From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=6PMt=MA=lists.denx.de=u-boot-bounces@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-21.0 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,
	INCLUDES_PATCH,MAILING_LIST_MULTI,MENTIONS_GIT_HOSTING,SPF_HELO_NONE,SPF_PASS,
	URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 8F6FFC07E96
	for <u-boot@archiver.kernel.org>; Thu,  8 Jul 2021 10:05:23 +0000 (UTC)
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id A3D6261451
	for <u-boot@archiver.kernel.org>; Thu,  8 Jul 2021 10:05:22 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A3D6261451
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linaro.org
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id 612AC82F36;
	Thu,  8 Jul 2021 12:05:20 +0200 (CEST)
Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de;
	dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="oDeuA5LM";
	dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id 1D97C82F36; Thu,  8 Jul 2021 12:05:19 +0200 (CEST)
Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com
 [IPv6:2a00:1450:4864:20::431])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id 5A781829EE
 for <u-boot@lists.denx.de>; Thu,  8 Jul 2021 12:05:15 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org
Received: by mail-wr1-x431.google.com with SMTP id a13so6770475wrf.10
 for <u-boot@lists.denx.de>; Thu, 08 Jul 2021 03:05:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=date:from:to:cc:subject:message-id:references:mime-version
 :content-disposition:in-reply-to;
 bh=hs3s0HMi7abgAasBFTRx9sL2RY6co8d76nu8XdlThqs=;
 b=oDeuA5LMQw1B1qOKn1/Xouv47u1AQa1yy3uQQbHF3gwr20ZZIBQY2av6R/xlqbAlwX
 ZgoMDuOEBXdvGkceiDL+EPy2Y92CIhD8KZk1KcnhnAEGh8yCCzGhYP0+1kgE7d2DgSCM
 GjwVCw1auEIMrkCbio0dGHPIZb25B3Yr9IpamQI+ly2p/nhRkclJhOusaVVqaVrQCwk7
 p6Z0JAe/v07tzAeYHZj5++FXtih3ogKGGUXuVFjGHpCycJQSfxKINf22IsNnyu55vlIc
 CSP9j/3ArUQ1rT253Rg4g9wnt97F9lll4miCZnJhzGQJuypm5QAou5qtZl+PBf54XcOc
 K3rw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:date:from:to:cc:subject:message-id:references
 :mime-version:content-disposition:in-reply-to;
 bh=hs3s0HMi7abgAasBFTRx9sL2RY6co8d76nu8XdlThqs=;
 b=mhfy4idjAe8s671nptBvbGQZSOrkq6FXh9yWr52cTSLmUVQI1fyKaeU9hzkpt3/vmg
 TLdvQLznowrI2bns9JZ2PVX7whodMvnboaqIHQgAUglctPBaFIf8SCfP3H9ZUF9zUGCX
 tR01v1WXha7faN3UGATwkNaukJpgZOHd//ZSRXOxf5Jp95r3chsKokwzQaBW/TpjKOdL
 7jpGEpid5hc1kygT4lVbdfXz08oEyFdu+4OheE5i31/VDq/uLckXhncSA93mhe1rwcpm
 b0OtzkuqOm+vOipVgiJjea3EaXB/HKq5Q6xroqgFsxrK9tj45obN+bw+ZQwSfZYIg860
 XFvA==
X-Gm-Message-State: AOAM533oAUGdtCpGfA69ba5rms8cdtko2xFE0kwwWAX2dey/R2OMPyjU
 iXJwEyNGdmIHFn6R0xwNW6nh1w==
X-Google-Smtp-Source: ABdhPJxJgdWk0rMShg8y4XLUT6fGtCPrcV/VPp/DFK+rlj7EFmP+njXYN4pmlrxDFW/wX8F8cEmhLg==
X-Received: by 2002:adf:dd82:: with SMTP id x2mr33014319wrl.303.1625738714925; 
 Thu, 08 Jul 2021 03:05:14 -0700 (PDT)
Received: from enceladus (ppp-94-66-242-227.home.otenet.gr. [94.66.242.227])
 by smtp.gmail.com with ESMTPSA id t9sm1722098wmq.14.2021.07.08.03.05.13
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 08 Jul 2021 03:05:14 -0700 (PDT)
Date: Thu, 8 Jul 2021 13:05:11 +0300
From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: trini@konsulko.com, Simon Glass <sjg@chromium.org>,
 Robert Marko <robert.marko@sartura.hr>,
 Alex Nemirovsky <alex.nemirovsky@cortina-access.com>,
 Sean Anderson <seanga2@gmail.com>,
 Weijie Gao <weijie.gao@mediatek.com>, Bin Meng <bmeng.cn@gmail.com>,
 Rayagonda Kokatanur <rayagonda.kokatanur@broadcom.com>,
 Stefan Bosch <stefan_b@posteo.net>,
 Dhananjay Phadke <dphadke@linux.microsoft.com>,
 Masahisa Kojima <masahisa.kojima@linaro.org>, u-boot@lists.denx.de
Subject: Re: [PATCH 2/3 v3] tpm2: Add a TPMv2 MMIO TIS driver
Message-ID: <YObN12udNcWCC0SL@enceladus>
References: <20210708082310.87540-1-ilias.apalodimas@linaro.org>
 <20210708082310.87540-3-ilias.apalodimas@linaro.org>
 <9493acab-c72a-945c-6d80-27ced8bfe1e1@gmx.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <9493acab-c72a-945c-6d80-27ced8bfe1e1@gmx.de>
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de
X-Virus-Status: Clean

On Thu, Jul 08, 2021 at 11:42:29AM +0200, Heinrich Schuchardt wrote:
> On 08.07.21 10:23, Ilias Apalodimas wrote:
> > Add support for devices that expose a TPMv2 though MMIO.
> > Apart from those devices, we can use the driver in our QEMU setups and
> > test TPM related code which is difficult to achieve using the sandbox
> > driver (e.g test the EFI TCG2 protocol).
> > 
> > It's worth noting that a previous patch added TPMv2 TIS core functions,
> > which the current driver is consuming.
> > 
> > Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> 
> There should be a defconfig using the driver to ensure that it is built
> in CI. As you want to use the driver for testing with QEMU let that be
> qemu_arm64_defconfig and qemu_arm_defconfig (we should build both 64bit
> and 32bit).
> 
> A paragraph in doc/board/emulation/qemu-arm.rst indicating how to
> emulate a TPM would be helpful.
> 
> I think information like the following is needed:
> 
> To emulate a TPM the swtpm package may be used. It can be built from the
> following repositories:
> 
>     https://github.com/stefanberger/libtpms.git
>     https://github.com/stefanberger/swtpm.git
> 
> Swtpm provides a socket for the TPM emulation which can be consumed by QEMU.
> 
> In a first console invoke swtpm:
> 
>     swtpm socket --tpmstate dir=/tmp/mytpm1   \
>     --ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock --log level=20
> 
> In a second console invoke qemu-system-aarch64 with
> 
>     -chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
>     -tpmdev emulator,id=tpm0,chardev=chrtpm \
>     -device tpm-tis-device,tpmdev=tpm0
> 
> To use the TPM emulation U-Boot must be compiled with
> 
> ???

Text looks good to me. I'll send a v4 with the defconfigs + help included

Thanks
/Ilias
> 
> Best regards
> 
> Heinrich
> 
> > ---
> >   drivers/tpm/Kconfig         |   9 +++
> >   drivers/tpm/Makefile        |   1 +
> >   drivers/tpm/tpm2_tis_mmio.c | 156 ++++++++++++++++++++++++++++++++++++
> >   3 files changed, 166 insertions(+)
> >   create mode 100644 drivers/tpm/tpm2_tis_mmio.c
> > 
> > diff --git a/drivers/tpm/Kconfig b/drivers/tpm/Kconfig
> > index 9eebab5cfd90..406ee8716e1e 100644
> > --- a/drivers/tpm/Kconfig
> > +++ b/drivers/tpm/Kconfig
> > @@ -161,6 +161,15 @@ config TPM2_FTPM_TEE
> >   	help
> >   	  This driver supports firmware TPM running in TEE.
> > 
> > +config TPM2_MMIO
> > +	bool "MMIO based TPM2 Interface"
> > +	depends on TPM_V2
> > +	help
> > +	  This driver supports firmware TPM2.0 MMIO interface.
> > +	  The usual TPM operations and the 'tpm' command can be used to talk
> > +	  to the device using the standard TPM Interface Specification (TIS)
> > +	  protocol.
> > +
> >   endif # TPM_V2
> > 
> >   endmenu
> > diff --git a/drivers/tpm/Makefile b/drivers/tpm/Makefile
> > index f64d20067f88..1065c1874f58 100644
> > --- a/drivers/tpm/Makefile
> > +++ b/drivers/tpm/Makefile
> > @@ -14,3 +14,4 @@ obj-$(CONFIG_$(SPL_TPL_)TPM2_CR50_I2C) += cr50_i2c.o
> >   obj-$(CONFIG_TPM2_TIS_SANDBOX) += tpm2_tis_sandbox.o
> >   obj-$(CONFIG_TPM2_TIS_SPI) += tpm2_tis_spi.o
> >   obj-$(CONFIG_TPM2_FTPM_TEE) += tpm2_ftpm_tee.o
> > +obj-$(CONFIG_TPM2_MMIO) += tpm2_tis_core.o tpm2_tis_mmio.o
> > diff --git a/drivers/tpm/tpm2_tis_mmio.c b/drivers/tpm/tpm2_tis_mmio.c
> > new file mode 100644
> > index 000000000000..2183a2807162
> > --- /dev/null
> > +++ b/drivers/tpm/tpm2_tis_mmio.c
> > @@ -0,0 +1,156 @@
> > +// SPDX-License-Identifier: GPL-2.0
> > +/*
> > + * driver for mmio TCG/TIS TPM (trusted platform module).
> > + *
> > + * Specifications at www.trustedcomputinggroup.org
> > + */
> > +
> > +#include <common.h>
> > +#include <dm.h>
> > +#include <log.h>
> > +#include <tpm-v2.h>
> > +#include <linux/bitops.h>
> > +#include <linux/compiler.h>
> > +#include <linux/delay.h>
> > +#include <linux/errno.h>
> > +#include <linux/types.h>
> > +#include <linux/io.h>
> > +#include <linux/unaligned/be_byteshift.h>
> > +#include "tpm_tis.h"
> > +#include "tpm_internal.h"
> > +
> > +struct tpm_tis_chip_data {
> > +	unsigned int pcr_count;
> > +	unsigned int pcr_select_min;
> > +	unsigned int time_before_first_cmd_ms;
> > +	void __iomem *iobase;
> > +};
> > +
> > +static int mmio_read_bytes(struct udevice *udev, u32 addr, u16 len,
> > +			   u8 *result)
> > +{
> > +	struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev);
> > +
> > +	while (len--)
> > +		*result++ = ioread8(drv_data->iobase + addr);
> > +	return 0;
> > +}
> > +
> > +static int mmio_write_bytes(struct udevice *udev, u32 addr, u16 len,
> > +			    const u8 *value)
> > +{
> > +	struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev);
> > +
> > +	while (len--)
> > +		iowrite8(*value++, drv_data->iobase + addr);
> > +	return 0;
> > +}
> > +
> > +static int mmio_read16(struct udevice *udev, u32 addr, u16 *result)
> > +{
> > +	struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev);
> > +
> > +	*result = ioread16(drv_data->iobase + addr);
> > +	return 0;
> > +}
> > +
> > +static int mmio_read32(struct udevice *udev, u32 addr, u32 *result)
> > +{
> > +	struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev);
> > +
> > +	*result = ioread32(drv_data->iobase + addr);
> > +	return 0;
> > +}
> > +
> > +static int mmio_write32(struct udevice *udev, u32 addr, u32 value)
> > +{
> > +	struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev);
> > +
> > +	iowrite32(value, drv_data->iobase + addr);
> > +	return 0;
> > +}
> > +
> > +static struct tpm_tis_phy_ops phy_ops = {
> > +	.read_bytes = mmio_read_bytes,
> > +	.write_bytes = mmio_write_bytes,
> > +	.read16 = mmio_read16,
> > +	.read32 = mmio_read32,
> > +	.write32 = mmio_write32,
> > +};
> > +
> > +static int tpm_tis_probe(struct udevice *udev)
> > +{
> > +	struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev);
> > +	struct tpm_chip_priv *priv = dev_get_uclass_priv(udev);
> > +	int ret = 0;
> > +	fdt_addr_t ioaddr;
> > +	u64 sz;
> > +
> > +	ioaddr = dev_read_addr(udev);
> > +	if (ioaddr == FDT_ADDR_T_NONE)
> > +		return -EINVAL;
> > +
> > +	ret = dev_read_u64(udev, "reg", &sz);
> > +	if (ret)
> > +		return -EINVAL;
> > +
> > +	drv_data->iobase = ioremap(ioaddr, sz);
> > +	log_info("Remapped TPM2 base: 0x%llx size: 0x%llx\n", ioaddr, sz);
> > +	tpm_tis_ops_register(udev, &phy_ops);
> > +	ret = tpm_tis_init(udev);
> > +	if (ret)
> > +		goto iounmap;
> > +
> > +	priv->pcr_count = drv_data->pcr_count;
> > +	priv->pcr_select_min = drv_data->pcr_select_min;
> > +	/*
> > +	 * Although the driver probably works with a TPMv1 our Kconfig
> > +	 * limits the driver to TPMv2 only
> > +	 */
> > +	priv->version = TPM_V2;
> > +
> > +	return ret;
> > +iounmap:
> > +	iounmap(drv_data->iobase);
> > +	return -EINVAL;
> > +}
> > +
> > +static int tpm_tis_remove(struct udevice *udev)
> > +{
> > +	struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(udev);
> > +
> > +	iounmap(drv_data->iobase);
> > +	return tpm_tis_cleanup(udev);
> > +}
> > +
> > +static const struct tpm_ops tpm_tis_ops = {
> > +	.open		= tpm_tis_open,
> > +	.close		= tpm_tis_close,
> > +	.get_desc	= tpm_tis_get_desc,
> > +	.send		= tpm_tis_send,
> > +	.recv		= tpm_tis_recv,
> > +	.cleanup	= tpm_tis_cleanup,
> > +};
> > +
> > +static const struct tpm_tis_chip_data tpm_tis_std_chip_data = {
> > +	.pcr_count = 24,
> > +	.pcr_select_min = 3,
> > +};
> > +
> > +static const struct udevice_id tpm_tis_ids[] = {
> > +	{
> > +		.compatible = "tcg,tpm-tis-mmio",
> > +		.data = (ulong)&tpm_tis_std_chip_data,
> > +	},
> > +	{ }
> > +};
> > +
> > +U_BOOT_DRIVER(tpm_tis_mmio) = {
> > +	.name   = "tpm_tis_mmio",
> > +	.id     = UCLASS_TPM,
> > +	.of_match = tpm_tis_ids,
> > +	.ops    = &tpm_tis_ops,
> > +	.probe	= tpm_tis_probe,
> > +	.remove	= tpm_tis_remove,
> > +	.priv_auto	= sizeof(struct tpm_chip),
> > +};
> >