq, chip);
434 priv->irq = 0;
435 chip->flags &= ~TPM_CHIP_FLAG_IRQ;
436}
437
438/*
439 * If interrupts are used (signaled by an irq set in the vendor structure)
440 * tpm.c can skip polling for the data to be available as the interrupt is
441 * waited for here
442 */
443static int tpm_tis_send_main(struct tpm_chip *chip, const u8 *buf, size_t len)
444{
445 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
446 int rc;
447 u32 ordinal;
448 unsigned long dur;
449
450 rc = tpm_tis_send_data(chip, buf, len);
451 if (rc < 0)
452 return rc;
453
454 rc = tpm_tis_verify_crc(priv, len, buf);
455 if (rc < 0) {
456 dev_err(&chip->dev, "CRC mismatch for command.\n");
457 return rc;
458 }
459
460 /* go and do it */
461 rc = tpm_tis_write8(priv, TPM_STS(priv->locality), TPM_STS_GO);
462 if (rc < 0)
463 goto out_err;
464
465 if (chip->flags & TPM_CHIP_FLAG_IRQ) {
466 ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
467
468 dur = tpm_calc_ordinal_duration(chip, ordinal);
469 if (wait_for_tpm_stat
470 (chip, TPM_STS_DATA_AVAIL | TPM_STS_VALID, dur,
471 &priv->read_queue, false) < 0) {
472 rc = -ETIME;
473 goto out_err;
474 }
475 }
476 return 0;
477out_err:
478 tpm_tis_ready(chip);
479 return rc;
480}
481
482static int tpm_tis_send(struct tpm_chip *chip, u8 *buf, size_t len)
483{
484 int rc, irq;
485 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
486
487 if (!(chip->flags & TPM_CHIP_FLAG_IRQ) || priv->irq_tested)
488 return tpm_tis_send_main(chip, buf, len);
489
490 /* Verify receipt of the expected IRQ */
491 irq = priv->irq;
492 priv->irq = 0;
493 chip->flags &= ~TPM_CHIP_FLAG_IRQ;
494 rc = tpm_tis_send_main(chip, buf, len);
495 priv->irq = irq;
496 chip->flags |= TPM_CHIP_FLAG_IRQ;
497 if (!priv->irq_tested)
498 tpm_msleep(1);
499 if (!priv->irq_tested)
500 disable_interrupts(chip);
501 priv->irq_tested = true;
502 return rc;
503}
504
505struct tis_vendor_durations_override {
506 u32 did_vid;
507 struct tpm1_version version;
508 unsigned long durations[3];
509};
510
511static const struct tis_vendor_durations_override vendor_dur_overrides[] = {
512 /* STMicroelectronics 0x104a */
513 { 0x0000104a,
514 { 1, 2, 8, 28 },
515 { (2 * 60 * HZ), (2 * 60 * HZ), (2 * 60 * HZ) } },
516};
517
518static void tpm_tis_update_durations(struct tpm_chip *chip,
519 unsigned long *duration_cap)
520{
521 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
522 struct tpm1_version *version;
523 u32 did_vid;
524 int i, rc;
525 cap_t cap;
526
527 chip->duration_adjusted = false;
528
529 if (chip->ops->clk_enable != NULL)
530 chip->ops->clk_enable(chip, true);
531
532 rc = tpm_tis_read32(priv, TPM_DID_VID(0), &did_vid);
533 if (rc < 0) {
534 dev_warn(&chip->dev, "%s: failed to read did_vid. %d\n",
535 __func__, rc);
536 goto out;
537 }
538
539 /* Try to get a TPM version 1.2 or 1.1 TPM_CAP_VERSION_INFO */
540 rc = tpm1_getcap(chip, TPM_CAP_VERSION_1_2, &cap,
541 "attempting to determine the 1.2 version",
542 sizeof(cap.version2));
543 if (!rc) {
544 version = &cap.version2.version;
545 } else {
546 rc = tpm1_getcap(chip, TPM_CAP_VERSION_1_1, &cap,
547 "attempting to determine the 1.1 version",
548 sizeof(cap.version1));
549
550 if (rc)
551 goto out;
552
553 version = &cap.version1;
554 }
555
556 for (i = 0; i != ARRAY_SIZE(vendor_dur_overrides); i++) {
557 if (vendor_dur_overrides[i].did_vid != did_vid)
558 continue;
559
560 if ((version->major ==
561 vendor_dur_overrides[i].version.major) &&
562 (version->minor ==
563 vendor_dur_overrides[i].version.minor) &&
564 (version->rev_major ==
565 vendor_dur_overrides[i].version.rev_major) &&
566 (version->rev_minor ==
567 vendor_dur_overrides[i].version.rev_minor)) {
568
569 memcpy(duration_cap,
570 vendor_dur_overrides[i].durations,
571 sizeof(vendor_dur_overrides[i].durations));
572
573 chip->duration_adjusted = true;
574 goto out;
575 }
576 }
577
578out:
579 if (chip->ops->clk_enable != NULL)
580 chip->ops->clk_enable(chip, false);
581}
582
583struct tis_vendor_timeout_override {
584 u32 did_vid;
585 unsigned long timeout_us[4];
586};
587
588static const struct tis_vendor_timeout_override vendor_timeout_overrides[] = {
589 /* Atmel 3204 */
590 { 0x32041114, { (TIS_SHORT_TIMEOUT*1000), (TIS_LONG_TIMEOUT*1000),
591 (TIS_SHORT_TIMEOUT*1000), (TIS_SHORT_TIMEOUT*1000) } },
592};
593
594static void tpm_tis_update_timeouts(struct tpm_chip *chip,
595 unsigned long *timeout_cap)
596{
597 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
598 int i, rc;
599 u32 did_vid;
600
601 chip->timeout_adjusted = false;
602
603 if (chip->ops->clk_enable != NULL)
604 chip->ops->clk_enable(chip, true);
605
606 rc = tpm_tis_read32(priv, TPM_DID_VID(0), &did_vid);
607 if (rc < 0) {
608 dev_warn(&chip->dev, "%s: failed to read did_vid: %d\n",
609 __func__, rc);
610 goto out;
611 }
612
613 for (i = 0; i != ARRAY_SIZE(vendor_timeout_overrides); i++) {
614 if (vendor_timeout_overrides[i].did_vid != did_vid)
615 continue;
616 memcpy(timeout_cap, vendor_timeout_overrides[i].timeout_us,
617 sizeof(vendor_timeout_overrides[i].timeout_us));
618 chip->timeout_adjusted = true;
619 }
620
621out:
622 if (chip->ops->clk_enable != NULL)
623 chip->ops->clk_enable(chip, false);
624
625 return;
626}
627
628/*
629 * Early probing for iTPM with STS_DATA_EXPECT flaw.
630 * Try sending command without itpm flag set and if that
631 * fails, repeat with itpm flag set.
632 */
633static int probe_itpm(struct tpm_chip *chip)
634{
635 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
636 int rc = 0;
637 static const u8 cmd_getticks[] = {
638 0x00, 0xc1, 0x00, 0x00, 0x00, 0x0a,
639 0x00, 0x00, 0x00, 0xf1
640 };
641 size_t len = sizeof(cmd_getticks);
642 u16 vendor;
643
644 if (priv->flags & TPM_TIS_ITPM_WORKAROUND)
645 return 0;
646
647 rc = tpm_tis_read16(priv, TPM_DID_VID(0), &vendor);
648 if (rc < 0)
649 return rc;
650
651 /* probe only iTPMS */
652 if (vendor != TPM_VID_INTEL)
653 return 0;
654
655 if (request_locality(chip, 0) != 0)
656 return -EBUSY;
657
658 rc = tpm_tis_send_data(chip, cmd_getticks, len);
659 if (rc == 0)
660 goto out;
661
662 tpm_tis_ready(chip);
663
664 priv->flags |= TPM_TIS_ITPM_WORKAROUND;
665
666 rc = tpm_tis_send_data(chip, cmd_getticks, len);
667 if (rc == 0)
668 dev_info(&chip->dev, "Detected an iTPM.\n");
669 else {
670 priv->flags &= ~TPM_TIS_ITPM_WORKAROUND;
671 rc = -EFAULT;
672 }
673
674out:
675 tpm_tis_ready(chip);
676 release_locality(chip, priv->locality);
677
678 return rc;
679}
680
681static bool tpm_tis_req_canceled(struct tpm_chip *chip, u8 status)
682{
683 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
684
685 if (!test_bit(TPM_TIS_DEFAULT_CANCELLATION, &priv->flags)) {
686 switch (priv->manufacturer_id) {
687 case TPM_VID_WINBOND:
688 return ((status == TPM_STS_VALID) ||
689 (status == (TPM_STS_VALID | TPM_STS_COMMAND_READY)));
690 case TPM_VID_STM:
691 return (status == (TPM_STS_VALID | TPM_STS_COMMAND_READY));
692 default:
693 break;
694 }
695 }
696
697 return status == TPM_STS_COMMAND_READY;
698}
699
700static irqreturn_t tis_int_handler(int dummy, void *dev_id)
701{
702 struct tpm_chip *chip = dev_id;
703 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
704 u32 interrupt;
705 int i, rc;
706
707 rc = tpm_tis_read32(priv, TPM_INT_STATUS(priv->locality), &interrupt);
708 if (rc < 0)
709 return IRQ_NONE;
710
711 if (interrupt == 0)
712 return IRQ_NONE;
713
714 priv->irq_tested = true;
715 if (interrupt & TPM_INTF_DATA_AVAIL_INT)
716 wake_up_interruptible(&priv->read_queue);
717 if (interrupt & TPM_INTF_LOCALITY_CHANGE_INT)
718 for (i = 0; i < 5; i++)
719 if (check_locality(chip, i))
720 break;
721 if (interrupt &
722 (TPM_INTF_LOCALITY_CHANGE_INT | TPM_INTF_STS_VALID_INT |
723 TPM_INTF_CMD_READY_INT))
724 wake_up_interruptible(&priv->int_queue);
725
726 /* Clear interrupts handled with TPM_EOI */
727 rc = tpm_tis_write32(priv, TPM_INT_STATUS(priv->locality), interrupt);
728 if (rc < 0)
729 return IRQ_NONE;
730
731 tpm_tis_read32(priv, TPM_INT_STATUS(priv->locality), &interrupt);
732 return IRQ_HANDLED;
733}
734
735static int tpm_tis_gen_interrupt(struct tpm_chip *chip)
736{
737 const char *desc = "attempting to generate an interrupt";
738 u32 cap2;
739 cap_t cap;
740 int ret;
741
742 ret = request_locality(chip, 0);
743 if (ret < 0)
744 return ret;
745
746 if (chip->flags & TPM_CHIP_FLAG_TPM2)
747 ret = tpm2_get_tpm_pt(chip, 0x100, &cap2, desc);
748 else
749 ret = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, desc, 0);
750
751 release_locality(chip, 0);
752
753 return ret;
754}
755
756/* Register the IRQ and issue a command that will cause an interrupt. If an
757 * irq is seen then leave the chip setup for IRQ operation, otherwise reverse
758 * everything and leave in polling mode. Returns 0 on success.
759 */
760static int tpm_tis_probe_irq_single(struct tpm_chip *chip, u32 intmask,
761 int flags, int irq)
762{
763 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
764 u8 original_int_vec;
765 int rc;
766 u32 int_status;
767
768 if (devm_request_irq(chip->dev.parent, irq, tis_int_handler, flags,
769 dev_name(&chip->dev), chip) != 0) {
770 dev_info(&chip->dev, "Unable to request irq: %d for probe\n",
771 irq);
772 return -1;
773 }
774 priv->irq = irq;
775
776 rc = tpm_tis_read8(priv, TPM_INT_VECTOR(priv->locality),
777 &original_int_vec);
778 if (rc < 0)
779 return rc;
780
781 rc = tpm_tis_write8(priv, TPM_INT_VECTOR(priv->locality), irq);
782 if (rc < 0)
783 return rc;
784
785 rc = tpm_tis_read32(priv, TPM_INT_STATUS(priv->locality), &int_status);
786 if (rc < 0)
787 return rc;
788
789 /* Clear all existing */
790 rc = tpm_tis_write32(priv, TPM_INT_STATUS(priv->locality), int_status);
791 if (rc < 0)
792 return rc;
793
794 /* Turn on */
795 rc = tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality),
796 intmask | TPM_GLOBAL_INT_ENABLE);
797 if (rc < 0)
798 return rc;
799
800 priv->irq_tested = false;
801
802 /* Generate an interrupt by having the core call through to
803 * tpm_tis_send
804 */
805 rc = tpm_tis_gen_interrupt(chip);
806 if (rc < 0)
807 return rc;
808
809 /* tpm_tis_send will either confirm the interrupt is working or it
810 * will call disable_irq which undoes all of the above.
811 */
812 if (!(chip->flags & TPM_CHIP_FLAG_IRQ)) {
813 rc = tpm_tis_write8(priv, original_int_vec,
814 TPM_INT_VECTOR(priv->locality));
815 if (rc < 0)
816 return rc;
817
818 return 1;
819 }
820
821 return 0;
822}
823
824/* Try to find the IRQ the TPM is using. This is for legacy x86 systems that
825 * do not have ACPI/etc. We typically expect the interrupt to be declared if
826 * present.
827 */
828static void tpm_tis_probe_irq(struct tpm_chip *chip, u32 intmask)
829{
830 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
831 u8 original_int_vec;
832 int i, rc;
833
834 rc = tpm_tis_read8(priv, TPM_INT_VECTOR(priv->locality),
835 &original_int_vec);
836 if (rc < 0)
837 return;
838
839 if (!original_int_vec) {
840 if (IS_ENABLED(CONFIG_X86))
841 for (i = 3; i <= 15; i++)
842 if (!tpm_tis_probe_irq_single(chip, intmask, 0,
843 i))
844 return;
845 } else if (!tpm_tis_probe_irq_single(chip, intmask, 0,
846 original_int_vec))
847 return;
848}
849
850void tpm_tis_remove(struct tpm_chip *chip)
851{
852 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
853 u32 reg = TPM_INT_ENABLE(priv->locality);
854 u32 interrupt;
855 int rc;
856
857 tpm_tis_clkrun_enable(chip, true);
858
859 rc = tpm_tis_read32(priv, reg, &interrupt);
860 if (rc < 0)
861 interrupt = 0;
862
863 tpm_tis_write32(priv, reg, ~TPM_GLOBAL_INT_ENABLE & interrupt);
864
865 tpm_tis_clkrun_enable(chip, false);
866
867 if (priv->ilb_base_addr)
868 iounmap(priv->ilb_base_addr);
869}
870EXPORT_SYMBOL_GPL(tpm_tis_remove);
871
872/**
873 * tpm_tis_clkrun_enable() - Keep clkrun protocol disabled for entire duration
874 * of a single TPM command
875 * @chip: TPM chip to use
876 * @value: 1 - Disable CLKRUN protocol, so that clocks are free running
877 * 0 - Enable CLKRUN protocol
878 * Call this function directly in tpm_tis_remove() in error or driver removal
879 * path, since the chip->ops is set to NULL in tpm_chip_unregister().
880 */
881static void tpm_tis_clkrun_enable(struct tpm_chip *chip, bool value)
882{
883 struct tpm_tis_data *data = dev_get_drvdata(&chip->dev);
884 u32 clkrun_val;
885
886 if (!IS_ENABLED(CONFIG_X86) || !is_bsw() ||
887 !data->ilb_base_addr)
888 return;
889
890 if (value) {
891 data->clkrun_enabled++;
892 if (data->clkrun_enabled > 1)
893 return;
894 clkrun_val = ioread32(data->ilb_base_addr + LPC_CNTRL_OFFSET);
895
896 /* Disable LPC CLKRUN# */
897 clkrun_val &= ~LPC_CLKRUN_EN;
898 iowrite32(clkrun_val, data->ilb_base_addr + LPC_CNTRL_OFFSET);
899
900 /*
901 * Write any random value on port 0x80 which is on LPC, to make
902 * sure LPC clock is running before sending any TPM command.
903 */
904 outb(0xCC, 0x80);
905 } else {
906 data->clkrun_enabled--;
907 if (data->clkrun_enabled)
908 return;
909
910 clkrun_val = ioread32(data->ilb_base_addr + LPC_CNTRL_OFFSET);
911
912 /* Enable LPC CLKRUN# */
913 clkrun_val |= LPC_CLKRUN_EN;
914 iowrite32(clkrun_val, data->ilb_base_addr + LPC_CNTRL_OFFSET);
915
916 /*
917 * Write any random value on port 0x80 which is on LPC, to make
918 * sure LPC clock is running before sending any TPM command.
919 */
920 outb(0xCC, 0x80);
921 }
922}
923
924static const struct tpm_class_ops tpm_tis = {
925 .flags = TPM_OPS_AUTO_STARTUP,
926 .status = tpm_tis_status,
927 .recv = tpm_tis_recv,
928 .send = tpm_tis_send,
929 .cancel = tpm_tis_ready,
930 .update_timeouts = tpm_tis_update_timeouts,
931 .update_durations = tpm_tis_update_durations,
932 .req_complete_mask = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
933 .req_complete_val = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
934 .req_canceled = tpm_tis_req_canceled,
935 .request_locality = request_locality,
936 .relinquish_locality = release_locality,
937 .clk_enable = tpm_tis_clkrun_enable,
938};
939
940int tpm_tis_core_init(struct device *dev, struct tpm_tis_data *priv, int irq,
941 const struct tpm_tis_phy_ops *phy_ops,
942 acpi_handle acpi_dev_handle)
943{
944 u32 vendor;
945 u32 intfcaps;
946 u32 intmask;
947 u32 clkrun_val;
948 u8 rid;
949 int rc, probe;
950 struct tpm_chip *chip;
951
952 chip = tpmm_chip_alloc(dev, &tpm_tis);
953 if (IS_ERR(chip))
954 return PTR_ERR(chip);
955
956#ifdef CONFIG_ACPI
957 chip->acpi_dev_handle = acpi_dev_handle;
958#endif
959
960 chip->hwrng.quality = priv->rng_quality;
961
962 /* Maximum timeouts */
963 chip->timeout_a = msecs_to_jiffies(TIS_TIMEOUT_A_MAX);
964 chip->timeout_b = msecs_to_jiffies(TIS_TIMEOUT_B_MAX);
965 chip->timeout_c = msecs_to_jiffies(TIS_TIMEOUT_C_MAX);
966 chip->timeout_d = msecs_to_jiffies(TIS_TIMEOUT_D_MAX);
967 priv->timeout_min = TPM_TIMEOUT_USECS_MIN;
968 priv->timeout_max = TPM_TIMEOUT_USECS_MAX;
969 priv->phy_ops = phy_ops;
970
971 dev_set_drvdata(&chip->dev, priv);
972
973 rc = tpm_tis_read32(priv, TPM_DID_VID(0), &vendor);
974 if (rc < 0)
975 return rc;
976
977 priv->manufacturer_id = vendor;
978
979 if (priv->manufacturer_id == TPM_VID_ATML &&
980 !(chip->flags & TPM_CHIP_FLAG_TPM2)) {
981 priv->timeout_min = TIS_TIMEOUT_MIN_ATML;
982 priv->timeout_max = TIS_TIMEOUT_MAX_ATML;
983 }
984
985 if (is_bsw()) {
986 priv->ilb_base_addr = ioremap(INTEL_LEGACY_BLK_BASE_ADDR,
987 ILB_REMAP_SIZE);
988 if (!priv->ilb_base_addr)
989 return -ENOMEM;
990
991 clkrun_val = ioread32(priv->ilb_base_addr + LPC_CNTRL_OFFSET);
992 /* Check if CLKRUN# is already not enabled in the LPC bus */
993 if (!(clkrun_val & LPC_CLKRUN_EN)) {
994 iounmap(priv->ilb_base_addr);
995 priv->ilb_base_addr = NULL;
996 }
997 }
998
999 if (chip->ops->clk_enable != NULL)
1000 chip->ops->clk_enable(chip, true);
1001
1002 if (wait_startup(chip, 0) != 0) {
1003 rc = -ENODEV;
1004 goto out_err;
1005 }
1006
1007 /* Take control of the TPM's interrupt hardware and shut it off */
1008 rc = tpm_tis_read32(priv, TPM_INT_ENABLE(priv->locality), &intmask);
1009 if (rc < 0)
1010 goto out_err;
1011
1012 intmask |= TPM_INTF_CMD_READY_INT | TPM_INTF_LOCALITY_CHANGE_INT |
1013 TPM_INTF_DATA_AVAIL_INT | TPM_INTF_STS_VALID_INT;
1014 intmask &= ~TPM_GLOBAL_INT_ENABLE;
1015
1016 rc = request_locality(chip, 0);
1017 if (rc < 0) {
1018 rc = -ENODEV;
1019 goto out_err;
1020 }
1021
1022 tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality), intmask);
1023 release_locality(chip, 0);
1024
1025 rc = tpm_chip_start(chip);
1026 if (rc)
1027 goto out_err;
1028 rc = tpm2_probe(chip);
1029 tpm_chip_stop(chip);
1030 if (rc)
1031 goto out_err;
1032
1033 rc = tpm_tis_read8(priv, TPM_RID(0), &rid);
1034 if (rc < 0)
1035 goto out_err;
1036
1037 dev_info(dev, "%s TPM (device-id 0x%X, rev-id %d)\n",
1038 (chip->flags & TPM_CHIP_FLAG_TPM2) ? "2.0" : "1.2",
1039 vendor >> 16, rid);
1040
1041 probe = probe_itpm(chip);
1042 if (probe < 0) {
1043 rc = -ENODEV;
1044 goto out_err;
1045 }
1046
1047 /* Figure out the capabilities */
1048 rc = tpm_tis_read32(priv, TPM_INTF_CAPS(priv->locality), &intfcaps);
1049 if (rc < 0)
1050 goto out_err;
1051
1052 dev_dbg(dev, "TPM interface capabilities (0x%x):\n",
1053 intfcaps);
1054 if (intfcaps & TPM_INTF_BURST_COUNT_STATIC)
1055 dev_dbg(dev, "\tBurst Count Static\n");
1056 if (intfcaps & TPM_INTF_CMD_READY_INT)
1057 dev_dbg(dev, "\tCommand Ready Int Support\n");
1058 if (intfcaps & TPM_INTF_INT_EDGE_FALLING)
1059 dev_dbg(dev, "\tInterrupt Edge Falling\n");
1060 if (intfcaps & TPM_INTF_INT_EDGE_RISING)
1061 dev_dbg(dev, "\tInterrupt Edge Rising\n");
1062 if (intfcaps & TPM_INTF_INT_LEVEL_LOW)
1063 dev_dbg(dev, "\tInterrupt Level Low\n");
1064 if (intfcaps & TPM_INTF_INT_LEVEL_HIGH)
1065 dev_dbg(dev, "\tInterrupt Level High\n");
1066 if (intfcaps & TPM_INTF_LOCALITY_CHANGE_INT)
1067 dev_dbg(dev, "\tLocality Change Int Support\n");
1068 if (intfcaps & TPM_INTF_STS_VALID_INT)
1069 dev_dbg(dev, "\tSts Valid Int Support\n");
1070 if (intfcaps & TPM_INTF_DATA_AVAIL_INT)
1071 dev_dbg(dev, "\tData Avail Int Support\n");
1072
1073 /* INTERRUPT Setup */
1074 init_waitqueue_head(&priv->read_queue);
1075 init_waitqueue_head(&priv->int_queue);
1076 if (irq != -1) {
1077 /*
1078 * Before doing irq testing issue a command to the TPM in polling mode
1079 * to make sure it works. May as well use that command to set the
1080 * proper timeouts for the driver.
1081 */
1082
1083 rc = request_locality(chip, 0);
1084 if (rc < 0)
1085 goto out_err;
1086
1087 rc = tpm_get_timeouts(chip);
1088
1089 release_locality(chip, 0);
1090
1091 if (rc) {
1092 dev_err(dev, "Could not get TPM timeouts and durations\n");
1093 rc = -ENODEV;
1094 goto out_err;
1095 }
1096
1097 if (irq) {
1098 tpm_tis_probe_irq_single(chip, intmask, IRQF_SHARED,
1099 irq);
1100 if (!(chip->flags & TPM_CHIP_FLAG_IRQ)) {
1101 dev_err(&chip->dev, FW_BUG
1102 "TPM interrupt not working, polling instead\n");
1103
1104 disable_interrupts(chip);
1105 }
1106 } else {
1107 tpm_tis_probe_irq(chip, intmask);
1108 }
1109 }
1110
1111 rc = tpm_chip_register(chip);
1112 if (rc)
1113 goto out_err;
1114
1115 if (chip->ops->clk_enable != NULL)
1116 chip->ops->clk_enable(chip, false);
1117
1118 return 0;
1119out_err:
1120 if (chip->ops->clk_enable != NULL)
1121 chip->ops->clk_enable(chip, false);
1122
1123 tpm_tis_remove(chip);
1124
1125 return rc;
1126}
1127EXPORT_SYMBOL_GPL(tpm_tis_core_init);
1128
1129#ifdef CONFIG_PM_SLEEP
1130static void tpm_tis_reenable_interrupts(struct tpm_chip *chip)
1131{
1132 struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
1133 u32 intmask;
1134 int rc;
1135
1136 if (chip->ops->clk_enable != NULL)
1137 chip->ops->clk_enable(chip, true);
1138
1139 /* reenable interrupts that device may have lost or
1140 * BIOS/firmware may have disabled
1141 */
1142 rc = tpm_tis_write8(priv, TPM_INT_VECTOR(priv->locality), priv->irq);
1143 if (rc < 0)
1144 goto out;
1145
1146 rc = tpm_tis_read32(priv, TPM_INT_ENABLE(priv->locality), &intmask);
1147 if (rc < 0)
1148 goto out;
1149
1150 intmask |= TPM_INTF_CMD_READY_INT
1151 | TPM_INTF_LOCALITY_CHANGE_INT | TPM_INTF_DATA_AVAIL_INT
1152 | TPM_INTF_STS_VALID_INT | TPM_GLOBAL_INT_ENABLE;
1153
1154 tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality), intmask);
1155
1156out:
1157 if (chip->ops->clk_enable != NULL)
1158 chip->ops->clk_enable(chip, false);
1159
1160 return;
1161}
1162
1163int tpm_tis_resume(struct device *dev)
1164{
1165 struct tpm_chip *chip = dev_get_drvdata(dev);
1166 int ret;
1167
1168 if (chip->flags & TPM_CHIP_FLAG_IRQ)
1169 tpm_tis_reenable_interrupts(chip);
1170
1171 ret = tpm_pm_resume(dev);
1172 if (ret)
1173 return ret;
1174
1175 /*
1176 * TPM 1.2 requires self-test on resume. This function actually returns
1177 * an error code but for unknown reason it isn't handled.
1178 */
1179 if (!(chip->flags & TPM_CHIP_FLAG_TPM2)) {
1180 ret = request_locality(chip, 0);
1181 if (ret < 0)
1182 return ret;
1183
1184 tpm1_do_selftest(chip);
1185
1186 release_locality(chip, 0);
1187 }
1188
1189 return 0;
1190}
1191EXPORT_SYMBOL_GPL(tpm_tis_resume);
1192#endif
1193
1194MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)");
1195MODULE_DESCRIPTION("TPM Driver");
1196MODULE_VERSION("2.0");
1197MODULE_LICENSE("GPL");