From: Jiandi An <anjiandi-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org>
To: Jarkko Sakkinen
<jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
Cc: tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org,
rafael.j.wysocki-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org,
robert.moore-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org,
lenb-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org,
lv.zheng-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org
Subject: Re: [PATCH v2 2/2] tpm/tpm_crb: Enable TPM CRB interface for ARM64
Date: Thu, 16 Mar 2017 19:31:23 -0500 [thread overview]
Message-ID: <58CB2E5B.4000302@codeaurora.org> (raw)
In-Reply-To: <20170315160350.3wr7o3m7zent35rf-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
On 03/15/17 11:03, Jarkko Sakkinen wrote:
> On Tue, Mar 14, 2017 at 08:32:33PM -0500, Jiandi An wrote:
>> This enables TPM Command Response Buffer interface driver for
>> ARM64 and implements an ARM specific TPM CRB start method that
>> invokes a Secure Monitor Call (SMC) to request the TrustZone
>> Firmware to execute or cancel a TPM 2.0 command.
>>
>> An ARM, TrustZone security extensions enable a secure software
>> environment with Secure Monitor mode. A Secure Monitor Call
>> (SMC) is used to enter the Secure Monitor mode and perform a
>> Secure Monitor service to communicate with TrustZone firmware
>> which has control over the TPM hardware.
>>
>> Signed-off-by: Jiandi An <anjiandi-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org>
>> ---
>> v2
>> - Squash commit of inline SMC function with commit of
>> tpm_crb driver change for TPM CRB ARM64 enablement
>> - Replace WARN to dev_err FW_BUG in tpm_crb_smc_start()
>> - Fix dev_err to indicate FW_BUG for wrong size of TPM2
>> ACPI table with SMC start method
>> - Make tpm_crb driver only dependent on ACPI in Kconfig
>
> The change log should be in the cover letter not scattered in the
> patches if you send more than one patch.
Will move change log to cover letter next time.
- Jiandi
>
>>
>> drivers/char/tpm/Kconfig | 2 +-
>> drivers/char/tpm/tpm_crb.c | 53
> ++++++++++++++++++++++++++++++++++++++++++++--
>> 2 files changed, 52 insertions(+), 3 deletions(-)
>>
>> diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
>> index d520ac5..a3035220 100644
>> --- a/drivers/char/tpm/Kconfig
>> +++ b/drivers/char/tpm/Kconfig
>> @@ -136,7 +136,7 @@ config TCG_XEN
>>
>> config TCG_CRB
>> tristate "TPM 2.0 CRB Interface"
>> - depends on X86 && ACPI
>> + depends on ACPI
>> ---help---
>> If you have a TPM security chip that is compliant with the
>> TCG CRB 2.0 TPM specification say Yes and it will be accessible
>> diff --git a/drivers/char/tpm/tpm_crb.c b/drivers/char/tpm/tpm_crb.c
>> index 089fcf8..abc29ad 100644
>> --- a/drivers/char/tpm/tpm_crb.c
>> +++ b/drivers/char/tpm/tpm_crb.c
>> @@ -20,6 +20,9 @@
>> #include <linux/rculist.h>
>> #include <linux/module.h>
>> #include <linux/pm_runtime.h>
>> +#ifdef CONFIG_ARM64
>> +#include <linux/arm-smccc.h>
>> +#endif
>> #include "tpm.h"
>>
>> #define ACPI_SIG_TPM2 "TPM2"
>> @@ -73,6 +76,7 @@ enum crb_status {
>> enum crb_flags {
>> CRB_FL_ACPI_START = BIT(0),
>> CRB_FL_CRB_START = BIT(1),
>> + CRB_FL_CRB_SMC_START = BIT(2),
>> };
>>
>> struct crb_priv {
>> @@ -82,6 +86,7 @@ struct crb_priv {
>> u8 __iomem *cmd;
>> u8 __iomem *rsp;
>> u32 cmd_size;
>> + u32 smc_func_id;
>> };
>>
>> /**
>> @@ -101,7 +106,8 @@ struct crb_priv {
>> */
>> static int __maybe_unused crb_go_idle(struct device *dev, struct
> crb_priv *priv)
>> {
>> - if (priv->flags & CRB_FL_ACPI_START)
>> + if ((priv->flags & CRB_FL_ACPI_START) ||
>> + (priv->flags & CRB_FL_CRB_SMC_START))
>> return 0;
>>
>> iowrite32(CRB_CTRL_REQ_GO_IDLE, &priv->cca->req);
>> @@ -129,7 +135,8 @@ static int __maybe_unused crb_cmd_ready(struct
> device *dev,
>> {
>> ktime_t stop, start;
>>
>> - if (priv->flags & CRB_FL_ACPI_START)
>> + if ((priv->flags & CRB_FL_ACPI_START) ||
>> + (priv->flags & CRB_FL_CRB_SMC_START))
>> return 0;
>>
>> iowrite32(CRB_CTRL_REQ_CMD_READY, &priv->cca->req);
>> @@ -202,6 +209,32 @@ static int crb_do_acpi_start(struct tpm_chip *chip)
>> return rc;
>> }
>>
>> +#ifdef CONFIG_ARM64
>> +/*
>> + * This is a TPM Command Response Buffer start method that invokes a
>> + * Secure Monitor Call to requrest the firmware to execute or cancel
>> + * a TPM 2.0 command.
>> + */
>> +static inline int tpm_crb_smc_start(struct device *dev, unsigned long
> func_id)
>> +{
>> + struct arm_smccc_res res;
>> +
>> + arm_smccc_smc(func_id, 0, 0, 0, 0, 0, 0, 0, &res);
>> + if (res.a0 != 0) {
>> + dev_err(dev, FW_BUG "tpm_crb_smc_start() returns res.a0 =
> 0x%lx\n", res.a0);
>> + return -EIO;
>> + }
>> +
>> + return 0;
>> +}
>> +#else
>> +static inline int tpm_crb_smc_start(struct device *dev, unsigned long
> func_id)
>> +{
>> + dev_err(dev, FW_BUG "tpm_crb: incorrect start method\n");
>> + return -EINVAL;
>> +}
>> +#endif
>> +
>> static int crb_send(struct tpm_chip *chip, u8 *buf, size_t len)
>> {
>> struct crb_priv *priv = dev_get_drvdata(&chip->dev);
>> @@ -229,6 +262,11 @@ static int crb_send(struct tpm_chip *chip, u8 *buf,
> size_t len)
>> if (priv->flags & CRB_FL_ACPI_START)
>> rc = crb_do_acpi_start(chip);
>>
>> + if (priv->flags & CRB_FL_CRB_SMC_START) {
>> + iowrite32(CRB_START_INVOKE, &priv->cca->start);
>> + rc = tpm_crb_smc_start(&chip->dev, priv->smc_func_id);
>> + }
>> +
>> return rc;
>> }
>>
>> @@ -445,6 +483,17 @@ static int crb_acpi_add(struct acpi_device *device)
>> sm == ACPI_TPM2_COMMAND_BUFFER_WITH_START_METHOD)
>> priv->flags |= CRB_FL_ACPI_START;
>>
>> + if (sm == ACPI_TPM2_COMMAND_BUFFER_WITH_SMC) {
>> + if ((buf->header.length - default_len) !=
>> + sizeof(struct tpm2_crb_smc)) {
>> + dev_err(dev, FW_BUG "TPM2 ACPI table has wrong
> size %u for start method type %d\n",
>> + buf->header.length,
> ACPI_TPM2_COMMAND_BUFFER_WITH_SMC);
>> + return -EINVAL;
>> + }
>> + priv->flags |= CRB_FL_CRB_SMC_START;
>> + priv->smc_func_id =
> buf->platform_data.smc_params.smc_func_id;
>> + }
>> +
>> rc = crb_map_io(device, priv, buf);
>> if (rc)
>> return rc;
>> --
>> Jiandi An
>> Qualcomm Datacenter Technologies, Inc. as an affiliate of Qualcomm
> Technologies, Inc.
>> Qualcomm Technologies, Inc. is a member of the Code Aurora Forum, a
> Linux Foundation Collaborative Project.
>>
>
> --------------------------------------------------------------------------
> ----
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> tpmdd-devel mailing list
> tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
> https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
>
--
Qualcomm Datacenter Technologies, Inc.
as an affiliate of Qualcomm Technologies, Inc.
Qualcomm Technologies, Inc. is a member of the Code Aurora Forum,
a Linux Foundation Collaborative Project.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
next prev parent reply other threads:[~2017-03-17 0:31 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-15 1:32 [PATCH v2 1/2] ACPICA: Update TPM2 ACPI table Jiandi An
[not found] ` <1489541553-2066-1-git-send-email-anjiandi-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org>
2017-03-15 1:32 ` [PATCH v2 2/2] tpm/tpm_crb: Enable TPM CRB interface for ARM64 Jiandi An
[not found] ` <1489541553-2066-2-git-send-email-anjiandi-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org>
2017-03-15 16:03 ` Jarkko Sakkinen
[not found] ` <20170315160350.3wr7o3m7zent35rf-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2017-03-17 0:31 ` Jiandi An [this message]
2017-03-15 16:02 ` [PATCH v2 1/2] ACPICA: Update TPM2 ACPI table Jarkko Sakkinen
[not found] ` <20170315160226.apxecoujeqsbuk67-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2017-03-17 0:30 ` Jiandi An
[not found] ` <58CB2E11.9030509-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org>
2017-03-17 20:32 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=58CB2E5B.4000302@codeaurora.org \
--to=anjiandi-sgv2jx0feol9jmxxk+q4oq@public.gmane.org \
--cc=jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org \
--cc=lenb-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
--cc=lv.zheng-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org \
--cc=rafael.j.wysocki-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org \
--cc=robert.moore-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org \
--cc=tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.