1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (c) 2014-2021 Nuvoton Technology corporation 4 * Copyright (C) 2019-2022 Infineon Technologies AG 5 * 6 * This device driver implements the TPM interface as defined in the TCG PC 7 * Client Platform TPM Profile (PTP) Specification for TPM 2.0 v1.04 8 * Revision 14. 9 * 10 * It is based on the tpm_tis_spi device driver. 11 */ 12 13 #include <linux/i2c.h> 14 #include <linux/crc-ccitt.h> 15 #include "tpm_tis_core.h" 16 17 /* TPM registers */ 18 #define TPM_I2C_LOC_SEL 0x00 19 #define TPM_I2C_ACCESS 0x04 20 #define TPM_I2C_INTERFACE_CAPABILITY 0x30 21 #define TPM_I2C_DEVICE_ADDRESS 0x38 22 #define TPM_I2C_DATA_CSUM_ENABLE 0x40 23 #define TPM_DATA_CSUM 0x44 24 #define TPM_I2C_DID_VID 0x48 25 #define TPM_I2C_RID 0x4C 26 27 /* TIS-compatible register address to avoid clash with TPM_ACCESS (0x00) */ 28 #define TPM_LOC_SEL 0x0FFF 29 30 /* Mask to extract the I2C register from TIS register addresses */ 31 #define TPM_TIS_REGISTER_MASK 0x0FFF 32 33 /* Default Guard Time of 250µs until interface capability register is read */ 34 #define GUARD_TIME_DEFAULT_MIN 250 35 #define GUARD_TIME_DEFAULT_MAX 300 36 37 /* Guard Time of 250µs after I2C slave NACK */ 38 #define GUARD_TIME_ERR_MIN 250 39 #define GUARD_TIME_ERR_MAX 300 40 41 /* Guard Time bit masks; SR is repeated start, RW is read then write, etc. */ 42 #define TPM_GUARD_TIME_SR_MASK 0x40000000 43 #define TPM_GUARD_TIME_RR_MASK 0x00100000 44 #define TPM_GUARD_TIME_RW_MASK 0x00080000 45 #define TPM_GUARD_TIME_WR_MASK 0x00040000 46 #define TPM_GUARD_TIME_WW_MASK 0x00020000 47 #define TPM_GUARD_TIME_MIN_MASK 0x0001FE00 48 #define TPM_GUARD_TIME_MIN_SHIFT 9 49 50 /* Masks with bits that must be read zero */ 51 #define TPM_ACCESS_READ_ZERO 0x48 52 #define TPM_INT_ENABLE_ZERO 0x7FFFFF60 53 #define TPM_STS_READ_ZERO 0x23 54 #define TPM_INTF_CAPABILITY_ZERO 0x0FFFF000 55 #define TPM_I2C_INTERFACE_CAPABILITY_ZERO 0x80000000 56 57 struct tpm_tis_i2c_phy { 58 struct tpm_tis_data priv; 59 struct i2c_client *i2c_client; 60 bool guard_time_read; 61 bool guard_time_write; 62 u16 guard_time_min; 63 u16 guard_time_max; 64 u8 *io_buf; 65 }; 66 67 static inline struct tpm_tis_i2c_phy * 68 to_tpm_tis_i2c_phy(struct tpm_tis_data *data) 69 { 70 return container_of(data, struct tpm_tis_i2c_phy, priv); 71 } 72 73 /* 74 * tpm_tis_core uses the register addresses as defined in Table 19 "Allocation 75 * of Register Space for FIFO TPM Access" of the TCG PC Client PTP 76 * Specification. In order for this code to work together with tpm_tis_core, 77 * those addresses need to mapped to the registers defined for I2C TPMs in 78 * Table 51 "I2C-TPM Register Overview". 79 * 80 * For most addresses this can be done by simply stripping off the locality 81 * information from the address. A few addresses need to be mapped explicitly, 82 * since the corresponding I2C registers have been moved around. TPM_LOC_SEL is 83 * only defined for I2C TPMs and is also mapped explicitly here to distinguish 84 * it from TPM_ACCESS(0). 85 * 86 * Locality information is ignored, since this driver assumes exclusive access 87 * to the TPM and always uses locality 0. 88 */ 89 static u8 tpm_tis_i2c_address_to_register(u32 addr) 90 { 91 addr &= TPM_TIS_REGISTER_MASK; 92 93 switch (addr) { 94 case TPM_ACCESS(0): 95 return TPM_I2C_ACCESS; 96 case TPM_LOC_SEL: 97 return TPM_I2C_LOC_SEL; 98 case TPM_DID_VID(0): 99 return TPM_I2C_DID_VID; 100 case TPM_RID(0): 101 return TPM_I2C_RID; 102 default: 103 return addr; 104 } 105 } 106 107 static int tpm_tis_i2c_retry_transfer_until_ack(struct tpm_tis_data *data, 108 struct i2c_msg *msg) 109 { 110 struct tpm_tis_i2c_phy *phy = to_tpm_tis_i2c_phy(data); 111 bool guard_time; 112 int i = 0; 113 int ret; 114 115 if (msg->flags & I2C_M_RD) 116 guard_time = phy->guard_time_read; 117 else 118 guard_time = phy->guard_time_write; 119 120 do { 121 ret = i2c_transfer(phy->i2c_client->adapter, msg, 1); 122 if (ret < 0) 123 usleep_range(GUARD_TIME_ERR_MIN, GUARD_TIME_ERR_MAX); 124 else if (guard_time) 125 usleep_range(phy->guard_time_min, phy->guard_time_max); 126 /* retry on TPM NACK */ 127 } while (ret < 0 && i++ < TPM_RETRY); 128 129 return ret; 130 } 131 132 /* Check that bits which must be read zero are not set */ 133 static int tpm_tis_i2c_sanity_check_read(u8 reg, u16 len, u8 *buf) 134 { 135 u32 zero_mask; 136 u32 value; 137 138 switch (len) { 139 case sizeof(u8): 140 value = buf[0]; 141 break; 142 case sizeof(u16): 143 value = le16_to_cpup((__le16 *)buf); 144 break; 145 case sizeof(u32): 146 value = le32_to_cpup((__le32 *)buf); 147 break; 148 default: 149 /* unknown length, skip check */ 150 return 0; 151 } 152 153 switch (reg) { 154 case TPM_I2C_ACCESS: 155 zero_mask = TPM_ACCESS_READ_ZERO; 156 break; 157 case TPM_INT_ENABLE(0) & TPM_TIS_REGISTER_MASK: 158 zero_mask = TPM_INT_ENABLE_ZERO; 159 break; 160 case TPM_STS(0) & TPM_TIS_REGISTER_MASK: 161 zero_mask = TPM_STS_READ_ZERO; 162 break; 163 case TPM_INTF_CAPS(0) & TPM_TIS_REGISTER_MASK: 164 zero_mask = TPM_INTF_CAPABILITY_ZERO; 165 break; 166 case TPM_I2C_INTERFACE_CAPABILITY: 167 zero_mask = TPM_I2C_INTERFACE_CAPABILITY_ZERO; 168 break; 169 default: 170 /* unknown register, skip check */ 171 return 0; 172 } 173 174 if (unlikely((value & zero_mask) != 0x00)) { 175 pr_debug("TPM I2C read of register 0x%02x failed sanity check: 0x%x\n", reg, value); 176 return -EIO; 177 } 178 179 return 0; 180 } 181 182 static int tpm_tis_i2c_read_bytes(struct tpm_tis_data *data, u32 addr, u16 len, 183 u8 *result, enum tpm_tis_io_mode io_mode) 184 { 185 struct tpm_tis_i2c_phy *phy = to_tpm_tis_i2c_phy(data); 186 struct i2c_msg msg = { .addr = phy->i2c_client->addr }; 187 u8 reg = tpm_tis_i2c_address_to_register(addr); 188 int i; 189 int ret; 190 191 for (i = 0; i < TPM_RETRY; i++) { 192 u16 read = 0; 193 194 while (read < len) { 195 /* write register */ 196 msg.len = sizeof(reg); 197 msg.buf = ® 198 msg.flags = 0; 199 ret = tpm_tis_i2c_retry_transfer_until_ack(data, &msg); 200 if (ret < 0) 201 return ret; 202 203 /* read data */ 204 msg.buf = result + read; 205 msg.len = len - read; 206 msg.flags = I2C_M_RD; 207 if (msg.len > I2C_SMBUS_BLOCK_MAX) 208 msg.len = I2C_SMBUS_BLOCK_MAX; 209 ret = tpm_tis_i2c_retry_transfer_until_ack(data, &msg); 210 if (ret < 0) 211 return ret; 212 read += msg.len; 213 } 214 215 ret = tpm_tis_i2c_sanity_check_read(reg, len, result); 216 if (ret == 0) 217 return 0; 218 219 usleep_range(GUARD_TIME_ERR_MIN, GUARD_TIME_ERR_MAX); 220 } 221 222 return ret; 223 } 224 225 static int tpm_tis_i2c_write_bytes(struct tpm_tis_data *data, u32 addr, u16 len, 226 const u8 *value, 227 enum tpm_tis_io_mode io_mode) 228 { 229 struct tpm_tis_i2c_phy *phy = to_tpm_tis_i2c_phy(data); 230 struct i2c_msg msg = { .addr = phy->i2c_client->addr }; 231 u8 reg = tpm_tis_i2c_address_to_register(addr); 232 int ret; 233 u16 wrote = 0; 234 235 if (len > TPM_BUFSIZE - 1) 236 return -EIO; 237 238 phy->io_buf[0] = reg; 239 msg.buf = phy->io_buf; 240 while (wrote < len) { 241 /* write register and data in one go */ 242 msg.len = sizeof(reg) + len - wrote; 243 if (msg.len > I2C_SMBUS_BLOCK_MAX) 244 msg.len = I2C_SMBUS_BLOCK_MAX; 245 246 memcpy(phy->io_buf + sizeof(reg), value + wrote, 247 msg.len - sizeof(reg)); 248 249 ret = tpm_tis_i2c_retry_transfer_until_ack(data, &msg); 250 if (ret < 0) 251 return ret; 252 wrote += msg.len - sizeof(reg); 253 } 254 255 return 0; 256 } 257 258 static int tpm_tis_i2c_verify_crc(struct tpm_tis_data *data, size_t len, 259 const u8 *value) 260 { 261 u16 crc_tpm, crc_host; 262 int rc; 263 264 rc = tpm_tis_read16(data, TPM_DATA_CSUM, &crc_tpm); 265 if (rc < 0) 266 return rc; 267 268 /* reflect crc result, regardless of host endianness */ 269 crc_host = swab16(crc_ccitt(0, value, len)); 270 if (crc_tpm != crc_host) 271 return -EIO; 272 273 return 0; 274 } 275 276 /* 277 * Guard Time: 278 * After each I2C operation, the TPM might require the master to wait. 279 * The time period is vendor-specific and must be read from the 280 * TPM_I2C_INTERFACE_CAPABILITY register. 281 * 282 * Before the Guard Time is read (or after the TPM failed to send an I2C NACK), 283 * a Guard Time of 250µs applies. 284 * 285 * Various flags in the same register indicate if a guard time is needed: 286 * - SR: <I2C read with repeated start> <guard time> <I2C read> 287 * - RR: <I2C read> <guard time> <I2C read> 288 * - RW: <I2C read> <guard time> <I2C write> 289 * - WR: <I2C write> <guard time> <I2C read> 290 * - WW: <I2C write> <guard time> <I2C write> 291 * 292 * See TCG PC Client PTP Specification v1.04, 8.1.10 GUARD_TIME 293 */ 294 static int tpm_tis_i2c_init_guard_time(struct tpm_tis_i2c_phy *phy) 295 { 296 u32 i2c_caps; 297 int ret; 298 299 phy->guard_time_read = true; 300 phy->guard_time_write = true; 301 phy->guard_time_min = GUARD_TIME_DEFAULT_MIN; 302 phy->guard_time_max = GUARD_TIME_DEFAULT_MAX; 303 304 ret = tpm_tis_i2c_read_bytes(&phy->priv, TPM_I2C_INTERFACE_CAPABILITY, 305 sizeof(i2c_caps), (u8 *)&i2c_caps, 306 TPM_TIS_PHYS_32); 307 if (ret) 308 return ret; 309 310 phy->guard_time_read = (i2c_caps & TPM_GUARD_TIME_RR_MASK) || 311 (i2c_caps & TPM_GUARD_TIME_RW_MASK); 312 phy->guard_time_write = (i2c_caps & TPM_GUARD_TIME_WR_MASK) || 313 (i2c_caps & TPM_GUARD_TIME_WW_MASK); 314 phy->guard_time_min = (i2c_caps & TPM_GUARD_TIME_MIN_MASK) >> 315 TPM_GUARD_TIME_MIN_SHIFT; 316 /* guard_time_max = guard_time_min * 1.2 */ 317 phy->guard_time_max = phy->guard_time_min + phy->guard_time_min / 5; 318 319 return 0; 320 } 321 322 static SIMPLE_DEV_PM_OPS(tpm_tis_pm, tpm_pm_suspend, tpm_tis_resume); 323 324 static const struct tpm_tis_phy_ops tpm_i2c_phy_ops = { 325 .read_bytes = tpm_tis_i2c_read_bytes, 326 .write_bytes = tpm_tis_i2c_write_bytes, 327 .verify_crc = tpm_tis_i2c_verify_crc, 328 }; 329 330 static int tpm_tis_i2c_probe(struct i2c_client *dev) 331 { 332 struct tpm_tis_i2c_phy *phy; 333 const u8 crc_enable = 1; 334 const u8 locality = 0; 335 int ret; 336 337 phy = devm_kzalloc(&dev->dev, sizeof(struct tpm_tis_i2c_phy), 338 GFP_KERNEL); 339 if (!phy) 340 return -ENOMEM; 341 342 phy->io_buf = devm_kzalloc(&dev->dev, TPM_BUFSIZE, GFP_KERNEL); 343 if (!phy->io_buf) 344 return -ENOMEM; 345 346 set_bit(TPM_TIS_DEFAULT_CANCELLATION, &phy->priv.flags); 347 phy->i2c_client = dev; 348 349 /* must precede all communication with the tpm */ 350 ret = tpm_tis_i2c_init_guard_time(phy); 351 if (ret) 352 return ret; 353 354 ret = tpm_tis_i2c_write_bytes(&phy->priv, TPM_LOC_SEL, sizeof(locality), 355 &locality, TPM_TIS_PHYS_8); 356 if (ret) 357 return ret; 358 359 ret = tpm_tis_i2c_write_bytes(&phy->priv, TPM_I2C_DATA_CSUM_ENABLE, 360 sizeof(crc_enable), &crc_enable, 361 TPM_TIS_PHYS_8); 362 if (ret) 363 return ret; 364 365 return tpm_tis_core_init(&dev->dev, &phy->priv, -1, &tpm_i2c_phy_ops, 366 NULL); 367 } 368 369 static void tpm_tis_i2c_remove(struct i2c_client *client) 370 { 371 struct tpm_chip *chip = i2c_get_clientdata(client); 372 373 tpm_chip_unregister(chip); 374 tpm_tis_remove(chip); 375 } 376 377 static const struct i2c_device_id tpm_tis_i2c_id[] = { 378 { "tpm_tis_i2c", 0 }, 379 {} 380 }; 381 MODULE_DEVICE_TABLE(i2c, tpm_tis_i2c_id); 382 383 #ifdef CONFIG_OF 384 static const struct of_device_id of_tis_i2c_match[] = { 385 { .compatible = "infineon,slb9673", }, 386 { .compatible = "nuvoton,npct75x", }, 387 { .compatible = "tcg,tpm-tis-i2c", }, 388 {} 389 }; 390 MODULE_DEVICE_TABLE(of, of_tis_i2c_match); 391 #endif 392 393 static struct i2c_driver tpm_tis_i2c_driver = { 394 .driver = { 395 .name = "tpm_tis_i2c", 396 .pm = &tpm_tis_pm, 397 .of_match_table = of_match_ptr(of_tis_i2c_match), 398 }, 399 .probe = tpm_tis_i2c_probe, 400 .remove = tpm_tis_i2c_remove, 401 .id_table = tpm_tis_i2c_id, 402 }; 403 module_i2c_driver(tpm_tis_i2c_driver); 404 405 MODULE_DESCRIPTION("TPM Driver for native I2C access"); 406 MODULE_LICENSE("GPL"); 407