]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
SecurityPkg: Cache TPM interface type info
[mirror_edk2.git] / SecurityPkg / Library / Tpm2DeviceLibDTpm / Tpm2Ptp.c
1 /** @file
2 PTP (Platform TPM Profile) CRB (Command Response Buffer) interface used by dTPM2.0 library.
3
4 Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
9
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13 **/
14
15 #include <IndustryStandard/Tpm20.h>
16
17 #include <Library/BaseLib.h>
18 #include <Library/BaseMemoryLib.h>
19 #include <Library/IoLib.h>
20 #include <Library/TimerLib.h>
21 #include <Library/DebugLib.h>
22 #include <Library/Tpm2DeviceLib.h>
23 #include <Library/PcdLib.h>
24
25 #include <IndustryStandard/TpmPtp.h>
26 #include <IndustryStandard/TpmTis.h>
27
28 //
29 // Execution of the command may take from several seconds to minutes for certain
30 // commands, such as key generation.
31 //
32 #define PTP_TIMEOUT_MAX (90000 * 1000) // 90s
33
34 //
35 // Max TPM command/reponse length
36 //
37 #define TPMCMDBUFLENGTH 0x500
38
39 /**
40 Check whether TPM PTP register exist.
41
42 @param[in] Reg Pointer to PTP register.
43
44 @retval TRUE TPM PTP exists.
45 @retval FALSE TPM PTP is not found.
46 **/
47 BOOLEAN
48 Tpm2IsPtpPresence (
49 IN VOID *Reg
50 )
51 {
52 UINT8 RegRead;
53
54 RegRead = MmioRead8 ((UINTN)Reg);
55 if (RegRead == 0xFF) {
56 //
57 // No TPM chip
58 //
59 return FALSE;
60 }
61 return TRUE;
62 }
63
64 /**
65 Check whether the value of a TPM chip register satisfies the input BIT setting.
66
67 @param[in] Register Address port of register to be checked.
68 @param[in] BitSet Check these data bits are set.
69 @param[in] BitClear Check these data bits are clear.
70 @param[in] TimeOut The max wait time (unit MicroSecond) when checking register.
71
72 @retval EFI_SUCCESS The register satisfies the check bit.
73 @retval EFI_TIMEOUT The register can't run into the expected status in time.
74 **/
75 EFI_STATUS
76 PtpCrbWaitRegisterBits (
77 IN UINT32 *Register,
78 IN UINT32 BitSet,
79 IN UINT32 BitClear,
80 IN UINT32 TimeOut
81 )
82 {
83 UINT32 RegRead;
84 UINT32 WaitTime;
85
86 for (WaitTime = 0; WaitTime < TimeOut; WaitTime += 30){
87 RegRead = MmioRead32 ((UINTN)Register);
88 if ((RegRead & BitSet) == BitSet && (RegRead & BitClear) == 0) {
89 return EFI_SUCCESS;
90 }
91 MicroSecondDelay (30);
92 }
93 return EFI_TIMEOUT;
94 }
95
96 /**
97 Get the control of TPM chip.
98
99 @param[in] CrbReg Pointer to CRB register.
100
101 @retval EFI_SUCCESS Get the control of TPM chip.
102 @retval EFI_INVALID_PARAMETER CrbReg is NULL.
103 @retval EFI_NOT_FOUND TPM chip doesn't exit.
104 @retval EFI_TIMEOUT Can't get the TPM control in time.
105 **/
106 EFI_STATUS
107 PtpCrbRequestUseTpm (
108 IN PTP_CRB_REGISTERS_PTR CrbReg
109 )
110 {
111 EFI_STATUS Status;
112
113 if (!Tpm2IsPtpPresence (CrbReg)) {
114 return EFI_NOT_FOUND;
115 }
116
117 MmioWrite32((UINTN)&CrbReg->LocalityControl, PTP_CRB_LOCALITY_CONTROL_REQUEST_ACCESS);
118 Status = PtpCrbWaitRegisterBits (
119 &CrbReg->LocalityStatus,
120 PTP_CRB_LOCALITY_STATUS_GRANTED,
121 0,
122 PTP_TIMEOUT_A
123 );
124 return Status;
125 }
126
127 /**
128 Send a command to TPM for execution and return response data.
129
130 @param[in] CrbReg TPM register space base address.
131 @param[in] BufferIn Buffer for command data.
132 @param[in] SizeIn Size of command data.
133 @param[in, out] BufferOut Buffer for response data.
134 @param[in, out] SizeOut Size of response data.
135
136 @retval EFI_SUCCESS Operation completed successfully.
137 @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
138 @retval EFI_DEVICE_ERROR Unexpected device behavior.
139 @retval EFI_UNSUPPORTED Unsupported TPM version
140
141 **/
142 EFI_STATUS
143 PtpCrbTpmCommand (
144 IN PTP_CRB_REGISTERS_PTR CrbReg,
145 IN UINT8 *BufferIn,
146 IN UINT32 SizeIn,
147 IN OUT UINT8 *BufferOut,
148 IN OUT UINT32 *SizeOut
149 )
150 {
151 EFI_STATUS Status;
152 UINT32 Index;
153 UINT32 TpmOutSize;
154 UINT16 Data16;
155 UINT32 Data32;
156
157 DEBUG_CODE (
158 UINTN DebugSize;
159
160 DEBUG ((EFI_D_VERBOSE, "PtpCrbTpmCommand Send - "));
161 if (SizeIn > 0x100) {
162 DebugSize = 0x40;
163 } else {
164 DebugSize = SizeIn;
165 }
166 for (Index = 0; Index < DebugSize; Index++) {
167 DEBUG ((EFI_D_VERBOSE, "%02x ", BufferIn[Index]));
168 }
169 if (DebugSize != SizeIn) {
170 DEBUG ((EFI_D_VERBOSE, "...... "));
171 for (Index = SizeIn - 0x20; Index < SizeIn; Index++) {
172 DEBUG ((EFI_D_VERBOSE, "%02x ", BufferIn[Index]));
173 }
174 }
175 DEBUG ((EFI_D_VERBOSE, "\n"));
176 );
177 TpmOutSize = 0;
178
179 //
180 // STEP 0:
181 // Ready is any time the TPM is ready to receive a command, following a write
182 // of 1 by software to Request.cmdReady, as indicated by the Status field
183 // being cleared to 0.
184 //
185 MmioWrite32((UINTN)&CrbReg->CrbControlRequest, PTP_CRB_CONTROL_AREA_REQUEST_COMMAND_READY);
186 Status = PtpCrbWaitRegisterBits (
187 &CrbReg->CrbControlRequest,
188 0,
189 PTP_CRB_CONTROL_AREA_REQUEST_COMMAND_READY,
190 PTP_TIMEOUT_C
191 );
192 if (EFI_ERROR (Status)) {
193 Status = EFI_DEVICE_ERROR;
194 goto Exit;
195 }
196 Status = PtpCrbWaitRegisterBits (
197 &CrbReg->CrbControlStatus,
198 0,
199 PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE,
200 PTP_TIMEOUT_C
201 );
202 if (EFI_ERROR (Status)) {
203 Status = EFI_DEVICE_ERROR;
204 goto Exit;
205 }
206
207 //
208 // STEP 1:
209 // Command Reception occurs following a Ready state between the write of the
210 // first byte of a command to the Command Buffer and the receipt of a write
211 // of 1 to Start.
212 //
213 for (Index = 0; Index < SizeIn; Index++) {
214 MmioWrite8 ((UINTN)&CrbReg->CrbDataBuffer[Index], BufferIn[Index]);
215 }
216 MmioWrite32 ((UINTN)&CrbReg->CrbControlCommandAddressHigh, (UINT32)RShiftU64 ((UINTN)CrbReg->CrbDataBuffer, 32));
217 MmioWrite32 ((UINTN)&CrbReg->CrbControlCommandAddressLow, (UINT32)(UINTN)CrbReg->CrbDataBuffer);
218 MmioWrite32 ((UINTN)&CrbReg->CrbControlCommandSize, sizeof(CrbReg->CrbDataBuffer));
219
220 MmioWrite64 ((UINTN)&CrbReg->CrbControlResponseAddrss, (UINT32)(UINTN)CrbReg->CrbDataBuffer);
221 MmioWrite32 ((UINTN)&CrbReg->CrbControlResponseSize, sizeof(CrbReg->CrbDataBuffer));
222
223 //
224 // STEP 2:
225 // Command Execution occurs after receipt of a 1 to Start and the TPM
226 // clearing Start to 0.
227 //
228 MmioWrite32((UINTN)&CrbReg->CrbControlStart, PTP_CRB_CONTROL_START);
229 Status = PtpCrbWaitRegisterBits (
230 &CrbReg->CrbControlStart,
231 0,
232 PTP_CRB_CONTROL_START,
233 PTP_TIMEOUT_MAX
234 );
235 if (EFI_ERROR (Status)) {
236 //
237 // Command Completion check timeout. Cancel the currently executing command by writing TPM_CRB_CTRL_CANCEL,
238 // Expect TPM_RC_CANCELLED or successfully completed response.
239 //
240 MmioWrite32((UINTN)&CrbReg->CrbControlCancel, PTP_CRB_CONTROL_CANCEL);
241 Status = PtpCrbWaitRegisterBits (
242 &CrbReg->CrbControlStart,
243 0,
244 PTP_CRB_CONTROL_START,
245 PTP_TIMEOUT_B
246 );
247 MmioWrite32((UINTN)&CrbReg->CrbControlCancel, 0);
248
249 if (EFI_ERROR(Status)) {
250 //
251 // Still in Command Execution state. Try to goIdle, the behavior is agnostic.
252 //
253 Status = EFI_DEVICE_ERROR;
254 goto Exit;
255 }
256 }
257
258 //
259 // STEP 3:
260 // Command Completion occurs after completion of a command (indicated by the
261 // TPM clearing TPM_CRB_CTRL_Start_x to 0) and before a write of a 1 by the
262 // software to Request.goIdle.
263 //
264
265 //
266 // Get response data header
267 //
268 for (Index = 0; Index < sizeof (TPM2_RESPONSE_HEADER); Index++) {
269 BufferOut[Index] = MmioRead8 ((UINTN)&CrbReg->CrbDataBuffer[Index]);
270 }
271 DEBUG_CODE (
272 DEBUG ((EFI_D_VERBOSE, "PtpCrbTpmCommand ReceiveHeader - "));
273 for (Index = 0; Index < sizeof (TPM2_RESPONSE_HEADER); Index++) {
274 DEBUG ((EFI_D_VERBOSE, "%02x ", BufferOut[Index]));
275 }
276 DEBUG ((EFI_D_VERBOSE, "\n"));
277 );
278 //
279 // Check the reponse data header (tag, parasize and returncode)
280 //
281 CopyMem (&Data16, BufferOut, sizeof (UINT16));
282 // TPM2 should not use this RSP_COMMAND
283 if (SwapBytes16 (Data16) == TPM_ST_RSP_COMMAND) {
284 DEBUG ((EFI_D_ERROR, "TPM2: TPM_ST_RSP error - %x\n", TPM_ST_RSP_COMMAND));
285 Status = EFI_UNSUPPORTED;
286 goto Exit;
287 }
288
289 CopyMem (&Data32, (BufferOut + 2), sizeof (UINT32));
290 TpmOutSize = SwapBytes32 (Data32);
291 if (*SizeOut < TpmOutSize) {
292 Status = EFI_BUFFER_TOO_SMALL;
293 goto Exit;
294 }
295 *SizeOut = TpmOutSize;
296 //
297 // Continue reading the remaining data
298 //
299 for (Index = sizeof (TPM2_RESPONSE_HEADER); Index < TpmOutSize; Index++) {
300 BufferOut[Index] = MmioRead8 ((UINTN)&CrbReg->CrbDataBuffer[Index]);
301 }
302 Exit:
303 DEBUG_CODE (
304 DEBUG ((EFI_D_VERBOSE, "PtpCrbTpmCommand Receive - "));
305 for (Index = 0; Index < TpmOutSize; Index++) {
306 DEBUG ((EFI_D_VERBOSE, "%02x ", BufferOut[Index]));
307 }
308 DEBUG ((EFI_D_VERBOSE, "\n"));
309 );
310
311 //
312 // STEP 4:
313 // Idle is any time TPM_CRB_CTRL_STS_x.Status.goIdle is 1.
314 //
315 MmioWrite32((UINTN)&CrbReg->CrbControlRequest, PTP_CRB_CONTROL_AREA_REQUEST_GO_IDLE);
316 return Status;
317 }
318
319 /**
320 Send a command to TPM for execution and return response data.
321
322 @param[in] TisReg TPM register space base address.
323 @param[in] BufferIn Buffer for command data.
324 @param[in] SizeIn Size of command data.
325 @param[in, out] BufferOut Buffer for response data.
326 @param[in, out] SizeOut Size of response data.
327
328 @retval EFI_SUCCESS Operation completed successfully.
329 @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
330 @retval EFI_DEVICE_ERROR Unexpected device behavior.
331 @retval EFI_UNSUPPORTED Unsupported TPM version
332
333 **/
334 EFI_STATUS
335 Tpm2TisTpmCommand (
336 IN TIS_PC_REGISTERS_PTR TisReg,
337 IN UINT8 *BufferIn,
338 IN UINT32 SizeIn,
339 IN OUT UINT8 *BufferOut,
340 IN OUT UINT32 *SizeOut
341 );
342
343 /**
344 Get the control of TPM chip by sending requestUse command TIS_PC_ACC_RQUUSE
345 to ACCESS Register in the time of default TIS_TIMEOUT_A.
346
347 @param[in] TisReg Pointer to TIS register.
348
349 @retval EFI_SUCCESS Get the control of TPM chip.
350 @retval EFI_INVALID_PARAMETER TisReg is NULL.
351 @retval EFI_NOT_FOUND TPM chip doesn't exit.
352 @retval EFI_TIMEOUT Can't get the TPM control in time.
353 **/
354 EFI_STATUS
355 TisPcRequestUseTpm (
356 IN TIS_PC_REGISTERS_PTR TisReg
357 );
358
359 /**
360 Return PTP interface type.
361
362 @param[in] Register Pointer to PTP register.
363
364 @return PTP interface type.
365 **/
366 TPM2_PTP_INTERFACE_TYPE
367 Tpm2GetPtpInterface (
368 IN VOID *Register
369 )
370 {
371 PTP_CRB_INTERFACE_IDENTIFIER InterfaceId;
372 PTP_FIFO_INTERFACE_CAPABILITY InterfaceCapability;
373
374 if (!Tpm2IsPtpPresence (Register)) {
375 return Tpm2PtpInterfaceMax;
376 }
377 //
378 // Check interface id
379 //
380 InterfaceId.Uint32 = MmioRead32 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->InterfaceId);
381 InterfaceCapability.Uint32 = MmioRead32 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->InterfaceCapability);
382
383 if ((InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_CRB) &&
384 (InterfaceId.Bits.InterfaceVersion == PTP_INTERFACE_IDENTIFIER_INTERFACE_VERSION_CRB) &&
385 (InterfaceId.Bits.CapCRB != 0)) {
386 return Tpm2PtpInterfaceCrb;
387 }
388 if ((InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_FIFO) &&
389 (InterfaceId.Bits.InterfaceVersion == PTP_INTERFACE_IDENTIFIER_INTERFACE_VERSION_FIFO) &&
390 (InterfaceId.Bits.CapFIFO != 0) &&
391 (InterfaceCapability.Bits.InterfaceVersion == INTERFACE_CAPABILITY_INTERFACE_VERSION_PTP)) {
392 return Tpm2PtpInterfaceFifo;
393 }
394 return Tpm2PtpInterfaceTis;
395 }
396
397 /**
398 Dump PTP register information.
399
400 @param[in] Register Pointer to PTP register.
401 **/
402 VOID
403 DumpPtpInfo (
404 IN VOID *Register
405 )
406 {
407 PTP_CRB_INTERFACE_IDENTIFIER InterfaceId;
408 PTP_FIFO_INTERFACE_CAPABILITY InterfaceCapability;
409 UINT8 StatusEx;
410 UINT16 Vid;
411 UINT16 Did;
412 UINT8 Rid;
413 TPM2_PTP_INTERFACE_TYPE PtpInterface;
414
415 if (!Tpm2IsPtpPresence (Register)) {
416 return ;
417 }
418
419 InterfaceId.Uint32 = MmioRead32 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->InterfaceId);
420 InterfaceCapability.Uint32 = MmioRead32 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->InterfaceCapability);
421 StatusEx = MmioRead8 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->StatusEx);
422
423 //
424 // Dump InterfaceId Register for PTP
425 //
426 DEBUG ((EFI_D_INFO, "InterfaceId - 0x%08x\n", InterfaceId.Uint32));
427 DEBUG ((EFI_D_INFO, " InterfaceType - 0x%02x\n", InterfaceId.Bits.InterfaceType));
428 if (InterfaceId.Bits.InterfaceType != PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_TIS) {
429 DEBUG ((EFI_D_INFO, " InterfaceVersion - 0x%02x\n", InterfaceId.Bits.InterfaceVersion));
430 DEBUG ((EFI_D_INFO, " CapFIFO - 0x%x\n", InterfaceId.Bits.CapFIFO));
431 DEBUG ((EFI_D_INFO, " CapCRB - 0x%x\n", InterfaceId.Bits.CapCRB));
432 }
433
434 //
435 // Dump Capability Register for TIS and FIFO
436 //
437 DEBUG ((EFI_D_INFO, "InterfaceCapability - 0x%08x\n", InterfaceCapability.Uint32));
438 if ((InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_TIS) ||
439 (InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_FIFO)) {
440 DEBUG ((EFI_D_INFO, " InterfaceVersion - 0x%x\n", InterfaceCapability.Bits.InterfaceVersion));
441 }
442
443 //
444 // Dump StatusEx Register for PTP FIFO
445 //
446 DEBUG ((EFI_D_INFO, "StatusEx - 0x%02x\n", StatusEx));
447 if (InterfaceCapability.Bits.InterfaceVersion == INTERFACE_CAPABILITY_INTERFACE_VERSION_PTP) {
448 DEBUG ((EFI_D_INFO, " TpmFamily - 0x%x\n", (StatusEx & PTP_FIFO_STS_EX_TPM_FAMILY) >> PTP_FIFO_STS_EX_TPM_FAMILY_OFFSET));
449 }
450
451 Vid = 0xFFFF;
452 Did = 0xFFFF;
453 Rid = 0xFF;
454 PtpInterface = PcdGet8(PcdActiveTpmInterfaceType);
455 DEBUG ((EFI_D_INFO, "PtpInterface - %x\n", PtpInterface));
456 switch (PtpInterface) {
457 case Tpm2PtpInterfaceCrb:
458 Vid = MmioRead16 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->Vid);
459 Did = MmioRead16 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->Did);
460 Rid = (UINT8)InterfaceId.Bits.Rid;
461 break;
462 case Tpm2PtpInterfaceFifo:
463 case Tpm2PtpInterfaceTis:
464 Vid = MmioRead16 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->Vid);
465 Did = MmioRead16 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->Did);
466 Rid = MmioRead8 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->Rid);
467 break;
468 default:
469 break;
470 }
471 DEBUG ((EFI_D_INFO, "VID - 0x%04x\n", Vid));
472 DEBUG ((EFI_D_INFO, "DID - 0x%04x\n", Did));
473 DEBUG ((EFI_D_INFO, "RID - 0x%02x\n", Rid));
474 }
475
476 /**
477 This service enables the sending of commands to the TPM2.
478
479 @param[in] InputParameterBlockSize Size of the TPM2 input parameter block.
480 @param[in] InputParameterBlock Pointer to the TPM2 input parameter block.
481 @param[in,out] OutputParameterBlockSize Size of the TPM2 output parameter block.
482 @param[in] OutputParameterBlock Pointer to the TPM2 output parameter block.
483
484 @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
485 @retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
486 @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
487 **/
488 EFI_STATUS
489 EFIAPI
490 DTpm2SubmitCommand (
491 IN UINT32 InputParameterBlockSize,
492 IN UINT8 *InputParameterBlock,
493 IN OUT UINT32 *OutputParameterBlockSize,
494 IN UINT8 *OutputParameterBlock
495 )
496 {
497 TPM2_PTP_INTERFACE_TYPE PtpInterface;
498
499 PtpInterface = PcdGet8(PcdActiveTpmInterfaceType);
500 switch (PtpInterface) {
501 case Tpm2PtpInterfaceCrb:
502 return PtpCrbTpmCommand (
503 (PTP_CRB_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress),
504 InputParameterBlock,
505 InputParameterBlockSize,
506 OutputParameterBlock,
507 OutputParameterBlockSize
508 );
509 case Tpm2PtpInterfaceFifo:
510 case Tpm2PtpInterfaceTis:
511 return Tpm2TisTpmCommand (
512 (TIS_PC_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress),
513 InputParameterBlock,
514 InputParameterBlockSize,
515 OutputParameterBlock,
516 OutputParameterBlockSize
517 );
518 default:
519 return EFI_NOT_FOUND;
520 }
521 }
522
523 /**
524 This service requests use TPM2.
525
526 @retval EFI_SUCCESS Get the control of TPM2 chip.
527 @retval EFI_NOT_FOUND TPM2 not found.
528 @retval EFI_DEVICE_ERROR Unexpected device behavior.
529 **/
530 EFI_STATUS
531 EFIAPI
532 DTpm2RequestUseTpm (
533 VOID
534 )
535 {
536 TPM2_PTP_INTERFACE_TYPE PtpInterface;
537
538 PtpInterface = PcdGet8(PcdActiveTpmInterfaceType);
539 switch (PtpInterface) {
540 case Tpm2PtpInterfaceCrb:
541 return PtpCrbRequestUseTpm ((PTP_CRB_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress));
542 case Tpm2PtpInterfaceFifo:
543 case Tpm2PtpInterfaceTis:
544 return TisPcRequestUseTpm ((TIS_PC_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress));
545 default:
546 return EFI_NOT_FOUND;
547 }
548 }
EFI Development Kit II mirror for PVE