| Message ID | 20250217224946.113951-5-stuart.yoder@arm.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | Add support for the TPM FF-A start method | expand |
On Mon, 2025-02-17 at 16:49 -0600, Stuart Yoder wrote: > The TCG ACPI spec v1.4 defines a start method for the > TPMs implemented with the Arm CRB over FF-A ABI. > > Add support for the FF-A start method, and use interfaces > provided by the ffa_crb driver to interact with the > FF-A based TPM. > > Signed-off-by: Stuart Yoder <stuart.yoder@arm.com> > --- > drivers/char/tpm/tpm_crb.c | 71 +++++++++++++++++++++++++++++++++++- > -- > 1 file changed, 66 insertions(+), 5 deletions(-) > > diff --git a/drivers/char/tpm/tpm_crb.c b/drivers/char/tpm/tpm_crb.c > index 31db879f1324..2a57650ba9b4 100644 > --- a/drivers/char/tpm/tpm_crb.c > +++ b/drivers/char/tpm/tpm_crb.c > @@ -19,6 +19,7 @@ > #ifdef CONFIG_ARM64 > #include <linux/arm-smccc.h> > #endif > +#include "tpm_crb_ffa.h" > #include "tpm.h" > > #define ACPI_SIG_TPM2 "TPM2" > @@ -100,6 +101,8 @@ struct crb_priv { > u32 smc_func_id; > u32 __iomem *pluton_start_addr; > u32 __iomem *pluton_reply_addr; > + u8 ffa_flags; > + u8 ffa_attributes; > }; > > struct tpm2_crb_smc { > @@ -110,6 +113,14 @@ struct tpm2_crb_smc { > u32 smc_func_id; > }; > > +/* CRB over FFA start method parameters in TCG2 ACPI table */ > +struct tpm2_crb_ffa { > + u8 flags; > + u8 attributes; > + u16 partition_id; > + u8 reserved[8]; > +}; > + > struct tpm2_crb_pluton { > u64 start_addr; > u64 reply_addr; > @@ -122,7 +133,8 @@ static inline bool tpm_crb_has_idle(u32 > start_method) > { > return start_method == ACPI_TPM2_START_METHOD || > start_method == > ACPI_TPM2_COMMAND_BUFFER_WITH_START_METHOD || > - start_method == > ACPI_TPM2_COMMAND_BUFFER_WITH_ARM_SMC; > + start_method == ACPI_TPM2_COMMAND_BUFFER_WITH_ARM_SMC > || > + start_method == ACPI_TPM2_CRB_WITH_ARM_FFA; > } > > static bool crb_wait_for_reg_32(u32 __iomem *reg, u32 mask, u32 > value, > @@ -261,13 +273,20 @@ static int crb_cmd_ready(struct tpm_chip *chip) > static int __crb_request_locality(struct device *dev, > struct crb_priv *priv, int loc) > { > - u32 value = CRB_LOC_STATE_LOC_ASSIGNED | > - CRB_LOC_STATE_TPM_REG_VALID_STS; > + u32 value = CRB_LOC_STATE_LOC_ASSIGNED | > CRB_LOC_STATE_TPM_REG_VALID_STS; > + int rc; > > if (!priv->regs_h) > return 0; > > iowrite32(CRB_LOC_CTRL_REQUEST_ACCESS, &priv->regs_h- > >loc_ctrl); > + > + if (priv->sm == ACPI_TPM2_CRB_WITH_ARM_FFA) { > + rc = > tpm_crb_ffa_start(CRB_FFA_START_TYPE_LOCALITY_REQUEST, loc); > + if (rc) > + return rc; > + } > + > if (!crb_wait_for_reg_32(&priv->regs_h->loc_state, value, > value, > TPM2_TIMEOUT_C)) { > dev_warn(dev, "TPM_LOC_STATE_x.requestAccess timed > out\n"); > @@ -287,14 +306,21 @@ static int crb_request_locality(struct tpm_chip > *chip, int loc) > static int __crb_relinquish_locality(struct device *dev, > struct crb_priv *priv, int loc) > { > - u32 mask = CRB_LOC_STATE_LOC_ASSIGNED | > - CRB_LOC_STATE_TPM_REG_VALID_STS; > + u32 mask = CRB_LOC_STATE_LOC_ASSIGNED | > CRB_LOC_STATE_TPM_REG_VALID_STS; > u32 value = CRB_LOC_STATE_TPM_REG_VALID_STS; > + int rc; > > if (!priv->regs_h) > return 0; > > iowrite32(CRB_LOC_CTRL_RELINQUISH, &priv->regs_h->loc_ctrl); > + > + if (priv->sm == ACPI_TPM2_CRB_WITH_ARM_FFA) { > + rc = > tpm_crb_ffa_start(CRB_FFA_START_TYPE_LOCALITY_REQUEST, loc); > + if (rc) > + return rc; > + } > + > if (!crb_wait_for_reg_32(&priv->regs_h->loc_state, mask, > value, > TPM2_TIMEOUT_C)) { > dev_warn(dev, "TPM_LOC_STATE_x.Relinquish timed > out\n"); > @@ -443,6 +469,11 @@ static int crb_send(struct tpm_chip *chip, u8 > *buf, size_t len) > rc = tpm_crb_smc_start(&chip->dev, priv- > >smc_func_id); > } > > + if (priv->sm == ACPI_TPM2_CRB_WITH_ARM_FFA) { > + iowrite32(CRB_START_INVOKE, &priv->regs_t- > >ctrl_start); > + rc = tpm_crb_ffa_start(CRB_FFA_START_TYPE_COMMAND, > chip->locality); > + } > + > if (rc) > return rc; > > @@ -452,6 +483,7 @@ static int crb_send(struct tpm_chip *chip, u8 > *buf, size_t len) > static void crb_cancel(struct tpm_chip *chip) > { > struct crb_priv *priv = dev_get_drvdata(&chip->dev); > + int rc; > > iowrite32(CRB_CANCEL_INVOKE, &priv->regs_t->ctrl_cancel); > > @@ -459,6 +491,12 @@ static void crb_cancel(struct tpm_chip *chip) > priv->sm == ACPI_TPM2_COMMAND_BUFFER_WITH_START_METHOD) > && > crb_do_acpi_start(chip)) > dev_err(&chip->dev, "ACPI Start failed\n"); > + > + if (priv->sm == ACPI_TPM2_CRB_WITH_ARM_FFA) { > + rc = tpm_crb_ffa_start(CRB_FFA_START_TYPE_COMMAND, > chip->locality); > + if (rc) > + dev_err(&chip->dev, "FF-A Start failed\n"); > + } > } > > static bool crb_req_canceled(struct tpm_chip *chip, u8 status) > @@ -616,6 +654,7 @@ static int crb_map_io(struct acpi_device *device, > struct crb_priv *priv, > * stuff that puts the control area outside the ACPI IO > region. > */ > if (priv->sm == ACPI_TPM2_COMMAND_BUFFER || > + priv->sm == ACPI_TPM2_CRB_WITH_ARM_FFA || > priv->sm == ACPI_TPM2_MEMORY_MAPPED) { > if (iores && > buf->control_address == iores->start + > @@ -737,6 +776,7 @@ static int crb_acpi_add(struct acpi_device > *device) > struct tpm_chip *chip; > struct device *dev = &device->dev; > struct tpm2_crb_smc *crb_smc; > + struct tpm2_crb_ffa *crb_ffa; > struct tpm2_crb_pluton *crb_pluton; > acpi_status status; > u32 sm; > @@ -775,6 +815,27 @@ static int crb_acpi_add(struct acpi_device > *device) > priv->smc_func_id = crb_smc->smc_func_id; > } > > + if (sm == ACPI_TPM2_CRB_WITH_ARM_FFA) { > + if (buf->header.length < (sizeof(*buf) + > sizeof(*crb_ffa))) { > + dev_err(dev, > + FW_BUG "TPM2 ACPI table has wrong > size %u for start method type %d\n", > + buf->header.length, > + ACPI_TPM2_CRB_WITH_ARM_FFA); > + rc = -EINVAL; > + goto out; > + } > + crb_ffa = ACPI_ADD_PTR(struct tpm2_crb_ffa, buf, > sizeof(*buf)); > + priv->ffa_flags = crb_ffa->flags; > + priv->ffa_attributes = crb_ffa->attributes; > + rc = tpm_crb_ffa_init(); > + if (rc) { > + if (rc == -ENOENT) { // FF-A driver is not > available yet > + rc = -EPROBE_DEFER; > + } > + goto out; > + } > + } > + > if (sm == ACPI_TPM2_COMMAND_BUFFER_WITH_PLUTON) { > if (buf->header.length < (sizeof(*buf) + > sizeof(*crb_pluton))) { > dev_err(dev, Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> BR, Jarkko
diff --git a/drivers/char/tpm/tpm_crb.c b/drivers/char/tpm/tpm_crb.c index 31db879f1324..2a57650ba9b4 100644 --- a/drivers/char/tpm/tpm_crb.c +++ b/drivers/char/tpm/tpm_crb.c @@ -19,6 +19,7 @@ #ifdef CONFIG_ARM64 #include <linux/arm-smccc.h> #endif +#include "tpm_crb_ffa.h" #include "tpm.h" #define ACPI_SIG_TPM2 "TPM2" @@ -100,6 +101,8 @@ struct crb_priv { u32 smc_func_id; u32 __iomem *pluton_start_addr; u32 __iomem *pluton_reply_addr; + u8 ffa_flags; + u8 ffa_attributes; }; struct tpm2_crb_smc { @@ -110,6 +113,14 @@ struct tpm2_crb_smc { u32 smc_func_id; }; +/* CRB over FFA start method parameters in TCG2 ACPI table */ +struct tpm2_crb_ffa { + u8 flags; + u8 attributes; + u16 partition_id; + u8 reserved[8]; +}; + struct tpm2_crb_pluton { u64 start_addr; u64 reply_addr; @@ -122,7 +133,8 @@ static inline bool tpm_crb_has_idle(u32 start_method) { return start_method == ACPI_TPM2_START_METHOD || start_method == ACPI_TPM2_COMMAND_BUFFER_WITH_START_METHOD || - start_method == ACPI_TPM2_COMMAND_BUFFER_WITH_ARM_SMC; + start_method == ACPI_TPM2_COMMAND_BUFFER_WITH_ARM_SMC || + start_method == ACPI_TPM2_CRB_WITH_ARM_FFA; } static bool crb_wait_for_reg_32(u32 __iomem *reg, u32 mask, u32 value, @@ -261,13 +273,20 @@ static int crb_cmd_ready(struct tpm_chip *chip) static int __crb_request_locality(struct device *dev, struct crb_priv *priv, int loc) { - u32 value = CRB_LOC_STATE_LOC_ASSIGNED | - CRB_LOC_STATE_TPM_REG_VALID_STS; + u32 value = CRB_LOC_STATE_LOC_ASSIGNED | CRB_LOC_STATE_TPM_REG_VALID_STS; + int rc; if (!priv->regs_h) return 0; iowrite32(CRB_LOC_CTRL_REQUEST_ACCESS, &priv->regs_h->loc_ctrl); + + if (priv->sm == ACPI_TPM2_CRB_WITH_ARM_FFA) { + rc = tpm_crb_ffa_start(CRB_FFA_START_TYPE_LOCALITY_REQUEST, loc); + if (rc) + return rc; + } + if (!crb_wait_for_reg_32(&priv->regs_h->loc_state, value, value, TPM2_TIMEOUT_C)) { dev_warn(dev, "TPM_LOC_STATE_x.requestAccess timed out\n"); @@ -287,14 +306,21 @@ static int crb_request_locality(struct tpm_chip *chip, int loc) static int __crb_relinquish_locality(struct device *dev, struct crb_priv *priv, int loc) { - u32 mask = CRB_LOC_STATE_LOC_ASSIGNED | - CRB_LOC_STATE_TPM_REG_VALID_STS; + u32 mask = CRB_LOC_STATE_LOC_ASSIGNED | CRB_LOC_STATE_TPM_REG_VALID_STS; u32 value = CRB_LOC_STATE_TPM_REG_VALID_STS; + int rc; if (!priv->regs_h) return 0; iowrite32(CRB_LOC_CTRL_RELINQUISH, &priv->regs_h->loc_ctrl); + + if (priv->sm == ACPI_TPM2_CRB_WITH_ARM_FFA) { + rc = tpm_crb_ffa_start(CRB_FFA_START_TYPE_LOCALITY_REQUEST, loc); + if (rc) + return rc; + } + if (!crb_wait_for_reg_32(&priv->regs_h->loc_state, mask, value, TPM2_TIMEOUT_C)) { dev_warn(dev, "TPM_LOC_STATE_x.Relinquish timed out\n"); @@ -443,6 +469,11 @@ static int crb_send(struct tpm_chip *chip, u8 *buf, size_t len) rc = tpm_crb_smc_start(&chip->dev, priv->smc_func_id); } + if (priv->sm == ACPI_TPM2_CRB_WITH_ARM_FFA) { + iowrite32(CRB_START_INVOKE, &priv->regs_t->ctrl_start); + rc = tpm_crb_ffa_start(CRB_FFA_START_TYPE_COMMAND, chip->locality); + } + if (rc) return rc; @@ -452,6 +483,7 @@ static int crb_send(struct tpm_chip *chip, u8 *buf, size_t len) static void crb_cancel(struct tpm_chip *chip) { struct crb_priv *priv = dev_get_drvdata(&chip->dev); + int rc; iowrite32(CRB_CANCEL_INVOKE, &priv->regs_t->ctrl_cancel); @@ -459,6 +491,12 @@ static void crb_cancel(struct tpm_chip *chip) priv->sm == ACPI_TPM2_COMMAND_BUFFER_WITH_START_METHOD) && crb_do_acpi_start(chip)) dev_err(&chip->dev, "ACPI Start failed\n"); + + if (priv->sm == ACPI_TPM2_CRB_WITH_ARM_FFA) { + rc = tpm_crb_ffa_start(CRB_FFA_START_TYPE_COMMAND, chip->locality); + if (rc) + dev_err(&chip->dev, "FF-A Start failed\n"); + } } static bool crb_req_canceled(struct tpm_chip *chip, u8 status) @@ -616,6 +654,7 @@ static int crb_map_io(struct acpi_device *device, struct crb_priv *priv, * stuff that puts the control area outside the ACPI IO region. */ if (priv->sm == ACPI_TPM2_COMMAND_BUFFER || + priv->sm == ACPI_TPM2_CRB_WITH_ARM_FFA || priv->sm == ACPI_TPM2_MEMORY_MAPPED) { if (iores && buf->control_address == iores->start + @@ -737,6 +776,7 @@ static int crb_acpi_add(struct acpi_device *device) struct tpm_chip *chip; struct device *dev = &device->dev; struct tpm2_crb_smc *crb_smc; + struct tpm2_crb_ffa *crb_ffa; struct tpm2_crb_pluton *crb_pluton; acpi_status status; u32 sm; @@ -775,6 +815,27 @@ static int crb_acpi_add(struct acpi_device *device) priv->smc_func_id = crb_smc->smc_func_id; } + if (sm == ACPI_TPM2_CRB_WITH_ARM_FFA) { + if (buf->header.length < (sizeof(*buf) + sizeof(*crb_ffa))) { + dev_err(dev, + FW_BUG "TPM2 ACPI table has wrong size %u for start method type %d\n", + buf->header.length, + ACPI_TPM2_CRB_WITH_ARM_FFA); + rc = -EINVAL; + goto out; + } + crb_ffa = ACPI_ADD_PTR(struct tpm2_crb_ffa, buf, sizeof(*buf)); + priv->ffa_flags = crb_ffa->flags; + priv->ffa_attributes = crb_ffa->attributes; + rc = tpm_crb_ffa_init(); + if (rc) { + if (rc == -ENOENT) { // FF-A driver is not available yet + rc = -EPROBE_DEFER; + } + goto out; + } + } + if (sm == ACPI_TPM2_COMMAND_BUFFER_WITH_PLUTON) { if (buf->header.length < (sizeof(*buf) + sizeof(*crb_pluton))) { dev_err(dev,
The TCG ACPI spec v1.4 defines a start method for the TPMs implemented with the Arm CRB over FF-A ABI. Add support for the FF-A start method, and use interfaces provided by the ffa_crb driver to interact with the FF-A based TPM. Signed-off-by: Stuart Yoder <stuart.yoder@arm.com> --- drivers/char/tpm/tpm_crb.c | 71 +++++++++++++++++++++++++++++++++++--- 1 file changed, 66 insertions(+), 5 deletions(-)