mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge tpm 2023/04/20 v1

Browse Source 
-----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEuBi5yt+QicLVzsZrda1lgCoLQhEFAmRBLgoACgkQda1lgCoL
 QhEPyQf/WfEg8k2hDLExobsSgup1IsnT+mHHTBOZVJvq2efg2YXUTHA56fmD9X6d
 crqTq68L5oaMES5iYEZhA7EAgfk3RvxDQGrlXBByPzrc6SSwEHHMR4Zzi5zrbCoW
 t6TmaKQrlQqYwkhhsbyqnG46bj0ugCDagkBLfJdVl96fjkYgTspcDxaNwqwy/DPn
 GTmQlvdRY09D1nylIdtcLBIfsM+sIkRslyngbUEIy+Bx8EWRy2a8Qw0BdY9g1XoE
 e0CaRaFMpju1KOIjq0YSIzt0LSQDFfPc1IlUAC0ZALhNmp+PPNtr4E7+4kFfO2ym
 1sT2w25ho8dYDdm/m8tIauCdGoHw4A==
 =ML27
 -----END PGP SIGNATURE-----

Merge tag 'pull-tpm-2023-04-20-1' of https://github.com/stefanberger/qemu-tpm into staging

Merge tpm 2023/04/20 v1

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEEuBi5yt+QicLVzsZrda1lgCoLQhEFAmRBLgoACgkQda1lgCoL
# QhEPyQf/WfEg8k2hDLExobsSgup1IsnT+mHHTBOZVJvq2efg2YXUTHA56fmD9X6d
# crqTq68L5oaMES5iYEZhA7EAgfk3RvxDQGrlXBByPzrc6SSwEHHMR4Zzi5zrbCoW
# t6TmaKQrlQqYwkhhsbyqnG46bj0ugCDagkBLfJdVl96fjkYgTspcDxaNwqwy/DPn
# GTmQlvdRY09D1nylIdtcLBIfsM+sIkRslyngbUEIy+Bx8EWRy2a8Qw0BdY9g1XoE
# e0CaRaFMpju1KOIjq0YSIzt0LSQDFfPc1IlUAC0ZALhNmp+PPNtr4E7+4kFfO2ym
# 1sT2w25ho8dYDdm/m8tIauCdGoHw4A==
# =ML27
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 20 Apr 2023 01:20:26 PM BST
# gpg:                using RSA key B818B9CADF9089C2D5CEC66B75AD65802A0B4211
# gpg: Good signature from "Stefan Berger <stefanb@linux.vnet.ibm.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B818 B9CA DF90 89C2 D5CE  C66B 75AD 6580 2A0B 4211

* tag 'pull-tpm-2023-04-20-1' of https://github.com/stefanberger/qemu-tpm:
  qtest: Add a test case for TPM TIS I2C connected to Aspeed I2C controller
  qtest: Move tpm_util_tis_transmit() into tpm-tis-utils.c and rename it
  qtest: Add functions for accessing devices on Aspeed I2C controller
  tests/avocado/aspeed: Add TPM TIS I2C test
  tpm: Add support for TPM device over I2C bus
  tpm: Extend common APIs to support TPM TIS I2C
  docs: Add support for TPM devices over I2C bus

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
This commit is contained in:
Richard Henderson 2023-04-21 20:02:51 +01:00
commit 45608654aa
11 changed files with 722 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
docs/specs/tpm.rst
View File

@ -21,12 +21,16 @@ QEMU files related to TPM TIS interface:
- ``hw/tpm/tpm_tis_common.c``
- ``hw/tpm/tpm_tis_isa.c``
- ``hw/tpm/tpm_tis_sysbus.c``
- ``hw/tpm/tpm_tis_i2c.c``
- ``hw/tpm/tpm_tis.h``
Both an ISA device and a sysbus device are available. The former is
used with pc/q35 machine while the latter can be instantiated in the
Arm virt machine.
An I2C device support is also provided which can be instantiated in the Arm
based emulation machines. This device only supports the TPM 2 protocol.
CRB interface
-------------
@ -348,6 +352,23 @@ In case an Arm virt machine is emulated, use the following command line:
-drive if=pflash,format=raw,file=flash0.img,readonly=on \
-drive if=pflash,format=raw,file=flash1.img
In case a ast2600-evb bmc machine is emulated and you want to use a TPM device
attached to I2C bus, use the following command line:
.. code-block:: console
qemu-system-arm -M ast2600-evb -nographic \
-kernel arch/arm/boot/zImage \
-dtb arch/arm/boot/dts/aspeed-ast2600-evb.dtb \
-initrd rootfs.cpio \
-chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
-tpmdev emulator,id=tpm0,chardev=chrtpm \
-device tpm-tis-i2c,tpmdev=tpm0,bus=aspeed.i2c.bus.12,address=0x2e
For testing, use this command to load the driver to the correct address
echo tpm_tis_i2c 0x2e > /sys/bus/i2c/devices/i2c-12/new_device
In case SeaBIOS is used as firmware, it should show the TPM menu item
after entering the menu with 'ESC'.

1
hw/arm/Kconfig
View File

@ -6,6 +6,7 @@ config ARM_VIRT
imply VFIO_PLATFORM
imply VFIO_XGMAC
imply TPM_TIS_SYSBUS
imply TPM_TIS_I2C
imply NVDIMM
select ARM_GIC
select ACPI

7
hw/tpm/Kconfig
View File

@ -1,3 +1,10 @@
config TPM_TIS_I2C
bool
depends on TPM
select TPM_BACKEND
select I2C
select TPM_TIS
config TPM_TIS_ISA
bool
depends on TPM && ISA_BUS

1
hw/tpm/meson.build
View File

@ -1,6 +1,7 @@
softmmu_ss.add(when: 'CONFIG_TPM_TIS', if_true: files('tpm_tis_common.c'))
softmmu_ss.add(when: 'CONFIG_TPM_TIS_ISA', if_true: files('tpm_tis_isa.c'))
softmmu_ss.add(when: 'CONFIG_TPM_TIS_SYSBUS', if_true: files('tpm_tis_sysbus.c'))
softmmu_ss.add(when: 'CONFIG_TPM_TIS_I2C', if_true: files('tpm_tis_i2c.c'))
softmmu_ss.add(when: 'CONFIG_TPM_CRB', if_true: files('tpm_crb.c'))
softmmu_ss.add(when: 'CONFIG_TPM_TIS', if_true: files('tpm_ppi.c'))
softmmu_ss.add(when: 'CONFIG_TPM_CRB', if_true: files('tpm_ppi.c'))

3
hw/tpm/tpm_tis.h
View File

@ -86,5 +86,8 @@ int tpm_tis_pre_save(TPMState *s);
void tpm_tis_reset(TPMState *s);
enum TPMVersion tpm_tis_get_tpm_version(TPMState *s);
void tpm_tis_request_completed(TPMState *s, int ret);
uint32_t tpm_tis_read_data(TPMState *s, hwaddr addr, unsigned size);
void tpm_tis_write_data(TPMState *s, hwaddr addr, uint64_t val, uint32_t size);
uint16_t tpm_tis_get_checksum(TPMState *s);
#endif /* TPM_TPM_TIS_H */

36
hw/tpm/tpm_tis_common.c
View File

@ -26,6 +26,8 @@
#include "hw/irq.h"
#include "hw/isa/isa.h"
#include "qapi/error.h"
#include "qemu/bswap.h"
#include "qemu/crc-ccitt.h"
#include "qemu/module.h"
#include "hw/acpi/tpm.h"
@ -447,6 +449,23 @@ static uint64_t tpm_tis_mmio_read(void *opaque, hwaddr addr,
return val;
}
/*
* A wrapper read function so that it can be directly called without
* mmio.
*/
uint32_t tpm_tis_read_data(TPMState *s, hwaddr addr, unsigned size)
{
return tpm_tis_mmio_read(s, addr, size);
}
/*
* Calculate current data buffer checksum
*/
uint16_t tpm_tis_get_checksum(TPMState *s)
{
return bswap16(crc_ccitt(0, s->buffer, s->rw_offset));
}
/*
* Write a value to a register of the TIS interface
* See specs pages 33-63 for description of the registers
@ -588,10 +607,6 @@ static void tpm_tis_mmio_write(void *opaque, hwaddr addr,
break;
case TPM_TIS_REG_INT_ENABLE:
if (s->active_locty != locty) {
break;
}
s->loc[locty].inte &= mask;
s->loc[locty].inte |= (val & (TPM_TIS_INT_ENABLED |
TPM_TIS_INT_POLARITY_MASK |
@ -601,10 +616,6 @@ static void tpm_tis_mmio_write(void *opaque, hwaddr addr,
/* hard wired -- ignore */
break;
case TPM_TIS_REG_INT_STATUS:
if (s->active_locty != locty) {
break;
}
/* clearing of interrupt flags */
if (((val & TPM_TIS_INTERRUPTS_SUPPORTED)) &&
(s->loc[locty].ints & TPM_TIS_INTERRUPTS_SUPPORTED)) {
@ -767,6 +778,15 @@ static void tpm_tis_mmio_write(void *opaque, hwaddr addr,
}
}
/*
* A wrapper write function so that it can be directly called without
* mmio.
*/
void tpm_tis_write_data(TPMState *s, hwaddr addr, uint64_t val, uint32_t size)
{
tpm_tis_mmio_write(s, addr, val, size);
}
const MemoryRegionOps tpm_tis_memory_ops = {
.read = tpm_tis_mmio_read,
.write = tpm_tis_mmio_write,

571
hw/tpm/tpm_tis_i2c.c Normal file
View File

@ -0,0 +1,571 @@
/*
* tpm_tis_i2c.c - QEMU's TPM TIS I2C Device
*
* Copyright (c) 2023 IBM Corporation
*
* Authors:
* Ninad Palsule <ninad@linux.ibm.com>
*
* This work is licensed under the terms of the GNU GPL, version 2 or later.
* See the COPYING file in the top-level directory.
*
* TPM I2C implementation follows TCG TPM I2c Interface specification,
* Family 2.0, Level 00, Revision 1.00
*
* TPM TIS for TPM 2 implementation following TCG PC Client Platform
* TPM Profile (PTP) Specification, Familiy 2.0, Revision 00.43
*
*/
#include "qemu/osdep.h"
#include "hw/i2c/i2c.h"
#include "hw/sysbus.h"
#include "hw/acpi/tpm.h"
#include "migration/vmstate.h"
#include "tpm_prop.h"
#include "qemu/log.h"
#include "trace.h"
#include "tpm_tis.h"
/* Operations */
#define OP_SEND 1
#define OP_RECV 2
/* Is locality valid */
#define TPM_TIS_I2C_IS_VALID_LOCTY(x) TPM_TIS_IS_VALID_LOCTY(x)
typedef struct TPMStateI2C {
/*< private >*/
I2CSlave parent_obj;
uint8_t offset; /* offset into data[] */
uint8_t operation; /* OP_SEND & OP_RECV */
uint8_t data[5]; /* Data */
/* i2c registers */
uint8_t loc_sel; /* Current locality */
uint8_t csum_enable; /* Is checksum enabled */
/* Derived from the above */
const char *reg_name; /* Register name */
uint32_t tis_addr; /* Converted tis address including locty */
/*< public >*/
TPMState state; /* not a QOM object */
} TPMStateI2C;
DECLARE_INSTANCE_CHECKER(TPMStateI2C, TPM_TIS_I2C,
TYPE_TPM_TIS_I2C)
/* Prototype */
static inline void tpm_tis_i2c_to_tis_reg(TPMStateI2C *i2cst, uint8_t i2c_reg);
/* Register map */
typedef struct regMap {
uint8_t i2c_reg; /* I2C register */
uint16_t tis_reg; /* TIS register */
const char *reg_name; /* Register name */
} I2CRegMap;
/*
* The register values in the common code is different than the latest
* register numbers as per the spec hence add the conversion map
*/
static const I2CRegMap tpm_tis_reg_map[] = {
/*
* These registers are sent to TIS layer. The register with UNKNOWN
* mapping are not sent to TIS layer and handled in I2c layer.
* NOTE: Adding frequently used registers at the start
*/
{ TPM_I2C_REG_DATA_FIFO, TPM_TIS_REG_DATA_FIFO, "FIFO", },
{ TPM_I2C_REG_STS, TPM_TIS_REG_STS, "STS", },
{ TPM_I2C_REG_DATA_CSUM_GET, TPM_I2C_REG_UNKNOWN, "CSUM_GET", },
{ TPM_I2C_REG_LOC_SEL, TPM_I2C_REG_UNKNOWN, "LOC_SEL", },
{ TPM_I2C_REG_ACCESS, TPM_TIS_REG_ACCESS, "ACCESS", },
{ TPM_I2C_REG_INT_ENABLE, TPM_TIS_REG_INT_ENABLE, "INTR_ENABLE",},
{ TPM_I2C_REG_INT_CAPABILITY, TPM_I2C_REG_UNKNOWN, "INTR_CAP", },
{ TPM_I2C_REG_INTF_CAPABILITY, TPM_TIS_REG_INTF_CAPABILITY, "INTF_CAP", },
{ TPM_I2C_REG_DID_VID, TPM_TIS_REG_DID_VID, "DID_VID", },
{ TPM_I2C_REG_RID, TPM_TIS_REG_RID, "RID", },
{ TPM_I2C_REG_I2C_DEV_ADDRESS, TPM_I2C_REG_UNKNOWN, "DEV_ADDRESS",},
{ TPM_I2C_REG_DATA_CSUM_ENABLE, TPM_I2C_REG_UNKNOWN, "CSUM_ENABLE",},
};
static int tpm_tis_i2c_pre_save(void *opaque)
{
TPMStateI2C *i2cst = opaque;
return tpm_tis_pre_save(&i2cst->state);
}
static int tpm_tis_i2c_post_load(void *opaque, int version_id)
{
TPMStateI2C *i2cst = opaque;
if (i2cst->offset >= 1) {
tpm_tis_i2c_to_tis_reg(i2cst, i2cst->data[0]);
}
return 0;
}
static const VMStateDescription vmstate_tpm_tis_i2c = {
.name = "tpm-tis-i2c",
.version_id = 0,
.pre_save = tpm_tis_i2c_pre_save,
.post_load = tpm_tis_i2c_post_load,
.fields = (VMStateField[]) {
VMSTATE_BUFFER(state.buffer, TPMStateI2C),
VMSTATE_UINT16(state.rw_offset, TPMStateI2C),
VMSTATE_UINT8(state.active_locty, TPMStateI2C),
VMSTATE_UINT8(state.aborting_locty, TPMStateI2C),
VMSTATE_UINT8(state.next_locty, TPMStateI2C),
VMSTATE_STRUCT_ARRAY(state.loc, TPMStateI2C, TPM_TIS_NUM_LOCALITIES, 0,
vmstate_locty, TPMLocality),
/* i2c specifics */
VMSTATE_UINT8(offset, TPMStateI2C),
VMSTATE_UINT8(operation, TPMStateI2C),
VMSTATE_BUFFER(data, TPMStateI2C),
VMSTATE_UINT8(loc_sel, TPMStateI2C),
VMSTATE_UINT8(csum_enable, TPMStateI2C),
VMSTATE_END_OF_LIST()
}
};
/*
* Set data value. The i2cst->offset is not updated as called in
* the read path.
*/
static void tpm_tis_i2c_set_data(TPMStateI2C *i2cst, uint32_t data)
{
i2cst->data[1] = data;
i2cst->data[2] = data >> 8;
i2cst->data[3] = data >> 16;
i2cst->data[4] = data >> 24;
}
/*
* Generate interface capability based on what is returned by TIS and what is
* expected by I2C. Save the capability in the data array overwriting the TIS
* capability.
*/
static uint32_t tpm_tis_i2c_interface_capability(TPMStateI2C *i2cst,
uint32_t tis_cap)
{
uint32_t i2c_cap;
/* Now generate i2c capability */
i2c_cap = (TPM_I2C_CAP_INTERFACE_TYPE |
TPM_I2C_CAP_INTERFACE_VER |
TPM_I2C_CAP_TPM2_FAMILY |
TPM_I2C_CAP_LOCALITY_CAP |
TPM_I2C_CAP_BUS_SPEED |
TPM_I2C_CAP_DEV_ADDR_CHANGE);
/* Now check the TIS and set some capabilities */
/* Static burst count set */
if (tis_cap & TPM_TIS_CAP_BURST_COUNT_STATIC) {
i2c_cap |= TPM_I2C_CAP_BURST_COUNT_STATIC;
}
return i2c_cap;
}
/* Convert I2C register to TIS address and returns the name of the register */
static inline void tpm_tis_i2c_to_tis_reg(TPMStateI2C *i2cst, uint8_t i2c_reg)
{
const I2CRegMap *reg_map;
int i;
i2cst->tis_addr = 0xffffffff;
/* Special case for the STS register. */
if (i2c_reg >= TPM_I2C_REG_STS && i2c_reg <= TPM_I2C_REG_STS + 3) {
i2c_reg = TPM_I2C_REG_STS;
}
for (i = 0; i < ARRAY_SIZE(tpm_tis_reg_map); i++) {
reg_map = &tpm_tis_reg_map[i];
if (reg_map->i2c_reg == i2c_reg) {
i2cst->reg_name = reg_map->reg_name;
i2cst->tis_addr = reg_map->tis_reg;
/* Include the locality in the address. */
assert(TPM_TIS_I2C_IS_VALID_LOCTY(i2cst->loc_sel));
i2cst->tis_addr += (i2cst->loc_sel << TPM_TIS_LOCALITY_SHIFT);
break;
}
}
}
/* Clear some fields from the structure. */
static inline void tpm_tis_i2c_clear_data(TPMStateI2C *i2cst)
{
/* Clear operation and offset */
i2cst->operation = 0;
i2cst->offset = 0;
i2cst->tis_addr = 0xffffffff;
i2cst->reg_name = NULL;
memset(i2cst->data, 0, sizeof(i2cst->data));
return;
}
/* Send data to TPM */
static inline void tpm_tis_i2c_tpm_send(TPMStateI2C *i2cst)
{
uint32_t data;
size_t offset = 0;
uint32_t sz = 4;
if ((i2cst->operation == OP_SEND) && (i2cst->offset > 1)) {
switch (i2cst->data[0]) {
case TPM_I2C_REG_DATA_CSUM_ENABLE:
/*
* Checksum is not handled by TIS code hence we will consume the
* register here.
*/
i2cst->csum_enable = i2cst->data[1] & TPM_DATA_CSUM_ENABLED;
break;
case TPM_I2C_REG_DATA_FIFO:
/* Handled in the main i2c_send function */
break;
case TPM_I2C_REG_LOC_SEL:
/*
* This register is not handled by TIS so save the locality
* locally
*/
if (TPM_TIS_I2C_IS_VALID_LOCTY(i2cst->data[1])) {
i2cst->loc_sel = i2cst->data[1];
}
break;
default:
/* We handle non-FIFO here */
/* Index 0 is a register. Convert byte stream to uint32_t */
data = i2cst->data[1];
data |= i2cst->data[2] << 8;
data |= i2cst->data[3] << 16;
data |= i2cst->data[4] << 24;
/* Add register specific masking */
switch (i2cst->data[0]) {
case TPM_I2C_REG_INT_ENABLE:
data &= TPM_I2C_INT_ENABLE_MASK;
break;
case TPM_I2C_REG_STS ... TPM_I2C_REG_STS + 3:
/*
* STS register has 4 bytes data.
* As per the specs following writes must be allowed.
* - From base address 1 to 4 bytes are allowed.
* - Single byte write to first or last byte must
* be allowed.
*/
offset = i2cst->data[0] - TPM_I2C_REG_STS;
if (offset > 0) {
sz = 1;
}
data &= (TPM_I2C_STS_WRITE_MASK >> (offset * 8));
break;
}
tpm_tis_write_data(&i2cst->state, i2cst->tis_addr + offset, data,
sz);
break;
}
tpm_tis_i2c_clear_data(i2cst);
}
return;
}
/* Callback from TPM to indicate that response is copied */
static void tpm_tis_i2c_request_completed(TPMIf *ti, int ret)
{
TPMStateI2C *i2cst = TPM_TIS_I2C(ti);
TPMState *s = &i2cst->state;
/* Inform the common code. */
tpm_tis_request_completed(s, ret);
}
static enum TPMVersion tpm_tis_i2c_get_tpm_version(TPMIf *ti)
{
TPMStateI2C *i2cst = TPM_TIS_I2C(ti);
TPMState *s = &i2cst->state;
return tpm_tis_get_tpm_version(s);
}
static int tpm_tis_i2c_event(I2CSlave *i2c, enum i2c_event event)
{
TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
int ret = 0;
switch (event) {
case I2C_START_RECV:
trace_tpm_tis_i2c_event("START_RECV");
break;
case I2C_START_SEND:
trace_tpm_tis_i2c_event("START_SEND");
tpm_tis_i2c_clear_data(i2cst);
break;
case I2C_FINISH:
trace_tpm_tis_i2c_event("FINISH");
if (i2cst->operation == OP_SEND) {
tpm_tis_i2c_tpm_send(i2cst);
} else {
tpm_tis_i2c_clear_data(i2cst);
}
break;
default:
break;
}
return ret;
}
/*
* If data is for FIFO then it is received from tpm_tis_common buffer
* otherwise it will be handled using single call to common code and
* cached in the local buffer.
*/
static uint8_t tpm_tis_i2c_recv(I2CSlave *i2c)
{
int ret = 0;
uint32_t data_read;
TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
TPMState *s = &i2cst->state;
uint16_t i2c_reg = i2cst->data[0];
size_t offset;
if (i2cst->operation == OP_RECV) {
/* Do not cache FIFO data. */
if (i2cst->data[0] == TPM_I2C_REG_DATA_FIFO) {
data_read = tpm_tis_read_data(s, i2cst->tis_addr, 1);
ret = (data_read & 0xff);
} else if (i2cst->offset < sizeof(i2cst->data)) {
ret = i2cst->data[i2cst->offset++];
}
} else if ((i2cst->operation == OP_SEND) && (i2cst->offset < 2)) {
/* First receive call after send */
i2cst->operation = OP_RECV;
switch (i2c_reg) {
case TPM_I2C_REG_LOC_SEL:
/* Location selection register is managed by i2c */
tpm_tis_i2c_set_data(i2cst, i2cst->loc_sel);
break;
case TPM_I2C_REG_DATA_FIFO:
/* FIFO data is directly read from TPM TIS */
data_read = tpm_tis_read_data(s, i2cst->tis_addr, 1);
tpm_tis_i2c_set_data(i2cst, (data_read & 0xff));
break;
case TPM_I2C_REG_DATA_CSUM_ENABLE:
tpm_tis_i2c_set_data(i2cst, i2cst->csum_enable);
break;
case TPM_I2C_REG_INT_CAPABILITY:
/*
* Interrupt is not supported in the linux kernel hence we cannot
* test this model with interrupts.
*/
tpm_tis_i2c_set_data(i2cst, TPM_I2C_INT_ENABLE_MASK);
break;
case TPM_I2C_REG_DATA_CSUM_GET:
/*
* Checksum registers are not supported by common code hence
* call a common code to get the checksum.
*/
data_read = tpm_tis_get_checksum(s);
/* Save the byte stream in data field */
tpm_tis_i2c_set_data(i2cst, data_read);
break;
default:
data_read = tpm_tis_read_data(s, i2cst->tis_addr, 4);
switch (i2c_reg) {
case TPM_I2C_REG_INTF_CAPABILITY:
/* Prepare the capabilities as per I2C interface */
data_read = tpm_tis_i2c_interface_capability(i2cst,
data_read);
break;
case TPM_I2C_REG_STS ... TPM_I2C_REG_STS + 3:
offset = i2c_reg - TPM_I2C_REG_STS;
/*
* As per specs, STS bit 31:26 are reserved and must
* be set to 0
*/
data_read &= TPM_I2C_STS_READ_MASK;
/*
* STS register has 4 bytes data.
* As per the specs following reads must be allowed.
* - From base address 1 to 4 bytes are allowed.
* - Last byte must be allowed to read as a single byte
* - Second and third byte must be allowed to read as two
* two bytes.
*/
data_read >>= (offset * 8);
break;
}
/* Save byte stream in data[] */
tpm_tis_i2c_set_data(i2cst, data_read);
break;
}
/* Return first byte with this call */
i2cst->offset = 1; /* keep the register value intact for debug */
ret = i2cst->data[i2cst->offset++];
} else {
i2cst->operation = OP_RECV;
}
trace_tpm_tis_i2c_recv(ret);
return ret;
}
/*
* Send function only remembers data in the buffer and then calls
* TPM TIS common code during FINISH event.
*/
static int tpm_tis_i2c_send(I2CSlave *i2c, uint8_t data)
{
TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
/* Reject non-supported registers. */
if (i2cst->offset == 0) {
/* Convert I2C register to TIS register */
tpm_tis_i2c_to_tis_reg(i2cst, data);
if (i2cst->tis_addr == 0xffffffff) {
return 0xffffffff;
}
trace_tpm_tis_i2c_send_reg(i2cst->reg_name, data);
/* We do not support device address change */
if (data == TPM_I2C_REG_I2C_DEV_ADDRESS) {
qemu_log_mask(LOG_UNIMP, "%s: Device address change "
"is not supported.\n", __func__);
return 0xffffffff;
}
} else {
trace_tpm_tis_i2c_send(data);
}
if (i2cst->offset < sizeof(i2cst->data)) {
i2cst->operation = OP_SEND;
/*
* In two cases, we save values in the local buffer.
* 1) The first value is always a register.
* 2) In case of non-FIFO multibyte registers, TIS expects full
* register value hence I2C layer cache the register value and send
* to TIS during FINISH event.
*/
if ((i2cst->offset == 0) ||
(i2cst->data[0] != TPM_I2C_REG_DATA_FIFO)) {
i2cst->data[i2cst->offset++] = data;
} else {
/*
* The TIS can process FIFO data one byte at a time hence the FIFO
* data is sent to TIS directly.
*/
tpm_tis_write_data(&i2cst->state, i2cst->tis_addr, data, 1);
}
return 0;
}
/* Return non-zero to indicate NAK */
return 1;
}
static Property tpm_tis_i2c_properties[] = {
DEFINE_PROP_TPMBE("tpmdev", TPMStateI2C, state.be_driver),
DEFINE_PROP_END_OF_LIST(),
};
static void tpm_tis_i2c_realizefn(DeviceState *dev, Error **errp)
{
TPMStateI2C *i2cst = TPM_TIS_I2C(dev);
TPMState *s = &i2cst->state;
if (!tpm_find()) {
error_setg(errp, "at most one TPM device is permitted");
return;
}
/*
* Get the backend pointer. It is not initialized propery during
* device_class_set_props
*/
s->be_driver = qemu_find_tpm_be("tpm0");
if (!s->be_driver) {
error_setg(errp, "'tpmdev' property is required");
return;
}
}
static void tpm_tis_i2c_reset(DeviceState *dev)
{
TPMStateI2C *i2cst = TPM_TIS_I2C(dev);
TPMState *s = &i2cst->state;
tpm_tis_i2c_clear_data(i2cst);
i2cst->csum_enable = 0;
i2cst->loc_sel = 0x00;
return tpm_tis_reset(s);
}
static void tpm_tis_i2c_class_init(ObjectClass *klass, void *data)
{
DeviceClass *dc = DEVICE_CLASS(klass);
I2CSlaveClass *k = I2C_SLAVE_CLASS(klass);
TPMIfClass *tc = TPM_IF_CLASS(klass);
dc->realize = tpm_tis_i2c_realizefn;
dc->reset = tpm_tis_i2c_reset;
dc->vmsd = &vmstate_tpm_tis_i2c;
device_class_set_props(dc, tpm_tis_i2c_properties);
set_bit(DEVICE_CATEGORY_MISC, dc->categories);
k->event = tpm_tis_i2c_event;
k->recv = tpm_tis_i2c_recv;
k->send = tpm_tis_i2c_send;
tc->model = TPM_MODEL_TPM_TIS;
tc->request_completed = tpm_tis_i2c_request_completed;
tc->get_version = tpm_tis_i2c_get_tpm_version;
}
static const TypeInfo tpm_tis_i2c_info = {
.name = TYPE_TPM_TIS_I2C,
.parent = TYPE_I2C_SLAVE,
.instance_size = sizeof(TPMStateI2C),
.class_init = tpm_tis_i2c_class_init,
.interfaces = (InterfaceInfo[]) {
{ TYPE_TPM_IF },
{ }
}
};
static void tpm_tis_i2c_register_types(void)
{
type_register_static(&tpm_tis_i2c_info);
}
type_init(tpm_tis_i2c_register_types)

6
hw/tpm/trace-events
View File

@ -36,3 +36,9 @@ tpm_spapr_do_crq_unknown_msg_type(uint8_t type) "Unknown message type 0x%02x"
tpm_spapr_do_crq_unknown_crq(uint8_t raw1, uint8_t raw2) "unknown CRQ 0x%02x 0x%02x ..."
tpm_spapr_post_load(void) "Delivering TPM response after resume"
tpm_spapr_caught_response(uint32_t v) "Caught response to deliver after resume: %u bytes"
# tpm_tis_i2c.c
tpm_tis_i2c_recv(uint8_t data) "TPM I2C read: 0x%X"
tpm_tis_i2c_send(uint8_t data) "TPM I2C write: 0x%X"
tpm_tis_i2c_event(const char *event) "TPM I2C event: %s"
tpm_tis_i2c_send_reg(const char *name, int reg) "TPM I2C write register: %s(0x%X)"

41
include/hw/acpi/tpm.h
View File

@ -93,6 +93,7 @@
#define TPM_TIS_CAP_DATA_TRANSFER_64B (3 << 9)
#define TPM_TIS_CAP_DATA_TRANSFER_LEGACY (0 << 9)
#define TPM_TIS_CAP_BURST_COUNT_DYNAMIC (0 << 8)
#define TPM_TIS_CAP_BURST_COUNT_STATIC (1 << 8)
#define TPM_TIS_CAP_INTERRUPT_LOW_LEVEL (1 << 4) /* support is mandatory */
#define TPM_TIS_CAPABILITIES_SUPPORTED1_3 \
(TPM_TIS_CAP_INTERRUPT_LOW_LEVEL | \
@ -209,6 +210,46 @@ REG32(CRB_DATA_BUFFER, 0x80)
#define TPM_PPI_FUNC_ALLOWED_USR_NOT_REQ (4 << 0)
#define TPM_PPI_FUNC_MASK (7 << 0)
/* TPM TIS I2C registers */
#define TPM_I2C_REG_LOC_SEL 0x00
#define TPM_I2C_REG_ACCESS 0x04
#define TPM_I2C_REG_INT_ENABLE 0x08
#define TPM_I2C_REG_INT_CAPABILITY 0x14
#define TPM_I2C_REG_STS 0x18
#define TPM_I2C_REG_DATA_FIFO 0x24
#define TPM_I2C_REG_INTF_CAPABILITY 0x30
#define TPM_I2C_REG_I2C_DEV_ADDRESS 0x38
#define TPM_I2C_REG_DATA_CSUM_ENABLE 0x40
#define TPM_I2C_REG_DATA_CSUM_GET 0x44
#define TPM_I2C_REG_DID_VID 0x48
#define TPM_I2C_REG_RID 0x4c
#define TPM_I2C_REG_UNKNOWN 0xff
/* I2C specific interface capabilities */
#define TPM_I2C_CAP_INTERFACE_TYPE (0x2 << 0) /* FIFO interface */
#define TPM_I2C_CAP_INTERFACE_VER (0x0 << 4) /* TCG I2C intf 1.0 */
#define TPM_I2C_CAP_TPM2_FAMILY (0x1 << 7) /* TPM 2.0 family. */
#define TPM_I2C_CAP_DEV_ADDR_CHANGE (0x0 << 27) /* No dev addr chng */
#define TPM_I2C_CAP_BURST_COUNT_STATIC (0x1 << 29) /* Burst count static */
#define TPM_I2C_CAP_LOCALITY_CAP (0x1 << 25) /* 0-5 locality */
#define TPM_I2C_CAP_BUS_SPEED (3 << 21) /* std and fast mode */
/*
* TPM_I2C_STS masks for read/writing bits from/to TIS
* TPM_STS mask for read bits 31:26 must be zero
*/
#define TPM_I2C_STS_READ_MASK 0x00ffffdd
#define TPM_I2C_STS_WRITE_MASK 0x03000062
/* Checksum enabled. */
#define TPM_DATA_CSUM_ENABLED 0x1
/*
* TPM_I2C_INT_ENABLE mask. Linux kernel does not support
* interrupts hence setting it to 0.
*/
#define TPM_I2C_INT_ENABLE_MASK 0x0
void tpm_build_ppi_acpi(TPMIf *tpm, Aml *dev);
#endif /* CONFIG_TPM */

3
include/sysemu/tpm.h
View File

@ -48,6 +48,7 @@ struct TPMIfClass {
#define TYPE_TPM_TIS_SYSBUS "tpm-tis-device"
#define TYPE_TPM_CRB "tpm-crb"
#define TYPE_TPM_SPAPR "tpm-spapr"
#define TYPE_TPM_TIS_I2C "tpm-tis-i2c"
#define TPM_IS_TIS_ISA(chr) \
object_dynamic_cast(OBJECT(chr), TYPE_TPM_TIS_ISA)
@ -57,6 +58,8 @@ struct TPMIfClass {
object_dynamic_cast(OBJECT(chr), TYPE_TPM_CRB)
#define TPM_IS_SPAPR(chr) \
object_dynamic_cast(OBJECT(chr), TYPE_TPM_SPAPR)
#define TPM_IS_TIS_I2C(chr) \
object_dynamic_cast(OBJECT(chr), TYPE_TPM_TIS_I2C)
/* returns NULL unless there is exactly one TPM device */
static inline TPMIf *tpm_find(void)

42
tests/avocado/machine_aspeed.py
View File

@ -7,14 +7,18 @@
import time
import os
import tempfile
import subprocess
from avocado_qemu import QemuSystemTest
from avocado_qemu import wait_for_console_pattern
from avocado_qemu import exec_command
from avocado_qemu import exec_command_and_wait_for_pattern
from avocado_qemu import interrupt_interactive_console_until_pattern
from avocado_qemu import has_cmd
from avocado.utils import archive
from avocado import skipIf
from avocado import skipUnless
class AST1030Machine(QemuSystemTest):
@ -132,7 +136,7 @@ class AST2x00Machine(QemuSystemTest):
self.do_test_arm_aspeed(image_path)
def do_test_arm_aspeed_buildroot_start(self, image, cpu_id):
def do_test_arm_aspeed_buildroot_start(self, image, cpu_id, pattern='Aspeed EVB'):
self.require_netdev('user')
self.vm.set_console()
@ -146,7 +150,7 @@ class AST2x00Machine(QemuSystemTest):
self.wait_for_console_pattern('Booting Linux on physical CPU ' + cpu_id)
self.wait_for_console_pattern('lease of 10.0.2.15')
# the line before login:
self.wait_for_console_pattern('Aspeed EVB')
self.wait_for_console_pattern(pattern)
time.sleep(0.1)
exec_command(self, 'root')
time.sleep(0.1)
@ -229,6 +233,40 @@ class AST2x00Machine(QemuSystemTest):
'0000000 ffaa ffff ffff ffff ffff ffff ffff ffff');
self.do_test_arm_aspeed_buildroot_poweroff()
@skipUnless(*has_cmd('swtpm'))
def test_arm_ast2600_evb_buildroot_tpm(self):
"""
:avocado: tags=arch:arm
:avocado: tags=machine:ast2600-evb
"""
image_url = ('https://github.com/legoater/qemu-aspeed-boot/raw/master/'
'images/ast2600-evb/buildroot-2023.02-tpm/flash.img')
image_hash = ('a46009ae8a5403a0826d607215e731a8c68d27c14c41e55331706b8f9c7bd997')
image_path = self.fetch_asset(image_url, asset_hash=image_hash,
algorithm='sha256')
socket = os.path.join(self.vm.sock_dir, 'swtpm-socket')
subprocess.run(['swtpm', 'socket', '-d', '--tpm2',
'--tpmstate', f'dir={self.vm.temp_dir}',
'--ctrl', f'type=unixio,path={socket}'])
self.vm.add_args('-chardev', f'socket,id=chrtpm,path={socket}')
self.vm.add_args('-tpmdev', 'emulator,id=tpm0,chardev=chrtpm')
self.vm.add_args('-device',
'tpm-tis-i2c,tpmdev=tpm0,bus=aspeed.i2c.bus.12,address=0x2e')
self.do_test_arm_aspeed_buildroot_start(image_path, '0xf00', 'Aspeed AST2600 EVB')
exec_command(self, "passw0rd")
exec_command_and_wait_for_pattern(self,
'echo tpm_tis_i2c 0x2e > /sys/bus/i2c/devices/i2c-12/new_device',
'tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1)');
exec_command_and_wait_for_pattern(self,
'cat /sys/class/tpm/tpm0/pcr-sha256/0',
'B804724EA13F52A9072BA87FE8FDCC497DFC9DF9AA15B9088694639C431688E0');
self.do_test_arm_aspeed_buildroot_poweroff()
class AST2x00MachineSDK(QemuSystemTest):