1ed3f5a30SSimon Glass /*
2ed3f5a30SSimon Glass * Copyright (c) 2013 Google, Inc
3ed3f5a30SSimon Glass *
4ed3f5a30SSimon Glass * SPDX-License-Identifier: GPL-2.0+
5ed3f5a30SSimon Glass */
6ed3f5a30SSimon Glass
7ed3f5a30SSimon Glass #include <common.h>
821baf15bSSimon Glass #include <dm.h>
921baf15bSSimon Glass #include <tpm.h>
10ed3f5a30SSimon Glass #include <asm/state.h>
11ed3f5a30SSimon Glass #include <asm/unaligned.h>
12ed3f5a30SSimon Glass #include <linux/crc8.h>
13ed3f5a30SSimon Glass
14ed3f5a30SSimon Glass /* TPM NVRAM location indices. */
15ed3f5a30SSimon Glass #define FIRMWARE_NV_INDEX 0x1007
16ed3f5a30SSimon Glass #define KERNEL_NV_INDEX 0x1008
17ed3f5a30SSimon Glass
18ed3f5a30SSimon Glass #define NV_DATA_PUBLIC_PERMISSIONS_OFFSET 60
19ed3f5a30SSimon Glass
20ed3f5a30SSimon Glass /* Kernel TPM space - KERNEL_NV_INDEX, locked with physical presence */
21ed3f5a30SSimon Glass #define ROLLBACK_SPACE_KERNEL_VERSION 2
22ed3f5a30SSimon Glass #define ROLLBACK_SPACE_KERNEL_UID 0x4752574C /* 'GRWL' */
23ed3f5a30SSimon Glass
24ed3f5a30SSimon Glass struct rollback_space_kernel {
25ed3f5a30SSimon Glass /* Struct version, for backwards compatibility */
26ed3f5a30SSimon Glass uint8_t struct_version;
27ed3f5a30SSimon Glass /* Unique ID to detect space redefinition */
28ed3f5a30SSimon Glass uint32_t uid;
29ed3f5a30SSimon Glass /* Kernel versions */
30ed3f5a30SSimon Glass uint32_t kernel_versions;
31ed3f5a30SSimon Glass /* Reserved for future expansion */
32ed3f5a30SSimon Glass uint8_t reserved[3];
33ed3f5a30SSimon Glass /* Checksum (v2 and later only) */
34ed3f5a30SSimon Glass uint8_t crc8;
35ed3f5a30SSimon Glass } __packed rollback_space_kernel;
36ed3f5a30SSimon Glass
37ed3f5a30SSimon Glass /*
38ed3f5a30SSimon Glass * These numbers derive from adding the sizes of command fields as shown in
39ed3f5a30SSimon Glass * the TPM commands manual.
40ed3f5a30SSimon Glass */
41ed3f5a30SSimon Glass #define TPM_REQUEST_HEADER_LENGTH 10
42ed3f5a30SSimon Glass #define TPM_RESPONSE_HEADER_LENGTH 10
43ed3f5a30SSimon Glass
44ed3f5a30SSimon Glass /* These are the different non-volatile spaces that we emulate */
45ed3f5a30SSimon Glass enum {
46ed3f5a30SSimon Glass NV_GLOBAL_LOCK,
47ed3f5a30SSimon Glass NV_SEQ_FIRMWARE,
48ed3f5a30SSimon Glass NV_SEQ_KERNEL,
49ed3f5a30SSimon Glass NV_SEQ_COUNT,
50ed3f5a30SSimon Glass };
51ed3f5a30SSimon Glass
52ed3f5a30SSimon Glass /* Size of each non-volatile space */
53ed3f5a30SSimon Glass #define NV_DATA_SIZE 0x20
54ed3f5a30SSimon Glass
55ed3f5a30SSimon Glass /*
56ed3f5a30SSimon Glass * Information about our TPM emulation. This is preserved in the sandbox
57ed3f5a30SSimon Glass * state file if enabled.
58ed3f5a30SSimon Glass */
59ed3f5a30SSimon Glass static struct tpm_state {
60ed3f5a30SSimon Glass uint8_t nvdata[NV_SEQ_COUNT][NV_DATA_SIZE];
6121baf15bSSimon Glass } g_state;
62ed3f5a30SSimon Glass
63ed3f5a30SSimon Glass /**
64ed3f5a30SSimon Glass * sandbox_tpm_read_state() - read the sandbox EC state from the state file
65ed3f5a30SSimon Glass *
66ed3f5a30SSimon Glass * If data is available, then blob and node will provide access to it. If
67ed3f5a30SSimon Glass * not this function sets up an empty TPM.
68ed3f5a30SSimon Glass *
69ed3f5a30SSimon Glass * @blob: Pointer to device tree blob, or NULL if no data to read
70ed3f5a30SSimon Glass * @node: Node offset to read from
71ed3f5a30SSimon Glass */
sandbox_tpm_read_state(const void * blob,int node)72ed3f5a30SSimon Glass static int sandbox_tpm_read_state(const void *blob, int node)
73ed3f5a30SSimon Glass {
74ed3f5a30SSimon Glass const char *prop;
75ed3f5a30SSimon Glass int len;
76ed3f5a30SSimon Glass int i;
77ed3f5a30SSimon Glass
78ed3f5a30SSimon Glass if (!blob)
79ed3f5a30SSimon Glass return 0;
80ed3f5a30SSimon Glass
81ed3f5a30SSimon Glass for (i = 0; i < NV_SEQ_COUNT; i++) {
82ed3f5a30SSimon Glass char prop_name[20];
83ed3f5a30SSimon Glass
84ed3f5a30SSimon Glass sprintf(prop_name, "nvdata%d", i);
85ed3f5a30SSimon Glass prop = fdt_getprop(blob, node, prop_name, &len);
86ed3f5a30SSimon Glass if (prop && len == NV_DATA_SIZE)
8721baf15bSSimon Glass memcpy(g_state.nvdata[i], prop, NV_DATA_SIZE);
88ed3f5a30SSimon Glass }
89ed3f5a30SSimon Glass
90ed3f5a30SSimon Glass return 0;
91ed3f5a30SSimon Glass }
92ed3f5a30SSimon Glass
93ed3f5a30SSimon Glass /**
94ed3f5a30SSimon Glass * cros_ec_write_state() - Write out our state to the state file
95ed3f5a30SSimon Glass *
96ed3f5a30SSimon Glass * The caller will ensure that there is a node ready for the state. The node
97ed3f5a30SSimon Glass * may already contain the old state, in which case it is overridden.
98ed3f5a30SSimon Glass *
99ed3f5a30SSimon Glass * @blob: Device tree blob holding state
100ed3f5a30SSimon Glass * @node: Node to write our state into
101ed3f5a30SSimon Glass */
sandbox_tpm_write_state(void * blob,int node)102ed3f5a30SSimon Glass static int sandbox_tpm_write_state(void *blob, int node)
103ed3f5a30SSimon Glass {
104ed3f5a30SSimon Glass int i;
105ed3f5a30SSimon Glass
106ed3f5a30SSimon Glass /*
107ed3f5a30SSimon Glass * We are guaranteed enough space to write basic properties.
108ed3f5a30SSimon Glass * We could use fdt_add_subnode() to put each set of data in its
109ed3f5a30SSimon Glass * own node - perhaps useful if we add access informaiton to each.
110ed3f5a30SSimon Glass */
111ed3f5a30SSimon Glass for (i = 0; i < NV_SEQ_COUNT; i++) {
112ed3f5a30SSimon Glass char prop_name[20];
113ed3f5a30SSimon Glass
114ed3f5a30SSimon Glass sprintf(prop_name, "nvdata%d", i);
11521baf15bSSimon Glass fdt_setprop(blob, node, prop_name, g_state.nvdata[i],
116ed3f5a30SSimon Glass NV_DATA_SIZE);
117ed3f5a30SSimon Glass }
118ed3f5a30SSimon Glass
119ed3f5a30SSimon Glass return 0;
120ed3f5a30SSimon Glass }
121ed3f5a30SSimon Glass
122ed3f5a30SSimon Glass SANDBOX_STATE_IO(sandbox_tpm, "google,sandbox-tpm", sandbox_tpm_read_state,
123ed3f5a30SSimon Glass sandbox_tpm_write_state);
124ed3f5a30SSimon Glass
index_to_seq(uint32_t index)125ed3f5a30SSimon Glass static int index_to_seq(uint32_t index)
126ed3f5a30SSimon Glass {
127ed3f5a30SSimon Glass switch (index) {
128ed3f5a30SSimon Glass case FIRMWARE_NV_INDEX:
129ed3f5a30SSimon Glass return NV_SEQ_FIRMWARE;
130ed3f5a30SSimon Glass case KERNEL_NV_INDEX:
131ed3f5a30SSimon Glass return NV_SEQ_KERNEL;
132ed3f5a30SSimon Glass case 0:
133ed3f5a30SSimon Glass return NV_GLOBAL_LOCK;
134ed3f5a30SSimon Glass }
135ed3f5a30SSimon Glass
136ed3f5a30SSimon Glass printf("Invalid nv index %#x\n", index);
137ed3f5a30SSimon Glass return -1;
138ed3f5a30SSimon Glass }
139ed3f5a30SSimon Glass
sandbox_tpm_xfer(struct udevice * dev,const uint8_t * sendbuf,size_t send_size,uint8_t * recvbuf,size_t * recv_len)14021baf15bSSimon Glass static int sandbox_tpm_xfer(struct udevice *dev, const uint8_t *sendbuf,
14121baf15bSSimon Glass size_t send_size, uint8_t *recvbuf,
14221baf15bSSimon Glass size_t *recv_len)
143ed3f5a30SSimon Glass {
14421baf15bSSimon Glass struct tpm_state *tpm = dev_get_priv(dev);
145ed3f5a30SSimon Glass uint32_t code, index, length, type;
146ed3f5a30SSimon Glass uint8_t *data;
147ed3f5a30SSimon Glass int seq;
148ed3f5a30SSimon Glass
149ed3f5a30SSimon Glass code = get_unaligned_be32(sendbuf + sizeof(uint16_t) +
150ed3f5a30SSimon Glass sizeof(uint32_t));
151ed3f5a30SSimon Glass printf("tpm: %zd bytes, recv_len %zd, cmd = %x\n", send_size,
152ed3f5a30SSimon Glass *recv_len, code);
153ed3f5a30SSimon Glass print_buffer(0, sendbuf, 1, send_size, 0);
154ed3f5a30SSimon Glass switch (code) {
155ed3f5a30SSimon Glass case 0x65: /* get flags */
156ed3f5a30SSimon Glass type = get_unaligned_be32(sendbuf + 14);
157ed3f5a30SSimon Glass switch (type) {
158ed3f5a30SSimon Glass case 4:
159ed3f5a30SSimon Glass index = get_unaligned_be32(sendbuf + 18);
160ed3f5a30SSimon Glass printf("Get flags index %#02x\n", index);
161ed3f5a30SSimon Glass *recv_len = 22;
162ed3f5a30SSimon Glass memset(recvbuf, '\0', *recv_len);
163ed3f5a30SSimon Glass put_unaligned_be32(22, recvbuf +
164ed3f5a30SSimon Glass TPM_RESPONSE_HEADER_LENGTH);
165ed3f5a30SSimon Glass data = recvbuf + TPM_RESPONSE_HEADER_LENGTH +
166ed3f5a30SSimon Glass sizeof(uint32_t);
167ed3f5a30SSimon Glass switch (index) {
168ed3f5a30SSimon Glass case FIRMWARE_NV_INDEX:
169ed3f5a30SSimon Glass break;
170ed3f5a30SSimon Glass case KERNEL_NV_INDEX:
171ed3f5a30SSimon Glass /* TPM_NV_PER_PPWRITE */
172ed3f5a30SSimon Glass put_unaligned_be32(1, data +
173ed3f5a30SSimon Glass NV_DATA_PUBLIC_PERMISSIONS_OFFSET);
174ed3f5a30SSimon Glass break;
175ed3f5a30SSimon Glass }
176ed3f5a30SSimon Glass break;
177ed3f5a30SSimon Glass case 0x11: /* TPM_CAP_NV_INDEX */
178ed3f5a30SSimon Glass index = get_unaligned_be32(sendbuf + 18);
179ed3f5a30SSimon Glass printf("Get cap nv index %#02x\n", index);
180ed3f5a30SSimon Glass put_unaligned_be32(22, recvbuf +
181ed3f5a30SSimon Glass TPM_RESPONSE_HEADER_LENGTH);
182ed3f5a30SSimon Glass break;
183ed3f5a30SSimon Glass default:
184ed3f5a30SSimon Glass printf(" ** Unknown 0x65 command type %#02x\n",
185ed3f5a30SSimon Glass type);
186ed3f5a30SSimon Glass return -1;
187ed3f5a30SSimon Glass }
188ed3f5a30SSimon Glass break;
189ed3f5a30SSimon Glass case 0xcd: /* nvwrite */
190ed3f5a30SSimon Glass index = get_unaligned_be32(sendbuf + 10);
191ed3f5a30SSimon Glass length = get_unaligned_be32(sendbuf + 18);
192ed3f5a30SSimon Glass seq = index_to_seq(index);
193ed3f5a30SSimon Glass if (seq < 0)
194ed3f5a30SSimon Glass return -1;
195ed3f5a30SSimon Glass printf("tpm: nvwrite index=%#02x, len=%#02x\n", index, length);
1962c30af8fSChe-Liang Chiou memcpy(&tpm->nvdata[seq], sendbuf + 22, length);
197ed3f5a30SSimon Glass *recv_len = 12;
198ed3f5a30SSimon Glass memset(recvbuf, '\0', *recv_len);
199ed3f5a30SSimon Glass break;
200ed3f5a30SSimon Glass case 0xcf: /* nvread */
201ed3f5a30SSimon Glass index = get_unaligned_be32(sendbuf + 10);
202ed3f5a30SSimon Glass length = get_unaligned_be32(sendbuf + 18);
203ed3f5a30SSimon Glass seq = index_to_seq(index);
204ed3f5a30SSimon Glass if (seq < 0)
205ed3f5a30SSimon Glass return -1;
206ed3f5a30SSimon Glass printf("tpm: nvread index=%#02x, len=%#02x\n", index, length);
207ed3f5a30SSimon Glass *recv_len = TPM_RESPONSE_HEADER_LENGTH + sizeof(uint32_t) +
208ed3f5a30SSimon Glass length;
209ed3f5a30SSimon Glass memset(recvbuf, '\0', *recv_len);
210ed3f5a30SSimon Glass put_unaligned_be32(length, recvbuf +
211ed3f5a30SSimon Glass TPM_RESPONSE_HEADER_LENGTH);
212ed3f5a30SSimon Glass if (seq == NV_SEQ_KERNEL) {
213ed3f5a30SSimon Glass struct rollback_space_kernel rsk;
214ed3f5a30SSimon Glass
215ed3f5a30SSimon Glass data = recvbuf + TPM_RESPONSE_HEADER_LENGTH +
216ed3f5a30SSimon Glass sizeof(uint32_t);
217*7e019dafSTom Rini memset(&rsk, 0, sizeof(struct rollback_space_kernel));
218ed3f5a30SSimon Glass rsk.struct_version = 2;
219ed3f5a30SSimon Glass rsk.uid = ROLLBACK_SPACE_KERNEL_UID;
220456ecd08SStefan Roese rsk.crc8 = crc8(0, (unsigned char *)&rsk,
221ed3f5a30SSimon Glass offsetof(struct rollback_space_kernel,
222ed3f5a30SSimon Glass crc8));
223ed3f5a30SSimon Glass memcpy(data, &rsk, sizeof(rsk));
224ed3f5a30SSimon Glass } else {
225ed3f5a30SSimon Glass memcpy(recvbuf + TPM_RESPONSE_HEADER_LENGTH +
226ed3f5a30SSimon Glass sizeof(uint32_t), &tpm->nvdata[seq], length);
227ed3f5a30SSimon Glass }
228ed3f5a30SSimon Glass break;
229ed3f5a30SSimon Glass case 0x14: /* tpm extend */
230ed3f5a30SSimon Glass case 0x15: /* pcr read */
231ed3f5a30SSimon Glass case 0x5d: /* force clear */
232ed3f5a30SSimon Glass case 0x6f: /* physical enable */
233ed3f5a30SSimon Glass case 0x72: /* physical set deactivated */
234ed3f5a30SSimon Glass case 0x99: /* startup */
235ed3f5a30SSimon Glass case 0x4000000a: /* assert physical presence */
236ed3f5a30SSimon Glass *recv_len = 12;
237ed3f5a30SSimon Glass memset(recvbuf, '\0', *recv_len);
238ed3f5a30SSimon Glass break;
239ed3f5a30SSimon Glass default:
240ed3f5a30SSimon Glass printf("Unknown tpm command %02x\n", code);
241ed3f5a30SSimon Glass return -1;
242ed3f5a30SSimon Glass }
243ed3f5a30SSimon Glass
244ed3f5a30SSimon Glass return 0;
245ed3f5a30SSimon Glass }
246ed3f5a30SSimon Glass
sandbox_tpm_get_desc(struct udevice * dev,char * buf,int size)24721baf15bSSimon Glass static int sandbox_tpm_get_desc(struct udevice *dev, char *buf, int size)
248ed3f5a30SSimon Glass {
24921baf15bSSimon Glass if (size < 15)
25021baf15bSSimon Glass return -ENOSPC;
25121baf15bSSimon Glass
25221baf15bSSimon Glass return snprintf(buf, size, "sandbox TPM");
25321baf15bSSimon Glass }
25421baf15bSSimon Glass
sandbox_tpm_probe(struct udevice * dev)25521baf15bSSimon Glass static int sandbox_tpm_probe(struct udevice *dev)
25621baf15bSSimon Glass {
25721baf15bSSimon Glass struct tpm_state *tpm = dev_get_priv(dev);
25821baf15bSSimon Glass
25921baf15bSSimon Glass memcpy(tpm, &g_state, sizeof(*tpm));
26021baf15bSSimon Glass
261ed3f5a30SSimon Glass return 0;
262ed3f5a30SSimon Glass }
263ed3f5a30SSimon Glass
sandbox_tpm_open(struct udevice * dev)26421baf15bSSimon Glass static int sandbox_tpm_open(struct udevice *dev)
265ed3f5a30SSimon Glass {
266ed3f5a30SSimon Glass return 0;
267ed3f5a30SSimon Glass }
268ed3f5a30SSimon Glass
sandbox_tpm_close(struct udevice * dev)26921baf15bSSimon Glass static int sandbox_tpm_close(struct udevice *dev)
270ed3f5a30SSimon Glass {
271ed3f5a30SSimon Glass return 0;
272ed3f5a30SSimon Glass }
27321baf15bSSimon Glass
27421baf15bSSimon Glass static const struct tpm_ops sandbox_tpm_ops = {
27521baf15bSSimon Glass .open = sandbox_tpm_open,
27621baf15bSSimon Glass .close = sandbox_tpm_close,
27721baf15bSSimon Glass .get_desc = sandbox_tpm_get_desc,
27821baf15bSSimon Glass .xfer = sandbox_tpm_xfer,
27921baf15bSSimon Glass };
28021baf15bSSimon Glass
28121baf15bSSimon Glass static const struct udevice_id sandbox_tpm_ids[] = {
28221baf15bSSimon Glass { .compatible = "google,sandbox-tpm" },
28321baf15bSSimon Glass { }
28421baf15bSSimon Glass };
28521baf15bSSimon Glass
28621baf15bSSimon Glass U_BOOT_DRIVER(sandbox_tpm) = {
28721baf15bSSimon Glass .name = "sandbox_tpm",
28821baf15bSSimon Glass .id = UCLASS_TPM,
28921baf15bSSimon Glass .of_match = sandbox_tpm_ids,
29021baf15bSSimon Glass .ops = &sandbox_tpm_ops,
29121baf15bSSimon Glass .probe = sandbox_tpm_probe,
29221baf15bSSimon Glass .priv_auto_alloc_size = sizeof(struct tpm_state),
29321baf15bSSimon Glass };
294