tpm: Allow separate handling of Google Ti50 TPM

A new iteration of Google's TPM implementation will advertize a new DID:VID, but otherwise follow the same protocol as the earlier design. This change makes use of Kconfigs TPM_GOOGLE_CR50 and TPM_GOOGLE_TI50 to be able to take slightly different code paths, when e.g. evaluating whether TPM firmware is new enough to support certain features. Change-Id: I1e1f8eb9b94fc2d5689656335dc1135b47880986 Signed-off-by: Jes B. Klinke <jbk@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/63158 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2022-03-28 14:22:24 -07:00 · 2022-03-28 14:22:24 -07:00 · 1430b043f0
parent 9d8df30950
commit 1430b043f0
6 changed files with 32 additions and 39 deletions
--- a/src/drivers/i2c/tpm/Kconfig
+++ b/src/drivers/i2c/tpm/Kconfig
@ -3,15 +3,6 @@ config I2C_TPM
 	help
 	  I2C TPM driver is enabled!

-config MAINBOARD_NEEDS_I2C_TI50_WORKAROUND
-	bool
-	default n
-	help
-	  Ti50 FW versions below 0.15 don't support the firmware_version or board_cfg registers,
-	  and trying to access them causes I2C errors. This config will skip accesses to these
-	  registers, and should be selected for boards using Ti50 chips with FW < 0.15. The config
-	  will be removed once all Ti50 stocks are updated to 0.15 or higher.
-
 config DRIVER_TIS_DEFAULT
 	bool
 	depends on I2C_TPM
--- a/src/drivers/i2c/tpm/cr50.c
+++ b/src/drivers/i2c/tpm/cr50.c
@ -36,6 +36,7 @@
 #define CR50_TIMEOUT_NOIRQ_MS	20	/* Timeout for TPM ready without IRQ */
 #define CR50_TIMEOUT_IRQ_MS	100	/* Timeout for TPM ready with IRQ */
 #define CR50_DID_VID		0x00281ae0L
+#define TI50_DID_VID		0x504a6666L

 struct tpm_inf_dev {
 	int bus;
@ -455,7 +456,7 @@ static int cr50_i2c_probe(struct tpm_chip *chip, uint32_t *did_vid)
 		rc = cr50_i2c_read(TPM_DID_VID(0), (uint8_t *)did_vid, 4);

 		/* Exit once DID and VID verified */
-		if (!rc && (*did_vid == CR50_DID_VID)) {
+		if (!rc && (*did_vid == CR50_DID_VID || *did_vid == TI50_DID_VID)) {
 			printk(BIOS_INFO, "done! DID_VID 0x%08x\n", *did_vid);
 			return 0;
 		}
@ -474,7 +475,6 @@ static int cr50_i2c_probe(struct tpm_chip *chip, uint32_t *did_vid)

 int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr)
 {
-	struct cr50_firmware_version ver;
 	uint32_t did_vid = 0;

 	if (dev_addr == 0) {
@ -500,12 +500,10 @@ int tpm_vendor_init(struct tpm_chip *chip, unsigned int bus, uint32_t dev_addr)
 	printk(BIOS_DEBUG, "cr50 TPM 2.0 (i2c %u:0x%02x id 0x%x)\n",
 	       bus, dev_addr, did_vid >> 16);

-	/* Ti50 FW version under 0.15 doesn't support board cfg command
-	   TODO: remove this flag after all stocks Ti50 uprev to 0.15 or above */
-	if (!CONFIG(MAINBOARD_NEEDS_I2C_TI50_WORKAROUND) && tpm_first_access_this_boot()) {
+	if (tpm_first_access_this_boot()) {
 		/* This is called for the side-effect of printing the version string. */
-		cr50_get_firmware_version(&ver);
-		cr50_set_board_cfg();
+		cr50_get_firmware_version(NULL);
+                cr50_set_board_cfg();
 	}

 	chip->is_open = 1;
--- a/src/drivers/spi/tpm/tpm.c
+++ b/src/drivers/spi/tpm/tpm.c
@ -419,6 +419,7 @@ static enum cb_err tpm2_claim_locality(void)
 /* Device/vendor ID values of the TPM devices this driver supports. */
 static const uint32_t supported_did_vids[] = {
 	0x00281ae0,  /* H1 based Cr50 security chip. */
+	0x504a6666,  /* H1D3C based Ti50 security chip. */
 	0x0000104a   /* ST33HTPH2E32 */
 };

@ -496,15 +497,13 @@ int tpm2_init(struct spi_slave *spi_if)
 	printk(BIOS_INFO, "Connected to device vid:did:rid of %4.4x:%4.4x:%2.2x\n",
 	       tpm_info.vendor_id, tpm_info.device_id, tpm_info.revision);

-	/* Do some cr50-specific things here. */
-	if (CONFIG(TPM_GOOGLE) && tpm_info.vendor_id == 0x1ae0) {
-		struct cr50_firmware_version ver;
-
+	/* Do some GSC-specific things here. */
+	if (CONFIG(TPM_GOOGLE)) {
 		if (tpm_first_access_this_boot()) {
 			/* This is called for the side-effect of printing the firmware version
 			   string */
-			cr50_get_firmware_version(&ver);
-			cr50_set_board_cfg();
+			cr50_get_firmware_version(NULL);
+                        cr50_set_board_cfg();
 		}
 	}
 	return 0;
--- a/src/drivers/tpm/cr50.c
+++ b/src/drivers/tpm/cr50.c
@ -5,6 +5,9 @@
 #include <string.h>
 #include <types.h>

+#define CR50_DID_VID	0x00281ae0L
+#define TI50_DID_VID	0x504a6666L
+
 #define CR50_BOARD_CFG_LOCKBIT_MASK 0x80000000U
 #define CR50_BOARD_CFG_FEATUREBITS_MASK 0x3FFFFFFFU

@ -84,7 +87,7 @@ static uint32_t cr50_get_board_cfg(void)
 	const enum cb_err ret = tis_vendor_read(get_reg_addr(CR50_BOARD_CFG_REG), &value,
 					     sizeof(value));
 	if (ret != CB_SUCCESS) {
-		printk(BIOS_INFO, "Error reading from cr50\n");
+		printk(BIOS_ERR, "Error reading from Cr50\n");
 		return 0;
 	}

@ -96,6 +99,11 @@ static uint32_t cr50_get_board_cfg(void)
 */
 enum cb_err cr50_set_board_cfg(void)
 {
+	/* If we get here and we aren't cr50, then we must be ti50 which does
+	 * not currently need to support a board_cfg register. */
+	if (!CONFIG(TPM_GOOGLE_CR50))
+		return CB_SUCCESS;
+
 	struct cr50_firmware_version ver;
 	enum cb_err ret;
 	uint32_t value;
@ -109,7 +117,7 @@ enum cb_err cr50_set_board_cfg(void)
 	/* Set the CR50_BOARD_CFG register, for e.g. asking cr50 to use longer ready pulses. */
 	ret = tis_vendor_read(get_reg_addr(CR50_BOARD_CFG_REG), &value, sizeof(value));
 	if (ret != CB_SUCCESS) {
-		printk(BIOS_INFO, "Error reading from cr50\n");
+		printk(BIOS_ERR, "Error reading from Cr50\n");
 		return CB_ERR;
 	}

@ -142,19 +150,15 @@ enum cb_err cr50_set_board_cfg(void)

 bool cr50_is_long_interrupt_pulse_enabled(void)
 {
-	/*
-	 * Ti50 FW versions under 0.15 don't support the board cfg register,
-	 * and all Ti50 versions only support long IRQ pulses.
-	 * TODO: Remove this after all Ti50 stocks uprev to 0.15 or above.
-	 */
-	if (CONFIG(MAINBOARD_NEEDS_I2C_TI50_WORKAROUND))
-		return true;
+	if (CONFIG(TPM_GOOGLE_CR50))
+		return !!(cr50_get_board_cfg() & CR50_BOARD_CFG_100US_READY_PULSE);

-	return !!(cr50_get_board_cfg() & CR50_BOARD_CFG_100US_READY_PULSE);
+        /* Ti50 and future GSCs will support only long interrupt pulses. */
+        return true;
 }

 static enum cb_err cr50_parse_fw_version(const char *version_str,
-				      struct cr50_firmware_version *ver)
+					 struct cr50_firmware_version *ver)
 {
 	int epoch, major, minor;

@ -219,6 +223,7 @@ enum cb_err cr50_get_firmware_version(struct cr50_firmware_version *version)
 	}

 success:
-	*version = cr50_firmware_version;
+	if (version)
+		*version = cr50_firmware_version;
 	return CB_SUCCESS;
 }
--- a/src/drivers/tpm/cr50.h
+++ b/src/drivers/tpm/cr50.h
@ -5,7 +5,7 @@

 #include <types.h>

-/* Structure describing the elements of Cr50 firmware version. */
+/* Structure describing the elements of GSC firmware version. */
 struct cr50_firmware_version {
 	int epoch;
 	int major;
@ -15,7 +15,7 @@ struct cr50_firmware_version {
 /* Indicates whether Cr50 ready pulses are guaranteed to be at least 100us. */
 bool cr50_is_long_interrupt_pulse_enabled(void);

-/* Get the Cr50 firmware version information. */
+/* Get the GSC firmware version information. */
 enum cb_err cr50_get_firmware_version(struct cr50_firmware_version *version);

 /* Set the BOARD_CFG register depending on Cr50 Kconfigs */
--- a/src/mainboard/google/brya/Kconfig
+++ b/src/mainboard/google/brya/Kconfig
@ -1,7 +1,6 @@
 config BOARD_GOOGLE_BRYA_COMMON
 	def_bool n
 	select BOARD_ROMSIZE_KB_32768
-	select CR50_USE_LONG_INTERRUPT_PULSES
 	select DRIVERS_GENERIC_ALC1015
 	select DRIVERS_GENERIC_GPIO_KEYS
 	select DRIVERS_GENERIC_MAX98357A
@ -37,7 +36,6 @@ config BOARD_GOOGLE_BRYA_COMMON
 	select SOC_INTEL_CSE_LITE_SKU
 	select SOC_INTEL_ENABLE_USB4_PCIE_RESOURCES if SOC_INTEL_ALDERLAKE_PCH_P
 	select SOC_INTEL_COMMON_BASECODE_DEBUG_FEATURE
-	select TPM_GOOGLE_CR50

 config BOARD_GOOGLE_BASEBOARD_BRYA
 	def_bool n
@ -46,6 +44,7 @@ config BOARD_GOOGLE_BASEBOARD_BRYA
 	select MEMORY_SOLDERDOWN if !BOARD_GOOGLE_BANSHEE
 	select SOC_INTEL_ALDERLAKE_PCH_P
 	select SYSTEM_TYPE_LAPTOP
+	select TPM_GOOGLE_CR50

 config BOARD_GOOGLE_BASEBOARD_BRASK
 	def_bool n
@ -57,16 +56,17 @@ config BOARD_GOOGLE_BASEBOARD_BRASK
 	select RT8168_GET_MAC_FROM_VPD
 	select RT8168_SET_LED_MODE
 	select SOC_INTEL_ALDERLAKE_PCH_P
+	select TPM_GOOGLE_CR50

 config BOARD_GOOGLE_BASEBOARD_NISSA
 	def_bool n
 	select BOARD_GOOGLE_BRYA_COMMON
 	select CHROMEOS_DRAM_PART_NUMBER_IN_CBI if CHROMEOS
-	select MAINBOARD_NEEDS_I2C_TI50_WORKAROUND
 	select MEMORY_SOLDERDOWN
 	select SOC_INTEL_ALDERLAKE_PCH_N
 	select SOC_INTEL_CSE_LITE_COMPRESS_ME_RW
 	select SYSTEM_TYPE_LAPTOP
+	select TPM_GOOGLE_TI50

 if BOARD_GOOGLE_BRYA_COMMON