[people/ms/u-boot.git] / drivers / tpm / tpm_tis_lpc.c

/*
 * Copyright (c) 2011 The Chromium OS Authors.
 *
 * See file CREDITS for list of people who contributed to this
 * project.
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as
 * published by the Free Software Foundation; either version 2 of
 * the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston,
 * MA 02111-1307 USA
 */

/*
 * The code in this file is based on the article "Writing a TPM Device Driver"
 * published on http://ptgmedia.pearsoncmg.com.
 *
 * One principal difference is that in the simplest config the other than 0
 * TPM localities do not get mapped by some devices (for instance, by Infineon
 * slb9635), so this driver provides access to locality 0 only.
 */

#include <common.h>
#include <asm/io.h>
#include <tpm.h>

#define PREFIX "lpc_tpm: "

struct tpm_locality {
	u32 access;
	u8 padding0[4];
	u32 int_enable;
	u8 vector;
	u8 padding1[3];
	u32 int_status;
	u32 int_capability;
	u32 tpm_status;
	u8 padding2[8];
	u8 data;
	u8 padding3[3803];
	u32 did_vid;
	u8 rid;
	u8 padding4[251];
};

/*
 * This pointer refers to the TPM chip, 5 of its localities are mapped as an
 * array.
 */
#define TPM_TOTAL_LOCALITIES	5
static struct tpm_locality *lpc_tpm_dev =
	(struct tpm_locality *)CONFIG_TPM_TIS_BASE_ADDRESS;

/* Some registers' bit field definitions */
#define TIS_STS_VALID                  (1 << 7) /* 0x80 */
#define TIS_STS_COMMAND_READY          (1 << 6) /* 0x40 */
#define TIS_STS_TPM_GO                 (1 << 5) /* 0x20 */
#define TIS_STS_DATA_AVAILABLE         (1 << 4) /* 0x10 */
#define TIS_STS_EXPECT                 (1 << 3) /* 0x08 */
#define TIS_STS_RESPONSE_RETRY         (1 << 1) /* 0x02 */

#define TIS_ACCESS_TPM_REG_VALID_STS   (1 << 7) /* 0x80 */
#define TIS_ACCESS_ACTIVE_LOCALITY     (1 << 5) /* 0x20 */
#define TIS_ACCESS_BEEN_SEIZED         (1 << 4) /* 0x10 */
#define TIS_ACCESS_SEIZE               (1 << 3) /* 0x08 */
#define TIS_ACCESS_PENDING_REQUEST     (1 << 2) /* 0x04 */
#define TIS_ACCESS_REQUEST_USE         (1 << 1) /* 0x02 */
#define TIS_ACCESS_TPM_ESTABLISHMENT   (1 << 0) /* 0x01 */

#define TIS_STS_BURST_COUNT_MASK       (0xffff)
#define TIS_STS_BURST_COUNT_SHIFT      (8)

/*
 * Error value returned if a tpm register does not enter the expected state
 * after continuous polling. No actual TPM register reading ever returns -1,
 * so this value is a safe error indication to be mixed with possible status
 * register values.
 */
#define TPM_TIMEOUT_ERR			(-1)

/* Error value returned on various TPM driver errors. */
#define TPM_DRIVER_ERR		(1)

 /* 1 second is plenty for anything TPM does. */
#define MAX_DELAY_US	(1000 * 1000)

/* Retrieve burst count value out of the status register contents. */
static u16 burst_count(u32 status)
{
	return (status >> TIS_STS_BURST_COUNT_SHIFT) & TIS_STS_BURST_COUNT_MASK;
}

/*
 * Structures defined below allow creating descriptions of TPM vendor/device
 * ID information for run time discovery. The only device the system knows
 * about at this time is Infineon slb9635.
 */
struct device_name {
	u16 dev_id;
	const char * const dev_name;
};

struct vendor_name {
	u16 vendor_id;
	const char *vendor_name;
	const struct device_name *dev_names;
};

static const struct device_name infineon_devices[] = {
	{0xb, "SLB9635 TT 1.2"},
	{0}
};

static const struct vendor_name vendor_names[] = {
	{0x15d1, "Infineon", infineon_devices},
};

/*
 * Cached vendor/device ID pair to indicate that the device has been already
 * discovered.
 */
static u32 vendor_dev_id;

/* TPM access wrappers to support tracing */
static u8 tpm_read_byte(const u8 *ptr)
{
	u8  ret = readb(ptr);
	debug(PREFIX "Read reg 0x%4.4x returns 0x%2.2x\n",
	      (u32)(uintptr_t)ptr - (u32)(uintptr_t)lpc_tpm_dev, ret);
	return ret;
}

static u32 tpm_read_word(const u32 *ptr)
{
	u32  ret = readl(ptr);
	debug(PREFIX "Read reg 0x%4.4x returns 0x%8.8x\n",
	      (u32)(uintptr_t)ptr - (u32)(uintptr_t)lpc_tpm_dev, ret);
	return ret;
}

static void tpm_write_byte(u8 value, u8 *ptr)
{
	debug(PREFIX "Write reg 0x%4.4x with 0x%2.2x\n",
	      (u32)(uintptr_t)ptr - (u32)(uintptr_t)lpc_tpm_dev, value);
	writeb(value, ptr);
}

static void tpm_write_word(u32 value, u32 *ptr)
{
	debug(PREFIX "Write reg 0x%4.4x with 0x%8.8x\n",
	      (u32)(uintptr_t)ptr - (u32)(uintptr_t)lpc_tpm_dev, value);
	writel(value, ptr);
}

/*
 * tis_wait_reg()
 *
 * Wait for at least a second for a register to change its state to match the
 * expected state. Normally the transition happens within microseconds.
 *
 * @reg - pointer to the TPM register
 * @mask - bitmask for the bitfield(s) to watch
 * @expected - value the field(s) are supposed to be set to
 *
 * Returns the register contents in case the expected value was found in the
 * appropriate register bits, or TPM_TIMEOUT_ERR on timeout.
 */
static u32 tis_wait_reg(u32 *reg, u8 mask, u8 expected)
{
	u32 time_us = MAX_DELAY_US;

	while (time_us > 0) {
		u32 value = tpm_read_word(reg);
		if ((value & mask) == expected)
			return value;
		udelay(1); /* 1 us */
		time_us--;
	}
	return TPM_TIMEOUT_ERR;
}

/*
 * Probe the TPM device and try determining its manufacturer/device name.
 *
 * Returns 0 on success (the device is found or was found during an earlier
 * invocation) or TPM_DRIVER_ERR if the device is not found.
 */
int tis_init(void)
{
	u32 didvid = tpm_read_word(&lpc_tpm_dev[0].did_vid);
	int i;
	const char *device_name = "unknown";
	const char *vendor_name = device_name;
	u16 vid, did;

	if (vendor_dev_id)
		return 0;  /* Already probed. */

	if (!didvid || (didvid == 0xffffffff)) {
		printf("%s: No TPM device found\n", __func__);
		return TPM_DRIVER_ERR;
	}

	vendor_dev_id = didvid;

	vid = didvid & 0xffff;
	did = (didvid >> 16) & 0xffff;
	for (i = 0; i < ARRAY_SIZE(vendor_names); i++) {
		int j = 0;
		u16 known_did;

		if (vid == vendor_names[i].vendor_id)
			vendor_name = vendor_names[i].vendor_name;

		while ((known_did = vendor_names[i].dev_names[j].dev_id) != 0) {
			if (known_did == did) {
				device_name =
					vendor_names[i].dev_names[j].dev_name;
				break;
			}
			j++;
		}
		break;
	}

	printf("Found TPM %s by %s\n", device_name, vendor_name);
	return 0;
}

/*
 * tis_senddata()
 *
 * send the passed in data to the TPM device.
 *
 * @data - address of the data to send, byte by byte
 * @len - length of the data to send
 *
 * Returns 0 on success, TPM_DRIVER_ERR on error (in case the device does
 * not accept the entire command).
 */
static u32 tis_senddata(const u8 * const data, u32 len)
{
	u32 offset = 0;
	u16 burst = 0;
	u32 max_cycles = 0;
	u8 locality = 0;
	u32 value;

	value = tis_wait_reg(&lpc_tpm_dev[locality].tpm_status,
			     TIS_STS_COMMAND_READY, TIS_STS_COMMAND_READY);
	if (value == TPM_TIMEOUT_ERR) {
		printf("%s:%d - failed to get 'command_ready' status\n",
		       __FILE__, __LINE__);
		return TPM_DRIVER_ERR;
	}
	burst = burst_count(value);

	while (1) {
		unsigned count;

		/* Wait till the device is ready to accept more data. */
		while (!burst) {
			if (max_cycles++ == MAX_DELAY_US) {
				printf("%s:%d failed to feed %d bytes of %d\n",
				       __FILE__, __LINE__, len - offset, len);
				return TPM_DRIVER_ERR;
			}
			udelay(1);
			burst = burst_count(tpm_read_word(&lpc_tpm_dev
						     [locality].tpm_status));
		}

		max_cycles = 0;

		/*
		 * Calculate number of bytes the TPM is ready to accept in one
		 * shot.
		 *
		 * We want to send the last byte outside of the loop (hence
		 * the -1 below) to make sure that the 'expected' status bit
		 * changes to zero exactly after the last byte is fed into the
		 * FIFO.
		 */
		count = min(burst, len - offset - 1);
		while (count--)
			tpm_write_byte(data[offset++],
				  &lpc_tpm_dev[locality].data);

		value = tis_wait_reg(&lpc_tpm_dev[locality].tpm_status,
				     TIS_STS_VALID, TIS_STS_VALID);

		if ((value == TPM_TIMEOUT_ERR) || !(value & TIS_STS_EXPECT)) {
			printf("%s:%d TPM command feed overflow\n",
			       __FILE__, __LINE__);
			return TPM_DRIVER_ERR;
		}

		burst = burst_count(value);
		if ((offset == (len - 1)) && burst) {
			/*
			 * We need to be able to send the last byte to the
			 * device, so burst size must be nonzero before we
			 * break out.
			 */
			break;
		}
	}

	/* Send the last byte. */
	tpm_write_byte(data[offset++], &lpc_tpm_dev[locality].data);
	/*
	 * Verify that TPM does not expect any more data as part of this
	 * command.
	 */
	value = tis_wait_reg(&lpc_tpm_dev[locality].tpm_status,
			     TIS_STS_VALID, TIS_STS_VALID);
	if ((value == TPM_TIMEOUT_ERR) || (value & TIS_STS_EXPECT)) {
		printf("%s:%d unexpected TPM status 0x%x\n",
		       __FILE__, __LINE__, value);
		return TPM_DRIVER_ERR;
	}

	/* OK, sitting pretty, let's start the command execution. */
	tpm_write_word(TIS_STS_TPM_GO, &lpc_tpm_dev[locality].tpm_status);
	return 0;
}

/*
 * tis_readresponse()
 *
 * read the TPM device response after a command was issued.
 *
 * @buffer - address where to read the response, byte by byte.
 * @len - pointer to the size of buffer
 *
 * On success stores the number of received bytes to len and returns 0. On
 * errors (misformatted TPM data or synchronization problems) returns
 * TPM_DRIVER_ERR.
 */
static u32 tis_readresponse(u8 *buffer, u32 *len)
{
	u16 burst;
	u32 value;
	u32 offset = 0;
	u8 locality = 0;
	const u32 has_data = TIS_STS_DATA_AVAILABLE | TIS_STS_VALID;
	u32 expected_count = *len;
	int max_cycles = 0;

	/* Wait for the TPM to process the command. */
	value = tis_wait_reg(&lpc_tpm_dev[locality].tpm_status,
			      has_data, has_data);
	if (value == TPM_TIMEOUT_ERR) {
		printf("%s:%d failed processing command\n",
		       __FILE__, __LINE__);
		return TPM_DRIVER_ERR;
	}

	do {
		while ((burst = burst_count(value)) == 0) {
			if (max_cycles++ == MAX_DELAY_US) {
				printf("%s:%d TPM stuck on read\n",
				       __FILE__, __LINE__);
				return TPM_DRIVER_ERR;
			}
			udelay(1);
			value = tpm_read_word(&lpc_tpm_dev
					      [locality].tpm_status);
		}

		max_cycles = 0;

		while (burst-- && (offset < expected_count)) {
			buffer[offset++] = tpm_read_byte(&lpc_tpm_dev
							 [locality].data);

			if (offset == 6) {
				/*
				 * We got the first six bytes of the reply,
				 * let's figure out how many bytes to expect
				 * total - it is stored as a 4 byte number in
				 * network order, starting with offset 2 into
				 * the body of the reply.
				 */
				u32 real_length;
				memcpy(&real_length,
				       buffer + 2,
				       sizeof(real_length));
				expected_count = be32_to_cpu(real_length);

				if ((expected_count < offset) ||
				    (expected_count > *len)) {
					printf("%s:%d bad response size %d\n",
					       __FILE__, __LINE__,
					       expected_count);
					return TPM_DRIVER_ERR;
				}
			}
		}

		/* Wait for the next portion. */
		value = tis_wait_reg(&lpc_tpm_dev[locality].tpm_status,
				     TIS_STS_VALID, TIS_STS_VALID);
		if (value == TPM_TIMEOUT_ERR) {
			printf("%s:%d failed to read response\n",
			       __FILE__, __LINE__);
			return TPM_DRIVER_ERR;
		}

		if (offset == expected_count)
			break;	/* We got all we needed. */

	} while ((value & has_data) == has_data);

	/*
	 * Make sure we indeed read all there was. The TIS_STS_VALID bit is
	 * known to be set.
	 */
	if (value & TIS_STS_DATA_AVAILABLE) {
		printf("%s:%d wrong receive status %x\n",
		       __FILE__, __LINE__, value);
		return TPM_DRIVER_ERR;
	}

	/* Tell the TPM that we are done. */
	tpm_write_word(TIS_STS_COMMAND_READY, &lpc_tpm_dev
		  [locality].tpm_status);
	*len = offset;
	return 0;
}

int tis_open(void)
{
	u8 locality = 0; /* we use locality zero for everything. */

	if (tis_close())
		return TPM_DRIVER_ERR;

	/* now request access to locality. */
	tpm_write_word(TIS_ACCESS_REQUEST_USE, &lpc_tpm_dev[locality].access);

	/* did we get a lock? */
	if (tis_wait_reg(&lpc_tpm_dev[locality].access,
			 TIS_ACCESS_ACTIVE_LOCALITY,
			 TIS_ACCESS_ACTIVE_LOCALITY) == TPM_TIMEOUT_ERR) {
		printf("%s:%d - failed to lock locality %d\n",
		       __FILE__, __LINE__, locality);
		return TPM_DRIVER_ERR;
	}

	tpm_write_word(TIS_STS_COMMAND_READY,
		       &lpc_tpm_dev[locality].tpm_status);
	return 0;
}

int tis_close(void)
{
	u8 locality = 0;

	if (tpm_read_word(&lpc_tpm_dev[locality].access) &
	    TIS_ACCESS_ACTIVE_LOCALITY) {
		tpm_write_word(TIS_ACCESS_ACTIVE_LOCALITY,
			       &lpc_tpm_dev[locality].access);

		if (tis_wait_reg(&lpc_tpm_dev[locality].access,
				 TIS_ACCESS_ACTIVE_LOCALITY, 0) ==
		    TPM_TIMEOUT_ERR) {
			printf("%s:%d - failed to release locality %d\n",
			       __FILE__, __LINE__, locality);
			return TPM_DRIVER_ERR;
		}
	}
	return 0;
}

int tis_sendrecv(const u8 *sendbuf, size_t send_size,
		 u8 *recvbuf, size_t *recv_len)
{
	if (tis_senddata(sendbuf, send_size)) {
		printf("%s:%d failed sending data to TPM\n",
		       __FILE__, __LINE__);
		return TPM_DRIVER_ERR;
	}

	return tis_readresponse(recvbuf, (u32 *)recv_len);
}
Commit	Line	Data
5e124724 VB	1	/*
	2	* Copyright (c) 2011 The Chromium OS Authors.
	3	*
	4	* See file CREDITS for list of people who contributed to this
	5	* project.
	6	*
	7	* This program is free software; you can redistribute it and/or
	8	* modify it under the terms of the GNU General Public License as
	9	* published by the Free Software Foundation; either version 2 of
	10	* the License, or (at your option) any later version.
	11	*
	12	* This program is distributed in the hope that it will be useful,
	13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	15	* GNU General Public License for more details.
	16	*
	17	* You should have received a copy of the GNU General Public License
	18	* along with this program; if not, write to the Free Software
	19	* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
	20	* MA 02111-1307 USA
	21	*/
	22
	23	/*
	24	* The code in this file is based on the article "Writing a TPM Device Driver"
	25	* published on http://ptgmedia.pearsoncmg.com.
	26	*
	27	* One principal difference is that in the simplest config the other than 0
	28	* TPM localities do not get mapped by some devices (for instance, by Infineon
	29	* slb9635), so this driver provides access to locality 0 only.
	30	*/
	31
	32	#include <common.h>
	33	#include <asm/io.h>
	34	#include <tpm.h>
	35
	36	#define PREFIX "lpc_tpm: "
	37
	38	struct tpm_locality {
	39	u32 access;
	40	u8 padding0[4];
	41	u32 int_enable;
	42	u8 vector;
	43	u8 padding1[3];
	44	u32 int_status;
	45	u32 int_capability;
	46	u32 tpm_status;
	47	u8 padding2[8];
	48	u8 data;
	49	u8 padding3[3803];
	50	u32 did_vid;
	51	u8 rid;
	52	u8 padding4[251];
	53	};
	54
	55	/*
	56	* This pointer refers to the TPM chip, 5 of its localities are mapped as an
	57	* array.
	58	*/
	59	#define TPM_TOTAL_LOCALITIES 5
	60	static struct tpm_locality *lpc_tpm_dev =
	61	(struct tpm_locality *)CONFIG_TPM_TIS_BASE_ADDRESS;
	62
	63	/* Some registers' bit field definitions */
	64	#define TIS_STS_VALID (1 << 7) /* 0x80 */
65	#define TIS_STS_COMMAND_READY (1 << 6) /* 0x40 */
66	#define TIS_STS_TPM_GO (1 << 5) /* 0x20 */
67	#define TIS_STS_DATA_AVAILABLE (1 << 4) /* 0x10 */
68	#define TIS_STS_EXPECT (1 << 3) /* 0x08 */
69	#define TIS_STS_RESPONSE_RETRY (1 << 1) /* 0x02 */
70
71	#define TIS_ACCESS_TPM_REG_VALID_STS (1 << 7) /* 0x80 */
72	#define TIS_ACCESS_ACTIVE_LOCALITY (1 << 5) /* 0x20 */
73	#define TIS_ACCESS_BEEN_SEIZED (1 << 4) /* 0x10 */
74	#define TIS_ACCESS_SEIZE (1 << 3) /* 0x08 */
75	#define TIS_ACCESS_PENDING_REQUEST (1 << 2) /* 0x04 */
76	#define TIS_ACCESS_REQUEST_USE (1 << 1) /* 0x02 */
77	#define TIS_ACCESS_TPM_ESTABLISHMENT (1 << 0) /* 0x01 */
78
79	#define TIS_STS_BURST_COUNT_MASK (0xffff)
80	#define TIS_STS_BURST_COUNT_SHIFT (8)
81
82	/*
83	* Error value returned if a tpm register does not enter the expected state
84	* after continuous polling. No actual TPM register reading ever returns -1,
85	* so this value is a safe error indication to be mixed with possible status
86	* register values.
87	*/
88	#define TPM_TIMEOUT_ERR (-1)
89
90	/* Error value returned on various TPM driver errors. */
91	#define TPM_DRIVER_ERR (1)
92
93	/* 1 second is plenty for anything TPM does. */
94	#define MAX_DELAY_US (1000 * 1000)
95
96	/* Retrieve burst count value out of the status register contents. */
97	static u16 burst_count(u32 status)
98	{
99	return (status >> TIS_STS_BURST_COUNT_SHIFT) & TIS_STS_BURST_COUNT_MASK;
100	}
101
102	/*
103	* Structures defined below allow creating descriptions of TPM vendor/device
104	* ID information for run time discovery. The only device the system knows
105	* about at this time is Infineon slb9635.
106	*/
107	struct device_name {
108	u16 dev_id;
109	const char * const dev_name;
110	};
111
112	struct vendor_name {
113	u16 vendor_id;
114	const char *vendor_name;
115	const struct device_name *dev_names;
116	};
117
118	static const struct device_name infineon_devices[] = {
119	{0xb, "SLB9635 TT 1.2"},
120	{0}
121	};
122
123	static const struct vendor_name vendor_names[] = {
124	{0x15d1, "Infineon", infineon_devices},
125	};
126
127	/*
128	* Cached vendor/device ID pair to indicate that the device has been already
129	* discovered.
130	*/
131	static u32 vendor_dev_id;
132
133	/* TPM access wrappers to support tracing */
134	static u8 tpm_read_byte(const u8 *ptr)
135	{
136	u8 ret = readb(ptr);
137	debug(PREFIX "Read reg 0x%4.4x returns 0x%2.2x\n",
af98a70a	138	(u32)(uintptr_t)ptr - (u32)(uintptr_t)lpc_tpm_dev, ret);
5e124724 VB	139	return ret;
	140	}
	141
	142	static u32 tpm_read_word(const u32 *ptr)
	143	{
	144	u32 ret = readl(ptr);
	145	debug(PREFIX "Read reg 0x%4.4x returns 0x%8.8x\n",
af98a70a	146	(u32)(uintptr_t)ptr - (u32)(uintptr_t)lpc_tpm_dev, ret);
5e124724 VB	147	return ret;
	148	}
	149
	150	static void tpm_write_byte(u8 value, u8 *ptr)
	151	{
	152	debug(PREFIX "Write reg 0x%4.4x with 0x%2.2x\n",
af98a70a	153	(u32)(uintptr_t)ptr - (u32)(uintptr_t)lpc_tpm_dev, value);
5e124724 VB	154	writeb(value, ptr);
	155	}
	156
	157	static void tpm_write_word(u32 value, u32 *ptr)
	158	{
	159	debug(PREFIX "Write reg 0x%4.4x with 0x%8.8x\n",
af98a70a	160	(u32)(uintptr_t)ptr - (u32)(uintptr_t)lpc_tpm_dev, value);
5e124724 VB	161	writel(value, ptr);
	162	}
	163
	164	/*
	165	* tis_wait_reg()
	166	*
	167	* Wait for at least a second for a register to change its state to match the
	168	* expected state. Normally the transition happens within microseconds.
	169	*
	170	* @reg - pointer to the TPM register
	171	* @mask - bitmask for the bitfield(s) to watch
	172	* @expected - value the field(s) are supposed to be set to
	173	*
	174	* Returns the register contents in case the expected value was found in the
	175	* appropriate register bits, or TPM_TIMEOUT_ERR on timeout.
	176	*/
	177	static u32 tis_wait_reg(u32 *reg, u8 mask, u8 expected)
	178	{
	179	u32 time_us = MAX_DELAY_US;
	180
	181	while (time_us > 0) {
	182	u32 value = tpm_read_word(reg);
	183	if ((value & mask) == expected)
	184	return value;
	185	udelay(1); /* 1 us */
	186	time_us--;
	187	}
	188	return TPM_TIMEOUT_ERR;
	189	}
	190
	191	/*
	192	* Probe the TPM device and try determining its manufacturer/device name.
	193	*
	194	* Returns 0 on success (the device is found or was found during an earlier
	195	* invocation) or TPM_DRIVER_ERR if the device is not found.
	196	*/
	197	int tis_init(void)
	198	{
	199	u32 didvid = tpm_read_word(&lpc_tpm_dev[0].did_vid);
	200	int i;
	201	const char *device_name = "unknown";
	202	const char *vendor_name = device_name;
	203	u16 vid, did;
	204
	205	if (vendor_dev_id)
	206	return 0; /* Already probed. */
	207
	208	if (!didvid \|\| (didvid == 0xffffffff)) {
	209	printf("%s: No TPM device found\n", __func__);
	210	return TPM_DRIVER_ERR;
	211	}
	212
	213	vendor_dev_id = didvid;
	214
	215	vid = didvid & 0xffff;
	216	did = (didvid >> 16) & 0xffff;
	217	for (i = 0; i < ARRAY_SIZE(vendor_names); i++) {
	218	int j = 0;
	219	u16 known_did;
	220
	221	if (vid == vendor_names[i].vendor_id)
	222	vendor_name = vendor_names[i].vendor_name;
	223
	224	while ((known_did = vendor_names[i].dev_names[j].dev_id) != 0) {
225	if (known_did == did) {
226	device_name =
227	vendor_names[i].dev_names[j].dev_name;
228	break;
229	}
230	j++;
231	}
232	break;
233	}
234
235	printf("Found TPM %s by %s\n", device_name, vendor_name);
236	return 0;
237	}
238
239	/*
240	* tis_senddata()
241	*
242	* send the passed in data to the TPM device.
243	*
244	* @data - address of the data to send, byte by byte
245	* @len - length of the data to send
246	*
247	* Returns 0 on success, TPM_DRIVER_ERR on error (in case the device does
248	* not accept the entire command).
249	*/
250	static u32 tis_senddata(const u8 * const data, u32 len)
251	{
252	u32 offset = 0;
253	u16 burst = 0;
254	u32 max_cycles = 0;
255	u8 locality = 0;
256	u32 value;
257
258	value = tis_wait_reg(&lpc_tpm_dev[locality].tpm_status,
259	TIS_STS_COMMAND_READY, TIS_STS_COMMAND_READY);
260	if (value == TPM_TIMEOUT_ERR) {
261	printf("%s:%d - failed to get 'command_ready' status\n",
262	__FILE__, __LINE__);
263	return TPM_DRIVER_ERR;
264	}
265	burst = burst_count(value);
266
267	while (1) {
268	unsigned count;
269
270	/* Wait till the device is ready to accept more data. */
271	while (!burst) {
272	if (max_cycles++ == MAX_DELAY_US) {
273	printf("%s:%d failed to feed %d bytes of %d\n",
274	__FILE__, __LINE__, len - offset, len);
275	return TPM_DRIVER_ERR;
276	}
277	udelay(1);
278	burst = burst_count(tpm_read_word(&lpc_tpm_dev
279	[locality].tpm_status));
280	}
281
282	max_cycles = 0;
283
284	/*
285	* Calculate number of bytes the TPM is ready to accept in one
286	* shot.
287	*
288	* We want to send the last byte outside of the loop (hence
289	* the -1 below) to make sure that the 'expected' status bit
290	* changes to zero exactly after the last byte is fed into the
291	* FIFO.
292	*/
293	count = min(burst, len - offset - 1);
294	while (count--)
295	tpm_write_byte(data[offset++],
296	&lpc_tpm_dev[locality].data);
297
298	value = tis_wait_reg(&lpc_tpm_dev[locality].tpm_status,
299	TIS_STS_VALID, TIS_STS_VALID);
300
301	if ((value == TPM_TIMEOUT_ERR) \|\| !(value & TIS_STS_EXPECT)) {
302	printf("%s:%d TPM command feed overflow\n",
303	__FILE__, __LINE__);
304	return TPM_DRIVER_ERR;
305	}
306
307	burst = burst_count(value);
308	if ((offset == (len - 1)) && burst) {
309	/*
310	* We need to be able to send the last byte to the
311	* device, so burst size must be nonzero before we
312	* break out.
313	*/
314	break;
315	}
316	}
317
318	/* Send the last byte. */
319	tpm_write_byte(data[offset++], &lpc_tpm_dev[locality].data);
320	/*
321	* Verify that TPM does not expect any more data as part of this
322	* command.
323	*/
324	value = tis_wait_reg(&lpc_tpm_dev[locality].tpm_status,
325	TIS_STS_VALID, TIS_STS_VALID);
326	if ((value == TPM_TIMEOUT_ERR) \|\| (value & TIS_STS_EXPECT)) {
327	printf("%s:%d unexpected TPM status 0x%x\n",
328	__FILE__, __LINE__, value);
329	return TPM_DRIVER_ERR;
330	}
331
332	/* OK, sitting pretty, let's start the command execution. */
333	tpm_write_word(TIS_STS_TPM_GO, &lpc_tpm_dev[locality].tpm_status);
334	return 0;
335	}
336
337	/*
338	* tis_readresponse()
339	*
340	* read the TPM device response after a command was issued.
341	*
342	* @buffer - address where to read the response, byte by byte.
343	* @len - pointer to the size of buffer
344	*
345	* On success stores the number of received bytes to len and returns 0. On
346	* errors (misformatted TPM data or synchronization problems) returns
347	* TPM_DRIVER_ERR.
348	*/
349	static u32 tis_readresponse(u8 buffer, u32 len)
350	{
351	u16 burst;
352	u32 value;
353	u32 offset = 0;
354	u8 locality = 0;
355	const u32 has_data = TIS_STS_DATA_AVAILABLE \| TIS_STS_VALID;
356	u32 expected_count = *len;
357	int max_cycles = 0;
358
359	/* Wait for the TPM to process the command. */
360	value = tis_wait_reg(&lpc_tpm_dev[locality].tpm_status,
361	has_data, has_data);
362	if (value == TPM_TIMEOUT_ERR) {
363	printf("%s:%d failed processing command\n",
364	__FILE__, __LINE__);
365	return TPM_DRIVER_ERR;
366	}
367
368	do {
369	while ((burst = burst_count(value)) == 0) {
370	if (max_cycles++ == MAX_DELAY_US) {
371	printf("%s:%d TPM stuck on read\n",
372	__FILE__, __LINE__);
373	return TPM_DRIVER_ERR;
374	}
375	udelay(1);
376	value = tpm_read_word(&lpc_tpm_dev
377	[locality].tpm_status);
378	}
379
380	max_cycles = 0;
381
382	while (burst-- && (offset < expected_count)) {
383	buffer[offset++] = tpm_read_byte(&lpc_tpm_dev
384	[locality].data);
385
386	if (offset == 6) {
387	/*
388	* We got the first six bytes of the reply,
389	* let's figure out how many bytes to expect
390	* total - it is stored as a 4 byte number in
391	* network order, starting with offset 2 into
392	* the body of the reply.
393	*/
394	u32 real_length;
395	memcpy(&real_length,
396	buffer + 2,
397	sizeof(real_length));
398	expected_count = be32_to_cpu(real_length);
399
400	if ((expected_count < offset) \|\|
401	(expected_count > *len)) {
402	printf("%s:%d bad response size %d\n",
403	__FILE__, __LINE__,
404	expected_count);
405	return TPM_DRIVER_ERR;
406	}
407	}
408	}
409
410	/* Wait for the next portion. */
411	value = tis_wait_reg(&lpc_tpm_dev[locality].tpm_status,
412	TIS_STS_VALID, TIS_STS_VALID);
413	if (value == TPM_TIMEOUT_ERR) {
414	printf("%s:%d failed to read response\n",
415	__FILE__, __LINE__);
416	return TPM_DRIVER_ERR;
417	}
418
419	if (offset == expected_count)
420	break; /* We got all we needed. */
421
422	} while ((value & has_data) == has_data);
423
424	/*
425	* Make sure we indeed read all there was. The TIS_STS_VALID bit is
426	* known to be set.
427	*/
428	if (value & TIS_STS_DATA_AVAILABLE) {
429	printf("%s:%d wrong receive status %x\n",
430	__FILE__, __LINE__, value);
431	return TPM_DRIVER_ERR;
432	}
433
434	/* Tell the TPM that we are done. */
435	tpm_write_word(TIS_STS_COMMAND_READY, &lpc_tpm_dev
436	[locality].tpm_status);
437	*len = offset;
438	return 0;
439	}
440
441	int tis_open(void)
442	{
443	u8 locality = 0; /* we use locality zero for everything. */
444
445	if (tis_close())
446	return TPM_DRIVER_ERR;
447
448	/* now request access to locality. */
449	tpm_write_word(TIS_ACCESS_REQUEST_USE, &lpc_tpm_dev[locality].access);
450
451	/* did we get a lock? */
452	if (tis_wait_reg(&lpc_tpm_dev[locality].access,
453	TIS_ACCESS_ACTIVE_LOCALITY,
454	TIS_ACCESS_ACTIVE_LOCALITY) == TPM_TIMEOUT_ERR) {
455	printf("%s:%d - failed to lock locality %d\n",
456	__FILE__, __LINE__, locality);
457	return TPM_DRIVER_ERR;
458	}
459
460	tpm_write_word(TIS_STS_COMMAND_READY,
461	&lpc_tpm_dev[locality].tpm_status);
462	return 0;
463	}
464
465	int tis_close(void)
466	{
467	u8 locality = 0;
468
469	if (tpm_read_word(&lpc_tpm_dev[locality].access) &
470	TIS_ACCESS_ACTIVE_LOCALITY) {
471	tpm_write_word(TIS_ACCESS_ACTIVE_LOCALITY,
472	&lpc_tpm_dev[locality].access);
473
474	if (tis_wait_reg(&lpc_tpm_dev[locality].access,
475	TIS_ACCESS_ACTIVE_LOCALITY, 0) ==
476	TPM_TIMEOUT_ERR) {
477	printf("%s:%d - failed to release locality %d\n",
478	__FILE__, __LINE__, locality);
479	return TPM_DRIVER_ERR;
480	}
481	}
482	return 0;
483	}
484
485	int tis_sendrecv(const u8 *sendbuf, size_t send_size,
486	u8 recvbuf, size_t recv_len)
487	{
488	if (tis_senddata(sendbuf, send_size)) {
489	printf("%s:%d failed sending data to TPM\n",
490	__FILE__, __LINE__);
491	return TPM_DRIVER_ERR;
492	}
493
af98a70a	494	return tis_readresponse(recvbuf, (u32 *)recv_len);
5e124724	495	}