xref: /linux/drivers/char/tpm/tpm_tis_i2c.c (revision 570172569238c66a482ec3eb5d766cc9cf255f69)
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * Copyright (c) 2014-2021 Nuvoton Technology corporation
4  * Copyright (C) 2019-2022 Infineon Technologies AG
5  *
6  * This device driver implements the TPM interface as defined in the TCG PC
7  * Client Platform TPM Profile (PTP) Specification for TPM 2.0 v1.04
8  * Revision 14.
9  *
10  * It is based on the tpm_tis_spi device driver.
11  */
12 
13 #include <linux/i2c.h>
14 #include <linux/crc-ccitt.h>
15 #include "tpm_tis_core.h"
16 
17 /* TPM registers */
18 #define TPM_I2C_LOC_SEL 0x00
19 #define TPM_I2C_ACCESS 0x04
20 #define TPM_I2C_INTERFACE_CAPABILITY 0x30
21 #define TPM_I2C_DEVICE_ADDRESS 0x38
22 #define TPM_I2C_DATA_CSUM_ENABLE 0x40
23 #define TPM_DATA_CSUM 0x44
24 #define TPM_I2C_DID_VID 0x48
25 #define TPM_I2C_RID 0x4C
26 
27 /* TIS-compatible register address to avoid clash with TPM_ACCESS (0x00) */
28 #define TPM_LOC_SEL 0x0FFF
29 
30 /* Mask to extract the I2C register from TIS register addresses */
31 #define TPM_TIS_REGISTER_MASK 0x0FFF
32 
33 /* Default Guard Time of 250µs until interface capability register is read */
34 #define GUARD_TIME_DEFAULT_MIN 250
35 #define GUARD_TIME_DEFAULT_MAX 300
36 
37 /* Guard Time of 250µs after I2C slave NACK */
38 #define GUARD_TIME_ERR_MIN 250
39 #define GUARD_TIME_ERR_MAX 300
40 
41 /* Guard Time bit masks; SR is repeated start, RW is read then write, etc. */
42 #define TPM_GUARD_TIME_SR_MASK 0x40000000
43 #define TPM_GUARD_TIME_RR_MASK 0x00100000
44 #define TPM_GUARD_TIME_RW_MASK 0x00080000
45 #define TPM_GUARD_TIME_WR_MASK 0x00040000
46 #define TPM_GUARD_TIME_WW_MASK 0x00020000
47 #define TPM_GUARD_TIME_MIN_MASK 0x0001FE00
48 #define TPM_GUARD_TIME_MIN_SHIFT 9
49 
50 /* Masks with bits that must be read zero */
51 #define TPM_ACCESS_READ_ZERO 0x48
52 #define TPM_INT_ENABLE_ZERO 0x7FFFFF60
53 #define TPM_STS_READ_ZERO 0x23
54 #define TPM_INTF_CAPABILITY_ZERO 0x0FFFF000
55 #define TPM_I2C_INTERFACE_CAPABILITY_ZERO 0x80000000
56 
57 struct tpm_tis_i2c_phy {
58 	struct tpm_tis_data priv;
59 	struct i2c_client *i2c_client;
60 	bool guard_time_read;
61 	bool guard_time_write;
62 	u16 guard_time_min;
63 	u16 guard_time_max;
64 	u8 *io_buf;
65 };
66 
67 static inline struct tpm_tis_i2c_phy *
68 to_tpm_tis_i2c_phy(struct tpm_tis_data *data)
69 {
70 	return container_of(data, struct tpm_tis_i2c_phy, priv);
71 }
72 
73 /*
74  * tpm_tis_core uses the register addresses as defined in Table 19 "Allocation
75  * of Register Space for FIFO TPM Access" of the TCG PC Client PTP
76  * Specification. In order for this code to work together with tpm_tis_core,
77  * those addresses need to mapped to the registers defined for I2C TPMs in
78  * Table 51 "I2C-TPM Register Overview".
79  *
80  * For most addresses this can be done by simply stripping off the locality
81  * information from the address. A few addresses need to be mapped explicitly,
82  * since the corresponding I2C registers have been moved around. TPM_LOC_SEL is
83  * only defined for I2C TPMs and is also mapped explicitly here to distinguish
84  * it from TPM_ACCESS(0).
85  *
86  * Locality information is ignored, since this driver assumes exclusive access
87  * to the TPM and always uses locality 0.
88  */
89 static u8 tpm_tis_i2c_address_to_register(u32 addr)
90 {
91 	addr &= TPM_TIS_REGISTER_MASK;
92 
93 	switch (addr) {
94 	case TPM_ACCESS(0):
95 		return TPM_I2C_ACCESS;
96 	case TPM_LOC_SEL:
97 		return TPM_I2C_LOC_SEL;
98 	case TPM_DID_VID(0):
99 		return TPM_I2C_DID_VID;
100 	case TPM_RID(0):
101 		return TPM_I2C_RID;
102 	default:
103 		return addr;
104 	}
105 }
106 
107 static int tpm_tis_i2c_retry_transfer_until_ack(struct tpm_tis_data *data,
108 						struct i2c_msg *msg)
109 {
110 	struct tpm_tis_i2c_phy *phy = to_tpm_tis_i2c_phy(data);
111 	bool guard_time;
112 	int i = 0;
113 	int ret;
114 
115 	if (msg->flags & I2C_M_RD)
116 		guard_time = phy->guard_time_read;
117 	else
118 		guard_time = phy->guard_time_write;
119 
120 	do {
121 		ret = i2c_transfer(phy->i2c_client->adapter, msg, 1);
122 		if (ret < 0)
123 			usleep_range(GUARD_TIME_ERR_MIN, GUARD_TIME_ERR_MAX);
124 		else if (guard_time)
125 			usleep_range(phy->guard_time_min, phy->guard_time_max);
126 		/* retry on TPM NACK */
127 	} while (ret < 0 && i++ < TPM_RETRY);
128 
129 	return ret;
130 }
131 
132 /* Check that bits which must be read zero are not set */
133 static int tpm_tis_i2c_sanity_check_read(u8 reg, u16 len, u8 *buf)
134 {
135 	u32 zero_mask;
136 	u32 value;
137 
138 	switch (len) {
139 	case sizeof(u8):
140 		value = buf[0];
141 		break;
142 	case sizeof(u16):
143 		value = le16_to_cpup((__le16 *)buf);
144 		break;
145 	case sizeof(u32):
146 		value = le32_to_cpup((__le32 *)buf);
147 		break;
148 	default:
149 		/* unknown length, skip check */
150 		return 0;
151 	}
152 
153 	switch (reg) {
154 	case TPM_I2C_ACCESS:
155 		zero_mask = TPM_ACCESS_READ_ZERO;
156 		break;
157 	case TPM_INT_ENABLE(0) & TPM_TIS_REGISTER_MASK:
158 		zero_mask = TPM_INT_ENABLE_ZERO;
159 		break;
160 	case TPM_STS(0) & TPM_TIS_REGISTER_MASK:
161 		zero_mask = TPM_STS_READ_ZERO;
162 		break;
163 	case TPM_INTF_CAPS(0) & TPM_TIS_REGISTER_MASK:
164 		zero_mask = TPM_INTF_CAPABILITY_ZERO;
165 		break;
166 	case TPM_I2C_INTERFACE_CAPABILITY:
167 		zero_mask = TPM_I2C_INTERFACE_CAPABILITY_ZERO;
168 		break;
169 	default:
170 		/* unknown register, skip check */
171 		return 0;
172 	}
173 
174 	if (unlikely((value & zero_mask) != 0x00)) {
175 		pr_debug("TPM I2C read of register 0x%02x failed sanity check: 0x%x\n", reg, value);
176 		return -EIO;
177 	}
178 
179 	return 0;
180 }
181 
182 static int tpm_tis_i2c_read_bytes(struct tpm_tis_data *data, u32 addr, u16 len,
183 				  u8 *result, enum tpm_tis_io_mode io_mode)
184 {
185 	struct tpm_tis_i2c_phy *phy = to_tpm_tis_i2c_phy(data);
186 	struct i2c_msg msg = { .addr = phy->i2c_client->addr };
187 	u8 reg = tpm_tis_i2c_address_to_register(addr);
188 	int i;
189 	int ret;
190 
191 	for (i = 0; i < TPM_RETRY; i++) {
192 		u16 read = 0;
193 
194 		while (read < len) {
195 			/* write register */
196 			msg.len = sizeof(reg);
197 			msg.buf = &reg;
198 			msg.flags = 0;
199 			ret = tpm_tis_i2c_retry_transfer_until_ack(data, &msg);
200 			if (ret < 0)
201 				return ret;
202 
203 			/* read data */
204 			msg.buf = result + read;
205 			msg.len = len - read;
206 			msg.flags = I2C_M_RD;
207 			if (msg.len > I2C_SMBUS_BLOCK_MAX)
208 				msg.len = I2C_SMBUS_BLOCK_MAX;
209 			ret = tpm_tis_i2c_retry_transfer_until_ack(data, &msg);
210 			if (ret < 0)
211 				return ret;
212 			read += msg.len;
213 		}
214 
215 		ret = tpm_tis_i2c_sanity_check_read(reg, len, result);
216 		if (ret == 0)
217 			return 0;
218 
219 		usleep_range(GUARD_TIME_ERR_MIN, GUARD_TIME_ERR_MAX);
220 	}
221 
222 	return ret;
223 }
224 
225 static int tpm_tis_i2c_write_bytes(struct tpm_tis_data *data, u32 addr, u16 len,
226 				   const u8 *value,
227 				   enum tpm_tis_io_mode io_mode)
228 {
229 	struct tpm_tis_i2c_phy *phy = to_tpm_tis_i2c_phy(data);
230 	struct i2c_msg msg = { .addr = phy->i2c_client->addr };
231 	u8 reg = tpm_tis_i2c_address_to_register(addr);
232 	int ret;
233 	u16 wrote = 0;
234 
235 	if (len > TPM_BUFSIZE - 1)
236 		return -EIO;
237 
238 	phy->io_buf[0] = reg;
239 	msg.buf = phy->io_buf;
240 	while (wrote < len) {
241 		/* write register and data in one go */
242 		msg.len = sizeof(reg) + len - wrote;
243 		if (msg.len > I2C_SMBUS_BLOCK_MAX)
244 			msg.len = I2C_SMBUS_BLOCK_MAX;
245 
246 		memcpy(phy->io_buf + sizeof(reg), value + wrote,
247 		       msg.len - sizeof(reg));
248 
249 		ret = tpm_tis_i2c_retry_transfer_until_ack(data, &msg);
250 		if (ret < 0)
251 			return ret;
252 		wrote += msg.len - sizeof(reg);
253 	}
254 
255 	return 0;
256 }
257 
258 static int tpm_tis_i2c_verify_crc(struct tpm_tis_data *data, size_t len,
259 				  const u8 *value)
260 {
261 	u16 crc_tpm, crc_host;
262 	int rc;
263 
264 	rc = tpm_tis_read16(data, TPM_DATA_CSUM, &crc_tpm);
265 	if (rc < 0)
266 		return rc;
267 
268 	/* reflect crc result, regardless of host endianness */
269 	crc_host = swab16(crc_ccitt(0, value, len));
270 	if (crc_tpm != crc_host)
271 		return -EIO;
272 
273 	return 0;
274 }
275 
276 /*
277  * Guard Time:
278  * After each I2C operation, the TPM might require the master to wait.
279  * The time period is vendor-specific and must be read from the
280  * TPM_I2C_INTERFACE_CAPABILITY register.
281  *
282  * Before the Guard Time is read (or after the TPM failed to send an I2C NACK),
283  * a Guard Time of 250µs applies.
284  *
285  * Various flags in the same register indicate if a guard time is needed:
286  *  - SR: <I2C read with repeated start> <guard time> <I2C read>
287  *  - RR: <I2C read> <guard time> <I2C read>
288  *  - RW: <I2C read> <guard time> <I2C write>
289  *  - WR: <I2C write> <guard time> <I2C read>
290  *  - WW: <I2C write> <guard time> <I2C write>
291  *
292  * See TCG PC Client PTP Specification v1.04, 8.1.10 GUARD_TIME
293  */
294 static int tpm_tis_i2c_init_guard_time(struct tpm_tis_i2c_phy *phy)
295 {
296 	u32 i2c_caps;
297 	int ret;
298 
299 	phy->guard_time_read = true;
300 	phy->guard_time_write = true;
301 	phy->guard_time_min = GUARD_TIME_DEFAULT_MIN;
302 	phy->guard_time_max = GUARD_TIME_DEFAULT_MAX;
303 
304 	ret = tpm_tis_i2c_read_bytes(&phy->priv, TPM_I2C_INTERFACE_CAPABILITY,
305 				     sizeof(i2c_caps), (u8 *)&i2c_caps,
306 				     TPM_TIS_PHYS_32);
307 	if (ret)
308 		return ret;
309 
310 	phy->guard_time_read = (i2c_caps & TPM_GUARD_TIME_RR_MASK) ||
311 			       (i2c_caps & TPM_GUARD_TIME_RW_MASK);
312 	phy->guard_time_write = (i2c_caps & TPM_GUARD_TIME_WR_MASK) ||
313 				(i2c_caps & TPM_GUARD_TIME_WW_MASK);
314 	phy->guard_time_min = (i2c_caps & TPM_GUARD_TIME_MIN_MASK) >>
315 			      TPM_GUARD_TIME_MIN_SHIFT;
316 	/* guard_time_max = guard_time_min * 1.2 */
317 	phy->guard_time_max = phy->guard_time_min + phy->guard_time_min / 5;
318 
319 	return 0;
320 }
321 
322 static SIMPLE_DEV_PM_OPS(tpm_tis_pm, tpm_pm_suspend, tpm_tis_resume);
323 
324 static const struct tpm_tis_phy_ops tpm_i2c_phy_ops = {
325 	.read_bytes = tpm_tis_i2c_read_bytes,
326 	.write_bytes = tpm_tis_i2c_write_bytes,
327 	.verify_crc = tpm_tis_i2c_verify_crc,
328 };
329 
330 static int tpm_tis_i2c_probe(struct i2c_client *dev)
331 {
332 	struct tpm_tis_i2c_phy *phy;
333 	const u8 crc_enable = 1;
334 	const u8 locality = 0;
335 	int ret;
336 
337 	phy = devm_kzalloc(&dev->dev, sizeof(struct tpm_tis_i2c_phy),
338 			   GFP_KERNEL);
339 	if (!phy)
340 		return -ENOMEM;
341 
342 	phy->io_buf = devm_kzalloc(&dev->dev, TPM_BUFSIZE, GFP_KERNEL);
343 	if (!phy->io_buf)
344 		return -ENOMEM;
345 
346 	set_bit(TPM_TIS_DEFAULT_CANCELLATION, &phy->priv.flags);
347 	phy->i2c_client = dev;
348 
349 	/* must precede all communication with the tpm */
350 	ret = tpm_tis_i2c_init_guard_time(phy);
351 	if (ret)
352 		return ret;
353 
354 	ret = tpm_tis_i2c_write_bytes(&phy->priv, TPM_LOC_SEL, sizeof(locality),
355 				      &locality, TPM_TIS_PHYS_8);
356 	if (ret)
357 		return ret;
358 
359 	ret = tpm_tis_i2c_write_bytes(&phy->priv, TPM_I2C_DATA_CSUM_ENABLE,
360 				      sizeof(crc_enable), &crc_enable,
361 				      TPM_TIS_PHYS_8);
362 	if (ret)
363 		return ret;
364 
365 	return tpm_tis_core_init(&dev->dev, &phy->priv, -1, &tpm_i2c_phy_ops,
366 				 NULL);
367 }
368 
369 static void tpm_tis_i2c_remove(struct i2c_client *client)
370 {
371 	struct tpm_chip *chip = i2c_get_clientdata(client);
372 
373 	tpm_chip_unregister(chip);
374 	tpm_tis_remove(chip);
375 }
376 
377 static const struct i2c_device_id tpm_tis_i2c_id[] = {
378 	{ "tpm_tis_i2c" },
379 	{}
380 };
381 MODULE_DEVICE_TABLE(i2c, tpm_tis_i2c_id);
382 
383 #ifdef CONFIG_OF
384 static const struct of_device_id of_tis_i2c_match[] = {
385 	{ .compatible = "infineon,slb9673", },
386 	{ .compatible = "nuvoton,npct75x", },
387 	{ .compatible = "tcg,tpm-tis-i2c", },
388 	{}
389 };
390 MODULE_DEVICE_TABLE(of, of_tis_i2c_match);
391 #endif
392 
393 static struct i2c_driver tpm_tis_i2c_driver = {
394 	.driver = {
395 		.name = "tpm_tis_i2c",
396 		.pm = &tpm_tis_pm,
397 		.of_match_table = of_match_ptr(of_tis_i2c_match),
398 	},
399 	.probe = tpm_tis_i2c_probe,
400 	.remove = tpm_tis_i2c_remove,
401 	.id_table = tpm_tis_i2c_id,
402 };
403 module_i2c_driver(tpm_tis_i2c_driver);
404 
405 MODULE_DESCRIPTION("TPM Driver for native I2C access");
406 MODULE_LICENSE("GPL");
407