xref: /linux/drivers/char/tpm/tpm_tis_core.c (revision ec8a42e7343234802b9054874fe01810880289ce)
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * Copyright (C) 2005, 2006 IBM Corporation
4  * Copyright (C) 2014, 2015 Intel Corporation
5  *
6  * Authors:
7  * Leendert van Doorn <leendert@watson.ibm.com>
8  * Kylene Hall <kjhall@us.ibm.com>
9  *
10  * Maintained by: <tpmdd-devel@lists.sourceforge.net>
11  *
12  * Device driver for TCG/TCPA TPM (trusted platform module).
13  * Specifications at www.trustedcomputinggroup.org
14  *
15  * This device driver implements the TPM interface as defined in
16  * the TCG TPM Interface Spec version 1.2, revision 1.0.
17  */
18 #include <linux/init.h>
19 #include <linux/module.h>
20 #include <linux/moduleparam.h>
21 #include <linux/pnp.h>
22 #include <linux/slab.h>
23 #include <linux/interrupt.h>
24 #include <linux/wait.h>
25 #include <linux/acpi.h>
26 #include <linux/freezer.h>
27 #include "tpm.h"
28 #include "tpm_tis_core.h"
29 
30 static void tpm_tis_clkrun_enable(struct tpm_chip *chip, bool value);
31 
32 static bool wait_for_tpm_stat_cond(struct tpm_chip *chip, u8 mask,
33 					bool check_cancel, bool *canceled)
34 {
35 	u8 status = chip->ops->status(chip);
36 
37 	*canceled = false;
38 	if ((status & mask) == mask)
39 		return true;
40 	if (check_cancel && chip->ops->req_canceled(chip, status)) {
41 		*canceled = true;
42 		return true;
43 	}
44 	return false;
45 }
46 
47 static int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask,
48 		unsigned long timeout, wait_queue_head_t *queue,
49 		bool check_cancel)
50 {
51 	unsigned long stop;
52 	long rc;
53 	u8 status;
54 	bool canceled = false;
55 
56 	/* check current status */
57 	status = chip->ops->status(chip);
58 	if ((status & mask) == mask)
59 		return 0;
60 
61 	stop = jiffies + timeout;
62 
63 	if (chip->flags & TPM_CHIP_FLAG_IRQ) {
64 again:
65 		timeout = stop - jiffies;
66 		if ((long)timeout <= 0)
67 			return -ETIME;
68 		rc = wait_event_interruptible_timeout(*queue,
69 			wait_for_tpm_stat_cond(chip, mask, check_cancel,
70 					       &canceled),
71 			timeout);
72 		if (rc > 0) {
73 			if (canceled)
74 				return -ECANCELED;
75 			return 0;
76 		}
77 		if (rc == -ERESTARTSYS && freezing(current)) {
78 			clear_thread_flag(TIF_SIGPENDING);
79 			goto again;
80 		}
81 	} else {
82 		do {
83 			usleep_range(TPM_TIMEOUT_USECS_MIN,
84 				     TPM_TIMEOUT_USECS_MAX);
85 			status = chip->ops->status(chip);
86 			if ((status & mask) == mask)
87 				return 0;
88 		} while (time_before(jiffies, stop));
89 	}
90 	return -ETIME;
91 }
92 
93 /* Before we attempt to access the TPM we must see that the valid bit is set.
94  * The specification says that this bit is 0 at reset and remains 0 until the
95  * 'TPM has gone through its self test and initialization and has established
96  * correct values in the other bits.'
97  */
98 static int wait_startup(struct tpm_chip *chip, int l)
99 {
100 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
101 	unsigned long stop = jiffies + chip->timeout_a;
102 
103 	do {
104 		int rc;
105 		u8 access;
106 
107 		rc = tpm_tis_read8(priv, TPM_ACCESS(l), &access);
108 		if (rc < 0)
109 			return rc;
110 
111 		if (access & TPM_ACCESS_VALID)
112 			return 0;
113 		tpm_msleep(TPM_TIMEOUT);
114 	} while (time_before(jiffies, stop));
115 	return -1;
116 }
117 
118 static bool check_locality(struct tpm_chip *chip, int l)
119 {
120 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
121 	int rc;
122 	u8 access;
123 
124 	rc = tpm_tis_read8(priv, TPM_ACCESS(l), &access);
125 	if (rc < 0)
126 		return false;
127 
128 	if ((access & (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID)) ==
129 	    (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID)) {
130 		priv->locality = l;
131 		return true;
132 	}
133 
134 	return false;
135 }
136 
137 static bool locality_inactive(struct tpm_chip *chip, int l)
138 {
139 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
140 	int rc;
141 	u8 access;
142 
143 	rc = tpm_tis_read8(priv, TPM_ACCESS(l), &access);
144 	if (rc < 0)
145 		return false;
146 
147 	if ((access & (TPM_ACCESS_VALID | TPM_ACCESS_ACTIVE_LOCALITY))
148 	    == TPM_ACCESS_VALID)
149 		return true;
150 
151 	return false;
152 }
153 
154 static int release_locality(struct tpm_chip *chip, int l)
155 {
156 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
157 	unsigned long stop, timeout;
158 	long rc;
159 
160 	tpm_tis_write8(priv, TPM_ACCESS(l), TPM_ACCESS_ACTIVE_LOCALITY);
161 
162 	stop = jiffies + chip->timeout_a;
163 
164 	if (chip->flags & TPM_CHIP_FLAG_IRQ) {
165 again:
166 		timeout = stop - jiffies;
167 		if ((long)timeout <= 0)
168 			return -1;
169 
170 		rc = wait_event_interruptible_timeout(priv->int_queue,
171 						      (locality_inactive(chip, l)),
172 						      timeout);
173 
174 		if (rc > 0)
175 			return 0;
176 
177 		if (rc == -ERESTARTSYS && freezing(current)) {
178 			clear_thread_flag(TIF_SIGPENDING);
179 			goto again;
180 		}
181 	} else {
182 		do {
183 			if (locality_inactive(chip, l))
184 				return 0;
185 			tpm_msleep(TPM_TIMEOUT);
186 		} while (time_before(jiffies, stop));
187 	}
188 	return -1;
189 }
190 
191 static int request_locality(struct tpm_chip *chip, int l)
192 {
193 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
194 	unsigned long stop, timeout;
195 	long rc;
196 
197 	if (check_locality(chip, l))
198 		return l;
199 
200 	rc = tpm_tis_write8(priv, TPM_ACCESS(l), TPM_ACCESS_REQUEST_USE);
201 	if (rc < 0)
202 		return rc;
203 
204 	stop = jiffies + chip->timeout_a;
205 
206 	if (chip->flags & TPM_CHIP_FLAG_IRQ) {
207 again:
208 		timeout = stop - jiffies;
209 		if ((long)timeout <= 0)
210 			return -1;
211 		rc = wait_event_interruptible_timeout(priv->int_queue,
212 						      (check_locality
213 						       (chip, l)),
214 						      timeout);
215 		if (rc > 0)
216 			return l;
217 		if (rc == -ERESTARTSYS && freezing(current)) {
218 			clear_thread_flag(TIF_SIGPENDING);
219 			goto again;
220 		}
221 	} else {
222 		/* wait for burstcount */
223 		do {
224 			if (check_locality(chip, l))
225 				return l;
226 			tpm_msleep(TPM_TIMEOUT);
227 		} while (time_before(jiffies, stop));
228 	}
229 	return -1;
230 }
231 
232 static u8 tpm_tis_status(struct tpm_chip *chip)
233 {
234 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
235 	int rc;
236 	u8 status;
237 
238 	rc = tpm_tis_read8(priv, TPM_STS(priv->locality), &status);
239 	if (rc < 0)
240 		return 0;
241 
242 	if (unlikely((status & TPM_STS_READ_ZERO) != 0)) {
243 		/*
244 		 * If this trips, the chances are the read is
245 		 * returning 0xff because the locality hasn't been
246 		 * acquired.  Usually because tpm_try_get_ops() hasn't
247 		 * been called before doing a TPM operation.
248 		 */
249 		WARN_ONCE(1, "TPM returned invalid status\n");
250 		return 0;
251 	}
252 
253 	return status;
254 }
255 
256 static void tpm_tis_ready(struct tpm_chip *chip)
257 {
258 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
259 
260 	/* this causes the current command to be aborted */
261 	tpm_tis_write8(priv, TPM_STS(priv->locality), TPM_STS_COMMAND_READY);
262 }
263 
264 static int get_burstcount(struct tpm_chip *chip)
265 {
266 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
267 	unsigned long stop;
268 	int burstcnt, rc;
269 	u32 value;
270 
271 	/* wait for burstcount */
272 	if (chip->flags & TPM_CHIP_FLAG_TPM2)
273 		stop = jiffies + chip->timeout_a;
274 	else
275 		stop = jiffies + chip->timeout_d;
276 	do {
277 		rc = tpm_tis_read32(priv, TPM_STS(priv->locality), &value);
278 		if (rc < 0)
279 			return rc;
280 
281 		burstcnt = (value >> 8) & 0xFFFF;
282 		if (burstcnt)
283 			return burstcnt;
284 		usleep_range(TPM_TIMEOUT_USECS_MIN, TPM_TIMEOUT_USECS_MAX);
285 	} while (time_before(jiffies, stop));
286 	return -EBUSY;
287 }
288 
289 static int recv_data(struct tpm_chip *chip, u8 *buf, size_t count)
290 {
291 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
292 	int size = 0, burstcnt, rc;
293 
294 	while (size < count) {
295 		rc = wait_for_tpm_stat(chip,
296 				 TPM_STS_DATA_AVAIL | TPM_STS_VALID,
297 				 chip->timeout_c,
298 				 &priv->read_queue, true);
299 		if (rc < 0)
300 			return rc;
301 		burstcnt = get_burstcount(chip);
302 		if (burstcnt < 0) {
303 			dev_err(&chip->dev, "Unable to read burstcount\n");
304 			return burstcnt;
305 		}
306 		burstcnt = min_t(int, burstcnt, count - size);
307 
308 		rc = tpm_tis_read_bytes(priv, TPM_DATA_FIFO(priv->locality),
309 					burstcnt, buf + size);
310 		if (rc < 0)
311 			return rc;
312 
313 		size += burstcnt;
314 	}
315 	return size;
316 }
317 
318 static int tpm_tis_recv(struct tpm_chip *chip, u8 *buf, size_t count)
319 {
320 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
321 	int size = 0;
322 	int status;
323 	u32 expected;
324 
325 	if (count < TPM_HEADER_SIZE) {
326 		size = -EIO;
327 		goto out;
328 	}
329 
330 	size = recv_data(chip, buf, TPM_HEADER_SIZE);
331 	/* read first 10 bytes, including tag, paramsize, and result */
332 	if (size < TPM_HEADER_SIZE) {
333 		dev_err(&chip->dev, "Unable to read header\n");
334 		goto out;
335 	}
336 
337 	expected = be32_to_cpu(*(__be32 *) (buf + 2));
338 	if (expected > count || expected < TPM_HEADER_SIZE) {
339 		size = -EIO;
340 		goto out;
341 	}
342 
343 	size += recv_data(chip, &buf[TPM_HEADER_SIZE],
344 			  expected - TPM_HEADER_SIZE);
345 	if (size < expected) {
346 		dev_err(&chip->dev, "Unable to read remainder of result\n");
347 		size = -ETIME;
348 		goto out;
349 	}
350 
351 	if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
352 				&priv->int_queue, false) < 0) {
353 		size = -ETIME;
354 		goto out;
355 	}
356 	status = tpm_tis_status(chip);
357 	if (status & TPM_STS_DATA_AVAIL) {	/* retry? */
358 		dev_err(&chip->dev, "Error left over data\n");
359 		size = -EIO;
360 		goto out;
361 	}
362 
363 out:
364 	tpm_tis_ready(chip);
365 	return size;
366 }
367 
368 /*
369  * If interrupts are used (signaled by an irq set in the vendor structure)
370  * tpm.c can skip polling for the data to be available as the interrupt is
371  * waited for here
372  */
373 static int tpm_tis_send_data(struct tpm_chip *chip, const u8 *buf, size_t len)
374 {
375 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
376 	int rc, status, burstcnt;
377 	size_t count = 0;
378 	bool itpm = priv->flags & TPM_TIS_ITPM_WORKAROUND;
379 
380 	status = tpm_tis_status(chip);
381 	if ((status & TPM_STS_COMMAND_READY) == 0) {
382 		tpm_tis_ready(chip);
383 		if (wait_for_tpm_stat
384 		    (chip, TPM_STS_COMMAND_READY, chip->timeout_b,
385 		     &priv->int_queue, false) < 0) {
386 			rc = -ETIME;
387 			goto out_err;
388 		}
389 	}
390 
391 	while (count < len - 1) {
392 		burstcnt = get_burstcount(chip);
393 		if (burstcnt < 0) {
394 			dev_err(&chip->dev, "Unable to read burstcount\n");
395 			rc = burstcnt;
396 			goto out_err;
397 		}
398 		burstcnt = min_t(int, burstcnt, len - count - 1);
399 		rc = tpm_tis_write_bytes(priv, TPM_DATA_FIFO(priv->locality),
400 					 burstcnt, buf + count);
401 		if (rc < 0)
402 			goto out_err;
403 
404 		count += burstcnt;
405 
406 		if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
407 					&priv->int_queue, false) < 0) {
408 			rc = -ETIME;
409 			goto out_err;
410 		}
411 		status = tpm_tis_status(chip);
412 		if (!itpm && (status & TPM_STS_DATA_EXPECT) == 0) {
413 			rc = -EIO;
414 			goto out_err;
415 		}
416 	}
417 
418 	/* write last byte */
419 	rc = tpm_tis_write8(priv, TPM_DATA_FIFO(priv->locality), buf[count]);
420 	if (rc < 0)
421 		goto out_err;
422 
423 	if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
424 				&priv->int_queue, false) < 0) {
425 		rc = -ETIME;
426 		goto out_err;
427 	}
428 	status = tpm_tis_status(chip);
429 	if (!itpm && (status & TPM_STS_DATA_EXPECT) != 0) {
430 		rc = -EIO;
431 		goto out_err;
432 	}
433 
434 	return 0;
435 
436 out_err:
437 	tpm_tis_ready(chip);
438 	return rc;
439 }
440 
441 static void disable_interrupts(struct tpm_chip *chip)
442 {
443 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
444 	u32 intmask;
445 	int rc;
446 
447 	if (priv->irq == 0)
448 		return;
449 
450 	rc = tpm_tis_read32(priv, TPM_INT_ENABLE(priv->locality), &intmask);
451 	if (rc < 0)
452 		intmask = 0;
453 
454 	intmask &= ~TPM_GLOBAL_INT_ENABLE;
455 	rc = tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality), intmask);
456 
457 	devm_free_irq(chip->dev.parent, priv->irq, chip);
458 	priv->irq = 0;
459 	chip->flags &= ~TPM_CHIP_FLAG_IRQ;
460 }
461 
462 /*
463  * If interrupts are used (signaled by an irq set in the vendor structure)
464  * tpm.c can skip polling for the data to be available as the interrupt is
465  * waited for here
466  */
467 static int tpm_tis_send_main(struct tpm_chip *chip, const u8 *buf, size_t len)
468 {
469 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
470 	int rc;
471 	u32 ordinal;
472 	unsigned long dur;
473 
474 	rc = tpm_tis_send_data(chip, buf, len);
475 	if (rc < 0)
476 		return rc;
477 
478 	/* go and do it */
479 	rc = tpm_tis_write8(priv, TPM_STS(priv->locality), TPM_STS_GO);
480 	if (rc < 0)
481 		goto out_err;
482 
483 	if (chip->flags & TPM_CHIP_FLAG_IRQ) {
484 		ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
485 
486 		dur = tpm_calc_ordinal_duration(chip, ordinal);
487 		if (wait_for_tpm_stat
488 		    (chip, TPM_STS_DATA_AVAIL | TPM_STS_VALID, dur,
489 		     &priv->read_queue, false) < 0) {
490 			rc = -ETIME;
491 			goto out_err;
492 		}
493 	}
494 	return 0;
495 out_err:
496 	tpm_tis_ready(chip);
497 	return rc;
498 }
499 
500 static int tpm_tis_send(struct tpm_chip *chip, u8 *buf, size_t len)
501 {
502 	int rc, irq;
503 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
504 
505 	if (!(chip->flags & TPM_CHIP_FLAG_IRQ) || priv->irq_tested)
506 		return tpm_tis_send_main(chip, buf, len);
507 
508 	/* Verify receipt of the expected IRQ */
509 	irq = priv->irq;
510 	priv->irq = 0;
511 	chip->flags &= ~TPM_CHIP_FLAG_IRQ;
512 	rc = tpm_tis_send_main(chip, buf, len);
513 	priv->irq = irq;
514 	chip->flags |= TPM_CHIP_FLAG_IRQ;
515 	if (!priv->irq_tested)
516 		tpm_msleep(1);
517 	if (!priv->irq_tested)
518 		disable_interrupts(chip);
519 	priv->irq_tested = true;
520 	return rc;
521 }
522 
523 struct tis_vendor_durations_override {
524 	u32 did_vid;
525 	struct tpm1_version version;
526 	unsigned long durations[3];
527 };
528 
529 static const struct  tis_vendor_durations_override vendor_dur_overrides[] = {
530 	/* STMicroelectronics 0x104a */
531 	{ 0x0000104a,
532 	  { 1, 2, 8, 28 },
533 	  { (2 * 60 * HZ), (2 * 60 * HZ), (2 * 60 * HZ) } },
534 };
535 
536 static void tpm_tis_update_durations(struct tpm_chip *chip,
537 				     unsigned long *duration_cap)
538 {
539 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
540 	struct tpm1_version *version;
541 	u32 did_vid;
542 	int i, rc;
543 	cap_t cap;
544 
545 	chip->duration_adjusted = false;
546 
547 	if (chip->ops->clk_enable != NULL)
548 		chip->ops->clk_enable(chip, true);
549 
550 	rc = tpm_tis_read32(priv, TPM_DID_VID(0), &did_vid);
551 	if (rc < 0) {
552 		dev_warn(&chip->dev, "%s: failed to read did_vid. %d\n",
553 			 __func__, rc);
554 		goto out;
555 	}
556 
557 	/* Try to get a TPM version 1.2 or 1.1 TPM_CAP_VERSION_INFO */
558 	rc = tpm1_getcap(chip, TPM_CAP_VERSION_1_2, &cap,
559 			 "attempting to determine the 1.2 version",
560 			 sizeof(cap.version2));
561 	if (!rc) {
562 		version = &cap.version2.version;
563 	} else {
564 		rc = tpm1_getcap(chip, TPM_CAP_VERSION_1_1, &cap,
565 				 "attempting to determine the 1.1 version",
566 				 sizeof(cap.version1));
567 
568 		if (rc)
569 			goto out;
570 
571 		version = &cap.version1;
572 	}
573 
574 	for (i = 0; i != ARRAY_SIZE(vendor_dur_overrides); i++) {
575 		if (vendor_dur_overrides[i].did_vid != did_vid)
576 			continue;
577 
578 		if ((version->major ==
579 		     vendor_dur_overrides[i].version.major) &&
580 		    (version->minor ==
581 		     vendor_dur_overrides[i].version.minor) &&
582 		    (version->rev_major ==
583 		     vendor_dur_overrides[i].version.rev_major) &&
584 		    (version->rev_minor ==
585 		     vendor_dur_overrides[i].version.rev_minor)) {
586 
587 			memcpy(duration_cap,
588 			       vendor_dur_overrides[i].durations,
589 			       sizeof(vendor_dur_overrides[i].durations));
590 
591 			chip->duration_adjusted = true;
592 			goto out;
593 		}
594 	}
595 
596 out:
597 	if (chip->ops->clk_enable != NULL)
598 		chip->ops->clk_enable(chip, false);
599 }
600 
601 struct tis_vendor_timeout_override {
602 	u32 did_vid;
603 	unsigned long timeout_us[4];
604 };
605 
606 static const struct tis_vendor_timeout_override vendor_timeout_overrides[] = {
607 	/* Atmel 3204 */
608 	{ 0x32041114, { (TIS_SHORT_TIMEOUT*1000), (TIS_LONG_TIMEOUT*1000),
609 			(TIS_SHORT_TIMEOUT*1000), (TIS_SHORT_TIMEOUT*1000) } },
610 };
611 
612 static void tpm_tis_update_timeouts(struct tpm_chip *chip,
613 				    unsigned long *timeout_cap)
614 {
615 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
616 	int i, rc;
617 	u32 did_vid;
618 
619 	chip->timeout_adjusted = false;
620 
621 	if (chip->ops->clk_enable != NULL)
622 		chip->ops->clk_enable(chip, true);
623 
624 	rc = tpm_tis_read32(priv, TPM_DID_VID(0), &did_vid);
625 	if (rc < 0) {
626 		dev_warn(&chip->dev, "%s: failed to read did_vid: %d\n",
627 			 __func__, rc);
628 		goto out;
629 	}
630 
631 	for (i = 0; i != ARRAY_SIZE(vendor_timeout_overrides); i++) {
632 		if (vendor_timeout_overrides[i].did_vid != did_vid)
633 			continue;
634 		memcpy(timeout_cap, vendor_timeout_overrides[i].timeout_us,
635 		       sizeof(vendor_timeout_overrides[i].timeout_us));
636 		chip->timeout_adjusted = true;
637 	}
638 
639 out:
640 	if (chip->ops->clk_enable != NULL)
641 		chip->ops->clk_enable(chip, false);
642 
643 	return;
644 }
645 
646 /*
647  * Early probing for iTPM with STS_DATA_EXPECT flaw.
648  * Try sending command without itpm flag set and if that
649  * fails, repeat with itpm flag set.
650  */
651 static int probe_itpm(struct tpm_chip *chip)
652 {
653 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
654 	int rc = 0;
655 	static const u8 cmd_getticks[] = {
656 		0x00, 0xc1, 0x00, 0x00, 0x00, 0x0a,
657 		0x00, 0x00, 0x00, 0xf1
658 	};
659 	size_t len = sizeof(cmd_getticks);
660 	u16 vendor;
661 
662 	if (priv->flags & TPM_TIS_ITPM_WORKAROUND)
663 		return 0;
664 
665 	rc = tpm_tis_read16(priv, TPM_DID_VID(0), &vendor);
666 	if (rc < 0)
667 		return rc;
668 
669 	/* probe only iTPMS */
670 	if (vendor != TPM_VID_INTEL)
671 		return 0;
672 
673 	if (request_locality(chip, 0) != 0)
674 		return -EBUSY;
675 
676 	rc = tpm_tis_send_data(chip, cmd_getticks, len);
677 	if (rc == 0)
678 		goto out;
679 
680 	tpm_tis_ready(chip);
681 
682 	priv->flags |= TPM_TIS_ITPM_WORKAROUND;
683 
684 	rc = tpm_tis_send_data(chip, cmd_getticks, len);
685 	if (rc == 0)
686 		dev_info(&chip->dev, "Detected an iTPM.\n");
687 	else {
688 		priv->flags &= ~TPM_TIS_ITPM_WORKAROUND;
689 		rc = -EFAULT;
690 	}
691 
692 out:
693 	tpm_tis_ready(chip);
694 	release_locality(chip, priv->locality);
695 
696 	return rc;
697 }
698 
699 static bool tpm_tis_req_canceled(struct tpm_chip *chip, u8 status)
700 {
701 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
702 
703 	switch (priv->manufacturer_id) {
704 	case TPM_VID_WINBOND:
705 		return ((status == TPM_STS_VALID) ||
706 			(status == (TPM_STS_VALID | TPM_STS_COMMAND_READY)));
707 	case TPM_VID_STM:
708 		return (status == (TPM_STS_VALID | TPM_STS_COMMAND_READY));
709 	default:
710 		return (status == TPM_STS_COMMAND_READY);
711 	}
712 }
713 
714 static irqreturn_t tis_int_handler(int dummy, void *dev_id)
715 {
716 	struct tpm_chip *chip = dev_id;
717 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
718 	u32 interrupt;
719 	int i, rc;
720 
721 	rc = tpm_tis_read32(priv, TPM_INT_STATUS(priv->locality), &interrupt);
722 	if (rc < 0)
723 		return IRQ_NONE;
724 
725 	if (interrupt == 0)
726 		return IRQ_NONE;
727 
728 	priv->irq_tested = true;
729 	if (interrupt & TPM_INTF_DATA_AVAIL_INT)
730 		wake_up_interruptible(&priv->read_queue);
731 	if (interrupt & TPM_INTF_LOCALITY_CHANGE_INT)
732 		for (i = 0; i < 5; i++)
733 			if (check_locality(chip, i))
734 				break;
735 	if (interrupt &
736 	    (TPM_INTF_LOCALITY_CHANGE_INT | TPM_INTF_STS_VALID_INT |
737 	     TPM_INTF_CMD_READY_INT))
738 		wake_up_interruptible(&priv->int_queue);
739 
740 	/* Clear interrupts handled with TPM_EOI */
741 	rc = tpm_tis_write32(priv, TPM_INT_STATUS(priv->locality), interrupt);
742 	if (rc < 0)
743 		return IRQ_NONE;
744 
745 	tpm_tis_read32(priv, TPM_INT_STATUS(priv->locality), &interrupt);
746 	return IRQ_HANDLED;
747 }
748 
749 static int tpm_tis_gen_interrupt(struct tpm_chip *chip)
750 {
751 	const char *desc = "attempting to generate an interrupt";
752 	u32 cap2;
753 	cap_t cap;
754 
755 	if (chip->flags & TPM_CHIP_FLAG_TPM2)
756 		return tpm2_get_tpm_pt(chip, 0x100, &cap2, desc);
757 	else
758 		return tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, desc,
759 				  0);
760 }
761 
762 /* Register the IRQ and issue a command that will cause an interrupt. If an
763  * irq is seen then leave the chip setup for IRQ operation, otherwise reverse
764  * everything and leave in polling mode. Returns 0 on success.
765  */
766 static int tpm_tis_probe_irq_single(struct tpm_chip *chip, u32 intmask,
767 				    int flags, int irq)
768 {
769 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
770 	u8 original_int_vec;
771 	int rc;
772 	u32 int_status;
773 
774 	if (devm_request_irq(chip->dev.parent, irq, tis_int_handler, flags,
775 			     dev_name(&chip->dev), chip) != 0) {
776 		dev_info(&chip->dev, "Unable to request irq: %d for probe\n",
777 			 irq);
778 		return -1;
779 	}
780 	priv->irq = irq;
781 
782 	rc = tpm_tis_read8(priv, TPM_INT_VECTOR(priv->locality),
783 			   &original_int_vec);
784 	if (rc < 0)
785 		return rc;
786 
787 	rc = tpm_tis_write8(priv, TPM_INT_VECTOR(priv->locality), irq);
788 	if (rc < 0)
789 		return rc;
790 
791 	rc = tpm_tis_read32(priv, TPM_INT_STATUS(priv->locality), &int_status);
792 	if (rc < 0)
793 		return rc;
794 
795 	/* Clear all existing */
796 	rc = tpm_tis_write32(priv, TPM_INT_STATUS(priv->locality), int_status);
797 	if (rc < 0)
798 		return rc;
799 
800 	/* Turn on */
801 	rc = tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality),
802 			     intmask | TPM_GLOBAL_INT_ENABLE);
803 	if (rc < 0)
804 		return rc;
805 
806 	priv->irq_tested = false;
807 
808 	/* Generate an interrupt by having the core call through to
809 	 * tpm_tis_send
810 	 */
811 	rc = tpm_tis_gen_interrupt(chip);
812 	if (rc < 0)
813 		return rc;
814 
815 	/* tpm_tis_send will either confirm the interrupt is working or it
816 	 * will call disable_irq which undoes all of the above.
817 	 */
818 	if (!(chip->flags & TPM_CHIP_FLAG_IRQ)) {
819 		rc = tpm_tis_write8(priv, original_int_vec,
820 				TPM_INT_VECTOR(priv->locality));
821 		if (rc < 0)
822 			return rc;
823 
824 		return 1;
825 	}
826 
827 	return 0;
828 }
829 
830 /* Try to find the IRQ the TPM is using. This is for legacy x86 systems that
831  * do not have ACPI/etc. We typically expect the interrupt to be declared if
832  * present.
833  */
834 static void tpm_tis_probe_irq(struct tpm_chip *chip, u32 intmask)
835 {
836 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
837 	u8 original_int_vec;
838 	int i, rc;
839 
840 	rc = tpm_tis_read8(priv, TPM_INT_VECTOR(priv->locality),
841 			   &original_int_vec);
842 	if (rc < 0)
843 		return;
844 
845 	if (!original_int_vec) {
846 		if (IS_ENABLED(CONFIG_X86))
847 			for (i = 3; i <= 15; i++)
848 				if (!tpm_tis_probe_irq_single(chip, intmask, 0,
849 							      i))
850 					return;
851 	} else if (!tpm_tis_probe_irq_single(chip, intmask, 0,
852 					     original_int_vec))
853 		return;
854 }
855 
856 void tpm_tis_remove(struct tpm_chip *chip)
857 {
858 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
859 	u32 reg = TPM_INT_ENABLE(priv->locality);
860 	u32 interrupt;
861 	int rc;
862 
863 	tpm_tis_clkrun_enable(chip, true);
864 
865 	rc = tpm_tis_read32(priv, reg, &interrupt);
866 	if (rc < 0)
867 		interrupt = 0;
868 
869 	tpm_tis_write32(priv, reg, ~TPM_GLOBAL_INT_ENABLE & interrupt);
870 
871 	tpm_tis_clkrun_enable(chip, false);
872 
873 	if (priv->ilb_base_addr)
874 		iounmap(priv->ilb_base_addr);
875 }
876 EXPORT_SYMBOL_GPL(tpm_tis_remove);
877 
878 /**
879  * tpm_tis_clkrun_enable() - Keep clkrun protocol disabled for entire duration
880  *                           of a single TPM command
881  * @chip:	TPM chip to use
882  * @value:	1 - Disable CLKRUN protocol, so that clocks are free running
883  *		0 - Enable CLKRUN protocol
884  * Call this function directly in tpm_tis_remove() in error or driver removal
885  * path, since the chip->ops is set to NULL in tpm_chip_unregister().
886  */
887 static void tpm_tis_clkrun_enable(struct tpm_chip *chip, bool value)
888 {
889 	struct tpm_tis_data *data = dev_get_drvdata(&chip->dev);
890 	u32 clkrun_val;
891 
892 	if (!IS_ENABLED(CONFIG_X86) || !is_bsw() ||
893 	    !data->ilb_base_addr)
894 		return;
895 
896 	if (value) {
897 		data->clkrun_enabled++;
898 		if (data->clkrun_enabled > 1)
899 			return;
900 		clkrun_val = ioread32(data->ilb_base_addr + LPC_CNTRL_OFFSET);
901 
902 		/* Disable LPC CLKRUN# */
903 		clkrun_val &= ~LPC_CLKRUN_EN;
904 		iowrite32(clkrun_val, data->ilb_base_addr + LPC_CNTRL_OFFSET);
905 
906 		/*
907 		 * Write any random value on port 0x80 which is on LPC, to make
908 		 * sure LPC clock is running before sending any TPM command.
909 		 */
910 		outb(0xCC, 0x80);
911 	} else {
912 		data->clkrun_enabled--;
913 		if (data->clkrun_enabled)
914 			return;
915 
916 		clkrun_val = ioread32(data->ilb_base_addr + LPC_CNTRL_OFFSET);
917 
918 		/* Enable LPC CLKRUN# */
919 		clkrun_val |= LPC_CLKRUN_EN;
920 		iowrite32(clkrun_val, data->ilb_base_addr + LPC_CNTRL_OFFSET);
921 
922 		/*
923 		 * Write any random value on port 0x80 which is on LPC, to make
924 		 * sure LPC clock is running before sending any TPM command.
925 		 */
926 		outb(0xCC, 0x80);
927 	}
928 }
929 
930 static const struct tpm_class_ops tpm_tis = {
931 	.flags = TPM_OPS_AUTO_STARTUP,
932 	.status = tpm_tis_status,
933 	.recv = tpm_tis_recv,
934 	.send = tpm_tis_send,
935 	.cancel = tpm_tis_ready,
936 	.update_timeouts = tpm_tis_update_timeouts,
937 	.update_durations = tpm_tis_update_durations,
938 	.req_complete_mask = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
939 	.req_complete_val = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
940 	.req_canceled = tpm_tis_req_canceled,
941 	.request_locality = request_locality,
942 	.relinquish_locality = release_locality,
943 	.clk_enable = tpm_tis_clkrun_enable,
944 };
945 
946 int tpm_tis_core_init(struct device *dev, struct tpm_tis_data *priv, int irq,
947 		      const struct tpm_tis_phy_ops *phy_ops,
948 		      acpi_handle acpi_dev_handle)
949 {
950 	u32 vendor;
951 	u32 intfcaps;
952 	u32 intmask;
953 	u32 clkrun_val;
954 	u8 rid;
955 	int rc, probe;
956 	struct tpm_chip *chip;
957 
958 	chip = tpmm_chip_alloc(dev, &tpm_tis);
959 	if (IS_ERR(chip))
960 		return PTR_ERR(chip);
961 
962 #ifdef CONFIG_ACPI
963 	chip->acpi_dev_handle = acpi_dev_handle;
964 #endif
965 
966 	chip->hwrng.quality = priv->rng_quality;
967 
968 	/* Maximum timeouts */
969 	chip->timeout_a = msecs_to_jiffies(TIS_TIMEOUT_A_MAX);
970 	chip->timeout_b = msecs_to_jiffies(TIS_TIMEOUT_B_MAX);
971 	chip->timeout_c = msecs_to_jiffies(TIS_TIMEOUT_C_MAX);
972 	chip->timeout_d = msecs_to_jiffies(TIS_TIMEOUT_D_MAX);
973 	priv->phy_ops = phy_ops;
974 	dev_set_drvdata(&chip->dev, priv);
975 
976 	if (is_bsw()) {
977 		priv->ilb_base_addr = ioremap(INTEL_LEGACY_BLK_BASE_ADDR,
978 					ILB_REMAP_SIZE);
979 		if (!priv->ilb_base_addr)
980 			return -ENOMEM;
981 
982 		clkrun_val = ioread32(priv->ilb_base_addr + LPC_CNTRL_OFFSET);
983 		/* Check if CLKRUN# is already not enabled in the LPC bus */
984 		if (!(clkrun_val & LPC_CLKRUN_EN)) {
985 			iounmap(priv->ilb_base_addr);
986 			priv->ilb_base_addr = NULL;
987 		}
988 	}
989 
990 	if (chip->ops->clk_enable != NULL)
991 		chip->ops->clk_enable(chip, true);
992 
993 	if (wait_startup(chip, 0) != 0) {
994 		rc = -ENODEV;
995 		goto out_err;
996 	}
997 
998 	/* Take control of the TPM's interrupt hardware and shut it off */
999 	rc = tpm_tis_read32(priv, TPM_INT_ENABLE(priv->locality), &intmask);
1000 	if (rc < 0)
1001 		goto out_err;
1002 
1003 	intmask |= TPM_INTF_CMD_READY_INT | TPM_INTF_LOCALITY_CHANGE_INT |
1004 		   TPM_INTF_DATA_AVAIL_INT | TPM_INTF_STS_VALID_INT;
1005 	intmask &= ~TPM_GLOBAL_INT_ENABLE;
1006 	tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality), intmask);
1007 
1008 	rc = tpm_chip_start(chip);
1009 	if (rc)
1010 		goto out_err;
1011 	rc = tpm2_probe(chip);
1012 	tpm_chip_stop(chip);
1013 	if (rc)
1014 		goto out_err;
1015 
1016 	rc = tpm_tis_read32(priv, TPM_DID_VID(0), &vendor);
1017 	if (rc < 0)
1018 		goto out_err;
1019 
1020 	priv->manufacturer_id = vendor;
1021 
1022 	rc = tpm_tis_read8(priv, TPM_RID(0), &rid);
1023 	if (rc < 0)
1024 		goto out_err;
1025 
1026 	dev_info(dev, "%s TPM (device-id 0x%X, rev-id %d)\n",
1027 		 (chip->flags & TPM_CHIP_FLAG_TPM2) ? "2.0" : "1.2",
1028 		 vendor >> 16, rid);
1029 
1030 	probe = probe_itpm(chip);
1031 	if (probe < 0) {
1032 		rc = -ENODEV;
1033 		goto out_err;
1034 	}
1035 
1036 	/* Figure out the capabilities */
1037 	rc = tpm_tis_read32(priv, TPM_INTF_CAPS(priv->locality), &intfcaps);
1038 	if (rc < 0)
1039 		goto out_err;
1040 
1041 	dev_dbg(dev, "TPM interface capabilities (0x%x):\n",
1042 		intfcaps);
1043 	if (intfcaps & TPM_INTF_BURST_COUNT_STATIC)
1044 		dev_dbg(dev, "\tBurst Count Static\n");
1045 	if (intfcaps & TPM_INTF_CMD_READY_INT)
1046 		dev_dbg(dev, "\tCommand Ready Int Support\n");
1047 	if (intfcaps & TPM_INTF_INT_EDGE_FALLING)
1048 		dev_dbg(dev, "\tInterrupt Edge Falling\n");
1049 	if (intfcaps & TPM_INTF_INT_EDGE_RISING)
1050 		dev_dbg(dev, "\tInterrupt Edge Rising\n");
1051 	if (intfcaps & TPM_INTF_INT_LEVEL_LOW)
1052 		dev_dbg(dev, "\tInterrupt Level Low\n");
1053 	if (intfcaps & TPM_INTF_INT_LEVEL_HIGH)
1054 		dev_dbg(dev, "\tInterrupt Level High\n");
1055 	if (intfcaps & TPM_INTF_LOCALITY_CHANGE_INT)
1056 		dev_dbg(dev, "\tLocality Change Int Support\n");
1057 	if (intfcaps & TPM_INTF_STS_VALID_INT)
1058 		dev_dbg(dev, "\tSts Valid Int Support\n");
1059 	if (intfcaps & TPM_INTF_DATA_AVAIL_INT)
1060 		dev_dbg(dev, "\tData Avail Int Support\n");
1061 
1062 	/* INTERRUPT Setup */
1063 	init_waitqueue_head(&priv->read_queue);
1064 	init_waitqueue_head(&priv->int_queue);
1065 	if (irq != -1) {
1066 		/* Before doing irq testing issue a command to the TPM in polling mode
1067 		 * to make sure it works. May as well use that command to set the
1068 		 * proper timeouts for the driver.
1069 		 */
1070 		if (tpm_get_timeouts(chip)) {
1071 			dev_err(dev, "Could not get TPM timeouts and durations\n");
1072 			rc = -ENODEV;
1073 			goto out_err;
1074 		}
1075 
1076 		if (irq) {
1077 			tpm_tis_probe_irq_single(chip, intmask, IRQF_SHARED,
1078 						 irq);
1079 			if (!(chip->flags & TPM_CHIP_FLAG_IRQ)) {
1080 				dev_err(&chip->dev, FW_BUG
1081 					"TPM interrupt not working, polling instead\n");
1082 
1083 				disable_interrupts(chip);
1084 			}
1085 		} else {
1086 			tpm_tis_probe_irq(chip, intmask);
1087 		}
1088 	}
1089 
1090 	rc = tpm_chip_register(chip);
1091 	if (rc)
1092 		goto out_err;
1093 
1094 	if (chip->ops->clk_enable != NULL)
1095 		chip->ops->clk_enable(chip, false);
1096 
1097 	return 0;
1098 out_err:
1099 	if (chip->ops->clk_enable != NULL)
1100 		chip->ops->clk_enable(chip, false);
1101 
1102 	tpm_tis_remove(chip);
1103 
1104 	return rc;
1105 }
1106 EXPORT_SYMBOL_GPL(tpm_tis_core_init);
1107 
1108 #ifdef CONFIG_PM_SLEEP
1109 static void tpm_tis_reenable_interrupts(struct tpm_chip *chip)
1110 {
1111 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
1112 	u32 intmask;
1113 	int rc;
1114 
1115 	if (chip->ops->clk_enable != NULL)
1116 		chip->ops->clk_enable(chip, true);
1117 
1118 	/* reenable interrupts that device may have lost or
1119 	 * BIOS/firmware may have disabled
1120 	 */
1121 	rc = tpm_tis_write8(priv, TPM_INT_VECTOR(priv->locality), priv->irq);
1122 	if (rc < 0)
1123 		goto out;
1124 
1125 	rc = tpm_tis_read32(priv, TPM_INT_ENABLE(priv->locality), &intmask);
1126 	if (rc < 0)
1127 		goto out;
1128 
1129 	intmask |= TPM_INTF_CMD_READY_INT
1130 	    | TPM_INTF_LOCALITY_CHANGE_INT | TPM_INTF_DATA_AVAIL_INT
1131 	    | TPM_INTF_STS_VALID_INT | TPM_GLOBAL_INT_ENABLE;
1132 
1133 	tpm_tis_write32(priv, TPM_INT_ENABLE(priv->locality), intmask);
1134 
1135 out:
1136 	if (chip->ops->clk_enable != NULL)
1137 		chip->ops->clk_enable(chip, false);
1138 
1139 	return;
1140 }
1141 
1142 int tpm_tis_resume(struct device *dev)
1143 {
1144 	struct tpm_chip *chip = dev_get_drvdata(dev);
1145 	int ret;
1146 
1147 	if (chip->flags & TPM_CHIP_FLAG_IRQ)
1148 		tpm_tis_reenable_interrupts(chip);
1149 
1150 	ret = tpm_pm_resume(dev);
1151 	if (ret)
1152 		return ret;
1153 
1154 	/* TPM 1.2 requires self-test on resume. This function actually returns
1155 	 * an error code but for unknown reason it isn't handled.
1156 	 */
1157 	if (!(chip->flags & TPM_CHIP_FLAG_TPM2))
1158 		tpm1_do_selftest(chip);
1159 
1160 	return 0;
1161 }
1162 EXPORT_SYMBOL_GPL(tpm_tis_resume);
1163 #endif
1164 
1165 MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)");
1166 MODULE_DESCRIPTION("TPM Driver");
1167 MODULE_VERSION("2.0");
1168 MODULE_LICENSE("GPL");
1169