]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Tis.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
SecurityPkg Tpm2DeviceLibDTpm: Update enum type name to match the one in lib
[mirror_edk2.git] / SecurityPkg / Library / Tpm2DeviceLibDTpm / Tpm2Tis.c
1 /** @file
2 TIS (TPM Interface Specification) functions used by dTPM2.0 library.
3
4 Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
5 (C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>
6 This program and the accompanying materials
7 are licensed and made available under the terms and conditions of the BSD License
8 which accompanies this distribution. The full text of the license may be found at
9 http://opensource.org/licenses/bsd-license.php
10
11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
13
14 **/
15
16 #include <IndustryStandard/Tpm20.h>
17
18 #include <Library/BaseLib.h>
19 #include <Library/BaseMemoryLib.h>
20 #include <Library/IoLib.h>
21 #include <Library/TimerLib.h>
22 #include <Library/DebugLib.h>
23 #include <Library/Tpm2DeviceLib.h>
24 #include <Library/PcdLib.h>
25
26 #include <IndustryStandard/TpmTis.h>
27
28 #define TIS_TIMEOUT_MAX (90000 * 1000) // 90s
29
30 //
31 // Max TPM command/reponse length
32 //
33 #define TPMCMDBUFLENGTH 0x500
34
35 /**
36 Check whether TPM chip exist.
37
38 @param[in] TisReg Pointer to TIS register.
39
40 @retval TRUE TPM chip exists.
41 @retval FALSE TPM chip is not found.
42 **/
43 BOOLEAN
44 TisPcPresenceCheck (
45 IN TIS_PC_REGISTERS_PTR TisReg
46 )
47 {
48 UINT8 RegRead;
49
50 RegRead = MmioRead8 ((UINTN)&TisReg->Access);
51 return (BOOLEAN)(RegRead != (UINT8)-1);
52 }
53
54 /**
55 Check whether the value of a TPM chip register satisfies the input BIT setting.
56
57 @param[in] Register Address port of register to be checked.
58 @param[in] BitSet Check these data bits are set.
59 @param[in] BitClear Check these data bits are clear.
60 @param[in] TimeOut The max wait time (unit MicroSecond) when checking register.
61
62 @retval EFI_SUCCESS The register satisfies the check bit.
63 @retval EFI_TIMEOUT The register can't run into the expected status in time.
64 **/
65 EFI_STATUS
66 TisPcWaitRegisterBits (
67 IN UINT8 *Register,
68 IN UINT8 BitSet,
69 IN UINT8 BitClear,
70 IN UINT32 TimeOut
71 )
72 {
73 UINT8 RegRead;
74 UINT32 WaitTime;
75
76 for (WaitTime = 0; WaitTime < TimeOut; WaitTime += 30){
77 RegRead = MmioRead8 ((UINTN)Register);
78 if ((RegRead & BitSet) == BitSet && (RegRead & BitClear) == 0)
79 return EFI_SUCCESS;
80 MicroSecondDelay (30);
81 }
82 return EFI_TIMEOUT;
83 }
84
85 /**
86 Get BurstCount by reading the burstCount field of a TIS regiger
87 in the time of default TIS_TIMEOUT_D.
88
89 @param[in] TisReg Pointer to TIS register.
90 @param[out] BurstCount Pointer to a buffer to store the got BurstConut.
91
92 @retval EFI_SUCCESS Get BurstCount.
93 @retval EFI_INVALID_PARAMETER TisReg is NULL or BurstCount is NULL.
94 @retval EFI_TIMEOUT BurstCount can't be got in time.
95 **/
96 EFI_STATUS
97 TisPcReadBurstCount (
98 IN TIS_PC_REGISTERS_PTR TisReg,
99 OUT UINT16 *BurstCount
100 )
101 {
102 UINT32 WaitTime;
103 UINT8 DataByte0;
104 UINT8 DataByte1;
105
106 if (BurstCount == NULL || TisReg == NULL) {
107 return EFI_INVALID_PARAMETER;
108 }
109
110 WaitTime = 0;
111 do {
112 //
113 // TIS_PC_REGISTERS_PTR->burstCount is UINT16, but it is not 2bytes aligned,
114 // so it needs to use MmioRead8 to read two times
115 //
116 DataByte0 = MmioRead8 ((UINTN)&TisReg->BurstCount);
117 DataByte1 = MmioRead8 ((UINTN)&TisReg->BurstCount + 1);
118 *BurstCount = (UINT16)((DataByte1 << 8) + DataByte0);
119 if (*BurstCount != 0) {
120 return EFI_SUCCESS;
121 }
122 MicroSecondDelay (30);
123 WaitTime += 30;
124 } while (WaitTime < TIS_TIMEOUT_D);
125
126 return EFI_TIMEOUT;
127 }
128
129 /**
130 Set TPM chip to ready state by sending ready command TIS_PC_STS_READY
131 to Status Register in time.
132
133 @param[in] TisReg Pointer to TIS register.
134
135 @retval EFI_SUCCESS TPM chip enters into ready state.
136 @retval EFI_INVALID_PARAMETER TisReg is NULL.
137 @retval EFI_TIMEOUT TPM chip can't be set to ready state in time.
138 **/
139 EFI_STATUS
140 TisPcPrepareCommand (
141 IN TIS_PC_REGISTERS_PTR TisReg
142 )
143 {
144 EFI_STATUS Status;
145
146 if (TisReg == NULL) {
147 return EFI_INVALID_PARAMETER;
148 }
149
150 MmioWrite8((UINTN)&TisReg->Status, TIS_PC_STS_READY);
151 Status = TisPcWaitRegisterBits (
152 &TisReg->Status,
153 TIS_PC_STS_READY,
154 0,
155 TIS_TIMEOUT_B
156 );
157 return Status;
158 }
159
160 /**
161 Get the control of TPM chip by sending requestUse command TIS_PC_ACC_RQUUSE
162 to ACCESS Register in the time of default TIS_TIMEOUT_A.
163
164 @param[in] TisReg Pointer to TIS register.
165
166 @retval EFI_SUCCESS Get the control of TPM chip.
167 @retval EFI_INVALID_PARAMETER TisReg is NULL.
168 @retval EFI_NOT_FOUND TPM chip doesn't exit.
169 @retval EFI_TIMEOUT Can't get the TPM control in time.
170 **/
171 EFI_STATUS
172 TisPcRequestUseTpm (
173 IN TIS_PC_REGISTERS_PTR TisReg
174 )
175 {
176 EFI_STATUS Status;
177
178 if (TisReg == NULL) {
179 return EFI_INVALID_PARAMETER;
180 }
181
182 if (!TisPcPresenceCheck (TisReg)) {
183 return EFI_NOT_FOUND;
184 }
185
186 MmioWrite8((UINTN)&TisReg->Access, TIS_PC_ACC_RQUUSE);
187 Status = TisPcWaitRegisterBits (
188 &TisReg->Access,
189 (UINT8)(TIS_PC_ACC_ACTIVE |TIS_PC_VALID),
190 0,
191 TIS_TIMEOUT_A
192 );
193 return Status;
194 }
195
196 /**
197 Send a command to TPM for execution and return response data.
198
199 @param[in] TisReg TPM register space base address.
200 @param[in] BufferIn Buffer for command data.
201 @param[in] SizeIn Size of command data.
202 @param[in, out] BufferOut Buffer for response data.
203 @param[in, out] SizeOut Size of response data.
204
205 @retval EFI_SUCCESS Operation completed successfully.
206 @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
207 @retval EFI_DEVICE_ERROR Unexpected device behavior.
208 @retval EFI_UNSUPPORTED Unsupported TPM version
209
210 **/
211 EFI_STATUS
212 Tpm2TisTpmCommand (
213 IN TIS_PC_REGISTERS_PTR TisReg,
214 IN UINT8 *BufferIn,
215 IN UINT32 SizeIn,
216 IN OUT UINT8 *BufferOut,
217 IN OUT UINT32 *SizeOut
218 )
219 {
220 EFI_STATUS Status;
221 UINT16 BurstCount;
222 UINT32 Index;
223 UINT32 TpmOutSize;
224 UINT16 Data16;
225 UINT32 Data32;
226
227 DEBUG_CODE (
228 UINTN DebugSize;
229
230 DEBUG ((EFI_D_VERBOSE, "Tpm2TisTpmCommand Send - "));
231 if (SizeIn > 0x100) {
232 DebugSize = 0x40;
233 } else {
234 DebugSize = SizeIn;
235 }
236 for (Index = 0; Index < DebugSize; Index++) {
237 DEBUG ((EFI_D_VERBOSE, "%02x ", BufferIn[Index]));
238 }
239 if (DebugSize != SizeIn) {
240 DEBUG ((EFI_D_VERBOSE, "...... "));
241 for (Index = SizeIn - 0x20; Index < SizeIn; Index++) {
242 DEBUG ((EFI_D_VERBOSE, "%02x ", BufferIn[Index]));
243 }
244 }
245 DEBUG ((EFI_D_VERBOSE, "\n"));
246 );
247 TpmOutSize = 0;
248
249 Status = TisPcPrepareCommand (TisReg);
250 if (EFI_ERROR (Status)){
251 DEBUG ((DEBUG_ERROR, "Tpm2 is not ready for command!\n"));
252 return EFI_DEVICE_ERROR;
253 }
254 //
255 // Send the command data to Tpm
256 //
257 Index = 0;
258 while (Index < SizeIn) {
259 Status = TisPcReadBurstCount (TisReg, &BurstCount);
260 if (EFI_ERROR (Status)) {
261 Status = EFI_DEVICE_ERROR;
262 goto Exit;
263 }
264 for (; BurstCount > 0 && Index < SizeIn; BurstCount--) {
265 MmioWrite8((UINTN)&TisReg->DataFifo, *(BufferIn + Index));
266 Index++;
267 }
268 }
269 //
270 // Check the Tpm status STS_EXPECT change from 1 to 0
271 //
272 Status = TisPcWaitRegisterBits (
273 &TisReg->Status,
274 (UINT8) TIS_PC_VALID,
275 TIS_PC_STS_EXPECT,
276 TIS_TIMEOUT_C
277 );
278 if (EFI_ERROR (Status)) {
279 DEBUG ((DEBUG_ERROR, "Tpm2 The send buffer too small!\n"));
280 Status = EFI_BUFFER_TOO_SMALL;
281 goto Exit;
282 }
283 //
284 // Executed the TPM command and waiting for the response data ready
285 //
286 MmioWrite8((UINTN)&TisReg->Status, TIS_PC_STS_GO);
287
288 //
289 // NOTE: That may take many seconds to minutes for certain commands, such as key generation.
290 //
291 Status = TisPcWaitRegisterBits (
292 &TisReg->Status,
293 (UINT8) (TIS_PC_VALID | TIS_PC_STS_DATA),
294 0,
295 TIS_TIMEOUT_MAX
296 );
297 if (EFI_ERROR (Status)) {
298 //
299 // dataAvail check timeout. Cancel the currently executing command by writing commandCancel,
300 // Expect TPM_RC_CANCELLED or successfully completed response.
301 //
302 DEBUG ((DEBUG_ERROR, "Wait for Tpm2 response data time out. Trying to cancel the command!!\n"));
303
304 MmioWrite32((UINTN)&TisReg->Status, TIS_PC_STS_CANCEL);
305 Status = TisPcWaitRegisterBits (
306 &TisReg->Status,
307 (UINT8) (TIS_PC_VALID | TIS_PC_STS_DATA),
308 0,
309 TIS_TIMEOUT_B
310 );
311 //
312 // Do not clear CANCEL bit here bicoz Writes of 0 to this bit are ignored
313 //
314 if (EFI_ERROR (Status)) {
315 //
316 // Cancel executing command fail to get any response
317 // Try to abort the command with write of a 1 to commandReady in Command Execution state
318 //
319 Status = EFI_DEVICE_ERROR;
320 goto Exit;
321 }
322 }
323
324 //
325 // Get response data header
326 //
327 Index = 0;
328 BurstCount = 0;
329 while (Index < sizeof (TPM2_RESPONSE_HEADER)) {
330 Status = TisPcReadBurstCount (TisReg, &BurstCount);
331 if (EFI_ERROR (Status)) {
332 Status = EFI_DEVICE_ERROR;
333 goto Exit;
334 }
335 for (; BurstCount > 0; BurstCount--) {
336 *(BufferOut + Index) = MmioRead8 ((UINTN)&TisReg->DataFifo);
337 Index++;
338 if (Index == sizeof (TPM2_RESPONSE_HEADER)) break;
339 }
340 }
341 DEBUG_CODE (
342 DEBUG ((EFI_D_VERBOSE, "Tpm2TisTpmCommand ReceiveHeader - "));
343 for (Index = 0; Index < sizeof (TPM2_RESPONSE_HEADER); Index++) {
344 DEBUG ((EFI_D_VERBOSE, "%02x ", BufferOut[Index]));
345 }
346 DEBUG ((EFI_D_VERBOSE, "\n"));
347 );
348 //
349 // Check the reponse data header (tag,parasize and returncode )
350 //
351 CopyMem (&Data16, BufferOut, sizeof (UINT16));
352 // TPM2 should not use this RSP_COMMAND
353 if (SwapBytes16 (Data16) == TPM_ST_RSP_COMMAND) {
354 DEBUG ((EFI_D_ERROR, "TPM2: TPM_ST_RSP error - %x\n", TPM_ST_RSP_COMMAND));
355 Status = EFI_UNSUPPORTED;
356 goto Exit;
357 }
358
359 CopyMem (&Data32, (BufferOut + 2), sizeof (UINT32));
360 TpmOutSize = SwapBytes32 (Data32);
361 if (*SizeOut < TpmOutSize) {
362 Status = EFI_BUFFER_TOO_SMALL;
363 goto Exit;
364 }
365 *SizeOut = TpmOutSize;
366 //
367 // Continue reading the remaining data
368 //
369 while ( Index < TpmOutSize ) {
370 for (; BurstCount > 0; BurstCount--) {
371 *(BufferOut + Index) = MmioRead8 ((UINTN)&TisReg->DataFifo);
372 Index++;
373 if (Index == TpmOutSize) {
374 Status = EFI_SUCCESS;
375 goto Exit;
376 }
377 }
378 Status = TisPcReadBurstCount (TisReg, &BurstCount);
379 if (EFI_ERROR (Status)) {
380 Status = EFI_DEVICE_ERROR;
381 goto Exit;
382 }
383 }
384 Exit:
385 DEBUG_CODE (
386 DEBUG ((EFI_D_VERBOSE, "Tpm2TisTpmCommand Receive - "));
387 for (Index = 0; Index < TpmOutSize; Index++) {
388 DEBUG ((EFI_D_VERBOSE, "%02x ", BufferOut[Index]));
389 }
390 DEBUG ((EFI_D_VERBOSE, "\n"));
391 );
392 MmioWrite8((UINTN)&TisReg->Status, TIS_PC_STS_READY);
393 return Status;
394 }
395
396 /**
397 This service enables the sending of commands to the TPM2.
398
399 @param[in] InputParameterBlockSize Size of the TPM2 input parameter block.
400 @param[in] InputParameterBlock Pointer to the TPM2 input parameter block.
401 @param[in,out] OutputParameterBlockSize Size of the TPM2 output parameter block.
402 @param[in] OutputParameterBlock Pointer to the TPM2 output parameter block.
403
404 @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
405 @retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
406 @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
407 **/
408 EFI_STATUS
409 EFIAPI
410 DTpm2TisSubmitCommand (
411 IN UINT32 InputParameterBlockSize,
412 IN UINT8 *InputParameterBlock,
413 IN OUT UINT32 *OutputParameterBlockSize,
414 IN UINT8 *OutputParameterBlock
415 )
416 {
417 return Tpm2TisTpmCommand (
418 (TIS_PC_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress),
419 InputParameterBlock,
420 InputParameterBlockSize,
421 OutputParameterBlock,
422 OutputParameterBlockSize
423 );
424 }
425
426 /**
427 This service requests use TPM2.
428
429 @retval EFI_SUCCESS Get the control of TPM2 chip.
430 @retval EFI_NOT_FOUND TPM2 not found.
431 @retval EFI_DEVICE_ERROR Unexpected device behavior.
432 **/
433 EFI_STATUS
434 EFIAPI
435 DTpm2TisRequestUseTpm (
436 VOID
437 )
438 {
439 return TisPcRequestUseTpm ((TIS_PC_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress));
440 }
EFI Development Kit II mirror for PVE