Patrick Rudolph has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/45567 )
Change subject: drivers/tpm: Move PPI stub ......................................................................
drivers/tpm: Move PPI stub
As preparation to a full PPI implementation move the acpi code out of the pc80/tpm/tis driver into the generic tpm driver folder.
This doesn't change any functionality.
Change-Id: I7818d0344d4a08926195bd4804565502717c48fa Signed-off-by: Patrick Rudolph patrick.rudolph@9elements.com --- M src/drivers/pc80/tpm/tis.c M src/drivers/tpm/Makefile.inc A src/drivers/tpm/ppi_stub.c A src/drivers/tpm/tpm_ppi.h 4 files changed, 157 insertions(+), 121 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/67/45567/1
diff --git a/src/drivers/pc80/tpm/tis.c b/src/drivers/pc80/tpm/tis.c index 27d238c..48e529a 100644 --- a/src/drivers/pc80/tpm/tis.c +++ b/src/drivers/pc80/tpm/tis.c @@ -21,13 +21,11 @@ #include <console/console.h> #include <security/tpm/tis.h> #include <device/pnp.h> +#include <drivers/tpm/tpm_ppi.h> #include "chip.h"
#define PREFIX "lpc_tpm: " -/* TCG Physical Presence Interface */ -#define TPM_PPI_UUID "3dddfaa6-361b-4eb4-a424-8d10089d1653" -/* TCG Memory Clear Interface */ -#define TPM_MCI_UUID "376054ed-cc13-4675-901c-4756d7f2d45d" + /* coreboot wrapper for TPM driver (start) */ #define TPM_DEBUG(fmt, args...) \ if (CONFIG(DEBUG_TPM)) { \ @@ -777,104 +775,9 @@ }
#if CONFIG(HAVE_ACPI_TABLES) - -static void tpm_ppi_func0_cb(void *arg) -{ - /* Functions 1-8. */ - u8 buf[] = {0xff, 0x01}; - acpigen_write_return_byte_buffer(buf, 2); -} - -static void tpm_ppi_func1_cb(void *arg) -{ - if (CONFIG(TPM2)) - /* Interface version: 2.0 */ - acpigen_write_return_string("2.0"); - else - /* Interface version: 1.2 */ - acpigen_write_return_string("1.2"); -} - -static void tpm_ppi_func2_cb(void *arg) -{ - /* Submit operations: drop on the floor and return success. */ - acpigen_write_return_byte(0); -} - -static void tpm_ppi_func3_cb(void *arg) -{ - /* Pending operation: none. */ - acpigen_emit_byte(RETURN_OP); - acpigen_write_package(2); - acpigen_write_byte(0); - acpigen_write_byte(0); - acpigen_pop_len(); -} -static void tpm_ppi_func4_cb(void *arg) -{ - /* Pre-OS transition method: reboot. */ - acpigen_write_return_byte(2); -} -static void tpm_ppi_func5_cb(void *arg) -{ - /* Operation response: no operation executed. */ - acpigen_emit_byte(RETURN_OP); - acpigen_write_package(3); - acpigen_write_byte(0); - acpigen_write_byte(0); - acpigen_write_byte(0); - acpigen_pop_len(); -} -static void tpm_ppi_func6_cb(void *arg) -{ - /* - * Set preferred user language: deprecated and must return 3 aka - * "not implemented". - */ - acpigen_write_return_byte(3); -} -static void tpm_ppi_func7_cb(void *arg) -{ - /* Submit operations: deny. */ - acpigen_write_return_byte(3); -} -static void tpm_ppi_func8_cb(void *arg) -{ - /* All actions are forbidden. */ - acpigen_write_return_byte(1); -} -static void (*tpm_ppi_callbacks[])(void *) = { - tpm_ppi_func0_cb, - tpm_ppi_func1_cb, - tpm_ppi_func2_cb, - tpm_ppi_func3_cb, - tpm_ppi_func4_cb, - tpm_ppi_func5_cb, - tpm_ppi_func6_cb, - tpm_ppi_func7_cb, - tpm_ppi_func8_cb, -}; - -static void tpm_mci_func0_cb(void *arg) -{ - /* Function 1. */ - acpigen_write_return_singleton_buffer(0x3); -} -static void tpm_mci_func1_cb(void *arg) -{ - /* Just return success. */ - acpigen_write_return_byte(0); -} - -static void (*tpm_mci_callbacks[])(void *) = { - tpm_mci_func0_cb, - tpm_mci_func1_cb, -}; - static void lpc_tpm_fill_ssdt(const struct device *dev) { const char *path = acpi_device_path(dev->bus->dev); - u32 arg;
if (!path) { path = "\_SB_.PCI0.LPCB"; @@ -938,31 +841,12 @@ acpi_device_write_interrupt(&tpm_irq); }
+ acpigen_write_resourcetemplate_footer();
- if (!CONFIG(CHROMEOS)) { - /* - * _DSM method - */ - struct dsm_uuid ids[] = { - /* Physical presence interface. - * This is used to submit commands like "Clear TPM" to - * be run at next reboot provided that user confirms - * them. Spec allows user to cancel all commands and/or - * configure BIOS to reject commands. So we pretend that - * user did just this: cancelled everything. If user - * really wants to clear TPM the only option now is to - * do it manually in payload. - */ - DSM_UUID(TPM_PPI_UUID, &tpm_ppi_callbacks[0], - ARRAY_SIZE(tpm_ppi_callbacks), (void *) &arg), - /* Memory clearing on boot: just a dummy. */ - DSM_UUID(TPM_MCI_UUID, &tpm_mci_callbacks[0], - ARRAY_SIZE(tpm_mci_callbacks), (void *) &arg), - }; + if (!CONFIG(CHROMEOS)) + tpm_ppi_acpi_fill_ssdt(dev);
- acpigen_write_dsm_uuid_arr(ids, ARRAY_SIZE(ids)); - } acpigen_pop_len(); /* Device */ acpigen_pop_len(); /* Scope */
diff --git a/src/drivers/tpm/Makefile.inc b/src/drivers/tpm/Makefile.inc index 4e80600..5fc4632 100644 --- a/src/drivers/tpm/Makefile.inc +++ b/src/drivers/tpm/Makefile.inc @@ -1 +1,3 @@ ramstage-$(CONFIG_TPM_INIT) += tpm.c + +ramstage-$(CONFIG_HAVE_ACPI_TABLES) += ppi_stub.c diff --git a/src/drivers/tpm/ppi_stub.c b/src/drivers/tpm/ppi_stub.c new file mode 100644 index 0000000..a4b8f57 --- /dev/null +++ b/src/drivers/tpm/ppi_stub.c @@ -0,0 +1,129 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ + +#include <types.h> +#include <stddef.h> +#include <acpi/acpi.h> +#include <acpi/acpigen.h> +#include <acpi/acpi_device.h> + +#include "tpm_ppi.h" + + +static void tpm_ppi_func0_cb(void *arg) +{ + /* Functions 1-8. */ + u8 buf[] = {0xff, 0x01}; + acpigen_write_return_byte_buffer(buf, 2); +} + +static void tpm_ppi_func1_cb(void *arg) +{ + if (CONFIG(TPM2)) + /* Interface version: 2.0 */ + acpigen_write_return_string("2.0"); + else + /* Interface version: 1.2 */ + acpigen_write_return_string("1.2"); +} + +static void tpm_ppi_func2_cb(void *arg) +{ + /* Submit operations: drop on the floor and return success. */ + acpigen_write_return_byte(0); +} + +static void tpm_ppi_func3_cb(void *arg) +{ + /* Pending operation: none. */ + acpigen_emit_byte(RETURN_OP); + acpigen_write_package(2); + acpigen_write_byte(0); + acpigen_write_byte(0); + acpigen_pop_len(); +} +static void tpm_ppi_func4_cb(void *arg) +{ + /* Pre-OS transition method: reboot. */ + acpigen_write_return_byte(2); +} +static void tpm_ppi_func5_cb(void *arg) +{ + /* Operation response: no operation executed. */ + acpigen_emit_byte(RETURN_OP); + acpigen_write_package(3); + acpigen_write_byte(0); + acpigen_write_byte(0); + acpigen_write_byte(0); + acpigen_pop_len(); +} +static void tpm_ppi_func6_cb(void *arg) +{ + /* + * Set preferred user language: deprecated and must return 3 aka + * "not implemented". + */ + acpigen_write_return_byte(3); +} +static void tpm_ppi_func7_cb(void *arg) +{ + /* Submit operations: deny. */ + acpigen_write_return_byte(3); +} +static void tpm_ppi_func8_cb(void *arg) +{ + /* All actions are forbidden. */ + acpigen_write_return_byte(1); +} +static void (*tpm_ppi_callbacks[])(void *) = { + tpm_ppi_func0_cb, + tpm_ppi_func1_cb, + tpm_ppi_func2_cb, + tpm_ppi_func3_cb, + tpm_ppi_func4_cb, + tpm_ppi_func5_cb, + tpm_ppi_func6_cb, + tpm_ppi_func7_cb, + tpm_ppi_func8_cb, +}; + +static void tpm_mci_func0_cb(void *arg) +{ + /* Function 1. */ + acpigen_write_return_singleton_buffer(0x3); +} +static void tpm_mci_func1_cb(void *arg) +{ + /* Just return success. */ + acpigen_write_return_byte(0); +} + +static void (*tpm_mci_callbacks[])(void *) = { + tpm_mci_func0_cb, + tpm_mci_func1_cb, +}; + +void tpm_ppi_acpi_fill_ssdt(const struct device *dev) +{ + u32 arg; + /* + * _DSM method + */ + struct dsm_uuid ids[] = { + /* Physical presence interface. + * This is used to submit commands like "Clear TPM" to + * be run at next reboot provided that user confirms + * them. Spec allows user to cancel all commands and/or + * configure BIOS to reject commands. So we pretend that + * user did just this: cancelled everything. If user + * really wants to clear TPM the only option now is to + * do it manually in payload. + */ + DSM_UUID(TPM_PPI_UUID, &tpm_ppi_callbacks[0], + ARRAY_SIZE(tpm_ppi_callbacks), (void *) &arg), + /* Memory clearing on boot: just a dummy. */ + DSM_UUID(TPM_MCI_UUID, &tpm_mci_callbacks[0], + ARRAY_SIZE(tpm_mci_callbacks), (void *) &arg), + }; + + acpigen_write_dsm_uuid_arr(ids, ARRAY_SIZE(ids)); +} diff --git a/src/drivers/tpm/tpm_ppi.h b/src/drivers/tpm/tpm_ppi.h new file mode 100644 index 0000000..4bacbe5 --- /dev/null +++ b/src/drivers/tpm/tpm_ppi.h @@ -0,0 +1,21 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ + +#ifndef _TPM_PPI_H_ +#define _TPM_PPI_H_ + +#include <device/device.h> + +#if CONFIG(HAVE_ACPI_TABLES) +void tpm_ppi_acpi_fill_ssdt(const struct device *dev); +#else +static inline void tpm_ppi_acpi_fill_ssdt(const struct device *dev) +{ +} +#endif + +/* TCG Physical Presence Interface */ +#define TPM_PPI_UUID "3dddfaa6-361b-4eb4-a424-8d10089d1653" +/* TCG Memory Clear Interface */ +#define TPM_MCI_UUID "376054ed-cc13-4675-901c-4756d7f2d45d" + +#endif /* _TPM_PPI_H_ */
Tim Wawrzynczak has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45567 )
Change subject: drivers/tpm: Move PPI stub ......................................................................
Patch Set 1:
(8 comments)
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c File src/drivers/tpm/ppi_stub.c:
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c@... PS1, Line 16: 2 sizeof(buf) ?
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c@... PS1, Line 47: 2 symbolic constant or a comment would be nice
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c@... PS1, Line 62: aka AKA
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c@... PS1, Line 59: static void tpm_ppi_func6_cb(void *arg) : { : /* : * Set preferred user language: deprecated and must return 3 aka : * "not implemented". : */ : acpigen_write_return_byte(3); : } : static void tpm_ppi_func7_cb(void *arg) : { : /* Submit operations: deny. */ : acpigen_write_return_byte(3); : } : static void tpm_ppi_func8_cb(void *arg) : { : /* All actions are forbidden. */ : acpigen_write_return_byte(1); please add symbolic constants for these return values
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c@... PS1, Line 121: &tpm_ppi_callbacks[0] can just be `tpm_ppi_callbacks`
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c@... PS1, Line 122: (void *) &arg) It doesn't look like any of the callbacks use this arg, could we just pass NULL instead?
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c@... PS1, Line 124: &tpm_mci_callbacks[0] can just be `tpm_mci_callbacks`
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c@... PS1, Line 125: (void *) &arg) It doesn't look like any of the callbacks use this arg, could we just pass NULL instead?
Hello build bot (Jenkins), Patrick Georgi, Martin Roth, Christian Walter,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/45567
to look at the new patch set (#2).
Change subject: drivers/tpm: Move PPI stub ......................................................................
drivers/tpm: Move PPI stub
As preparation to a full PPI implementation move the acpi code out of the pc80/tpm/tis driver into the generic tpm driver folder.
This doesn't change any functionality.
Change-Id: I7818d0344d4a08926195bd4804565502717c48fa Signed-off-by: Patrick Rudolph patrick.rudolph@9elements.com --- M src/drivers/pc80/tpm/tis.c M src/drivers/tpm/Makefile.inc A src/drivers/tpm/ppi_stub.c A src/drivers/tpm/tpm_ppi.h 4 files changed, 156 insertions(+), 121 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/67/45567/2
Patrick Rudolph has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45567 )
Change subject: drivers/tpm: Move PPI stub ......................................................................
Patch Set 2:
(2 comments)
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c File src/drivers/tpm/ppi_stub.c:
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c@... PS1, Line 122: (void *) &arg)
It doesn't look like any of the callbacks use this arg, could we just pass NULL instead?
Done
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c@... PS1, Line 125: (void *) &arg)
It doesn't look like any of the callbacks use this arg, could we just pass NULL instead?
Done
Hello build bot (Jenkins), Patrick Georgi, Martin Roth, Christian Walter,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/45567
to look at the new patch set (#3).
Change subject: drivers/tpm: Move PPI stub ......................................................................
drivers/tpm: Move PPI stub
As preparation to a full PPI implementation move the acpi code out of the pc80/tpm/tis driver into the generic tpm driver folder.
This doesn't change any functionality.
Change-Id: I7818d0344d4a08926195bd4804565502717c48fa Signed-off-by: Patrick Rudolph patrick.rudolph@9elements.com --- M src/drivers/pc80/tpm/tis.c M src/drivers/tpm/Makefile.inc A src/drivers/tpm/ppi_stub.c A src/drivers/tpm/tpm_ppi.h 4 files changed, 198 insertions(+), 121 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/67/45567/3
Patrick Rudolph has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45567 )
Change subject: drivers/tpm: Move PPI stub ......................................................................
Patch Set 3:
(6 comments)
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c File src/drivers/tpm/ppi_stub.c:
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c@... PS1, Line 16: 2
sizeof(buf) ?
Done
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c@... PS1, Line 47: 2
symbolic constant or a comment would be nice
Done
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c@... PS1, Line 62: aka
AKA
Done
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c@... PS1, Line 59: static void tpm_ppi_func6_cb(void *arg) : { : /* : * Set preferred user language: deprecated and must return 3 aka : * "not implemented". : */ : acpigen_write_return_byte(3); : } : static void tpm_ppi_func7_cb(void *arg) : { : /* Submit operations: deny. */ : acpigen_write_return_byte(3); : } : static void tpm_ppi_func8_cb(void *arg) : { : /* All actions are forbidden. */ : acpigen_write_return_byte(1);
please add symbolic constants for these return values
Done
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c@... PS1, Line 121: &tpm_ppi_callbacks[0]
can just be `tpm_ppi_callbacks`
Done
https://review.coreboot.org/c/coreboot/+/45567/1/src/drivers/tpm/ppi_stub.c@... PS1, Line 124: &tpm_mci_callbacks[0]
can just be `tpm_mci_callbacks`
Done
Tim Wawrzynczak has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45567 )
Change subject: drivers/tpm: Move PPI stub ......................................................................
Patch Set 3: Code-Review+1
(1 comment)
https://review.coreboot.org/c/coreboot/+/45567/3/src/drivers/tpm/tpm_ppi.h File src/drivers/tpm/tpm_ppi.h:
https://review.coreboot.org/c/coreboot/+/45567/3/src/drivers/tpm/tpm_ppi.h@1... PS3, Line 15: : : /* Return codes */ : /* Function 2 */ : #define PPI2_RET_SUCCESS 0 : #define PPI2_RET_NOT_SUPPORTED 1 : #define PPI2_RET_GENERAL_FAILURE 2 : : /* Function 3 */ : #define PPI3_RET_SUCCESS 0 : #define PPI3_RET_GENERAL_FAILURE 1 : : /* Function 4 */ : #define PPI4_RET_NONE 0 : #define PPI4_RET_SHUTDOWN 1 : #define PPI4_RET_REBOOT 2 : #define PPI4_RET_OS_VENDOR_SPECIFIC 3 : : /* Function 5 */ : #define PPI5_RET_SUCCESS 0 : #define PPI5_RET_GENERAL_FAILURE 1 : : /* Function 6 */ : #define PPI6_RET_NOT_IMPLEMENTED 3 : : /* Function 7 */ : #define PPI7_RET_SUCCESS 0 : #define PPI7_RET_NOT_IMPLEMENTED 1 : #define PPI7_RET_GENERAL_FAILURE 2 : #define PPI7_RET_BLOCKED_BY_FIRMWARE 3 : : /* Function 8 */ : #define PPI8_RET_NOT_IMPLEMENTED 0 : #define PPI8_RET_FIRMWARE_ONLY 1 : #define PPI8_RET_BLOCKED_FOR_OS_BY_FW 2 : #define PPI8_RET_ALLOWED_WITH_PP 3 : #define PPI8_RET_ALLOWED 4 : : /* TCG Physical Presence Interface */ : #define TPM_PPI_UUID "3dddfaa6-361b-4eb4-a424-8d10089d1653" : /* TCG Memory Clear Interface */ : #define TPM_MCI_UUID "376054ed-cc13-4675-901c-4756d7f2d45d" Is any of this required to be exported or can it live in the .c file?
Patrick Rudolph has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45567 )
Change subject: drivers/tpm: Move PPI stub ......................................................................
Patch Set 3:
(1 comment)
https://review.coreboot.org/c/coreboot/+/45567/3/src/drivers/tpm/tpm_ppi.h File src/drivers/tpm/tpm_ppi.h:
https://review.coreboot.org/c/coreboot/+/45567/3/src/drivers/tpm/tpm_ppi.h@1... PS3, Line 15: : : /* Return codes */ : /* Function 2 */ : #define PPI2_RET_SUCCESS 0 : #define PPI2_RET_NOT_SUPPORTED 1 : #define PPI2_RET_GENERAL_FAILURE 2 : : /* Function 3 */ : #define PPI3_RET_SUCCESS 0 : #define PPI3_RET_GENERAL_FAILURE 1 : : /* Function 4 */ : #define PPI4_RET_NONE 0 : #define PPI4_RET_SHUTDOWN 1 : #define PPI4_RET_REBOOT 2 : #define PPI4_RET_OS_VENDOR_SPECIFIC 3 : : /* Function 5 */ : #define PPI5_RET_SUCCESS 0 : #define PPI5_RET_GENERAL_FAILURE 1 : : /* Function 6 */ : #define PPI6_RET_NOT_IMPLEMENTED 3 : : /* Function 7 */ : #define PPI7_RET_SUCCESS 0 : #define PPI7_RET_NOT_IMPLEMENTED 1 : #define PPI7_RET_GENERAL_FAILURE 2 : #define PPI7_RET_BLOCKED_BY_FIRMWARE 3 : : /* Function 8 */ : #define PPI8_RET_NOT_IMPLEMENTED 0 : #define PPI8_RET_FIRMWARE_ONLY 1 : #define PPI8_RET_BLOCKED_FOR_OS_BY_FW 2 : #define PPI8_RET_ALLOWED_WITH_PP 3 : #define PPI8_RET_ALLOWED 4 : : /* TCG Physical Presence Interface */ : #define TPM_PPI_UUID "3dddfaa6-361b-4eb4-a424-8d10089d1653" : /* TCG Memory Clear Interface */ : #define TPM_MCI_UUID "376054ed-cc13-4675-901c-4756d7f2d45d"
Is any of this required to be exported or can it live in the . […]
It's shared with the full PPI implementation introduced in the next commit.
Angel Pons has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45567 )
Change subject: drivers/tpm: Move PPI stub ......................................................................
Patch Set 3: Code-Review+2
(1 comment)
https://review.coreboot.org/c/coreboot/+/45567/3//COMMIT_MSG Commit Message:
https://review.coreboot.org/c/coreboot/+/45567/3//COMMIT_MSG@9 PS3, Line 9: th nit: move to next line
Tim Wawrzynczak has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45567 )
Change subject: drivers/tpm: Move PPI stub ......................................................................
Patch Set 3: Code-Review+2
(1 comment)
https://review.coreboot.org/c/coreboot/+/45567/3/src/drivers/tpm/tpm_ppi.h File src/drivers/tpm/tpm_ppi.h:
https://review.coreboot.org/c/coreboot/+/45567/3/src/drivers/tpm/tpm_ppi.h@1... PS3, Line 15: : : /* Return codes */ : /* Function 2 */ : #define PPI2_RET_SUCCESS 0 : #define PPI2_RET_NOT_SUPPORTED 1 : #define PPI2_RET_GENERAL_FAILURE 2 : : /* Function 3 */ : #define PPI3_RET_SUCCESS 0 : #define PPI3_RET_GENERAL_FAILURE 1 : : /* Function 4 */ : #define PPI4_RET_NONE 0 : #define PPI4_RET_SHUTDOWN 1 : #define PPI4_RET_REBOOT 2 : #define PPI4_RET_OS_VENDOR_SPECIFIC 3 : : /* Function 5 */ : #define PPI5_RET_SUCCESS 0 : #define PPI5_RET_GENERAL_FAILURE 1 : : /* Function 6 */ : #define PPI6_RET_NOT_IMPLEMENTED 3 : : /* Function 7 */ : #define PPI7_RET_SUCCESS 0 : #define PPI7_RET_NOT_IMPLEMENTED 1 : #define PPI7_RET_GENERAL_FAILURE 2 : #define PPI7_RET_BLOCKED_BY_FIRMWARE 3 : : /* Function 8 */ : #define PPI8_RET_NOT_IMPLEMENTED 0 : #define PPI8_RET_FIRMWARE_ONLY 1 : #define PPI8_RET_BLOCKED_FOR_OS_BY_FW 2 : #define PPI8_RET_ALLOWED_WITH_PP 3 : #define PPI8_RET_ALLOWED 4 : : /* TCG Physical Presence Interface */ : #define TPM_PPI_UUID "3dddfaa6-361b-4eb4-a424-8d10089d1653" : /* TCG Memory Clear Interface */ : #define TPM_MCI_UUID "376054ed-cc13-4675-901c-4756d7f2d45d"
It's shared with the full PPI implementation introduced in the next commit.
Ack
Hello build bot (Jenkins), Patrick Georgi, Martin Roth, Tim Wawrzynczak, Christian Walter, Angel Pons,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/45567
to look at the new patch set (#4).
Change subject: drivers/tpm: Move PPI stub ......................................................................
drivers/tpm: Move PPI stub
As preparation to a full PPI implementation move the acpi code out of the pc80/tpm/tis driver into the generic tpm driver folder.
This doesn't change any functionality.
Change-Id: I7818d0344d4a08926195bd4804565502717c48fa Signed-off-by: Patrick Rudolph patrick.rudolph@9elements.com --- M src/drivers/pc80/tpm/tis.c M src/drivers/tpm/Makefile.inc A src/drivers/tpm/ppi_stub.c A src/drivers/tpm/tpm_ppi.h 4 files changed, 198 insertions(+), 121 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/67/45567/4
Patrick Rudolph has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45567 )
Change subject: drivers/tpm: Move PPI stub ......................................................................
Patch Set 4:
(1 comment)
https://review.coreboot.org/c/coreboot/+/45567/3//COMMIT_MSG Commit Message:
https://review.coreboot.org/c/coreboot/+/45567/3//COMMIT_MSG@9 PS3, Line 9: th
nit: move to next line
Done
Angel Pons has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45567 )
Change subject: drivers/tpm: Move PPI stub ......................................................................
Patch Set 4: Code-Review+2
Patrick Georgi has submitted this change. ( https://review.coreboot.org/c/coreboot/+/45567 )
Change subject: drivers/tpm: Move PPI stub ......................................................................
drivers/tpm: Move PPI stub
As preparation to a full PPI implementation move the acpi code out of the pc80/tpm/tis driver into the generic tpm driver folder.
This doesn't change any functionality.
Change-Id: I7818d0344d4a08926195bd4804565502717c48fa Signed-off-by: Patrick Rudolph patrick.rudolph@9elements.com Reviewed-on: https://review.coreboot.org/c/coreboot/+/45567 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Angel Pons th3fanbus@gmail.com --- M src/drivers/pc80/tpm/tis.c M src/drivers/tpm/Makefile.inc A src/drivers/tpm/ppi_stub.c A src/drivers/tpm/tpm_ppi.h 4 files changed, 198 insertions(+), 121 deletions(-)
Approvals: build bot (Jenkins): Verified Angel Pons: Looks good to me, approved
diff --git a/src/drivers/pc80/tpm/tis.c b/src/drivers/pc80/tpm/tis.c index 27d238c..48e529a 100644 --- a/src/drivers/pc80/tpm/tis.c +++ b/src/drivers/pc80/tpm/tis.c @@ -21,13 +21,11 @@ #include <console/console.h> #include <security/tpm/tis.h> #include <device/pnp.h> +#include <drivers/tpm/tpm_ppi.h> #include "chip.h"
#define PREFIX "lpc_tpm: " -/* TCG Physical Presence Interface */ -#define TPM_PPI_UUID "3dddfaa6-361b-4eb4-a424-8d10089d1653" -/* TCG Memory Clear Interface */ -#define TPM_MCI_UUID "376054ed-cc13-4675-901c-4756d7f2d45d" + /* coreboot wrapper for TPM driver (start) */ #define TPM_DEBUG(fmt, args...) \ if (CONFIG(DEBUG_TPM)) { \ @@ -777,104 +775,9 @@ }
#if CONFIG(HAVE_ACPI_TABLES) - -static void tpm_ppi_func0_cb(void *arg) -{ - /* Functions 1-8. */ - u8 buf[] = {0xff, 0x01}; - acpigen_write_return_byte_buffer(buf, 2); -} - -static void tpm_ppi_func1_cb(void *arg) -{ - if (CONFIG(TPM2)) - /* Interface version: 2.0 */ - acpigen_write_return_string("2.0"); - else - /* Interface version: 1.2 */ - acpigen_write_return_string("1.2"); -} - -static void tpm_ppi_func2_cb(void *arg) -{ - /* Submit operations: drop on the floor and return success. */ - acpigen_write_return_byte(0); -} - -static void tpm_ppi_func3_cb(void *arg) -{ - /* Pending operation: none. */ - acpigen_emit_byte(RETURN_OP); - acpigen_write_package(2); - acpigen_write_byte(0); - acpigen_write_byte(0); - acpigen_pop_len(); -} -static void tpm_ppi_func4_cb(void *arg) -{ - /* Pre-OS transition method: reboot. */ - acpigen_write_return_byte(2); -} -static void tpm_ppi_func5_cb(void *arg) -{ - /* Operation response: no operation executed. */ - acpigen_emit_byte(RETURN_OP); - acpigen_write_package(3); - acpigen_write_byte(0); - acpigen_write_byte(0); - acpigen_write_byte(0); - acpigen_pop_len(); -} -static void tpm_ppi_func6_cb(void *arg) -{ - /* - * Set preferred user language: deprecated and must return 3 aka - * "not implemented". - */ - acpigen_write_return_byte(3); -} -static void tpm_ppi_func7_cb(void *arg) -{ - /* Submit operations: deny. */ - acpigen_write_return_byte(3); -} -static void tpm_ppi_func8_cb(void *arg) -{ - /* All actions are forbidden. */ - acpigen_write_return_byte(1); -} -static void (*tpm_ppi_callbacks[])(void *) = { - tpm_ppi_func0_cb, - tpm_ppi_func1_cb, - tpm_ppi_func2_cb, - tpm_ppi_func3_cb, - tpm_ppi_func4_cb, - tpm_ppi_func5_cb, - tpm_ppi_func6_cb, - tpm_ppi_func7_cb, - tpm_ppi_func8_cb, -}; - -static void tpm_mci_func0_cb(void *arg) -{ - /* Function 1. */ - acpigen_write_return_singleton_buffer(0x3); -} -static void tpm_mci_func1_cb(void *arg) -{ - /* Just return success. */ - acpigen_write_return_byte(0); -} - -static void (*tpm_mci_callbacks[])(void *) = { - tpm_mci_func0_cb, - tpm_mci_func1_cb, -}; - static void lpc_tpm_fill_ssdt(const struct device *dev) { const char *path = acpi_device_path(dev->bus->dev); - u32 arg;
if (!path) { path = "\_SB_.PCI0.LPCB"; @@ -938,31 +841,12 @@ acpi_device_write_interrupt(&tpm_irq); }
+ acpigen_write_resourcetemplate_footer();
- if (!CONFIG(CHROMEOS)) { - /* - * _DSM method - */ - struct dsm_uuid ids[] = { - /* Physical presence interface. - * This is used to submit commands like "Clear TPM" to - * be run at next reboot provided that user confirms - * them. Spec allows user to cancel all commands and/or - * configure BIOS to reject commands. So we pretend that - * user did just this: cancelled everything. If user - * really wants to clear TPM the only option now is to - * do it manually in payload. - */ - DSM_UUID(TPM_PPI_UUID, &tpm_ppi_callbacks[0], - ARRAY_SIZE(tpm_ppi_callbacks), (void *) &arg), - /* Memory clearing on boot: just a dummy. */ - DSM_UUID(TPM_MCI_UUID, &tpm_mci_callbacks[0], - ARRAY_SIZE(tpm_mci_callbacks), (void *) &arg), - }; + if (!CONFIG(CHROMEOS)) + tpm_ppi_acpi_fill_ssdt(dev);
- acpigen_write_dsm_uuid_arr(ids, ARRAY_SIZE(ids)); - } acpigen_pop_len(); /* Device */ acpigen_pop_len(); /* Scope */
diff --git a/src/drivers/tpm/Makefile.inc b/src/drivers/tpm/Makefile.inc index 4e80600..5fc4632 100644 --- a/src/drivers/tpm/Makefile.inc +++ b/src/drivers/tpm/Makefile.inc @@ -1 +1,3 @@ ramstage-$(CONFIG_TPM_INIT) += tpm.c + +ramstage-$(CONFIG_HAVE_ACPI_TABLES) += ppi_stub.c diff --git a/src/drivers/tpm/ppi_stub.c b/src/drivers/tpm/ppi_stub.c new file mode 100644 index 0000000..11bd07e --- /dev/null +++ b/src/drivers/tpm/ppi_stub.c @@ -0,0 +1,133 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ + +#include <types.h> +#include <stddef.h> +#include <acpi/acpi.h> +#include <acpi/acpigen.h> +#include <acpi/acpi_device.h> + +#include "tpm_ppi.h" + +static void tpm_ppi_func0_cb(void *arg) +{ + /* Functions 1-8. */ + u8 buf[] = {0xff, 0x01}; + acpigen_write_return_byte_buffer(buf, sizeof(buf)); +} + +static void tpm_ppi_func1_cb(void *arg) +{ + if (CONFIG(TPM2)) + /* Interface version: 2.0 */ + acpigen_write_return_string("2.0"); + else + /* Interface version: 1.2 */ + acpigen_write_return_string("1.2"); +} + +static void tpm_ppi_func2_cb(void *arg) +{ + /* Submit operations: drop on the floor and return success. */ + acpigen_write_return_byte(PPI2_RET_SUCCESS); +} + +static void tpm_ppi_func3_cb(void *arg) +{ + /* Pending operation: none. */ + acpigen_emit_byte(RETURN_OP); + acpigen_write_package(2); + acpigen_write_byte(0); + acpigen_write_byte(0); + acpigen_pop_len(); +} + +static void tpm_ppi_func4_cb(void *arg) +{ + /* Pre-OS transition method: reboot. */ + acpigen_write_return_byte(2); +} + +static void tpm_ppi_func5_cb(void *arg) +{ + /* Operation response: no operation executed. */ + acpigen_emit_byte(RETURN_OP); + acpigen_write_package(3); + acpigen_write_byte(0); + acpigen_write_byte(0); + acpigen_write_byte(0); + acpigen_pop_len(); +} + +static void tpm_ppi_func6_cb(void *arg) +{ + /* + * Set preferred user language: deprecated and must return 3 AKA + * "not implemented". + */ + acpigen_write_return_byte(PPI6_RET_NOT_IMPLEMENTED); +} + +static void tpm_ppi_func7_cb(void *arg) +{ + /* Submit operations: deny. */ + acpigen_write_return_byte(PPI7_RET_BLOCKED_BY_FIRMWARE); +} + +static void tpm_ppi_func8_cb(void *arg) +{ + /* All actions are forbidden. */ + acpigen_write_return_byte(PPI8_RET_FIRMWARE_ONLY); +} + +static void (*tpm_ppi_callbacks[])(void *) = { + tpm_ppi_func0_cb, + tpm_ppi_func1_cb, + tpm_ppi_func2_cb, + tpm_ppi_func3_cb, + tpm_ppi_func4_cb, + tpm_ppi_func5_cb, + tpm_ppi_func6_cb, + tpm_ppi_func7_cb, + tpm_ppi_func8_cb, +}; + +static void tpm_mci_func0_cb(void *arg) +{ + /* Function 1. */ + acpigen_write_return_singleton_buffer(0x3); +} +static void tpm_mci_func1_cb(void *arg) +{ + /* Just return success. */ + acpigen_write_return_byte(0); +} + +static void (*tpm_mci_callbacks[])(void *) = { + tpm_mci_func0_cb, + tpm_mci_func1_cb, +}; + +void tpm_ppi_acpi_fill_ssdt(const struct device *dev) +{ + /* + * _DSM method + */ + struct dsm_uuid ids[] = { + /* Physical presence interface. + * This is used to submit commands like "Clear TPM" to + * be run at next reboot provided that user confirms + * them. Spec allows user to cancel all commands and/or + * configure BIOS to reject commands. So we pretend that + * user did just this: cancelled everything. If user + * really wants to clear TPM the only option now is to + * do it manually in payload. + */ + DSM_UUID(TPM_PPI_UUID, tpm_ppi_callbacks, + ARRAY_SIZE(tpm_ppi_callbacks), NULL), + /* Memory clearing on boot: just a dummy. */ + DSM_UUID(TPM_MCI_UUID, tpm_mci_callbacks, + ARRAY_SIZE(tpm_mci_callbacks), NULL), + }; + + acpigen_write_dsm_uuid_arr(ids, ARRAY_SIZE(ids)); +} diff --git a/src/drivers/tpm/tpm_ppi.h b/src/drivers/tpm/tpm_ppi.h new file mode 100644 index 0000000..7662386 --- /dev/null +++ b/src/drivers/tpm/tpm_ppi.h @@ -0,0 +1,58 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ + +#ifndef _TPM_PPI_H_ +#define _TPM_PPI_H_ + +#include <device/device.h> + +#if CONFIG(HAVE_ACPI_TABLES) +void tpm_ppi_acpi_fill_ssdt(const struct device *dev); +#else +static inline void tpm_ppi_acpi_fill_ssdt(const struct device *dev) +{ +} +#endif + + +/* Return codes */ +/* Function 2 */ +#define PPI2_RET_SUCCESS 0 +#define PPI2_RET_NOT_SUPPORTED 1 +#define PPI2_RET_GENERAL_FAILURE 2 + +/* Function 3 */ +#define PPI3_RET_SUCCESS 0 +#define PPI3_RET_GENERAL_FAILURE 1 + +/* Function 4 */ +#define PPI4_RET_NONE 0 +#define PPI4_RET_SHUTDOWN 1 +#define PPI4_RET_REBOOT 2 +#define PPI4_RET_OS_VENDOR_SPECIFIC 3 + +/* Function 5 */ +#define PPI5_RET_SUCCESS 0 +#define PPI5_RET_GENERAL_FAILURE 1 + +/* Function 6 */ +#define PPI6_RET_NOT_IMPLEMENTED 3 + +/* Function 7 */ +#define PPI7_RET_SUCCESS 0 +#define PPI7_RET_NOT_IMPLEMENTED 1 +#define PPI7_RET_GENERAL_FAILURE 2 +#define PPI7_RET_BLOCKED_BY_FIRMWARE 3 + +/* Function 8 */ +#define PPI8_RET_NOT_IMPLEMENTED 0 +#define PPI8_RET_FIRMWARE_ONLY 1 +#define PPI8_RET_BLOCKED_FOR_OS_BY_FW 2 +#define PPI8_RET_ALLOWED_WITH_PP 3 +#define PPI8_RET_ALLOWED 4 + +/* TCG Physical Presence Interface */ +#define TPM_PPI_UUID "3dddfaa6-361b-4eb4-a424-8d10089d1653" +/* TCG Memory Clear Interface */ +#define TPM_MCI_UUID "376054ed-cc13-4675-901c-4756d7f2d45d" + +#endif /* _TPM_PPI_H_ */
-
Angel Pons (Code Review) -
Patrick Georgi (Code Review)
-
Patrick Rudolph (Code Review)
-
Tim Wawrzynczak (Code Review)