* [PATCH 0/3] Add support for TPM devices over I2C bus
@ 2023-03-23 3:01 Ninad Palsule
2023-03-23 3:01 ` [PATCH 1/3] docs: " Ninad Palsule
` (3 more replies)
0 siblings, 4 replies; 20+ messages in thread
From: Ninad Palsule @ 2023-03-23 3:01 UTC (permalink / raw)
To: qemu-devel; +Cc: Ninad Palsule, joel, andrew, stefanb, clg
This drop adds support for the TPM devices attached to the I2C bus. It
only supports the TPM2 protocol. You need to run it with the external
TPM emulator like swtpm. I have tested it with swtpm.
I have refered to the work done by zhdaniel@meta.com but at the core
level out implementation is different.
https://github.com/theopolis/qemu/commit/2e2e57cde9e419c36af8071bb85392ad1ed70966
Based-on: $MESSAGE_ID
---
V2:
Incorporated Stephan's comments.
Ninad Palsule (3):
docs: Add support for TPM devices over I2C bus
TPM TIS: Add support for TPM devices over I2C bus
New I2C: Add support for TPM devices over I2C bus
docs/specs/tpm.rst | 20 +-
hw/arm/Kconfig | 1 +
hw/tpm/Kconfig | 7 +
hw/tpm/meson.build | 1 +
hw/tpm/tpm_tis.h | 3 +
hw/tpm/tpm_tis_common.c | 32 +++
hw/tpm/tpm_tis_i2c.c | 440 ++++++++++++++++++++++++++++++++++++++++
include/sysemu/tpm.h | 3 +
8 files changed, 506 insertions(+), 1 deletion(-)
create mode 100644 hw/tpm/tpm_tis_i2c.c
--
2.37.2
^ permalink raw reply [flat|nested] 20+ messages in thread
* [PATCH 1/3] docs: Add support for TPM devices over I2C bus
2023-03-23 3:01 [PATCH 0/3] Add support for TPM devices over I2C bus Ninad Palsule
@ 2023-03-23 3:01 ` Ninad Palsule
2023-03-23 7:49 ` Cédric Le Goater
2023-03-23 3:01 ` [PATCH 2/3] TPM TIS: " Ninad Palsule
` (2 subsequent siblings)
3 siblings, 1 reply; 20+ messages in thread
From: Ninad Palsule @ 2023-03-23 3:01 UTC (permalink / raw)
To: qemu-devel; +Cc: Ninad Palsule, joel, andrew, stefanb, clg
This is a documentation change for I2C TPM device support.
Qemu already supports devices attached to ISA and sysbus.
This drop adds support for the I2C bus attached TPM devices.
Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
---
V2:
Incorporated Stephen's review comments
- Added example in the document.
---
docs/specs/tpm.rst | 20 +++++++++++++++++++-
1 file changed, 19 insertions(+), 1 deletion(-)
diff --git a/docs/specs/tpm.rst b/docs/specs/tpm.rst
index 535912a92b..bf7249b09c 100644
--- a/docs/specs/tpm.rst
+++ b/docs/specs/tpm.rst
@@ -21,11 +21,15 @@ QEMU files related to TPM TIS interface:
- ``hw/tpm/tpm_tis_common.c``
- ``hw/tpm/tpm_tis_isa.c``
- ``hw/tpm/tpm_tis_sysbus.c``
+ - ``hw/tpm/tpm_tis_i2c.c``
- ``hw/tpm/tpm_tis.h``
Both an ISA device and a sysbus device are available. The former is
used with pc/q35 machine while the latter can be instantiated in the
-Arm virt machine.
+Arm virt machine. An I2C device support is also added which can be
+instantiated in the arm based emulation machine. An I2C device is also
+supported for the Arm virt machine. This device only supports the
+TPM 2 protocol.
CRB interface
-------------
@@ -348,6 +352,20 @@ In case an Arm virt machine is emulated, use the following command line:
-drive if=pflash,format=raw,file=flash0.img,readonly=on \
-drive if=pflash,format=raw,file=flash1.img
+In case a Rainier bmc machine is emulated, use the following command line:
+
+.. code-block:: console
+
+ qemu-system-arm -M rainier-bmc -nographic \
+ -kernel ${IMAGEPATH}/fitImage-linux.bin \
+ -dtb ${IMAGEPATH}/aspeed-bmc-ibm-rainier.dtb \
+ -initrd ${IMAGEPATH}/obmc-phosphor-initramfs.rootfs.cpio.xz \
+ -drive file=${IMAGEPATH}/obmc-phosphor-image.rootfs.wic.qcow2,if=sd,index=2\
+ -net nic -net user,hostfwd=:127.0.0.1:2222-:22,hostfwd=:127.0.0.1:2443-:443\
+ -chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
+ -tpmdev emulator,id=tpm0,chardev=chrtpm \
+ -device tpm-tis-i2c,tpmdev=tpm0,bus=aspeed.i2c.bus.12,address=0x2e
+
In case SeaBIOS is used as firmware, it should show the TPM menu item
after entering the menu with 'ESC'.
--
2.37.2
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [PATCH 2/3] TPM TIS: Add support for TPM devices over I2C bus
2023-03-23 3:01 [PATCH 0/3] Add support for TPM devices over I2C bus Ninad Palsule
2023-03-23 3:01 ` [PATCH 1/3] docs: " Ninad Palsule
@ 2023-03-23 3:01 ` Ninad Palsule
2023-03-23 7:44 ` Cédric Le Goater
2023-03-23 3:01 ` [PATCH 3/3] New I2C: " Ninad Palsule
2023-03-23 7:23 ` [PATCH 0/3] " Cédric Le Goater
3 siblings, 1 reply; 20+ messages in thread
From: Ninad Palsule @ 2023-03-23 3:01 UTC (permalink / raw)
To: qemu-devel; +Cc: Ninad Palsule, joel, andrew, stefanb, clg
Qemu already supports devices attached to ISA and sysbus. This drop adds
support for the I2C bus attached TPM devices.
This commit includes changes for the common code.
- Added support for the new checksum registers which are required for
the I2C support. The checksum calculation is handled in the qemu
common code.
- Added wrapper function for read and write data so that I2C code can
call it without MMIO interface.
Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
---
V2:
Incorporated Stephen's comments.
- Removed checksum enable and checksum get registers.
- Added checksum calculation function which can be called from
i2c layer.
---
hw/tpm/tpm_tis.h | 3 +++
hw/tpm/tpm_tis_common.c | 32 ++++++++++++++++++++++++++++++++
2 files changed, 35 insertions(+)
diff --git a/hw/tpm/tpm_tis.h b/hw/tpm/tpm_tis.h
index f6b5872ba6..6f29a508dd 100644
--- a/hw/tpm/tpm_tis.h
+++ b/hw/tpm/tpm_tis.h
@@ -86,5 +86,8 @@ int tpm_tis_pre_save(TPMState *s);
void tpm_tis_reset(TPMState *s);
enum TPMVersion tpm_tis_get_tpm_version(TPMState *s);
void tpm_tis_request_completed(TPMState *s, int ret);
+uint32_t tpm_tis_read_data(TPMState *s, hwaddr addr, unsigned size);
+void tpm_tis_write_data(TPMState *s, hwaddr addr, uint64_t val, uint32_t size);
+uint16_t tpm_tis_get_checksum(TPMState *s);
#endif /* TPM_TPM_TIS_H */
diff --git a/hw/tpm/tpm_tis_common.c b/hw/tpm/tpm_tis_common.c
index 503be2a541..b1acde74cb 100644
--- a/hw/tpm/tpm_tis_common.c
+++ b/hw/tpm/tpm_tis_common.c
@@ -26,6 +26,8 @@
#include "hw/irq.h"
#include "hw/isa/isa.h"
#include "qapi/error.h"
+#include "qemu/bswap.h"
+#include "qemu/crc-ccitt.h"
#include "qemu/module.h"
#include "hw/acpi/tpm.h"
@@ -447,6 +449,27 @@ static uint64_t tpm_tis_mmio_read(void *opaque, hwaddr addr,
return val;
}
+/*
+ * A wrapper read function so that it can be directly called without
+ * mmio.
+ */
+uint32_t tpm_tis_read_data(TPMState *s, hwaddr addr, unsigned size)
+{
+ return tpm_tis_mmio_read(s, addr, size);
+}
+
+/*
+ * Calculate current data buffer checksum
+ */
+uint16_t tpm_tis_get_checksum(TPMState *s)
+{
+ uint16_t val = 0xffff;
+
+ val = cpu_to_be16(crc_ccitt(0, s->buffer, s->rw_offset));
+
+ return val;
+}
+
/*
* Write a value to a register of the TIS interface
* See specs pages 33-63 for description of the registers
@@ -767,6 +790,15 @@ static void tpm_tis_mmio_write(void *opaque, hwaddr addr,
}
}
+/*
+ * A wrapper write function so that it can be directly called without
+ * mmio.
+ */
+void tpm_tis_write_data(TPMState *s, hwaddr addr, uint64_t val, uint32_t size)
+{
+ tpm_tis_mmio_write(s, addr, val, size);
+}
+
const MemoryRegionOps tpm_tis_memory_ops = {
.read = tpm_tis_mmio_read,
.write = tpm_tis_mmio_write,
--
2.37.2
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [PATCH 3/3] New I2C: Add support for TPM devices over I2C bus
2023-03-23 3:01 [PATCH 0/3] Add support for TPM devices over I2C bus Ninad Palsule
2023-03-23 3:01 ` [PATCH 1/3] docs: " Ninad Palsule
2023-03-23 3:01 ` [PATCH 2/3] TPM TIS: " Ninad Palsule
@ 2023-03-23 3:01 ` Ninad Palsule
2023-03-23 8:37 ` Cédric Le Goater
2023-03-23 12:18 ` Stefan Berger
2023-03-23 7:23 ` [PATCH 0/3] " Cédric Le Goater
3 siblings, 2 replies; 20+ messages in thread
From: Ninad Palsule @ 2023-03-23 3:01 UTC (permalink / raw)
To: qemu-devel; +Cc: Ninad Palsule, joel, andrew, stefanb, clg
Qemu already supports devices attached to ISA and sysbus. This drop adds
support for the I2C bus attached TPM devices. I2C model only supports
TPM2 protocol.
This commit includes changes for the common code.
- Added I2C emulation model. Logic was added in the model to temporarily
cache the data as I2C interface works per byte basis.
- New tpm type "tpm-tis-i2c" added for I2C support. User specify this
string on command line.
Testing:
TPM I2C device modulte is tested using SWTPM (software based TPM
package). The qemu used the rainier machine and it was connected to
swtpm over the socket interface.
The command to start swtpm is as follows:
$ swtpm socket --tpmstate dir=/tmp/mytpm1 \
--ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock \
--tpm2 --log level=100
The command to start qemu is as follows:
$ qemu-system-arm -M rainier-bmc -nographic \
-kernel ${IMAGEPATH}/fitImage-linux.bin \
-dtb ${IMAGEPATH}/aspeed-bmc-ibm-rainier.dtb \
-initrd ${IMAGEPATH}/obmc-phosphor-initramfs.rootfs.cpio.xz \
-drive file=${IMAGEPATH}/obmc-phosphor-image.rootfs.wic.qcow2,if=sd,index=2 \
-net nic -net user,hostfwd=:127.0.0.1:2222-:22,hostfwd=:127.0.0.1:2443-:443 \
-chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
-tpmdev emulator,id=tpm0,chardev=chrtpm \
-device tpm-tis-i2c,tpmdev=tpm0,bus=aspeed.i2c.bus.12,address=0x2e
Note: Currently you need to specify the I2C bus and device address on
command line. In future we can add a device at board level.
Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
---
V2:
Incorporated Stephen's review comments.
- Handled checksum related register in I2C layer
- Defined I2C interface capabilities and return those instead of
capabilities from TPM TIS. Add required capabilities from TIS.
- Do not cache FIFO data in the I2C layer.
- Make sure that Device address change register is not passed to I2C
layer as capability indicate that it is not supported.
- Added boundary checks.
- Make sure that bits 26-31 are zeroed for the TPM_STS register on read
- Updated Kconfig files for new define.
---
hw/arm/Kconfig | 1 +
hw/tpm/Kconfig | 7 +
hw/tpm/meson.build | 1 +
hw/tpm/tpm_tis_i2c.c | 440 +++++++++++++++++++++++++++++++++++++++++++
include/sysemu/tpm.h | 3 +
5 files changed, 452 insertions(+)
create mode 100644 hw/tpm/tpm_tis_i2c.c
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
index b5aed4aff5..05d6ef1a31 100644
--- a/hw/arm/Kconfig
+++ b/hw/arm/Kconfig
@@ -6,6 +6,7 @@ config ARM_VIRT
imply VFIO_PLATFORM
imply VFIO_XGMAC
imply TPM_TIS_SYSBUS
+ imply TPM_TIS_I2C
imply NVDIMM
select ARM_GIC
select ACPI
diff --git a/hw/tpm/Kconfig b/hw/tpm/Kconfig
index 29e82f3c92..a46663288c 100644
--- a/hw/tpm/Kconfig
+++ b/hw/tpm/Kconfig
@@ -1,3 +1,10 @@
+config TPM_TIS_I2C
+ bool
+ depends on TPM
+ select TPM_BACKEND
+ select I2C
+ select TPM_TIS
+
config TPM_TIS_ISA
bool
depends on TPM && ISA_BUS
diff --git a/hw/tpm/meson.build b/hw/tpm/meson.build
index 7abc2d794a..76fe3cb098 100644
--- a/hw/tpm/meson.build
+++ b/hw/tpm/meson.build
@@ -1,6 +1,7 @@
softmmu_ss.add(when: 'CONFIG_TPM_TIS', if_true: files('tpm_tis_common.c'))
softmmu_ss.add(when: 'CONFIG_TPM_TIS_ISA', if_true: files('tpm_tis_isa.c'))
softmmu_ss.add(when: 'CONFIG_TPM_TIS_SYSBUS', if_true: files('tpm_tis_sysbus.c'))
+softmmu_ss.add(when: 'CONFIG_TPM_TIS_I2C', if_true: files('tpm_tis_i2c.c'))
softmmu_ss.add(when: 'CONFIG_TPM_CRB', if_true: files('tpm_crb.c'))
softmmu_ss.add(when: 'CONFIG_TPM_TIS', if_true: files('tpm_ppi.c'))
softmmu_ss.add(when: 'CONFIG_TPM_CRB', if_true: files('tpm_ppi.c'))
diff --git a/hw/tpm/tpm_tis_i2c.c b/hw/tpm/tpm_tis_i2c.c
new file mode 100644
index 0000000000..5cec5f7806
--- /dev/null
+++ b/hw/tpm/tpm_tis_i2c.c
@@ -0,0 +1,440 @@
+/*
+ * tpm_tis_i2c.c - QEMU's TPM TIS I2C Device
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ * Implementation of the TIS interface according to specs found at
+ * http://www.trustedcomputinggroup.org. This implementation currently
+ * supports version 1.3, 21 March 2013
+ * In the developers menu choose the PC Client section then find the TIS
+ * specification.
+ *
+ * TPM TIS for TPM 2 implementation following TCG PC Client Platform
+ * TPM Profile (PTP) Specification, Familiy 2.0, Revision 00.43
+ *
+ * TPM I2C implementation follows TCG TPM I2c Interface specification,
+ * Family 2.0, Level 00, Revision 1.00
+ */
+
+#include "qemu/osdep.h"
+#include "hw/i2c/i2c.h"
+#include "hw/qdev-properties.h"
+#include "hw/acpi/tpm.h"
+#include "migration/vmstate.h"
+#include "tpm_prop.h"
+#include "tpm_tis.h"
+#include "qom/object.h"
+#include "block/aio.h"
+#include "qemu/main-loop.h"
+
+/* TPM TIS I2C registers */
+#define TPM_TIS_I2C_REG_LOC_SEL 0x00
+#define TPM_TIS_I2C_REG_ACCESS 0x04
+#define TPM_TIS_I2C_REG_INT_ENABLE 0x08
+#define TPM_TIS_I2C_REG_INT_CAPABILITY 0x14
+#define TPM_TIS_I2C_REG_STS 0x18
+#define TPM_TIS_I2C_REG_DATA_FIFO 0x24
+#define TPM_TIS_I2C_REG_INTF_CAPABILITY 0x30
+#define TPM_TIS_I2C_REG_I2C_DEV_ADDRESS 0x38
+#define TPM_TIS_I2C_REG_DATA_CSUM_ENABLE 0x40
+#define TPM_TIS_I2C_REG_DATA_CSUM_GET 0x44
+#define TPM_TIS_I2C_REG_DID_VID 0x48
+#define TPM_TIS_I2C_REG_RID 0x4c
+#define TPM_TIS_I2C_REG_UNKNOWN 0xff
+
+/* I2C specific interface capabilities */
+#define TPM_I2C_CAP_INTERFACE_TYPE (0x2 << 0) /* FIFO interface */
+#define TPM_I2C_CAP_INTERFACE_VER (0x0 << 4) /* TCG I2C intf 1.0 */
+#define TPM_I2C_CAP_TPM2_FAMILY (0x1 << 7) /* TPM 2.0 family. */
+#define TPM_I2C_CAP_DEV_ADDR_CHANGE (0x0 << 27) /* No dev addr chng */
+#define TPM_I2C_CAP_BURST_COUNT_STATIC (0x1 << 29) /* Burst count static */
+#define TPM_I2C_CAP_LOCALITY_CAP (0x1 << 25) /* 0-5 locality */
+#define TPM_I2C_CAP_BUS_SPEED (3 << 21) /* std and fast mode */
+
+/* TPM_STS mask for read bits 31:26 must be zero */
+#define TPM_I2C_STS_READ_MASK 0x03ffffff
+
+/* Operations */
+#define OP_SEND 1
+#define OP_RECV 2
+
+typedef struct TPMStateI2C {
+ /*< private >*/
+ I2CSlave parent_obj;
+
+ int offset; /* offset in to data[] */
+ int size; /* Size of the current reg data */
+ uint8_t operation; /* OP_SEND & OP_RECV */
+ uint8_t data[4096]; /* Data */
+
+ bool csum_enable;
+ uint32_t tis_intf_cap; /* save TIS interface Capabilities */
+
+ /*< public >*/
+ TPMState state; /* not a QOM object */
+
+} TPMStateI2C;
+
+DECLARE_INSTANCE_CHECKER(TPMStateI2C, TPM_TIS_I2C,
+ TYPE_TPM_TIS_I2C)
+
+/* Register map */
+typedef struct reg_map {
+ uint16_t i2c_reg; /* I2C register */
+ uint16_t tis_reg; /* TIS register */
+ uint32_t data_size; /* data size expected */
+} i2c_reg_map;
+
+/*
+ * The register values in the common code is different than the latest
+ * register numbers as per the spec hence add the conversion map
+ */
+static const i2c_reg_map tpm_tis_reg_map[] = {
+ { TPM_TIS_I2C_REG_LOC_SEL, TPM_TIS_REG_ACCESS, 1, },
+ { TPM_TIS_I2C_REG_ACCESS, TPM_TIS_REG_ACCESS, 1, },
+ { TPM_TIS_I2C_REG_INT_ENABLE, TPM_TIS_REG_INT_ENABLE, 4, },
+ { TPM_TIS_I2C_REG_INT_CAPABILITY, TPM_TIS_REG_INT_VECTOR, 4, },
+ { TPM_TIS_I2C_REG_STS, TPM_TIS_REG_STS, 4, },
+ { TPM_TIS_I2C_REG_DATA_FIFO, TPM_TIS_REG_DATA_FIFO, 0, },
+ { TPM_TIS_I2C_REG_INTF_CAPABILITY, TPM_TIS_REG_INTF_CAPABILITY, 4, },
+ { TPM_TIS_I2C_REG_I2C_DEV_ADDRESS, TPM_TIS_I2C_REG_I2C_DEV_ADDRESS, 2, },
+ { TPM_TIS_I2C_REG_DATA_CSUM_ENABLE, TPM_TIS_I2C_REG_DATA_CSUM_ENABLE, 1, },
+ { TPM_TIS_I2C_REG_DATA_CSUM_GET, TPM_TIS_I2C_REG_DATA_CSUM_GET, 2, },
+ { TPM_TIS_I2C_REG_DID_VID, TPM_TIS_REG_DID_VID, 4, },
+ { TPM_TIS_I2C_REG_RID, TPM_TIS_REG_RID, 1, },
+};
+
+/* Generate interface capability based on what is returned by TIS and what is
+ * expected by I2C. Save the capability in the data array overwriting the TIS
+ * capability.
+ */
+static uint32_t tpm_i2c_interface_capability(TPMStateI2C *i2cst, uint32_t tis_cap)
+{
+ uint32_t i2c_cap = 0;
+
+ i2cst->tis_intf_cap = tis_cap;
+
+ /* Now generate i2c capability */
+ i2c_cap = (TPM_I2C_CAP_INTERFACE_TYPE |
+ TPM_I2C_CAP_INTERFACE_VER |
+ TPM_I2C_CAP_TPM2_FAMILY |
+ TPM_I2C_CAP_LOCALITY_CAP |
+ TPM_I2C_CAP_BUS_SPEED |
+ TPM_I2C_CAP_DEV_ADDR_CHANGE);
+
+ /* Now check the TIS and set some capabilities */
+
+ /* Static burst count set */
+ if (i2cst->tis_intf_cap & 0x100) {
+ i2c_cap |= TPM_I2C_CAP_BURST_COUNT_STATIC;
+ }
+
+ return i2c_cap;
+}
+
+static inline uint16_t tpm_tis_i2c_to_tis_reg(uint64_t i2c_reg, int *size)
+{
+ uint16_t tis_reg = i2c_reg;
+ const i2c_reg_map *reg_map;
+ int i;
+
+ for (i = 0; i < ARRAY_SIZE(tpm_tis_reg_map); i++) {
+ reg_map = &tpm_tis_reg_map[i];
+ if (reg_map->i2c_reg == (i2c_reg & 0xff)) {
+ tis_reg = reg_map->tis_reg;
+ *size = reg_map->data_size;
+ break;
+ }
+ }
+
+ return tis_reg;
+}
+
+/* Initialize the cached data */
+static inline void tpm_tis_i2c_init_cache(TPMStateI2C *i2cst)
+{
+ /* Clear operation and offset */
+ i2cst->operation = 0;
+ i2cst->offset = 0;
+ i2cst->size = 0;
+
+ return;
+}
+
+/* Send data to TPM */
+static inline void tpm_tis_i2c_tpm_send(TPMStateI2C *i2cst)
+{
+ uint16_t tis_reg;
+ uint32_t data;
+ int i;
+
+ if ((i2cst->operation == OP_SEND) && (i2cst->offset > 1)) {
+
+ /*
+ * Checksum is not handled by common code hence we will consume the
+ * register here.
+ */
+ if (i2cst->data[0] == TPM_TIS_I2C_REG_DATA_CSUM_ENABLE) {
+ i2cst->csum_enable = true;
+ } else if (i2cst->data[0] != TPM_TIS_I2C_REG_DATA_FIFO) {
+ tis_reg = tpm_tis_i2c_to_tis_reg(i2cst->data[0], &i2cst->size);
+
+ /* Index 0 is always a register */
+ for (i = 1; i < i2cst->offset; i++) {
+ data = i2cst->data[i];
+ tpm_tis_write_data(&i2cst->state, tis_reg, data, 1);
+ }
+ }
+
+ tpm_tis_i2c_init_cache(i2cst);
+ }
+
+ return;
+}
+
+/* Callback from TPM to indicate that response is copied */
+static void tpm_tis_i2c_request_completed(TPMIf *ti, int ret)
+{
+ TPMStateI2C *i2cst = TPM_TIS_I2C(ti);
+ TPMState *s = &i2cst->state;
+
+ /* Inform the common code. */
+ tpm_tis_request_completed(s, ret);
+}
+
+static enum TPMVersion tpm_tis_i2c_get_tpm_version(TPMIf *ti)
+{
+ TPMStateI2C *i2cst = TPM_TIS_I2C(ti);
+ TPMState *s = &i2cst->state;
+
+ return tpm_tis_get_tpm_version(s);
+}
+
+static int tpm_tis_i2c_event(I2CSlave *i2c, enum i2c_event event)
+{
+ TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
+ int ret = 0;
+
+ switch (event) {
+ case I2C_START_RECV:
+ break;
+ case I2C_START_SEND:
+ tpm_tis_i2c_init_cache(i2cst);
+ break;
+ case I2C_FINISH:
+ if (i2cst->operation == OP_SEND) {
+ tpm_tis_i2c_tpm_send(i2cst);
+ } else {
+ tpm_tis_i2c_init_cache(i2cst);
+ }
+ break;
+ default:
+ break;
+ }
+
+ return ret;
+}
+
+/*
+ * If data is for FIFO then it is received from tpm_tis_common buffer
+ * otherwise it will be handled using single call to common code and
+ * cached in the local buffer.
+ */
+static uint8_t tpm_tis_i2c_recv(I2CSlave *i2c)
+{
+ int ret = 0;
+ int i, j;
+ uint32_t addr;
+ uint32_t data_read;
+ uint16_t i2c_reg;
+ TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
+ TPMState *s = &i2cst->state;
+
+ if (i2cst->operation == OP_RECV) {
+
+ /* Do not cache FIFO data. */
+ if (i2cst->data[0] == TPM_TIS_I2C_REG_DATA_FIFO) {
+ addr = tpm_tis_i2c_to_tis_reg(TPM_TIS_I2C_REG_DATA_FIFO,
+ &i2cst->size);
+ data_read = tpm_tis_read_data(s, addr, 1);
+ ret = (data_read & 0xff);
+ } else if (i2cst->offset < 4096) {
+ ret = i2cst->data[i2cst->offset++];
+ }
+
+ } else if ((i2cst->operation == OP_SEND) && (i2cst->offset < 2)) {
+ /* First receive call after send */
+
+ i2c_reg = i2cst->data[0];
+
+ i2cst->operation = OP_RECV;
+ i2cst->offset = 1; /* keep the register value intact for debug */
+
+ addr = tpm_tis_i2c_to_tis_reg(i2c_reg, &i2cst->size);
+
+ /* FIFO data is directly read from TPM TIS */
+ if (i2c_reg == TPM_TIS_I2C_REG_DATA_FIFO) {
+ data_read = tpm_tis_read_data(s, addr, 1);
+ ret = (data_read & 0xff);
+ } else {
+ /*
+ * Save the data in the data field. Save it in the little
+ * endian format.
+ */
+ for (i = 1; i <= i2cst->size;) {
+ /*
+ * Checksum registers are not supported by common code hence
+ * call a common code to get the checksum.
+ */
+ if (i2c_reg == TPM_TIS_I2C_REG_DATA_CSUM_GET) {
+ data_read = tpm_tis_get_checksum(s);
+ } else {
+ data_read = tpm_tis_read_data(s, addr, 4);
+
+ if (i2c_reg == TPM_TIS_I2C_REG_INTF_CAPABILITY) {
+ /* Prepare the capabilities as per I2C interface */
+ data_read = tpm_i2c_interface_capability(i2cst,
+ data_read);
+ } else if (i2c_reg == TPM_TIS_I2C_REG_STS) {
+ /*
+ * As per specs, STS bit 31:26 are reserved and must
+ * be set to 0
+ */
+ data_read &= TPM_I2C_STS_READ_MASK;
+ }
+ }
+ for (j = 0; j < 4; j++) {
+ i2cst->data[i++] = (data_read & 0xff);
+ data_read >>= 8;
+ }
+ }
+
+ /* Return first byte with this call */
+ ret = i2cst->data[i2cst->offset++];
+ }
+ } else {
+ i2cst->operation = OP_RECV;
+ }
+
+ return ret;
+}
+
+/*
+ * Send function only remembers data in the buffer and then calls
+ * TPM TIS common code during FINISH event.
+ */
+static int tpm_tis_i2c_send(I2CSlave *i2c, uint8_t data)
+{
+ TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
+ uint16_t tis_reg;
+
+ /* Reject non-supported registers. */
+ if (i2cst->offset == 0) {
+ /* We do not support device address change */
+ if (data == TPM_TIS_I2C_REG_I2C_DEV_ADDRESS) {
+ return 1;
+ }
+ }
+
+ if (i2cst->offset < 4096) {
+ i2cst->operation = OP_SEND;
+
+ /* Remember data locally for non-FIFO registers */
+ if ((i2cst->offset == 0) ||
+ (i2cst->data[0] != TPM_TIS_I2C_REG_DATA_FIFO)) {
+ i2cst->data[i2cst->offset++] = data;
+ } else {
+ tis_reg = tpm_tis_i2c_to_tis_reg(i2cst->data[0], &i2cst->size);
+ tpm_tis_write_data(&i2cst->state, tis_reg, data, 1);
+ }
+
+ return 0;
+
+ } else {
+ /* Return non-zero to indicate NAK */
+ return 1;
+ }
+}
+
+static Property tpm_tis_i2c_properties[] = {
+ DEFINE_PROP_UINT32("irq", TPMStateI2C, state.irq_num, TPM_TIS_IRQ),
+ DEFINE_PROP_TPMBE("tpmdev", TPMStateI2C, state.be_driver),
+ DEFINE_PROP_END_OF_LIST(),
+};
+
+static void tpm_tis_i2c_realizefn(DeviceState *dev, Error **errp)
+{
+ TPMStateI2C *i2cst = TPM_TIS_I2C(dev);
+ TPMState *s = &i2cst->state;
+
+ if (!tpm_find()) {
+ error_setg(errp, "at most one TPM device is permitted");
+ return;
+ }
+
+ /*
+ * Get the backend pointer. It is not initialized propery during
+ * device_class_set_props
+ */
+ s->be_driver = qemu_find_tpm_be("tpm0");
+
+ if (!s->be_driver) {
+ error_setg(errp, "'tpmdev' property is required");
+ return;
+ }
+ if (s->irq_num > 15) {
+ error_setg(errp, "IRQ %d is outside valid range of 0 to 15",
+ s->irq_num);
+ return;
+ }
+}
+
+static void tpm_tis_i2c_reset(DeviceState *dev)
+{
+ TPMStateI2C *i2cst = TPM_TIS_I2C(dev);
+ TPMState *s = &i2cst->state;
+
+ tpm_tis_i2c_init_cache(i2cst);
+
+ i2cst->csum_enable = false;
+
+ return tpm_tis_reset(s);
+}
+
+static void tpm_tis_i2c_class_init(ObjectClass *klass, void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(klass);
+ I2CSlaveClass *k = I2C_SLAVE_CLASS(klass);
+ TPMIfClass *tc = TPM_IF_CLASS(klass);
+
+ dc->realize = tpm_tis_i2c_realizefn;
+ dc->reset = tpm_tis_i2c_reset;
+ device_class_set_props(dc, tpm_tis_i2c_properties);
+
+ k->event = tpm_tis_i2c_event;
+ k->recv = tpm_tis_i2c_recv;
+ k->send = tpm_tis_i2c_send;
+
+ tc->model = TPM_MODEL_TPM_TIS;
+ tc->request_completed = tpm_tis_i2c_request_completed;
+ tc->get_version = tpm_tis_i2c_get_tpm_version;
+}
+
+static const TypeInfo tpm_tis_i2c_info = {
+ .name = TYPE_TPM_TIS_I2C,
+ .parent = TYPE_I2C_SLAVE,
+ .instance_size = sizeof(TPMStateI2C),
+ .class_init = tpm_tis_i2c_class_init,
+ .interfaces = (InterfaceInfo[]) {
+ { TYPE_TPM_IF },
+ { }
+ }
+};
+
+static void tpm_tis_i2c_register_types(void)
+{
+ type_register_static(&tpm_tis_i2c_info);
+}
+
+type_init(tpm_tis_i2c_register_types)
diff --git a/include/sysemu/tpm.h b/include/sysemu/tpm.h
index fb40e30ff6..66e3b45f30 100644
--- a/include/sysemu/tpm.h
+++ b/include/sysemu/tpm.h
@@ -48,6 +48,7 @@ struct TPMIfClass {
#define TYPE_TPM_TIS_SYSBUS "tpm-tis-device"
#define TYPE_TPM_CRB "tpm-crb"
#define TYPE_TPM_SPAPR "tpm-spapr"
+#define TYPE_TPM_TIS_I2C "tpm-tis-i2c"
#define TPM_IS_TIS_ISA(chr) \
object_dynamic_cast(OBJECT(chr), TYPE_TPM_TIS_ISA)
@@ -57,6 +58,8 @@ struct TPMIfClass {
object_dynamic_cast(OBJECT(chr), TYPE_TPM_CRB)
#define TPM_IS_SPAPR(chr) \
object_dynamic_cast(OBJECT(chr), TYPE_TPM_SPAPR)
+#define TPM_IS_TIS_I2C(chr) \
+ object_dynamic_cast(OBJECT(chr), TYPE_TPM_TIS_I2C)
/* returns NULL unless there is exactly one TPM device */
static inline TPMIf *tpm_find(void)
--
2.37.2
^ permalink raw reply related [flat|nested] 20+ messages in thread
* Re: [PATCH 0/3] Add support for TPM devices over I2C bus
2023-03-23 3:01 [PATCH 0/3] Add support for TPM devices over I2C bus Ninad Palsule
` (2 preceding siblings ...)
2023-03-23 3:01 ` [PATCH 3/3] New I2C: " Ninad Palsule
@ 2023-03-23 7:23 ` Cédric Le Goater
2023-03-23 22:35 ` Ninad Palsule
3 siblings, 1 reply; 20+ messages in thread
From: Cédric Le Goater @ 2023-03-23 7:23 UTC (permalink / raw)
To: Ninad Palsule, qemu-devel; +Cc: joel, andrew, stefanb
Hello Ninad,
On 3/23/23 04:01, Ninad Palsule wrote:
> This drop adds support for the TPM devices attached to the I2C bus. It
> only supports the TPM2 protocol. You need to run it with the external
> TPM emulator like swtpm. I have tested it with swtpm.
>
> I have refered to the work done by zhdaniel@meta.com but at the core
> level out implementation is different.
> https://github.com/theopolis/qemu/commit/2e2e57cde9e419c36af8071bb85392ad1ed70966
>
> Based-on: $MESSAGE_ID
> ---
> V2:
> Incorporated Stephan's comments.
Please add a version to the patchsets you send :
git format-patch -v 2 --cover-letter ....
it is better practice and easier to track in our mailboxes. The automated
tools patchew, patchwork, also track them.
>
> Ninad Palsule (3):
> docs: Add support for TPM devices over I2C bus
Generally we add the docs after support. No big deal.
> TPM TIS: Add support for TPM devices over I2C bus
> New I2C: Add support for TPM devices over I2C bus
Have you looked at adding tests ? qtest or avocado ?
We discussed offline about it with Stefan and the I2C qos framework in
qtest is a bit of a challenge for the TPM purpose. See the thread here :
https://lore.kernel.org/qemu-devel/dd43ec84-51e4-11f7-e067-2fb57a567f09@linux.ibm.com/T/#u
Thanks,
C.
>
> docs/specs/tpm.rst | 20 +-
> hw/arm/Kconfig | 1 +
> hw/tpm/Kconfig | 7 +
> hw/tpm/meson.build | 1 +
> hw/tpm/tpm_tis.h | 3 +
> hw/tpm/tpm_tis_common.c | 32 +++
> hw/tpm/tpm_tis_i2c.c | 440 ++++++++++++++++++++++++++++++++++++++++
> include/sysemu/tpm.h | 3 +
> 8 files changed, 506 insertions(+), 1 deletion(-)
> create mode 100644 hw/tpm/tpm_tis_i2c.c
>
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 2/3] TPM TIS: Add support for TPM devices over I2C bus
2023-03-23 3:01 ` [PATCH 2/3] TPM TIS: " Ninad Palsule
@ 2023-03-23 7:44 ` Cédric Le Goater
2023-03-23 15:35 ` Ninad Palsule
0 siblings, 1 reply; 20+ messages in thread
From: Cédric Le Goater @ 2023-03-23 7:44 UTC (permalink / raw)
To: Ninad Palsule, qemu-devel; +Cc: joel, andrew, stefanb
On 3/23/23 04:01, Ninad Palsule wrote:
> Qemu already supports devices attached to ISA and sysbus. This drop adds
> support for the I2C bus attached TPM devices.
>
> This commit includes changes for the common code.
> - Added support for the new checksum registers which are required for
> the I2C support. The checksum calculation is handled in the qemu
> common code.
> - Added wrapper function for read and write data so that I2C code can
> call it without MMIO interface.
>
> Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
> ---
> V2:
>
> Incorporated Stephen's comments.
>
> - Removed checksum enable and checksum get registers.
> - Added checksum calculation function which can be called from
> i2c layer.
> ---
> hw/tpm/tpm_tis.h | 3 +++
> hw/tpm/tpm_tis_common.c | 32 ++++++++++++++++++++++++++++++++
> 2 files changed, 35 insertions(+)
>
> diff --git a/hw/tpm/tpm_tis.h b/hw/tpm/tpm_tis.h
> index f6b5872ba6..6f29a508dd 100644
> --- a/hw/tpm/tpm_tis.h
> +++ b/hw/tpm/tpm_tis.h
> @@ -86,5 +86,8 @@ int tpm_tis_pre_save(TPMState *s);
> void tpm_tis_reset(TPMState *s);
> enum TPMVersion tpm_tis_get_tpm_version(TPMState *s);
> void tpm_tis_request_completed(TPMState *s, int ret);
> +uint32_t tpm_tis_read_data(TPMState *s, hwaddr addr, unsigned size);
> +void tpm_tis_write_data(TPMState *s, hwaddr addr, uint64_t val, uint32_t size);
> +uint16_t tpm_tis_get_checksum(TPMState *s);
>
> #endif /* TPM_TPM_TIS_H */
> diff --git a/hw/tpm/tpm_tis_common.c b/hw/tpm/tpm_tis_common.c
> index 503be2a541..b1acde74cb 100644
> --- a/hw/tpm/tpm_tis_common.c
> +++ b/hw/tpm/tpm_tis_common.c
> @@ -26,6 +26,8 @@
> #include "hw/irq.h"
> #include "hw/isa/isa.h"
> #include "qapi/error.h"
> +#include "qemu/bswap.h"
> +#include "qemu/crc-ccitt.h"
> #include "qemu/module.h"
>
> #include "hw/acpi/tpm.h"
> @@ -447,6 +449,27 @@ static uint64_t tpm_tis_mmio_read(void *opaque, hwaddr addr,
> return val;
> }
>
> +/*
> + * A wrapper read function so that it can be directly called without
> + * mmio.
> + */
> +uint32_t tpm_tis_read_data(TPMState *s, hwaddr addr, unsigned size)
> +{
> + return tpm_tis_mmio_read(s, addr, size);
> +}
> +
> +/*
> + * Calculate current data buffer checksum
> + */
> +uint16_t tpm_tis_get_checksum(TPMState *s)
> +{
> + uint16_t val = 0xffff;
> +
> + val = cpu_to_be16(crc_ccitt(0, s->buffer, s->rw_offset));
this routine could simply return cpu_to_be16(....
Thanks,
C.
> +
> + return val;
> +}
> +
> /*
> * Write a value to a register of the TIS interface
> * See specs pages 33-63 for description of the registers
> @@ -767,6 +790,15 @@ static void tpm_tis_mmio_write(void *opaque, hwaddr addr,
> }
> }
>
> +/*
> + * A wrapper write function so that it can be directly called without
> + * mmio.
> + */
> +void tpm_tis_write_data(TPMState *s, hwaddr addr, uint64_t val, uint32_t size)
> +{
> + tpm_tis_mmio_write(s, addr, val, size);
> +}
> +
> const MemoryRegionOps tpm_tis_memory_ops = {
> .read = tpm_tis_mmio_read,
> .write = tpm_tis_mmio_write,
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 1/3] docs: Add support for TPM devices over I2C bus
2023-03-23 3:01 ` [PATCH 1/3] docs: " Ninad Palsule
@ 2023-03-23 7:49 ` Cédric Le Goater
2023-03-23 22:11 ` Ninad Palsule
2023-03-24 3:23 ` Ninad Palsule
0 siblings, 2 replies; 20+ messages in thread
From: Cédric Le Goater @ 2023-03-23 7:49 UTC (permalink / raw)
To: Ninad Palsule, qemu-devel; +Cc: joel, andrew, stefanb
On 3/23/23 04:01, Ninad Palsule wrote:
> This is a documentation change for I2C TPM device support.
>
> Qemu already supports devices attached to ISA and sysbus.
> This drop adds support for the I2C bus attached TPM devices.
>
> Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
>
> ---
> V2:
>
> Incorporated Stephen's review comments
> - Added example in the document.
> ---
> docs/specs/tpm.rst | 20 +++++++++++++++++++-
> 1 file changed, 19 insertions(+), 1 deletion(-)
>
> diff --git a/docs/specs/tpm.rst b/docs/specs/tpm.rst
> index 535912a92b..bf7249b09c 100644
> --- a/docs/specs/tpm.rst
> +++ b/docs/specs/tpm.rst
> @@ -21,11 +21,15 @@ QEMU files related to TPM TIS interface:
> - ``hw/tpm/tpm_tis_common.c``
> - ``hw/tpm/tpm_tis_isa.c``
> - ``hw/tpm/tpm_tis_sysbus.c``
> + - ``hw/tpm/tpm_tis_i2c.c``
> - ``hw/tpm/tpm_tis.h``
>
> Both an ISA device and a sysbus device are available. The former is
> used with pc/q35 machine while the latter can be instantiated in the
> -Arm virt machine.
> +Arm virt machine. An I2C device support is also added which can be
> +instantiated in the arm based emulation machine. An I2C device is also
> +supported for the Arm virt machine. This device only supports the
> +TPM 2 protocol.
>
> CRB interface
> -------------
> @@ -348,6 +352,20 @@ In case an Arm virt machine is emulated, use the following command line:
> -drive if=pflash,format=raw,file=flash0.img,readonly=on \
> -drive if=pflash,format=raw,file=flash1.img
>
> +In case a Rainier bmc machine is emulated, use the following command line:
> +
> +.. code-block:: console
> +
> + qemu-system-arm -M rainier-bmc -nographic \
> + -kernel ${IMAGEPATH}/fitImage-linux.bin \
> + -dtb ${IMAGEPATH}/aspeed-bmc-ibm-rainier.dtb \
> + -initrd ${IMAGEPATH}/obmc-phosphor-initramfs.rootfs.cpio.xz \
> + -drive file=${IMAGEPATH}/obmc-phosphor-image.rootfs.wic.qcow2,if=sd,index=2\
> + -net nic -net user,hostfwd=:127.0.0.1:2222-:22,hostfwd=:127.0.0.1:2443-:443\
> + -chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
> + -tpmdev emulator,id=tpm0,chardev=chrtpm \
> + -device tpm-tis-i2c,tpmdev=tpm0,bus=aspeed.i2c.bus.12,address=0x2e
The rainier images are not the easiest to find. Could we use an AST2600 EVB
machine instead and instantiate the device from user space ? see commit
3302184f7f or 7a7308eae0.
Thanks,
C.
> In case SeaBIOS is used as firmware, it should show the TPM menu item
> after entering the menu with 'ESC'.
>
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 3/3] New I2C: Add support for TPM devices over I2C bus
2023-03-23 3:01 ` [PATCH 3/3] New I2C: " Ninad Palsule
@ 2023-03-23 8:37 ` Cédric Le Goater
2023-03-23 22:32 ` Ninad Palsule
2023-03-23 12:18 ` Stefan Berger
1 sibling, 1 reply; 20+ messages in thread
From: Cédric Le Goater @ 2023-03-23 8:37 UTC (permalink / raw)
To: Ninad Palsule, qemu-devel; +Cc: joel, andrew, stefanb
On 3/23/23 04:01, Ninad Palsule wrote:
> Qemu already supports devices attached to ISA and sysbus. This drop adds
> support for the I2C bus attached TPM devices. I2C model only supports
> TPM2 protocol.
>
> This commit includes changes for the common code.
> - Added I2C emulation model. Logic was added in the model to temporarily
> cache the data as I2C interface works per byte basis.
> - New tpm type "tpm-tis-i2c" added for I2C support. User specify this
> string on command line.
>
> Testing:
> TPM I2C device modulte is tested using SWTPM (software based TPM
> package). The qemu used the rainier machine and it was connected to
> swtpm over the socket interface.
>
> The command to start swtpm is as follows:
> $ swtpm socket --tpmstate dir=/tmp/mytpm1 \
> --ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock \
> --tpm2 --log level=100
>
> The command to start qemu is as follows:
> $ qemu-system-arm -M rainier-bmc -nographic \
> -kernel ${IMAGEPATH}/fitImage-linux.bin \
> -dtb ${IMAGEPATH}/aspeed-bmc-ibm-rainier.dtb \
> -initrd ${IMAGEPATH}/obmc-phosphor-initramfs.rootfs.cpio.xz \
> -drive file=${IMAGEPATH}/obmc-phosphor-image.rootfs.wic.qcow2,if=sd,index=2 \
> -net nic -net user,hostfwd=:127.0.0.1:2222-:22,hostfwd=:127.0.0.1:2443-:443 \
> -chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
> -tpmdev emulator,id=tpm0,chardev=chrtpm \
> -device tpm-tis-i2c,tpmdev=tpm0,bus=aspeed.i2c.bus.12,address=0x2e
>
> Note: Currently you need to specify the I2C bus and device address on
> command line. In future we can add a device at board level.
yes. Anyhow, it is better to start with user created device first than with
default devices created at the board level.
>
> Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
> ---
> V2:
> Incorporated Stephen's review comments.
> - Handled checksum related register in I2C layer
> - Defined I2C interface capabilities and return those instead of
> capabilities from TPM TIS. Add required capabilities from TIS.
> - Do not cache FIFO data in the I2C layer.
> - Make sure that Device address change register is not passed to I2C
> layer as capability indicate that it is not supported.
> - Added boundary checks.
> - Make sure that bits 26-31 are zeroed for the TPM_STS register on read
> - Updated Kconfig files for new define.
> ---
> hw/arm/Kconfig | 1 +
> hw/tpm/Kconfig | 7 +
> hw/tpm/meson.build | 1 +
> hw/tpm/tpm_tis_i2c.c | 440 +++++++++++++++++++++++++++++++++++++++++++
> include/sysemu/tpm.h | 3 +
> 5 files changed, 452 insertions(+)
> create mode 100644 hw/tpm/tpm_tis_i2c.c
>
> diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
> index b5aed4aff5..05d6ef1a31 100644
> --- a/hw/arm/Kconfig
> +++ b/hw/arm/Kconfig
> @@ -6,6 +6,7 @@ config ARM_VIRT
> imply VFIO_PLATFORM
> imply VFIO_XGMAC
> imply TPM_TIS_SYSBUS
> + imply TPM_TIS_I2C
> imply NVDIMM
> select ARM_GIC
> select ACPI
> diff --git a/hw/tpm/Kconfig b/hw/tpm/Kconfig
> index 29e82f3c92..a46663288c 100644
> --- a/hw/tpm/Kconfig
> +++ b/hw/tpm/Kconfig
> @@ -1,3 +1,10 @@
> +config TPM_TIS_I2C
> + bool
> + depends on TPM
> + select TPM_BACKEND
> + select I2C
> + select TPM_TIS
> +
> config TPM_TIS_ISA
> bool
> depends on TPM && ISA_BUS
> diff --git a/hw/tpm/meson.build b/hw/tpm/meson.build
> index 7abc2d794a..76fe3cb098 100644
> --- a/hw/tpm/meson.build
> +++ b/hw/tpm/meson.build
> @@ -1,6 +1,7 @@
> softmmu_ss.add(when: 'CONFIG_TPM_TIS', if_true: files('tpm_tis_common.c'))
> softmmu_ss.add(when: 'CONFIG_TPM_TIS_ISA', if_true: files('tpm_tis_isa.c'))
> softmmu_ss.add(when: 'CONFIG_TPM_TIS_SYSBUS', if_true: files('tpm_tis_sysbus.c'))
> +softmmu_ss.add(when: 'CONFIG_TPM_TIS_I2C', if_true: files('tpm_tis_i2c.c'))
> softmmu_ss.add(when: 'CONFIG_TPM_CRB', if_true: files('tpm_crb.c'))
> softmmu_ss.add(when: 'CONFIG_TPM_TIS', if_true: files('tpm_ppi.c'))
> softmmu_ss.add(when: 'CONFIG_TPM_CRB', if_true: files('tpm_ppi.c'))
> diff --git a/hw/tpm/tpm_tis_i2c.c b/hw/tpm/tpm_tis_i2c.c
> new file mode 100644
> index 0000000000..5cec5f7806
> --- /dev/null
> +++ b/hw/tpm/tpm_tis_i2c.c
> @@ -0,0 +1,440 @@
> +/*
> + * tpm_tis_i2c.c - QEMU's TPM TIS I2C Device
> + *
> + * This work is licensed under the terms of the GNU GPL, version 2 or later.
> + * See the COPYING file in the top-level directory.
> + *
> + * Implementation of the TIS interface according to specs found at
> + * http://www.trustedcomputinggroup.org. This implementation currently
> + * supports version 1.3, 21 March 2013
> + * In the developers menu choose the PC Client section then find the TIS
> + * specification.
> + *
> + * TPM TIS for TPM 2 implementation following TCG PC Client Platform
> + * TPM Profile (PTP) Specification, Familiy 2.0, Revision 00.43
> + *
> + * TPM I2C implementation follows TCG TPM I2c Interface specification,
> + * Family 2.0, Level 00, Revision 1.00
> + */
> +
> +#include "qemu/osdep.h"
> +#include "hw/i2c/i2c.h"
> +#include "hw/qdev-properties.h"
> +#include "hw/acpi/tpm.h"
> +#include "migration/vmstate.h"
> +#include "tpm_prop.h"
> +#include "tpm_tis.h"
> +#include "qom/object.h"
> +#include "block/aio.h"
> +#include "qemu/main-loop.h"
> +
> +/* TPM TIS I2C registers */
> +#define TPM_TIS_I2C_REG_LOC_SEL 0x00
> +#define TPM_TIS_I2C_REG_ACCESS 0x04
> +#define TPM_TIS_I2C_REG_INT_ENABLE 0x08
> +#define TPM_TIS_I2C_REG_INT_CAPABILITY 0x14
> +#define TPM_TIS_I2C_REG_STS 0x18
> +#define TPM_TIS_I2C_REG_DATA_FIFO 0x24
> +#define TPM_TIS_I2C_REG_INTF_CAPABILITY 0x30
> +#define TPM_TIS_I2C_REG_I2C_DEV_ADDRESS 0x38
> +#define TPM_TIS_I2C_REG_DATA_CSUM_ENABLE 0x40
> +#define TPM_TIS_I2C_REG_DATA_CSUM_GET 0x44
> +#define TPM_TIS_I2C_REG_DID_VID 0x48
> +#define TPM_TIS_I2C_REG_RID 0x4c
> +#define TPM_TIS_I2C_REG_UNKNOWN 0xff
> +
> +/* I2C specific interface capabilities */
> +#define TPM_I2C_CAP_INTERFACE_TYPE (0x2 << 0) /* FIFO interface */
> +#define TPM_I2C_CAP_INTERFACE_VER (0x0 << 4) /* TCG I2C intf 1.0 */
> +#define TPM_I2C_CAP_TPM2_FAMILY (0x1 << 7) /* TPM 2.0 family. */
> +#define TPM_I2C_CAP_DEV_ADDR_CHANGE (0x0 << 27) /* No dev addr chng */
> +#define TPM_I2C_CAP_BURST_COUNT_STATIC (0x1 << 29) /* Burst count static */
> +#define TPM_I2C_CAP_LOCALITY_CAP (0x1 << 25) /* 0-5 locality */
> +#define TPM_I2C_CAP_BUS_SPEED (3 << 21) /* std and fast mode */
> +
> +/* TPM_STS mask for read bits 31:26 must be zero */
> +#define TPM_I2C_STS_READ_MASK 0x03ffffff
> +
> +/* Operations */
> +#define OP_SEND 1
> +#define OP_RECV 2
> +
> +typedef struct TPMStateI2C {
> + /*< private >*/
> + I2CSlave parent_obj;
> +
> + int offset; /* offset in to data[] */
> + int size; /* Size of the current reg data */
> + uint8_t operation; /* OP_SEND & OP_RECV */
> + uint8_t data[4096]; /* Data */
That's a lot of bytes. What is the max in HW ?
> +
> + bool csum_enable;
> + uint32_t tis_intf_cap; /* save TIS interface Capabilities */
> +
> + /*< public >*/
> + TPMState state; /* not a QOM object */
hmm, why ? is that per design of the TPM model ?
> +
> +} TPMStateI2C;
> +
> +DECLARE_INSTANCE_CHECKER(TPMStateI2C, TPM_TIS_I2C,
> + TYPE_TPM_TIS_I2C)
> +
> +/* Register map */
> +typedef struct reg_map {
> + uint16_t i2c_reg; /* I2C register */
> + uint16_t tis_reg; /* TIS register */
> + uint32_t data_size; /* data size expected */
> +} i2c_reg_map;
QEMU prefers CamelCase coding style for types.
> +
> +/*
> + * The register values in the common code is different than the latest
> + * register numbers as per the spec hence add the conversion map
> + */
> +static const i2c_reg_map tpm_tis_reg_map[] = {
> + { TPM_TIS_I2C_REG_LOC_SEL, TPM_TIS_REG_ACCESS, 1, },
> + { TPM_TIS_I2C_REG_ACCESS, TPM_TIS_REG_ACCESS, 1, },
> + { TPM_TIS_I2C_REG_INT_ENABLE, TPM_TIS_REG_INT_ENABLE, 4, },
> + { TPM_TIS_I2C_REG_INT_CAPABILITY, TPM_TIS_REG_INT_VECTOR, 4, },
> + { TPM_TIS_I2C_REG_STS, TPM_TIS_REG_STS, 4, },
> + { TPM_TIS_I2C_REG_DATA_FIFO, TPM_TIS_REG_DATA_FIFO, 0, },
> + { TPM_TIS_I2C_REG_INTF_CAPABILITY, TPM_TIS_REG_INTF_CAPABILITY, 4, },
> + { TPM_TIS_I2C_REG_I2C_DEV_ADDRESS, TPM_TIS_I2C_REG_I2C_DEV_ADDRESS, 2, },
> + { TPM_TIS_I2C_REG_DATA_CSUM_ENABLE, TPM_TIS_I2C_REG_DATA_CSUM_ENABLE, 1, },
> + { TPM_TIS_I2C_REG_DATA_CSUM_GET, TPM_TIS_I2C_REG_DATA_CSUM_GET, 2, },
> + { TPM_TIS_I2C_REG_DID_VID, TPM_TIS_REG_DID_VID, 4, },
> + { TPM_TIS_I2C_REG_RID, TPM_TIS_REG_RID, 1, },
> +};
> +
> +/* Generate interface capability based on what is returned by TIS and what is
> + * expected by I2C. Save the capability in the data array overwriting the TIS
> + * capability.
> + */
> +static uint32_t tpm_i2c_interface_capability(TPMStateI2C *i2cst, uint32_t tis_cap)
> +{
> + uint32_t i2c_cap = 0;
> +
> + i2cst->tis_intf_cap = tis_cap;
> +
> + /* Now generate i2c capability */
> + i2c_cap = (TPM_I2C_CAP_INTERFACE_TYPE |
> + TPM_I2C_CAP_INTERFACE_VER |
> + TPM_I2C_CAP_TPM2_FAMILY |
> + TPM_I2C_CAP_LOCALITY_CAP |
> + TPM_I2C_CAP_BUS_SPEED |
> + TPM_I2C_CAP_DEV_ADDR_CHANGE);
> +
> + /* Now check the TIS and set some capabilities */
> +
> + /* Static burst count set */
> + if (i2cst->tis_intf_cap & 0x100) {
> + i2c_cap |= TPM_I2C_CAP_BURST_COUNT_STATIC;
> + }
> +
> + return i2c_cap;
> +}
> +
> +static inline uint16_t tpm_tis_i2c_to_tis_reg(uint64_t i2c_reg, int *size)
> +{
> + uint16_t tis_reg = i2c_reg;
> + const i2c_reg_map *reg_map;
> + int i;
> +
> + for (i = 0; i < ARRAY_SIZE(tpm_tis_reg_map); i++) {
> + reg_map = &tpm_tis_reg_map[i];
> + if (reg_map->i2c_reg == (i2c_reg & 0xff)) {
> + tis_reg = reg_map->tis_reg;
> + *size = reg_map->data_size;
> + break;
> + }
> + }
> +
> + return tis_reg;
> +}
> +
> +/* Initialize the cached data */
> +static inline void tpm_tis_i2c_init_cache(TPMStateI2C *i2cst)
> +{
> + /* Clear operation and offset */
> + i2cst->operation = 0;
> + i2cst->offset = 0;
> + i2cst->size = 0;
> +
> + return;
> +}
> +
> +/* Send data to TPM */
> +static inline void tpm_tis_i2c_tpm_send(TPMStateI2C *i2cst)
> +{
> + uint16_t tis_reg;
> + uint32_t data;
> + int i;
> +
> + if ((i2cst->operation == OP_SEND) && (i2cst->offset > 1)) {
> +
> + /*
> + * Checksum is not handled by common code hence we will consume the
> + * register here.
> + */
> + if (i2cst->data[0] == TPM_TIS_I2C_REG_DATA_CSUM_ENABLE) {
> + i2cst->csum_enable = true;
> + } else if (i2cst->data[0] != TPM_TIS_I2C_REG_DATA_FIFO) {
> + tis_reg = tpm_tis_i2c_to_tis_reg(i2cst->data[0], &i2cst->size);
> +
> + /* Index 0 is always a register */
> + for (i = 1; i < i2cst->offset; i++) {
> + data = i2cst->data[i];
> + tpm_tis_write_data(&i2cst->state, tis_reg, data, 1);
> + }
> + }
> +
> + tpm_tis_i2c_init_cache(i2cst);
> + }
> +
> + return;
> +}
> +
> +/* Callback from TPM to indicate that response is copied */
> +static void tpm_tis_i2c_request_completed(TPMIf *ti, int ret)
> +{
> + TPMStateI2C *i2cst = TPM_TIS_I2C(ti);
> + TPMState *s = &i2cst->state;
> +
> + /* Inform the common code. */
> + tpm_tis_request_completed(s, ret);
> +}
> +
> +static enum TPMVersion tpm_tis_i2c_get_tpm_version(TPMIf *ti)
> +{
> + TPMStateI2C *i2cst = TPM_TIS_I2C(ti);
> + TPMState *s = &i2cst->state;
> +
> + return tpm_tis_get_tpm_version(s);
> +}
> +
> +static int tpm_tis_i2c_event(I2CSlave *i2c, enum i2c_event event)
> +{
> + TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
> + int ret = 0;
> +
> + switch (event) {
> + case I2C_START_RECV:
> + break;
> + case I2C_START_SEND:
> + tpm_tis_i2c_init_cache(i2cst);
> + break;
> + case I2C_FINISH:
> + if (i2cst->operation == OP_SEND) {
> + tpm_tis_i2c_tpm_send(i2cst);
> + } else {
> + tpm_tis_i2c_init_cache(i2cst);
> + }
> + break;
> + default:
> + break;
> + }
> +
> + return ret;
> +}
> +
> +/*
> + * If data is for FIFO then it is received from tpm_tis_common buffer
> + * otherwise it will be handled using single call to common code and
> + * cached in the local buffer.
> + */
> +static uint8_t tpm_tis_i2c_recv(I2CSlave *i2c)
> +{
> + int ret = 0;
> + int i, j;
> + uint32_t addr;
> + uint32_t data_read;
> + uint16_t i2c_reg;
> + TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
> + TPMState *s = &i2cst->state;
> +
> + if (i2cst->operation == OP_RECV) {
> +
> + /* Do not cache FIFO data. */
> + if (i2cst->data[0] == TPM_TIS_I2C_REG_DATA_FIFO) {
> + addr = tpm_tis_i2c_to_tis_reg(TPM_TIS_I2C_REG_DATA_FIFO,
> + &i2cst->size);
> + data_read = tpm_tis_read_data(s, addr, 1);
> + ret = (data_read & 0xff);
> + } else if (i2cst->offset < 4096) {
use a define or sizeof(i2cst->data)
> + ret = i2cst->data[i2cst->offset++];
> + }
> +
> + } else if ((i2cst->operation == OP_SEND) && (i2cst->offset < 2)) {
> + /* First receive call after send */
> +
> + i2c_reg = i2cst->data[0];
> +
> + i2cst->operation = OP_RECV;
> + i2cst->offset = 1; /* keep the register value intact for debug */
> +
> + addr = tpm_tis_i2c_to_tis_reg(i2c_reg, &i2cst->size);
> +
> + /* FIFO data is directly read from TPM TIS */
> + if (i2c_reg == TPM_TIS_I2C_REG_DATA_FIFO) {
> + data_read = tpm_tis_read_data(s, addr, 1);
> + ret = (data_read & 0xff);
> + } else {
> + /*
> + * Save the data in the data field. Save it in the little
> + * endian format.
> + */
> + for (i = 1; i <= i2cst->size;) {
> + /*
> + * Checksum registers are not supported by common code hence
> + * call a common code to get the checksum.
> + */
> + if (i2c_reg == TPM_TIS_I2C_REG_DATA_CSUM_GET) {
> + data_read = tpm_tis_get_checksum(s);
> + } else {
> + data_read = tpm_tis_read_data(s, addr, 4);
> +
> + if (i2c_reg == TPM_TIS_I2C_REG_INTF_CAPABILITY) {
> + /* Prepare the capabilities as per I2C interface */
> + data_read = tpm_i2c_interface_capability(i2cst,
> + data_read);
> + } else if (i2c_reg == TPM_TIS_I2C_REG_STS) {
> + /*
> + * As per specs, STS bit 31:26 are reserved and must
> + * be set to 0
> + */
> + data_read &= TPM_I2C_STS_READ_MASK;
> + }
> + }
> + for (j = 0; j < 4; j++) {
> + i2cst->data[i++] = (data_read & 0xff);
> + data_read >>= 8;
> + }
Why do you need 2 loops ? This is complex to follow.
> + }
> + /* Return first byte with this call */
> + ret = i2cst->data[i2cst->offset++];
> + }
> + } else {
> + i2cst->operation = OP_RECV;
> + }
> +
> + return ret;
> +}
> +
> +/*
> + * Send function only remembers data in the buffer and then calls
> + * TPM TIS common code during FINISH event.
> + */
> +static int tpm_tis_i2c_send(I2CSlave *i2c, uint8_t data)
> +{
> + TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
> + uint16_t tis_reg;
> +
> + /* Reject non-supported registers. */
> + if (i2cst->offset == 0) {
> + /* We do not support device address change */
> + if (data == TPM_TIS_I2C_REG_I2C_DEV_ADDRESS) {
may be add a qemu_log_mask(LOG_UNIMP, " ...");
> + return 1;
> + }
> + }
> +
> + if (i2cst->offset < 4096) {
use a define or sizeof(i2cst->data)
> + i2cst->operation = OP_SEND;
> +
> + /* Remember data locally for non-FIFO registers */
> + if ((i2cst->offset == 0) ||
> + (i2cst->data[0] != TPM_TIS_I2C_REG_DATA_FIFO)) {
> + i2cst->data[i2cst->offset++] = data;
> + } else {
> + tis_reg = tpm_tis_i2c_to_tis_reg(i2cst->data[0], &i2cst->size);
> + tpm_tis_write_data(&i2cst->state, tis_reg, data, 1);
> + }
> +
> + return 0;
> +
> + } else {
> + /* Return non-zero to indicate NAK */
> + return 1;
> + }
> +}
> +
> +static Property tpm_tis_i2c_properties[] = {
> + DEFINE_PROP_UINT32("irq", TPMStateI2C, state.irq_num, TPM_TIS_IRQ),
hmm, irq seems unused.
> + DEFINE_PROP_TPMBE("tpmdev", TPMStateI2C, state.be_driver),
> + DEFINE_PROP_END_OF_LIST(),
> +};
I don't see an .instance_init routine initializing the TPMState sub device.
> +
> +static void tpm_tis_i2c_realizefn(DeviceState *dev, Error **errp)
> +{
> + TPMStateI2C *i2cst = TPM_TIS_I2C(dev);
> + TPMState *s = &i2cst->state;
> +
> + if (!tpm_find()) {
> + error_setg(errp, "at most one TPM device is permitted");
> + return;
> + }
> +
> + /*
> + * Get the backend pointer. It is not initialized propery during
> + * device_class_set_props
> + */
> + s->be_driver = qemu_find_tpm_be("tpm0");
I don't understand that part. Looks weird to me.
> + if (!s->be_driver) {
> + error_setg(errp, "'tpmdev' property is required");
> + return;
> + }
> + if (s->irq_num > 15) {
> + error_setg(errp, "IRQ %d is outside valid range of 0 to 15",
> + s->irq_num);
> + return;
> + }
The code above belongs to a TPMState realize routine it seems. I was
expecting something like :
if (!qdev_realize(qdev_realize(DEVICE(&i2cst->state), NULL, &errp)) {
return;
}
Looking closer, this comment applies to some other tpm devices. May be
I misunderstood how TPM is designed though.
Thanks,
C.
> +}
> +
> +static void tpm_tis_i2c_reset(DeviceState *dev)
> +{
> + TPMStateI2C *i2cst = TPM_TIS_I2C(dev);
> + TPMState *s = &i2cst->state;
> +
> + tpm_tis_i2c_init_cache(i2cst);
> +
> + i2cst->csum_enable = false;
> +
> + return tpm_tis_reset(s);
> +}
> +
> +static void tpm_tis_i2c_class_init(ObjectClass *klass, void *data)
> +{
> + DeviceClass *dc = DEVICE_CLASS(klass);
> + I2CSlaveClass *k = I2C_SLAVE_CLASS(klass);
> + TPMIfClass *tc = TPM_IF_CLASS(klass);
> +
> + dc->realize = tpm_tis_i2c_realizefn;
> + dc->reset = tpm_tis_i2c_reset;
> + device_class_set_props(dc, tpm_tis_i2c_properties);
> +
> + k->event = tpm_tis_i2c_event;
> + k->recv = tpm_tis_i2c_recv;
> + k->send = tpm_tis_i2c_send;
> +
> + tc->model = TPM_MODEL_TPM_TIS;
> + tc->request_completed = tpm_tis_i2c_request_completed;
> + tc->get_version = tpm_tis_i2c_get_tpm_version;
> +}
> +
> +static const TypeInfo tpm_tis_i2c_info = {
> + .name = TYPE_TPM_TIS_I2C,
> + .parent = TYPE_I2C_SLAVE,
> + .instance_size = sizeof(TPMStateI2C),
> + .class_init = tpm_tis_i2c_class_init,
> + .interfaces = (InterfaceInfo[]) {
> + { TYPE_TPM_IF },
> + { }
> + }
> +};
> +
> +static void tpm_tis_i2c_register_types(void)
> +{
> + type_register_static(&tpm_tis_i2c_info);
> +}
> +
> +type_init(tpm_tis_i2c_register_types)
> diff --git a/include/sysemu/tpm.h b/include/sysemu/tpm.h
> index fb40e30ff6..66e3b45f30 100644
> --- a/include/sysemu/tpm.h
> +++ b/include/sysemu/tpm.h
> @@ -48,6 +48,7 @@ struct TPMIfClass {
> #define TYPE_TPM_TIS_SYSBUS "tpm-tis-device"
> #define TYPE_TPM_CRB "tpm-crb"
> #define TYPE_TPM_SPAPR "tpm-spapr"
> +#define TYPE_TPM_TIS_I2C "tpm-tis-i2c"
>
> #define TPM_IS_TIS_ISA(chr) \
> object_dynamic_cast(OBJECT(chr), TYPE_TPM_TIS_ISA)
> @@ -57,6 +58,8 @@ struct TPMIfClass {
> object_dynamic_cast(OBJECT(chr), TYPE_TPM_CRB)
> #define TPM_IS_SPAPR(chr) \
> object_dynamic_cast(OBJECT(chr), TYPE_TPM_SPAPR)
> +#define TPM_IS_TIS_I2C(chr) \
> + object_dynamic_cast(OBJECT(chr), TYPE_TPM_TIS_I2C)
>
> /* returns NULL unless there is exactly one TPM device */
> static inline TPMIf *tpm_find(void)
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 3/3] New I2C: Add support for TPM devices over I2C bus
2023-03-23 3:01 ` [PATCH 3/3] New I2C: " Ninad Palsule
2023-03-23 8:37 ` Cédric Le Goater
@ 2023-03-23 12:18 ` Stefan Berger
2023-03-23 20:07 ` Ninad Palsule
1 sibling, 1 reply; 20+ messages in thread
From: Stefan Berger @ 2023-03-23 12:18 UTC (permalink / raw)
To: Ninad Palsule, qemu-devel; +Cc: joel, andrew, clg
On 3/22/23 23:01, Ninad Palsule wrote:
> Qemu already supports devices attached to ISA and sysbus. This drop adds
> support for the I2C bus attached TPM devices. I2C model only supports
> TPM2 protocol.
>
> This commit includes changes for the common code.
> - Added I2C emulation model. Logic was added in the model to temporarily
> cache the data as I2C interface works per byte basis.
> - New tpm type "tpm-tis-i2c" added for I2C support. User specify this
> string on command line.
>
> Testing:
> TPM I2C device modulte is tested using SWTPM (software based TPM
> package). The qemu used the rainier machine and it was connected to
> swtpm over the socket interface.
>
> The command to start swtpm is as follows:
> $ swtpm socket --tpmstate dir=/tmp/mytpm1 \
> --ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock \
> --tpm2 --log level=100
>
> The command to start qemu is as follows:
> $ qemu-system-arm -M rainier-bmc -nographic \
> -kernel ${IMAGEPATH}/fitImage-linux.bin \
> -dtb ${IMAGEPATH}/aspeed-bmc-ibm-rainier.dtb \
> -initrd ${IMAGEPATH}/obmc-phosphor-initramfs.rootfs.cpio.xz \
> -drive file=${IMAGEPATH}/obmc-phosphor-image.rootfs.wic.qcow2,if=sd,index=2 \
> -net nic -net user,hostfwd=:127.0.0.1:2222-:22,hostfwd=:127.0.0.1:2443-:443 \
> -chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
> -tpmdev emulator,id=tpm0,chardev=chrtpm \
> -device tpm-tis-i2c,tpmdev=tpm0,bus=aspeed.i2c.bus.12,address=0x2e
>
> Note: Currently you need to specify the I2C bus and device address on
> command line. In future we can add a device at board level.
>
> Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
> ---
> V2:
> Incorporated Stephen's review comments.
> - Handled checksum related register in I2C layer
> - Defined I2C interface capabilities and return those instead of
> capabilities from TPM TIS. Add required capabilities from TIS.
> - Do not cache FIFO data in the I2C layer.
> - Make sure that Device address change register is not passed to I2C
> layer as capability indicate that it is not supported.
> - Added boundary checks.
> - Make sure that bits 26-31 are zeroed for the TPM_STS register on read
> - Updated Kconfig files for new define.
> ---
> hw/arm/Kconfig | 1 +
> hw/tpm/Kconfig | 7 +
> hw/tpm/meson.build | 1 +
> hw/tpm/tpm_tis_i2c.c | 440 +++++++++++++++++++++++++++++++++++++++++++
> include/sysemu/tpm.h | 3 +
> 5 files changed, 452 insertions(+)
> create mode 100644 hw/tpm/tpm_tis_i2c.c
>
> diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
> index b5aed4aff5..05d6ef1a31 100644
> --- a/hw/arm/Kconfig
> +++ b/hw/arm/Kconfig
> @@ -6,6 +6,7 @@ config ARM_VIRT
> imply VFIO_PLATFORM
> imply VFIO_XGMAC
> imply TPM_TIS_SYSBUS
> + imply TPM_TIS_I2C
> imply NVDIMM
> select ARM_GIC
> select ACPI
> diff --git a/hw/tpm/Kconfig b/hw/tpm/Kconfig
> index 29e82f3c92..a46663288c 100644
> --- a/hw/tpm/Kconfig
> +++ b/hw/tpm/Kconfig
> @@ -1,3 +1,10 @@
> +config TPM_TIS_I2C
> + bool
> + depends on TPM
> + select TPM_BACKEND
> + select I2C
> + select TPM_TIS
> +
> config TPM_TIS_ISA
> bool
> depends on TPM && ISA_BUS
> diff --git a/hw/tpm/meson.build b/hw/tpm/meson.build
> index 7abc2d794a..76fe3cb098 100644
> --- a/hw/tpm/meson.build
> +++ b/hw/tpm/meson.build
> @@ -1,6 +1,7 @@
> softmmu_ss.add(when: 'CONFIG_TPM_TIS', if_true: files('tpm_tis_common.c'))
> softmmu_ss.add(when: 'CONFIG_TPM_TIS_ISA', if_true: files('tpm_tis_isa.c'))
> softmmu_ss.add(when: 'CONFIG_TPM_TIS_SYSBUS', if_true: files('tpm_tis_sysbus.c'))
> +softmmu_ss.add(when: 'CONFIG_TPM_TIS_I2C', if_true: files('tpm_tis_i2c.c'))
> softmmu_ss.add(when: 'CONFIG_TPM_CRB', if_true: files('tpm_crb.c'))
> softmmu_ss.add(when: 'CONFIG_TPM_TIS', if_true: files('tpm_ppi.c'))
> softmmu_ss.add(when: 'CONFIG_TPM_CRB', if_true: files('tpm_ppi.c'))
> diff --git a/hw/tpm/tpm_tis_i2c.c b/hw/tpm/tpm_tis_i2c.c
> new file mode 100644
> index 0000000000..5cec5f7806
> --- /dev/null
> +++ b/hw/tpm/tpm_tis_i2c.c
> @@ -0,0 +1,440 @@
> +/*
> + * tpm_tis_i2c.c - QEMU's TPM TIS I2C Device
> + *
> + * This work is licensed under the terms of the GNU GPL, version 2 or later.
> + * See the COPYING file in the top-level directory.
> + *
> + * Implementation of the TIS interface according to specs found at
> + * http://www.trustedcomputinggroup.org. This implementation currently
> + * supports version 1.3, 21 March 2013
> + * In the developers menu choose the PC Client section then find the TIS
> + * specification.
> + *
> + * TPM TIS for TPM 2 implementation following TCG PC Client Platform
> + * TPM Profile (PTP) Specification, Familiy 2.0, Revision 00.43
> + *
> + * TPM I2C implementation follows TCG TPM I2c Interface specification,
> + * Family 2.0, Level 00, Revision 1.00
> + */
> +
> +#include "qemu/osdep.h"
> +#include "hw/i2c/i2c.h"
> +#include "hw/qdev-properties.h"
> +#include "hw/acpi/tpm.h"
> +#include "migration/vmstate.h"
> +#include "tpm_prop.h"
> +#include "tpm_tis.h"
> +#include "qom/object.h"
> +#include "block/aio.h"
> +#include "qemu/main-loop.h"
> +
> +/* TPM TIS I2C registers */
> +#define TPM_TIS_I2C_REG_LOC_SEL 0x00
> +#define TPM_TIS_I2C_REG_ACCESS 0x04
> +#define TPM_TIS_I2C_REG_INT_ENABLE 0x08
> +#define TPM_TIS_I2C_REG_INT_CAPABILITY 0x14
> +#define TPM_TIS_I2C_REG_STS 0x18
> +#define TPM_TIS_I2C_REG_DATA_FIFO 0x24
> +#define TPM_TIS_I2C_REG_INTF_CAPABILITY 0x30
> +#define TPM_TIS_I2C_REG_I2C_DEV_ADDRESS 0x38
> +#define TPM_TIS_I2C_REG_DATA_CSUM_ENABLE 0x40
> +#define TPM_TIS_I2C_REG_DATA_CSUM_GET 0x44
> +#define TPM_TIS_I2C_REG_DID_VID 0x48
> +#define TPM_TIS_I2C_REG_RID 0x4c
> +#define TPM_TIS_I2C_REG_UNKNOWN 0xff
> +
> +/* I2C specific interface capabilities */
> +#define TPM_I2C_CAP_INTERFACE_TYPE (0x2 << 0) /* FIFO interface */
> +#define TPM_I2C_CAP_INTERFACE_VER (0x0 << 4) /* TCG I2C intf 1.0 */
> +#define TPM_I2C_CAP_TPM2_FAMILY (0x1 << 7) /* TPM 2.0 family. */
> +#define TPM_I2C_CAP_DEV_ADDR_CHANGE (0x0 << 27) /* No dev addr chng */
> +#define TPM_I2C_CAP_BURST_COUNT_STATIC (0x1 << 29) /* Burst count static */
> +#define TPM_I2C_CAP_LOCALITY_CAP (0x1 << 25) /* 0-5 locality */
> +#define TPM_I2C_CAP_BUS_SPEED (3 << 21) /* std and fast mode */
> +
> +/* TPM_STS mask for read bits 31:26 must be zero */
> +#define TPM_I2C_STS_READ_MASK 0x03ffffff
For the test case I am writing I would need all these #defines to be in a public header file.
Please move them into include/hw/acpi/tpm.h.
> +
> +/* Operations */
> +#define OP_SEND 1
> +#define OP_RECV 2
> +
> +typedef struct TPMStateI2C {
> + /*< private >*/
> + I2CSlave parent_obj;
> +
> + int offset; /* offset in to data[] */
> + int size; /* Size of the current reg data */
> + uint8_t operation; /* OP_SEND & OP_RECV */
> + uint8_t data[4096]; /* Data */> +
> + bool csum_enable;
> + uint32_t tis_intf_cap; /* save TIS interface Capabilities */
> +
> + /*< public >*/
> + TPMState state; /* not a QOM object */
> +
> +} TPMStateI2C;
> +
> +DECLARE_INSTANCE_CHECKER(TPMStateI2C, TPM_TIS_I2C,
> + TYPE_TPM_TIS_I2C)
> +
> +/* Register map */
> +typedef struct reg_map {
> + uint16_t i2c_reg; /* I2C register */
> + uint16_t tis_reg; /* TIS register */
> + uint32_t data_size; /* data size expected */
> +} i2c_reg_map;
> +
> +/*
> + * The register values in the common code is different than the latest
> + * register numbers as per the spec hence add the conversion map
> + */
> +static const i2c_reg_map tpm_tis_reg_map[] = {
> + { TPM_TIS_I2C_REG_LOC_SEL, TPM_TIS_REG_ACCESS, 1, },
I don't think you can map this register. Instead, you have to handle writes to it in this code here and
write the locality into a local register (call it uint8_t locty) and then talk to the read and write functions
by calcualating the address like this
addr = (locty << TPM_TIS_LOCALITY_SHIFT) + tis_reg_offset
> + { TPM_TIS_I2C_REG_ACCESS, TPM_TIS_REG_ACCESS, 1, },
> + { TPM_TIS_I2C_REG_INT_ENABLE, TPM_TIS_REG_INT_ENABLE, 4, },
> + { TPM_TIS_I2C_REG_INT_CAPABILITY, TPM_TIS_REG_INT_VECTOR, 4, },
> + { TPM_TIS_I2C_REG_STS, TPM_TIS_REG_STS, 4, },
> + { TPM_TIS_I2C_REG_DATA_FIFO, TPM_TIS_REG_DATA_FIFO, 0, },
> + { TPM_TIS_I2C_REG_INTF_CAPABILITY, TPM_TIS_REG_INTF_CAPABILITY, 4, },
> + { TPM_TIS_I2C_REG_I2C_DEV_ADDRESS, TPM_TIS_I2C_REG_I2C_DEV_ADDRESS, 2, },
> + { TPM_TIS_I2C_REG_DATA_CSUM_ENABLE, TPM_TIS_I2C_REG_DATA_CSUM_ENABLE, 1, },
> + { TPM_TIS_I2C_REG_DATA_CSUM_GET, TPM_TIS_I2C_REG_DATA_CSUM_GET, 2, },
This only works well if the mapped-to registers are distinct between I2C and MMIO.
I think you should handle all I2C registers that need to be handled in this layer
in a case statement without translation and in the default case do the translation.
You can then remove those 1:1 mappings from this table.
> + { TPM_TIS_I2C_REG_DID_VID, TPM_TIS_REG_DID_VID, 4, },
> + { TPM_TIS_I2C_REG_RID, TPM_TIS_REG_RID, 1, },
> +};
> +
> +/* Generate interface capability based on what is returned by TIS and what is
> + * expected by I2C. Save the capability in the data array overwriting the TIS
> + * capability.
> + */
> +static uint32_t tpm_i2c_interface_capability(TPMStateI2C *i2cst, uint32_t tis_cap)
> +{
> + uint32_t i2c_cap = 0;
> +
> + i2cst->tis_intf_cap = tis_cap;
> +
> + /* Now generate i2c capability */
> + i2c_cap = (TPM_I2C_CAP_INTERFACE_TYPE |
> + TPM_I2C_CAP_INTERFACE_VER |
> + TPM_I2C_CAP_TPM2_FAMILY |
> + TPM_I2C_CAP_LOCALITY_CAP |
> + TPM_I2C_CAP_BUS_SPEED |
> + TPM_I2C_CAP_DEV_ADDR_CHANGE);
> +
> + /* Now check the TIS and set some capabilities */
> +
> + /* Static burst count set */
> + if (i2cst->tis_intf_cap & 0x100) {
Use hw/acpi/tpm.h TPM_TIS_CAP_BURST_COUNT_DYNAMIC
> + i2c_cap |= TPM_I2C_CAP_BURST_COUNT_STATIC;
> + }
> +
> + return i2c_cap;
> +}
> +
> +static inline uint16_t tpm_tis_i2c_to_tis_reg(uint64_t i2c_reg, int *size)
> +{
> + uint16_t tis_reg = i2c_reg;
> + const i2c_reg_map *reg_map;
> + int i;
> +
> + for (i = 0; i < ARRAY_SIZE(tpm_tis_reg_map); i++) {
> + reg_map = &tpm_tis_reg_map[i];
> + if (reg_map->i2c_reg == (i2c_reg & 0xff)) {
> + tis_reg = reg_map->tis_reg;
> + *size = reg_map->data_size;
> + break;
> + }
> + }
> +
> + return tis_reg;
> +}
> +
> +/* Initialize the cached data */
> +static inline void tpm_tis_i2c_init_cache(TPMStateI2C *i2cst)
Rename to tpm_tis_i2c_reset
> +{
> + /* Clear operation and offset */
> + i2cst->operation = 0;
> + i2cst->offset = 0;
> + i2cst->size = 0;
> +
> + return;
> +}
> +
> +/* Send data to TPM */
> +static inline void tpm_tis_i2c_tpm_send(TPMStateI2C *i2cst)
> +{
> + uint16_t tis_reg;
> + uint32_t data;
> + int i;
> +
> + if ((i2cst->operation == OP_SEND) && (i2cst->offset > 1)) {
> +
> + /*
> + * Checksum is not handled by common code hence we will consume the
> + * register here.
> + */
> + if (i2cst->data[0] == TPM_TIS_I2C_REG_DATA_CSUM_ENABLE) {
switch (i2cst->data[0]) {
case TPM_TIS_I2C_REG_DATA_CSUM_ENABLE:
...
handle all i2c registers here
> + i2cst->csum_enable = true;
> + } else if (i2cst->data[0] != TPM_TIS_I2C_REG_DATA_FIFO) {
This is the default case of the switch.
> + tis_reg = tpm_tis_i2c_to_tis_reg(i2cst->data[0], &i2cst->size);
If it couldn't be mapped return right away.
> +> + /* Index 0 is always a register */
> + for (i = 1; i < i2cst->offset; i++) {
> + data = i2cst->data[i];
> + tpm_tis_write_data(&i2cst->state, tis_reg, data, 1);
tis_reg becomes i2cst->locty << TPM_TIS_LOCALITY_SHIFT + tis_reg
This is not correct. If someone wants to write a 32bit value into the interrupt
enable register, you would have to write a 32 bit value. Writing 4 bytes into
the register at the same address is not the same. You would have to increase the
address but a 32bit write really should happen. However, for the MMIO TIS it is
possible to just write 8bits to a 32bit register and I am not sure how this should
be handled here. Are 4 bytes for a 32bit register always expected? What happens
if the user provides more bytes? Would it be the best to accumulate the bytes
given by the user in a uint32_t and shift them 'through' so that if 5 bytes were
given one would have been shifted out? (I assume that one writes individual bytes
to this bus and then at some points says 'write this now to this register!')
> + }
> + }
> +
> + tpm_tis_i2c_init_cache(i2cst);
> + }
> +
> + return;
> +}
> +
> +/* Callback from TPM to indicate that response is copied */
> +static void tpm_tis_i2c_request_completed(TPMIf *ti, int ret)
> +{
> + TPMStateI2C *i2cst = TPM_TIS_I2C(ti);
> + TPMState *s = &i2cst->state;
> +
> + /* Inform the common code. */
> + tpm_tis_request_completed(s, ret);
> +}
> +
> +static enum TPMVersion tpm_tis_i2c_get_tpm_version(TPMIf *ti)
> +{
> + TPMStateI2C *i2cst = TPM_TIS_I2C(ti);
> + TPMState *s = &i2cst->state;
> +
> + return tpm_tis_get_tpm_version(s);
> +}
> +
> +static int tpm_tis_i2c_event(I2CSlave *i2c, enum i2c_event event)
> +{
> + TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
> + int ret = 0;
> +
> + switch (event) {
> + case I2C_START_RECV:
> + break;
> + case I2C_START_SEND:
> + tpm_tis_i2c_init_cache(i2cst);
> + break;
> + case I2C_FINISH:
> + if (i2cst->operation == OP_SEND) {
> + tpm_tis_i2c_tpm_send(i2cst);
> + } else {
> + tpm_tis_i2c_init_cache(i2cst);
> + }
> + break;
> + default:
> + break;
> + }
> +
> + return ret;
> +}
> +
> +/*
> + * If data is for FIFO then it is received from tpm_tis_common buffer
> + * otherwise it will be handled using single call to common code and
> + * cached in the local buffer.
> + */
> +static uint8_t tpm_tis_i2c_recv(I2CSlave *i2c)
> +{
> + int ret = 0;
> + int i, j;
> + uint32_t addr;
> + uint32_t data_read;
> + uint16_t i2c_reg;
> + TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
> + TPMState *s = &i2cst->state;
> +
> + if (i2cst->operation == OP_RECV) {
> +
> + /* Do not cache FIFO data. */
> + if (i2cst->data[0] == TPM_TIS_I2C_REG_DATA_FIFO) {
> + addr = tpm_tis_i2c_to_tis_reg(TPM_TIS_I2C_REG_DATA_FIFO,
> + &i2cst->size);
> + data_read = tpm_tis_read_data(s, addr, 1);
addr would have to consider locty
> + ret = (data_read & 0xff);
> + } else if (i2cst->offset < 4096) {
> + ret = i2cst->data[i2cst->offset++];
> + }
> +
> + } else if ((i2cst->operation == OP_SEND) && (i2cst->offset < 2)) {
> + /* First receive call after send */
> +
> + i2c_reg = i2cst->data[0];
> +
> + i2cst->operation = OP_RECV;
> + i2cst->offset = 1; /* keep the register value intact for debug */
> +
> + addr = tpm_tis_i2c_to_tis_reg(i2c_reg, &i2cst->size);
If it cannot be mapped return 0xff.
> +
> + /* FIFO data is directly read from TPM TIS */
> + if (i2c_reg == TPM_TIS_I2C_REG_DATA_FIFO) {
switch (i2c_reg) {
case TPM_TIS_I2C_REG_DATA_FIFO:
handle all I2C registers here that have to be handled on this layer
> + data_read = tpm_tis_read_data(s, addr, 1);
> + ret = (data_read & 0xff);
> + } else {
This is the default case.
> + /*
> + * Save the data in the data field. Save it in the little
> + * endian format.
> + */
> + for (i = 1; i <= i2cst->size;) {
> + /*
> + * Checksum registers are not supported by common code hence
> + * call a common code to get the checksum.
> + */
> + if (i2c_reg == TPM_TIS_I2C_REG_DATA_CSUM_GET) {
> + data_read = tpm_tis_get_checksum(s);
Another parameter to this function will have to be the locality (locty).
> + } else {
> + data_read = tpm_tis_read_data(s, addr, 4);
> +
> + if (i2c_reg == TPM_TIS_I2C_REG_INTF_CAPABILITY) {
> + /* Prepare the capabilities as per I2C interface */
> + data_read = tpm_i2c_interface_capability(i2cst,
> + data_read);
> + } else if (i2c_reg == TPM_TIS_I2C_REG_STS) {
> + /*
> + * As per specs, STS bit 31:26 are reserved and must
> + * be set to 0
> + */
> + data_read &= TPM_I2C_STS_READ_MASK;
> + }
> + }
> + for (j = 0; j < 4; j++) {
> + i2cst->data[i++] = (data_read & 0xff);
> + data_read >>= 8;
> + }
> + }
> +
> + /* Return first byte with this call */
> + ret = i2cst->data[i2cst->offset++];
> + }
> + } else {
> + i2cst->operation = OP_RECV;
> + }
> +
> + return ret;
> +}
> +
> +/*
> + * Send function only remembers data in the buffer and then calls
> + * TPM TIS common code during FINISH event.
> + */
> +static int tpm_tis_i2c_send(I2CSlave *i2c, uint8_t data)
> +{
> + TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
> + uint16_t tis_reg;
> +
> + /* Reject non-supported registers. */
> + if (i2cst->offset == 0) {
> + /* We do not support device address change */
> + if (data == TPM_TIS_I2C_REG_I2C_DEV_ADDRESS) {
> + return 1;
> + }
> + }
> +
> + if (i2cst->offset < 4096) {
> + i2cst->operation = OP_SEND;
> +
> + /* Remember data locally for non-FIFO registers */
> + if ((i2cst->offset == 0) ||
> + (i2cst->data[0] != TPM_TIS_I2C_REG_DATA_FIFO)) {
> + i2cst->data[i2cst->offset++] = data;
> + } else {
> + tis_reg = tpm_tis_i2c_to_tis_reg(i2cst->data[0], &i2cst->size);
> + tpm_tis_write_data(&i2cst->state, tis_reg, data, 1);
> + }
> +
> + return 0;
> +
> + } else {
> + /* Return non-zero to indicate NAK */
> + return 1;
> + }
> +}
> +
> +static Property tpm_tis_i2c_properties[] = {
> + DEFINE_PROP_UINT32("irq", TPMStateI2C, state.irq_num, TPM_TIS_IRQ),
> + DEFINE_PROP_TPMBE("tpmdev", TPMStateI2C, state.be_driver),
> + DEFINE_PROP_END_OF_LIST(),
> +};
> +
> +static void tpm_tis_i2c_realizefn(DeviceState *dev, Error **errp)
> +{
> + TPMStateI2C *i2cst = TPM_TIS_I2C(dev);
> + TPMState *s = &i2cst->state;
> +
> + if (!tpm_find()) {
> + error_setg(errp, "at most one TPM device is permitted");
> + return;
> + }
> +
> + /*
> + * Get the backend pointer. It is not initialized propery during
> + * device_class_set_props
> + */
> + s->be_driver = qemu_find_tpm_be("tpm0");
> +
> + if (!s->be_driver) {
> + error_setg(errp, "'tpmdev' property is required");
> + return;
> + }
> + if (s->irq_num > 15) {
> + error_setg(errp, "IRQ %d is outside valid range of 0 to 15",
> + s->irq_num);
> + return;
> + }
> +}
> +
> +static void tpm_tis_i2c_reset(DeviceState *dev)
> +{
> + TPMStateI2C *i2cst = TPM_TIS_I2C(dev);
> + TPMState *s = &i2cst->state;
> +
> + tpm_tis_i2c_init_cache(i2cst);
> +
> + i2cst->csum_enable = false;
> +
> + return tpm_tis_reset(s);
> +}
> +
> +static void tpm_tis_i2c_class_init(ObjectClass *klass, void *data)
> +{
> + DeviceClass *dc = DEVICE_CLASS(klass);
> + I2CSlaveClass *k = I2C_SLAVE_CLASS(klass);
> + TPMIfClass *tc = TPM_IF_CLASS(klass);
> +
> + dc->realize = tpm_tis_i2c_realizefn;
> + dc->reset = tpm_tis_i2c_reset;
> + device_class_set_props(dc, tpm_tis_i2c_properties);
> +
> + k->event = tpm_tis_i2c_event;
> + k->recv = tpm_tis_i2c_recv;
> + k->send = tpm_tis_i2c_send;
> +
> + tc->model = TPM_MODEL_TPM_TIS;
> + tc->request_completed = tpm_tis_i2c_request_completed;
> + tc->get_version = tpm_tis_i2c_get_tpm_version;
> +}
> +
> +static const TypeInfo tpm_tis_i2c_info = {
> + .name = TYPE_TPM_TIS_I2C,
> + .parent = TYPE_I2C_SLAVE,
> + .instance_size = sizeof(TPMStateI2C),
> + .class_init = tpm_tis_i2c_class_init,
> + .interfaces = (InterfaceInfo[]) {
> + { TYPE_TPM_IF },
> + { }
> + }
> +};
> +
> +static void tpm_tis_i2c_register_types(void)
> +{
> + type_register_static(&tpm_tis_i2c_info);
> +}
> +
> +type_init(tpm_tis_i2c_register_types)
> diff --git a/include/sysemu/tpm.h b/include/sysemu/tpm.h
> index fb40e30ff6..66e3b45f30 100644
> --- a/include/sysemu/tpm.h
> +++ b/include/sysemu/tpm.h
> @@ -48,6 +48,7 @@ struct TPMIfClass {
> #define TYPE_TPM_TIS_SYSBUS "tpm-tis-device"
> #define TYPE_TPM_CRB "tpm-crb"
> #define TYPE_TPM_SPAPR "tpm-spapr"
> +#define TYPE_TPM_TIS_I2C "tpm-tis-i2c"
>
> #define TPM_IS_TIS_ISA(chr) \
> object_dynamic_cast(OBJECT(chr), TYPE_TPM_TIS_ISA)
> @@ -57,6 +58,8 @@ struct TPMIfClass {
> object_dynamic_cast(OBJECT(chr), TYPE_TPM_CRB)
> #define TPM_IS_SPAPR(chr) \
> object_dynamic_cast(OBJECT(chr), TYPE_TPM_SPAPR)
> +#define TPM_IS_TIS_I2C(chr) \
> + object_dynamic_cast(OBJECT(chr), TYPE_TPM_TIS_I2C)
>
> /* returns NULL unless there is exactly one TPM device */
> static inline TPMIf *tpm_find(void)
We will also need an ACPI table for this device on all platforms where it can be instantiated
and I think that's not just ARM.
I am currently writing a test case reading data from the aspeed i2c bus. I hope this will help
developing this emulation here but with me not knowing the I2C bus behavior it has its own challenges..
Stefan
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 2/3] TPM TIS: Add support for TPM devices over I2C bus
2023-03-23 7:44 ` Cédric Le Goater
@ 2023-03-23 15:35 ` Ninad Palsule
0 siblings, 0 replies; 20+ messages in thread
From: Ninad Palsule @ 2023-03-23 15:35 UTC (permalink / raw)
To: Cédric Le Goater, Ninad Palsule, qemu-devel; +Cc: joel, andrew, stefanb
On 3/23/23 2:44 AM, Cédric Le Goater wrote:
> On 3/23/23 04:01, Ninad Palsule wrote:
>> Qemu already supports devices attached to ISA and sysbus. This drop adds
>> support for the I2C bus attached TPM devices.
>>
>> This commit includes changes for the common code.
>> - Added support for the new checksum registers which are required for
>> the I2C support. The checksum calculation is handled in the qemu
>> common code.
>> - Added wrapper function for read and write data so that I2C code can
>> call it without MMIO interface.
>>
>> Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
>> ---
>> V2:
>>
>> Incorporated Stephen's comments.
>>
>> - Removed checksum enable and checksum get registers.
>> - Added checksum calculation function which can be called from
>> i2c layer.
>> ---
>> hw/tpm/tpm_tis.h | 3 +++
>> hw/tpm/tpm_tis_common.c | 32 ++++++++++++++++++++++++++++++++
>> 2 files changed, 35 insertions(+)
>>
>> diff --git a/hw/tpm/tpm_tis.h b/hw/tpm/tpm_tis.h
>> index f6b5872ba6..6f29a508dd 100644
>> --- a/hw/tpm/tpm_tis.h
>> +++ b/hw/tpm/tpm_tis.h
>> @@ -86,5 +86,8 @@ int tpm_tis_pre_save(TPMState *s);
>> void tpm_tis_reset(TPMState *s);
>> enum TPMVersion tpm_tis_get_tpm_version(TPMState *s);
>> void tpm_tis_request_completed(TPMState *s, int ret);
>> +uint32_t tpm_tis_read_data(TPMState *s, hwaddr addr, unsigned size);
>> +void tpm_tis_write_data(TPMState *s, hwaddr addr, uint64_t val,
>> uint32_t size);
>> +uint16_t tpm_tis_get_checksum(TPMState *s);
>> #endif /* TPM_TPM_TIS_H */
>> diff --git a/hw/tpm/tpm_tis_common.c b/hw/tpm/tpm_tis_common.c
>> index 503be2a541..b1acde74cb 100644
>> --- a/hw/tpm/tpm_tis_common.c
>> +++ b/hw/tpm/tpm_tis_common.c
>> @@ -26,6 +26,8 @@
>> #include "hw/irq.h"
>> #include "hw/isa/isa.h"
>> #include "qapi/error.h"
>> +#include "qemu/bswap.h"
>> +#include "qemu/crc-ccitt.h"
>> #include "qemu/module.h"
>> #include "hw/acpi/tpm.h"
>> @@ -447,6 +449,27 @@ static uint64_t tpm_tis_mmio_read(void *opaque,
>> hwaddr addr,
>> return val;
>> }
>> +/*
>> + * A wrapper read function so that it can be directly called without
>> + * mmio.
>> + */
>> +uint32_t tpm_tis_read_data(TPMState *s, hwaddr addr, unsigned size)
>> +{
>> + return tpm_tis_mmio_read(s, addr, size);
>> +}
>> +
>> +/*
>> + * Calculate current data buffer checksum
>> + */
>> +uint16_t tpm_tis_get_checksum(TPMState *s)
>> +{
>> + uint16_t val = 0xffff;
>> +
>> + val = cpu_to_be16(crc_ccitt(0, s->buffer, s->rw_offset));
>
> this routine could simply return cpu_to_be16(....
>
Done.
Thank you for the review.
Ninad
> Thanks,
>
> C.
>
>
>> +
>> + return val;
>> +}
>> +
>> /*
>> * Write a value to a register of the TIS interface
>> * See specs pages 33-63 for description of the registers
>> @@ -767,6 +790,15 @@ static void tpm_tis_mmio_write(void *opaque,
>> hwaddr addr,
>> }
>> }
>> +/*
>> + * A wrapper write function so that it can be directly called without
>> + * mmio.
>> + */
>> +void tpm_tis_write_data(TPMState *s, hwaddr addr, uint64_t val,
>> uint32_t size)
>> +{
>> + tpm_tis_mmio_write(s, addr, val, size);
>> +}
>> +
>> const MemoryRegionOps tpm_tis_memory_ops = {
>> .read = tpm_tis_mmio_read,
>> .write = tpm_tis_mmio_write,
>
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 3/3] New I2C: Add support for TPM devices over I2C bus
2023-03-23 12:18 ` Stefan Berger
@ 2023-03-23 20:07 ` Ninad Palsule
0 siblings, 0 replies; 20+ messages in thread
From: Ninad Palsule @ 2023-03-23 20:07 UTC (permalink / raw)
To: Stefan Berger, Ninad Palsule, qemu-devel; +Cc: joel, andrew, clg
On 3/23/23 7:18 AM, Stefan Berger wrote:
>
>
> On 3/22/23 23:01, Ninad Palsule wrote:
>> Qemu already supports devices attached to ISA and sysbus. This drop adds
>> support for the I2C bus attached TPM devices. I2C model only supports
>> TPM2 protocol.
>>
>> This commit includes changes for the common code.
>> - Added I2C emulation model. Logic was added in the model to temporarily
>> cache the data as I2C interface works per byte basis.
>> - New tpm type "tpm-tis-i2c" added for I2C support. User specify this
>> string on command line.
>>
>> Testing:
>> TPM I2C device modulte is tested using SWTPM (software based TPM
>> package). The qemu used the rainier machine and it was connected to
>> swtpm over the socket interface.
>>
>> The command to start swtpm is as follows:
>> $ swtpm socket --tpmstate dir=/tmp/mytpm1 \
>> --ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock \
>> --tpm2 --log level=100
>>
>> The command to start qemu is as follows:
>> $ qemu-system-arm -M rainier-bmc -nographic \
>> -kernel ${IMAGEPATH}/fitImage-linux.bin \
>> -dtb ${IMAGEPATH}/aspeed-bmc-ibm-rainier.dtb \
>> -initrd
>> ${IMAGEPATH}/obmc-phosphor-initramfs.rootfs.cpio.xz \
>> -drive
>> file=${IMAGEPATH}/obmc-phosphor-image.rootfs.wic.qcow2,if=sd,index=2 \
>> -net nic -net
>> user,hostfwd=:127.0.0.1:2222-:22,hostfwd=:127.0.0.1:2443-:443 \
>> -chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
>> -tpmdev emulator,id=tpm0,chardev=chrtpm \
>> -device
>> tpm-tis-i2c,tpmdev=tpm0,bus=aspeed.i2c.bus.12,address=0x2e
>>
>> Note: Currently you need to specify the I2C bus and device address on
>> command line. In future we can add a device at board level.
>>
>> Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
>> ---
>> V2:
>> Incorporated Stephen's review comments.
>> - Handled checksum related register in I2C layer
>> - Defined I2C interface capabilities and return those instead of
>> capabilities from TPM TIS. Add required capabilities from TIS.
>> - Do not cache FIFO data in the I2C layer.
>> - Make sure that Device address change register is not passed to I2C
>> layer as capability indicate that it is not supported.
>> - Added boundary checks.
>> - Make sure that bits 26-31 are zeroed for the TPM_STS register on read
>> - Updated Kconfig files for new define.
>> ---
>> hw/arm/Kconfig | 1 +
>> hw/tpm/Kconfig | 7 +
>> hw/tpm/meson.build | 1 +
>> hw/tpm/tpm_tis_i2c.c | 440 +++++++++++++++++++++++++++++++++++++++++++
>> include/sysemu/tpm.h | 3 +
>> 5 files changed, 452 insertions(+)
>> create mode 100644 hw/tpm/tpm_tis_i2c.c
>>
>> diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
>> index b5aed4aff5..05d6ef1a31 100644
>> --- a/hw/arm/Kconfig
>> +++ b/hw/arm/Kconfig
>> @@ -6,6 +6,7 @@ config ARM_VIRT
>> imply VFIO_PLATFORM
>> imply VFIO_XGMAC
>> imply TPM_TIS_SYSBUS
>> + imply TPM_TIS_I2C
>> imply NVDIMM
>> select ARM_GIC
>> select ACPI
>> diff --git a/hw/tpm/Kconfig b/hw/tpm/Kconfig
>> index 29e82f3c92..a46663288c 100644
>> --- a/hw/tpm/Kconfig
>> +++ b/hw/tpm/Kconfig
>> @@ -1,3 +1,10 @@
>> +config TPM_TIS_I2C
>> + bool
>> + depends on TPM
>> + select TPM_BACKEND
>> + select I2C
>> + select TPM_TIS
>> +
>> config TPM_TIS_ISA
>> bool
>> depends on TPM && ISA_BUS
>> diff --git a/hw/tpm/meson.build b/hw/tpm/meson.build
>> index 7abc2d794a..76fe3cb098 100644
>> --- a/hw/tpm/meson.build
>> +++ b/hw/tpm/meson.build
>> @@ -1,6 +1,7 @@
>> softmmu_ss.add(when: 'CONFIG_TPM_TIS', if_true:
>> files('tpm_tis_common.c'))
>> softmmu_ss.add(when: 'CONFIG_TPM_TIS_ISA', if_true:
>> files('tpm_tis_isa.c'))
>> softmmu_ss.add(when: 'CONFIG_TPM_TIS_SYSBUS', if_true:
>> files('tpm_tis_sysbus.c'))
>> +softmmu_ss.add(when: 'CONFIG_TPM_TIS_I2C', if_true:
>> files('tpm_tis_i2c.c'))
>> softmmu_ss.add(when: 'CONFIG_TPM_CRB', if_true: files('tpm_crb.c'))
>> softmmu_ss.add(when: 'CONFIG_TPM_TIS', if_true: files('tpm_ppi.c'))
>> softmmu_ss.add(when: 'CONFIG_TPM_CRB', if_true: files('tpm_ppi.c'))
>> diff --git a/hw/tpm/tpm_tis_i2c.c b/hw/tpm/tpm_tis_i2c.c
>> new file mode 100644
>> index 0000000000..5cec5f7806
>> --- /dev/null
>> +++ b/hw/tpm/tpm_tis_i2c.c
>> @@ -0,0 +1,440 @@
>> +/*
>> + * tpm_tis_i2c.c - QEMU's TPM TIS I2C Device
>> + *
>> + * This work is licensed under the terms of the GNU GPL, version 2
>> or later.
>> + * See the COPYING file in the top-level directory.
>> + *
>> + * Implementation of the TIS interface according to specs found at
>> + * http://www.trustedcomputinggroup.org. This implementation currently
>> + * supports version 1.3, 21 March 2013
>> + * In the developers menu choose the PC Client section then find the
>> TIS
>> + * specification.
>> + *
>> + * TPM TIS for TPM 2 implementation following TCG PC Client Platform
>> + * TPM Profile (PTP) Specification, Familiy 2.0, Revision 00.43
>> + *
>> + * TPM I2C implementation follows TCG TPM I2c Interface specification,
>> + * Family 2.0, Level 00, Revision 1.00
>> + */
>> +
>> +#include "qemu/osdep.h"
>> +#include "hw/i2c/i2c.h"
>> +#include "hw/qdev-properties.h"
>> +#include "hw/acpi/tpm.h"
>> +#include "migration/vmstate.h"
>> +#include "tpm_prop.h"
>> +#include "tpm_tis.h"
>> +#include "qom/object.h"
>> +#include "block/aio.h"
>> +#include "qemu/main-loop.h"
>> +
>> +/* TPM TIS I2C registers */
>> +#define TPM_TIS_I2C_REG_LOC_SEL 0x00
>> +#define TPM_TIS_I2C_REG_ACCESS 0x04
>> +#define TPM_TIS_I2C_REG_INT_ENABLE 0x08
>> +#define TPM_TIS_I2C_REG_INT_CAPABILITY 0x14
>> +#define TPM_TIS_I2C_REG_STS 0x18
>> +#define TPM_TIS_I2C_REG_DATA_FIFO 0x24
>> +#define TPM_TIS_I2C_REG_INTF_CAPABILITY 0x30
>> +#define TPM_TIS_I2C_REG_I2C_DEV_ADDRESS 0x38
>> +#define TPM_TIS_I2C_REG_DATA_CSUM_ENABLE 0x40
>> +#define TPM_TIS_I2C_REG_DATA_CSUM_GET 0x44
>> +#define TPM_TIS_I2C_REG_DID_VID 0x48
>> +#define TPM_TIS_I2C_REG_RID 0x4c
>> +#define TPM_TIS_I2C_REG_UNKNOWN 0xff
>
>> +
>> +/* I2C specific interface capabilities */
>> +#define TPM_I2C_CAP_INTERFACE_TYPE (0x2 << 0) /* FIFO interface */
>> +#define TPM_I2C_CAP_INTERFACE_VER (0x0 << 4) /* TCG I2C intf
>> 1.0 */
>> +#define TPM_I2C_CAP_TPM2_FAMILY (0x1 << 7) /* TPM 2.0 family. */
>> +#define TPM_I2C_CAP_DEV_ADDR_CHANGE (0x0 << 27) /* No dev addr
>> chng */
>> +#define TPM_I2C_CAP_BURST_COUNT_STATIC (0x1 << 29) /* Burst count
>> static */
>> +#define TPM_I2C_CAP_LOCALITY_CAP (0x1 << 25) /* 0-5 locality */
>> +#define TPM_I2C_CAP_BUS_SPEED (3 << 21) /* std and fast
>> mode */
>
>
>> +
>> +/* TPM_STS mask for read bits 31:26 must be zero */
>> +#define TPM_I2C_STS_READ_MASK 0x03ffffff
>
> For the test case I am writing I would need all these #defines to be
> in a public header file.
> Please move them into include/hw/acpi/tpm.h.
>
All defines are moved to include/hw/acpi/tpm.h.
>> +
>> +/* Operations */
>> +#define OP_SEND 1
>> +#define OP_RECV 2
>> +
>> +typedef struct TPMStateI2C {
>> + /*< private >*/
>> + I2CSlave parent_obj;
>> +
>> + int offset; /* offset in to data[] */
>> + int size; /* Size of the current reg data */
>
>> + uint8_t operation; /* OP_SEND & OP_RECV */
>> + uint8_t data[4096]; /* Data */> +
>> + bool csum_enable;
>> + uint32_t tis_intf_cap; /* save TIS interface Capabilities */
>> +
>> + /*< public >*/
>> + TPMState state; /* not a QOM object */
>> +
>> +} TPMStateI2C;
>> +
>> +DECLARE_INSTANCE_CHECKER(TPMStateI2C, TPM_TIS_I2C,
>> + TYPE_TPM_TIS_I2C)
>> +
>> +/* Register map */
>> +typedef struct reg_map {
>> + uint16_t i2c_reg; /* I2C register */
>> + uint16_t tis_reg; /* TIS register */
>> + uint32_t data_size; /* data size expected */
>> +} i2c_reg_map;
>> +
>> +/*
>> + * The register values in the common code is different than the latest
>> + * register numbers as per the spec hence add the conversion map
>> + */
>> +static const i2c_reg_map tpm_tis_reg_map[] = {
>> + { TPM_TIS_I2C_REG_LOC_SEL, TPM_TIS_REG_ACCESS, 1, },
>
> I don't think you can map this register. Instead, you have to handle
> writes to it in this code here and
> write the locality into a local register (call it uint8_t locty) and
> then talk to the read and write functions
> by calcualating the address like this
>
Yes, I have implemented LOC_SET register handling in I2C.
> addr = (locty << TPM_TIS_LOCALITY_SHIFT) + tis_reg_offset
>
>> + { TPM_TIS_I2C_REG_ACCESS, TPM_TIS_REG_ACCESS, 1, },
>> + { TPM_TIS_I2C_REG_INT_ENABLE, TPM_TIS_REG_INT_ENABLE,
>> 4, },
>> + { TPM_TIS_I2C_REG_INT_CAPABILITY,
>> TPM_TIS_REG_INT_VECTOR, 4, },
>> + { TPM_TIS_I2C_REG_STS, TPM_TIS_REG_STS, 4, },
>> + { TPM_TIS_I2C_REG_DATA_FIFO, TPM_TIS_REG_DATA_FIFO,
>> 0, },
>> + { TPM_TIS_I2C_REG_INTF_CAPABILITY,
>> TPM_TIS_REG_INTF_CAPABILITY, 4, },
>> + { TPM_TIS_I2C_REG_I2C_DEV_ADDRESS,
>> TPM_TIS_I2C_REG_I2C_DEV_ADDRESS, 2, },
>> + { TPM_TIS_I2C_REG_DATA_CSUM_ENABLE,
>> TPM_TIS_I2C_REG_DATA_CSUM_ENABLE, 1, },
>> + { TPM_TIS_I2C_REG_DATA_CSUM_GET,
>> TPM_TIS_I2C_REG_DATA_CSUM_GET, 2, },
>
> This only works well if the mapped-to registers are distinct between
> I2C and MMIO.
> I think you should handle all I2C registers that need to be handled in
> this layer
> in a case statement without translation and in the default case do the
> translation.
> You can then remove those 1:1 mappings from this table.
>
I have done some move around to make it easy to see but I still need the
map for register and size.
>> + { TPM_TIS_I2C_REG_DID_VID, TPM_TIS_REG_DID_VID, 4, },
>> + { TPM_TIS_I2C_REG_RID, TPM_TIS_REG_RID, 1, },
>> +};
>> +
>> +/* Generate interface capability based on what is returned by TIS
>> and what is
>> + * expected by I2C. Save the capability in the data array
>> overwriting the TIS
>> + * capability.
>> + */
>> +static uint32_t tpm_i2c_interface_capability(TPMStateI2C *i2cst,
>> uint32_t tis_cap)
>> +{
>> + uint32_t i2c_cap = 0;
>> +
>> + i2cst->tis_intf_cap = tis_cap;
>> +
>> + /* Now generate i2c capability */
>> + i2c_cap = (TPM_I2C_CAP_INTERFACE_TYPE |
>> + TPM_I2C_CAP_INTERFACE_VER |
>> + TPM_I2C_CAP_TPM2_FAMILY |
>> + TPM_I2C_CAP_LOCALITY_CAP |
>> + TPM_I2C_CAP_BUS_SPEED |
>> + TPM_I2C_CAP_DEV_ADDR_CHANGE);
>> +
>> + /* Now check the TIS and set some capabilities */
>> +
>> + /* Static burst count set */
>> + if (i2cst->tis_intf_cap & 0x100) {
>
> Use hw/acpi/tpm.h TPM_TIS_CAP_BURST_COUNT_DYNAMIC
Defined TPM_TIS_CAP_BURST_COUNT_STATIC and use it.
>
>> + i2c_cap |= TPM_I2C_CAP_BURST_COUNT_STATIC;
>> + }
>> +
>> + return i2c_cap;
>> +}
>> +
>> +static inline uint16_t tpm_tis_i2c_to_tis_reg(uint64_t i2c_reg, int
>> *size)
>> +{
>> + uint16_t tis_reg = i2c_reg;
>> + const i2c_reg_map *reg_map;
>> + int i;
>> +
>> + for (i = 0; i < ARRAY_SIZE(tpm_tis_reg_map); i++) {
>> + reg_map = &tpm_tis_reg_map[i];
>> + if (reg_map->i2c_reg == (i2c_reg & 0xff)) {
>> + tis_reg = reg_map->tis_reg;
>> + *size = reg_map->data_size;
>> + break;
>> + }
>> + }
>> +
>> + return tis_reg;
>> +}
>> +
>> +/* Initialize the cached data */
>> +static inline void tpm_tis_i2c_init_cache(TPMStateI2C *i2cst)
>
> Rename to tpm_tis_i2c_reset
I can not rename it to reset as there is already main reset function. I
changed the name to include *clear_data()
>
>> +{
>> + /* Clear operation and offset */
>> + i2cst->operation = 0;
>> + i2cst->offset = 0;
>> + i2cst->size = 0;
>> +
>> + return;
>> +}
>> +
>> +/* Send data to TPM */
>> +static inline void tpm_tis_i2c_tpm_send(TPMStateI2C *i2cst)
>> +{
>> + uint16_t tis_reg;
>> + uint32_t data;
>> + int i;
>> +
>> + if ((i2cst->operation == OP_SEND) && (i2cst->offset > 1)) {
>> +
>> + /*
>> + * Checksum is not handled by common code hence we will
>> consume the
>> + * register here.
>> + */
>> + if (i2cst->data[0] == TPM_TIS_I2C_REG_DATA_CSUM_ENABLE) {
>
> switch (i2cst->data[0]) {
> case TPM_TIS_I2C_REG_DATA_CSUM_ENABLE:
> ...
> handle all i2c registers here
Done.
>
>> + i2cst->csum_enable = true;
>> + } else if (i2cst->data[0] != TPM_TIS_I2C_REG_DATA_FIFO) {
>
> This is the default case of the switch.
>
>> + tis_reg = tpm_tis_i2c_to_tis_reg(i2cst->data[0],
>> &i2cst->size);
>
> If it couldn't be mapped return right away.
Done
>
>> +> + /* Index 0 is always a register */
>> + for (i = 1; i < i2cst->offset; i++) {
>> + data = i2cst->data[i];
>> + tpm_tis_write_data(&i2cst->state, tis_reg, data, 1);
>
> tis_reg becomes i2cst->locty << TPM_TIS_LOCALITY_SHIFT + tis_reg
Added this logic.
>
> This is not correct. If someone wants to write a 32bit value into the
> interrupt
> enable register, you would have to write a 32 bit value. Writing 4
> bytes into
> the register at the same address is not the same. You would have to
> increase the
> address but a 32bit write really should happen. However, for the MMIO
> TIS it is
> possible to just write 8bits to a 32bit register and I am not sure how
> this should
> be handled here. Are 4 bytes for a 32bit register always expected?
> What happens
> if the user provides more bytes? Would it be the best to accumulate
> the bytes
> given by the user in a uint32_t and shift them 'through' so that if 5
> bytes were
> given one would have been shifted out? (I assume that one writes
> individual bytes
> to this bus and then at some points says 'write this now to this
> register!')
>
Good catch. I have now converted it to 32 bit integer and make single
call. As per the I2C specs other than FIFO all other registers will have
value 1,2,4. If value is 2 then upper 2 bytes will be zeroed.
>
>> + }
>> + }
>> +
>> + tpm_tis_i2c_init_cache(i2cst);
>> + }
>> +
>> + return;
>> +}
>> +
>> +/* Callback from TPM to indicate that response is copied */
>> +static void tpm_tis_i2c_request_completed(TPMIf *ti, int ret)
>> +{
>> + TPMStateI2C *i2cst = TPM_TIS_I2C(ti);
>> + TPMState *s = &i2cst->state;
>> +
>> + /* Inform the common code. */
>> + tpm_tis_request_completed(s, ret);
>> +}
>> +
>> +static enum TPMVersion tpm_tis_i2c_get_tpm_version(TPMIf *ti)
>> +{
>> + TPMStateI2C *i2cst = TPM_TIS_I2C(ti);
>> + TPMState *s = &i2cst->state;
>> +
>> + return tpm_tis_get_tpm_version(s);
>> +}
>> +
>> +static int tpm_tis_i2c_event(I2CSlave *i2c, enum i2c_event event)
>> +{
>> + TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
>> + int ret = 0;
>> +
>> + switch (event) {
>> + case I2C_START_RECV:
>> + break;
>> + case I2C_START_SEND:
>> + tpm_tis_i2c_init_cache(i2cst);
>> + break;
>> + case I2C_FINISH:
>> + if (i2cst->operation == OP_SEND) {
>> + tpm_tis_i2c_tpm_send(i2cst);
>> + } else {
>> + tpm_tis_i2c_init_cache(i2cst);
>> + }
>> + break;
>> + default:
>> + break;
>> + }
>> +
>> + return ret;
>> +}
>> +
>> +/*
>> + * If data is for FIFO then it is received from tpm_tis_common buffer
>> + * otherwise it will be handled using single call to common code and
>> + * cached in the local buffer.
>> + */
>> +static uint8_t tpm_tis_i2c_recv(I2CSlave *i2c)
>> +{
>> + int ret = 0;
>> + int i, j;
>> + uint32_t addr;
>> + uint32_t data_read;
>> + uint16_t i2c_reg;
>> + TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
>> + TPMState *s = &i2cst->state;
>> +
>> + if (i2cst->operation == OP_RECV) {
>> +
>> + /* Do not cache FIFO data. */
>> + if (i2cst->data[0] == TPM_TIS_I2C_REG_DATA_FIFO) {
>> + addr = tpm_tis_i2c_to_tis_reg(TPM_TIS_I2C_REG_DATA_FIFO,
>> + &i2cst->size);
>> + data_read = tpm_tis_read_data(s, addr, 1);
>
> addr would have to consider locty
Done
>
>> + ret = (data_read & 0xff);
>> + } else if (i2cst->offset < 4096) {
>> + ret = i2cst->data[i2cst->offset++];
>> + }
>> +
>> + } else if ((i2cst->operation == OP_SEND) && (i2cst->offset < 2)) {
>> + /* First receive call after send */
>> +
>> + i2c_reg = i2cst->data[0];
>> +
>> + i2cst->operation = OP_RECV;
>> + i2cst->offset = 1; /* keep the register value intact for
>> debug */
>> +
>> + addr = tpm_tis_i2c_to_tis_reg(i2c_reg, &i2cst->size);
> If it cannot be mapped return 0xff.
Done
>
>> +
>> + /* FIFO data is directly read from TPM TIS */
>> + if (i2c_reg == TPM_TIS_I2C_REG_DATA_FIFO) {
>
> switch (i2c_reg) {
> case TPM_TIS_I2C_REG_DATA_FIFO:
>
> handle all I2C registers here that have to be handled on this layer
Done
>
>
>> + data_read = tpm_tis_read_data(s, addr, 1);
>> + ret = (data_read & 0xff);
>> + } else {
>
> This is the default case.
Yes
>
>> + /*
>> + * Save the data in the data field. Save it in the little
>> + * endian format.
>> + */
>> + for (i = 1; i <= i2cst->size;) {
>> + /*
>> + * Checksum registers are not supported by common
>> code hence
>> + * call a common code to get the checksum.
>> + */
>> + if (i2c_reg == TPM_TIS_I2C_REG_DATA_CSUM_GET) {
>> + data_read = tpm_tis_get_checksum(s);
>
> Another parameter to this function will have to be the locality (locty).
Done. TIS code only has single buffer. Also I2C only access one locality
at a time. But I added check to return 0 checksum if the locality is not
active.
>
>> + } else {
>> + data_read = tpm_tis_read_data(s, addr, 4);
>> +
>> + if (i2c_reg == TPM_TIS_I2C_REG_INTF_CAPABILITY) {
>> + /* Prepare the capabilities as per I2C
>> interface */
>> + data_read = tpm_i2c_interface_capability(i2cst,
>> + data_read);
>> + } else if (i2c_reg == TPM_TIS_I2C_REG_STS) {
>> + /*
>> + * As per specs, STS bit 31:26 are reserved
>> and must
>> + * be set to 0
>> + */
>> + data_read &= TPM_I2C_STS_READ_MASK;
>> + }
>> + }
>> + for (j = 0; j < 4; j++) {
>> + i2cst->data[i++] = (data_read & 0xff);
>> + data_read >>= 8;
>> + }
>> + }
>> +
>> + /* Return first byte with this call */
>> + ret = i2cst->data[i2cst->offset++];
>> + }
>> + } else {
>> + i2cst->operation = OP_RECV;
>> + }
>> +
>> + return ret;
>> +}
>> +
>> +/*
>> + * Send function only remembers data in the buffer and then calls
>> + * TPM TIS common code during FINISH event.
>> + */
>> +static int tpm_tis_i2c_send(I2CSlave *i2c, uint8_t data)
>> +{
>> + TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
>> + uint16_t tis_reg;
>> +
>> + /* Reject non-supported registers. */
>> + if (i2cst->offset == 0) {
>> + /* We do not support device address change */
>> + if (data == TPM_TIS_I2C_REG_I2C_DEV_ADDRESS) {
>> + return 1;
>> + }
>> + }
>> +
>> + if (i2cst->offset < 4096) {
>> + i2cst->operation = OP_SEND;
>> +
>> + /* Remember data locally for non-FIFO registers */
>> + if ((i2cst->offset == 0) ||
>> + (i2cst->data[0] != TPM_TIS_I2C_REG_DATA_FIFO)) {
>> + i2cst->data[i2cst->offset++] = data;
>> + } else {
>> + tis_reg = tpm_tis_i2c_to_tis_reg(i2cst->data[0],
>> &i2cst->size);
>> + tpm_tis_write_data(&i2cst->state, tis_reg, data, 1);
>> + }
>> +
>> + return 0;
>> +
>> + } else {
>> + /* Return non-zero to indicate NAK */
>> + return 1;
>> + }
>> +}
>> +
>> +static Property tpm_tis_i2c_properties[] = {
>> + DEFINE_PROP_UINT32("irq", TPMStateI2C, state.irq_num, TPM_TIS_IRQ),
>> + DEFINE_PROP_TPMBE("tpmdev", TPMStateI2C, state.be_driver),
>> + DEFINE_PROP_END_OF_LIST(),
>> +};
>> +
>> +static void tpm_tis_i2c_realizefn(DeviceState *dev, Error **errp)
>> +{
>> + TPMStateI2C *i2cst = TPM_TIS_I2C(dev);
>> + TPMState *s = &i2cst->state;
>> +
>> + if (!tpm_find()) {
>> + error_setg(errp, "at most one TPM device is permitted");
>> + return;
>> + }
>> +
>> + /*
>> + * Get the backend pointer. It is not initialized propery during
>> + * device_class_set_props
>> + */
>> + s->be_driver = qemu_find_tpm_be("tpm0");
>> +
>> + if (!s->be_driver) {
>> + error_setg(errp, "'tpmdev' property is required");
>> + return;
>> + }
>> + if (s->irq_num > 15) {
>> + error_setg(errp, "IRQ %d is outside valid range of 0 to 15",
>> + s->irq_num);
>> + return;
>> + }
>> +}
>> +
>> +static void tpm_tis_i2c_reset(DeviceState *dev)
>> +{
>> + TPMStateI2C *i2cst = TPM_TIS_I2C(dev);
>> + TPMState *s = &i2cst->state;
>> +
>> + tpm_tis_i2c_init_cache(i2cst);
>> +
>> + i2cst->csum_enable = false;
>> +
>> + return tpm_tis_reset(s);
>> +}
>> +
>> +static void tpm_tis_i2c_class_init(ObjectClass *klass, void *data)
>> +{
>> + DeviceClass *dc = DEVICE_CLASS(klass);
>> + I2CSlaveClass *k = I2C_SLAVE_CLASS(klass);
>> + TPMIfClass *tc = TPM_IF_CLASS(klass);
>> +
>> + dc->realize = tpm_tis_i2c_realizefn;
>> + dc->reset = tpm_tis_i2c_reset;
>> + device_class_set_props(dc, tpm_tis_i2c_properties);
>> +
>> + k->event = tpm_tis_i2c_event;
>> + k->recv = tpm_tis_i2c_recv;
>> + k->send = tpm_tis_i2c_send;
>> +
>> + tc->model = TPM_MODEL_TPM_TIS;
>> + tc->request_completed = tpm_tis_i2c_request_completed;
>> + tc->get_version = tpm_tis_i2c_get_tpm_version;
>> +}
>> +
>> +static const TypeInfo tpm_tis_i2c_info = {
>> + .name = TYPE_TPM_TIS_I2C,
>> + .parent = TYPE_I2C_SLAVE,
>> + .instance_size = sizeof(TPMStateI2C),
>> + .class_init = tpm_tis_i2c_class_init,
>> + .interfaces = (InterfaceInfo[]) {
>> + { TYPE_TPM_IF },
>> + { }
>> + }
>> +};
>> +
>> +static void tpm_tis_i2c_register_types(void)
>> +{
>> + type_register_static(&tpm_tis_i2c_info);
>> +}
>> +
>> +type_init(tpm_tis_i2c_register_types)
>> diff --git a/include/sysemu/tpm.h b/include/sysemu/tpm.h
>> index fb40e30ff6..66e3b45f30 100644
>> --- a/include/sysemu/tpm.h
>> +++ b/include/sysemu/tpm.h
>> @@ -48,6 +48,7 @@ struct TPMIfClass {
>> #define TYPE_TPM_TIS_SYSBUS "tpm-tis-device"
>> #define TYPE_TPM_CRB "tpm-crb"
>> #define TYPE_TPM_SPAPR "tpm-spapr"
>> +#define TYPE_TPM_TIS_I2C "tpm-tis-i2c"
>> #define TPM_IS_TIS_ISA(chr) \
>> object_dynamic_cast(OBJECT(chr), TYPE_TPM_TIS_ISA)
>> @@ -57,6 +58,8 @@ struct TPMIfClass {
>> object_dynamic_cast(OBJECT(chr), TYPE_TPM_CRB)
>> #define TPM_IS_SPAPR(chr) \
>> object_dynamic_cast(OBJECT(chr), TYPE_TPM_SPAPR)
>> +#define TPM_IS_TIS_I2C(chr) \
>> + object_dynamic_cast(OBJECT(chr), TYPE_TPM_TIS_I2C)
>> /* returns NULL unless there is exactly one TPM device */
>> static inline TPMIf *tpm_find(void)
>
>
> We will also need an ACPI table for this device on all platforms where
> it can be instantiated
> and I think that's not just ARM.
Ok, I can handle other platform once this work is done. But I don't have
anything to run it.
>
> I am currently writing a test case reading data from the aspeed i2c
> bus. I hope this will help
> developing this emulation here but with me not knowing the I2C bus
> behavior it has its own challenges..
>
Thanks. Please let us know if you have any question.
>
> Stefan
Thank you for the review!
Ninad
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 1/3] docs: Add support for TPM devices over I2C bus
2023-03-23 7:49 ` Cédric Le Goater
@ 2023-03-23 22:11 ` Ninad Palsule
2023-03-24 3:23 ` Ninad Palsule
1 sibling, 0 replies; 20+ messages in thread
From: Ninad Palsule @ 2023-03-23 22:11 UTC (permalink / raw)
To: Cédric Le Goater, Ninad Palsule, qemu-devel; +Cc: joel, andrew, stefanb
On 3/23/23 2:49 AM, Cédric Le Goater wrote:
> On 3/23/23 04:01, Ninad Palsule wrote:
>> This is a documentation change for I2C TPM device support.
>>
>> Qemu already supports devices attached to ISA and sysbus.
>> This drop adds support for the I2C bus attached TPM devices.
>>
>> Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
>>
>> ---
>> V2:
>>
>> Incorporated Stephen's review comments
>> - Added example in the document.
>> ---
>> docs/specs/tpm.rst | 20 +++++++++++++++++++-
>> 1 file changed, 19 insertions(+), 1 deletion(-)
>>
>> diff --git a/docs/specs/tpm.rst b/docs/specs/tpm.rst
>> index 535912a92b..bf7249b09c 100644
>> --- a/docs/specs/tpm.rst
>> +++ b/docs/specs/tpm.rst
>> @@ -21,11 +21,15 @@ QEMU files related to TPM TIS interface:
>> - ``hw/tpm/tpm_tis_common.c``
>> - ``hw/tpm/tpm_tis_isa.c``
>> - ``hw/tpm/tpm_tis_sysbus.c``
>> + - ``hw/tpm/tpm_tis_i2c.c``
>> - ``hw/tpm/tpm_tis.h``
>> Both an ISA device and a sysbus device are available. The former is
>> used with pc/q35 machine while the latter can be instantiated in the
>> -Arm virt machine.
>> +Arm virt machine. An I2C device support is also added which can be
>> +instantiated in the arm based emulation machine. An I2C device is also
>> +supported for the Arm virt machine. This device only supports the
>> +TPM 2 protocol.
>> CRB interface
>> -------------
>> @@ -348,6 +352,20 @@ In case an Arm virt machine is emulated, use the
>> following command line:
>> -drive if=pflash,format=raw,file=flash0.img,readonly=on \
>> -drive if=pflash,format=raw,file=flash1.img
>> +In case a Rainier bmc machine is emulated, use the following
>> command line:
>> +
>> +.. code-block:: console
>> +
>> + qemu-system-arm -M rainier-bmc -nographic \
>> + -kernel ${IMAGEPATH}/fitImage-linux.bin \
>> + -dtb ${IMAGEPATH}/aspeed-bmc-ibm-rainier.dtb \
>> + -initrd ${IMAGEPATH}/obmc-phosphor-initramfs.rootfs.cpio.xz \
>> + -drive
>> file=${IMAGEPATH}/obmc-phosphor-image.rootfs.wic.qcow2,if=sd,index=2\
>> + -net nic -net
>> user,hostfwd=:127.0.0.1:2222-:22,hostfwd=:127.0.0.1:2443-:443\
>> + -chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
>> + -tpmdev emulator,id=tpm0,chardev=chrtpm \
>> + -device tpm-tis-i2c,tpmdev=tpm0,bus=aspeed.i2c.bus.12,address=0x2e
>
>
> The rainier images are not the easiest to find. Could we use an
> AST2600 EVB
> machine instead and instantiate the device from user space ? see commit
> 3302184f7f or 7a7308eae0.
>
Ok, I will check on AST2600 EVB machine. The rainier images are
available here:
https://jenkins.openbmc.org/job/ci-openbmc/lastSuccessfulBuild/distro=ubuntu,label=docker-builder,target=p10bmc/artifact/openbmc/build/tmp/deploy/images/p10bmc/
Thanks for the review.
Ninad
> Thanks,
>
> C.
>
>> In case SeaBIOS is used as firmware, it should show the TPM menu item
>> after entering the menu with 'ESC'.
>
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 3/3] New I2C: Add support for TPM devices over I2C bus
2023-03-23 8:37 ` Cédric Le Goater
@ 2023-03-23 22:32 ` Ninad Palsule
2023-03-24 8:06 ` Cédric Le Goater
0 siblings, 1 reply; 20+ messages in thread
From: Ninad Palsule @ 2023-03-23 22:32 UTC (permalink / raw)
To: Cédric Le Goater, Ninad Palsule, qemu-devel; +Cc: joel, andrew, stefanb
On 3/23/23 3:37 AM, Cédric Le Goater wrote:
> On 3/23/23 04:01, Ninad Palsule wrote:
>> Qemu already supports devices attached to ISA and sysbus. This drop adds
>> support for the I2C bus attached TPM devices. I2C model only supports
>> TPM2 protocol.
>>
>> This commit includes changes for the common code.
>> - Added I2C emulation model. Logic was added in the model to temporarily
>> cache the data as I2C interface works per byte basis.
>> - New tpm type "tpm-tis-i2c" added for I2C support. User specify this
>> string on command line.
>>
>> Testing:
>> TPM I2C device modulte is tested using SWTPM (software based TPM
>> package). The qemu used the rainier machine and it was connected to
>> swtpm over the socket interface.
>>
>> The command to start swtpm is as follows:
>> $ swtpm socket --tpmstate dir=/tmp/mytpm1 \
>> --ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock \
>> --tpm2 --log level=100
>>
>> The command to start qemu is as follows:
>> $ qemu-system-arm -M rainier-bmc -nographic \
>> -kernel ${IMAGEPATH}/fitImage-linux.bin \
>> -dtb ${IMAGEPATH}/aspeed-bmc-ibm-rainier.dtb \
>> -initrd
>> ${IMAGEPATH}/obmc-phosphor-initramfs.rootfs.cpio.xz \
>> -drive
>> file=${IMAGEPATH}/obmc-phosphor-image.rootfs.wic.qcow2,if=sd,index=2 \
>> -net nic -net
>> user,hostfwd=:127.0.0.1:2222-:22,hostfwd=:127.0.0.1:2443-:443 \
>> -chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
>> -tpmdev emulator,id=tpm0,chardev=chrtpm \
>> -device
>> tpm-tis-i2c,tpmdev=tpm0,bus=aspeed.i2c.bus.12,address=0x2e
>>
>> Note: Currently you need to specify the I2C bus and device address on
>> command line. In future we can add a device at board level.
>
> yes. Anyhow, it is better to start with user created device first than
> with
> default devices created at the board level.
I could not find the arch/arm/boot/dts/aspeed-ast2600-evb.dtb in
https://jenkins.openbmc.org/job/ci-openbmc/lastSuccessfulBuild/
<https://jenkins.openbmc.org/job/ci-openbmc/lastSuccessfulBuild/>. Can
you please point me to the location?
>
>>
>> Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
>> ---
>> V2:
>> Incorporated Stephen's review comments.
>> - Handled checksum related register in I2C layer
>> - Defined I2C interface capabilities and return those instead of
>> capabilities from TPM TIS. Add required capabilities from TIS.
>> - Do not cache FIFO data in the I2C layer.
>> - Make sure that Device address change register is not passed to I2C
>> layer as capability indicate that it is not supported.
>> - Added boundary checks.
>> - Make sure that bits 26-31 are zeroed for the TPM_STS register on read
>> - Updated Kconfig files for new define.
>> ---
>> hw/arm/Kconfig | 1 +
>> hw/tpm/Kconfig | 7 +
>> hw/tpm/meson.build | 1 +
>> hw/tpm/tpm_tis_i2c.c | 440 +++++++++++++++++++++++++++++++++++++++++++
>> include/sysemu/tpm.h | 3 +
>> 5 files changed, 452 insertions(+)
>> create mode 100644 hw/tpm/tpm_tis_i2c.c
>>
>> diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
>> index b5aed4aff5..05d6ef1a31 100644
>> --- a/hw/arm/Kconfig
>> +++ b/hw/arm/Kconfig
>> @@ -6,6 +6,7 @@ config ARM_VIRT
>> imply VFIO_PLATFORM
>> imply VFIO_XGMAC
>> imply TPM_TIS_SYSBUS
>> + imply TPM_TIS_I2C
>> imply NVDIMM
>> select ARM_GIC
>> select ACPI
>> diff --git a/hw/tpm/Kconfig b/hw/tpm/Kconfig
>> index 29e82f3c92..a46663288c 100644
>> --- a/hw/tpm/Kconfig
>> +++ b/hw/tpm/Kconfig
>> @@ -1,3 +1,10 @@
>> +config TPM_TIS_I2C
>> + bool
>> + depends on TPM
>> + select TPM_BACKEND
>> + select I2C
>> + select TPM_TIS
>> +
>> config TPM_TIS_ISA
>> bool
>> depends on TPM && ISA_BUS
>> diff --git a/hw/tpm/meson.build b/hw/tpm/meson.build
>> index 7abc2d794a..76fe3cb098 100644
>> --- a/hw/tpm/meson.build
>> +++ b/hw/tpm/meson.build
>> @@ -1,6 +1,7 @@
>> softmmu_ss.add(when: 'CONFIG_TPM_TIS', if_true:
>> files('tpm_tis_common.c'))
>> softmmu_ss.add(when: 'CONFIG_TPM_TIS_ISA', if_true:
>> files('tpm_tis_isa.c'))
>> softmmu_ss.add(when: 'CONFIG_TPM_TIS_SYSBUS', if_true:
>> files('tpm_tis_sysbus.c'))
>> +softmmu_ss.add(when: 'CONFIG_TPM_TIS_I2C', if_true:
>> files('tpm_tis_i2c.c'))
>> softmmu_ss.add(when: 'CONFIG_TPM_CRB', if_true: files('tpm_crb.c'))
>> softmmu_ss.add(when: 'CONFIG_TPM_TIS', if_true: files('tpm_ppi.c'))
>> softmmu_ss.add(when: 'CONFIG_TPM_CRB', if_true: files('tpm_ppi.c'))
>> diff --git a/hw/tpm/tpm_tis_i2c.c b/hw/tpm/tpm_tis_i2c.c
>> new file mode 100644
>> index 0000000000..5cec5f7806
>> --- /dev/null
>> +++ b/hw/tpm/tpm_tis_i2c.c
>> @@ -0,0 +1,440 @@
>> +/*
>> + * tpm_tis_i2c.c - QEMU's TPM TIS I2C Device
>> + *
>> + * This work is licensed under the terms of the GNU GPL, version 2
>> or later.
>> + * See the COPYING file in the top-level directory.
>> + *
>> + * Implementation of the TIS interface according to specs found at
>> + * http://www.trustedcomputinggroup.org. This implementation currently
>> + * supports version 1.3, 21 March 2013
>> + * In the developers menu choose the PC Client section then find the
>> TIS
>> + * specification.
>> + *
>> + * TPM TIS for TPM 2 implementation following TCG PC Client Platform
>> + * TPM Profile (PTP) Specification, Familiy 2.0, Revision 00.43
>> + *
>> + * TPM I2C implementation follows TCG TPM I2c Interface specification,
>> + * Family 2.0, Level 00, Revision 1.00
>> + */
>> +
>> +#include "qemu/osdep.h"
>> +#include "hw/i2c/i2c.h"
>> +#include "hw/qdev-properties.h"
>> +#include "hw/acpi/tpm.h"
>> +#include "migration/vmstate.h"
>> +#include "tpm_prop.h"
>> +#include "tpm_tis.h"
>> +#include "qom/object.h"
>> +#include "block/aio.h"
>> +#include "qemu/main-loop.h"
>> +
>> +/* TPM TIS I2C registers */
>> +#define TPM_TIS_I2C_REG_LOC_SEL 0x00
>> +#define TPM_TIS_I2C_REG_ACCESS 0x04
>> +#define TPM_TIS_I2C_REG_INT_ENABLE 0x08
>> +#define TPM_TIS_I2C_REG_INT_CAPABILITY 0x14
>> +#define TPM_TIS_I2C_REG_STS 0x18
>> +#define TPM_TIS_I2C_REG_DATA_FIFO 0x24
>> +#define TPM_TIS_I2C_REG_INTF_CAPABILITY 0x30
>> +#define TPM_TIS_I2C_REG_I2C_DEV_ADDRESS 0x38
>> +#define TPM_TIS_I2C_REG_DATA_CSUM_ENABLE 0x40
>> +#define TPM_TIS_I2C_REG_DATA_CSUM_GET 0x44
>> +#define TPM_TIS_I2C_REG_DID_VID 0x48
>> +#define TPM_TIS_I2C_REG_RID 0x4c
>> +#define TPM_TIS_I2C_REG_UNKNOWN 0xff
>> +
>> +/* I2C specific interface capabilities */
>> +#define TPM_I2C_CAP_INTERFACE_TYPE (0x2 << 0) /* FIFO interface */
>> +#define TPM_I2C_CAP_INTERFACE_VER (0x0 << 4) /* TCG I2C intf
>> 1.0 */
>> +#define TPM_I2C_CAP_TPM2_FAMILY (0x1 << 7) /* TPM 2.0 family. */
>> +#define TPM_I2C_CAP_DEV_ADDR_CHANGE (0x0 << 27) /* No dev addr
>> chng */
>> +#define TPM_I2C_CAP_BURST_COUNT_STATIC (0x1 << 29) /* Burst count
>> static */
>> +#define TPM_I2C_CAP_LOCALITY_CAP (0x1 << 25) /* 0-5 locality */
>> +#define TPM_I2C_CAP_BUS_SPEED (3 << 21) /* std and fast
>> mode */
>> +
>> +/* TPM_STS mask for read bits 31:26 must be zero */
>> +#define TPM_I2C_STS_READ_MASK 0x03ffffff
>> +
>> +/* Operations */
>> +#define OP_SEND 1
>> +#define OP_RECV 2
>> +
>> +typedef struct TPMStateI2C {
>> + /*< private >*/
>> + I2CSlave parent_obj;
>> +
>> + int offset; /* offset in to data[] */
>> + int size; /* Size of the current reg data */
>> + uint8_t operation; /* OP_SEND & OP_RECV */
>> + uint8_t data[4096]; /* Data */
>
> That's a lot of bytes. What is the max in HW ?
I was initially caching whole page now I change the login on write so I
change the value to 16.
>
>> +
>> + bool csum_enable;
>> + uint32_t tis_intf_cap; /* save TIS interface Capabilities */
>> +
>> + /*< public >*/
>> + TPMState state; /* not a QOM object */
>
> hmm, why ? is that per design of the TPM model ?
>
Yes, That is required for the TPM model.
>> +
>> +} TPMStateI2C;
>> +
>> +DECLARE_INSTANCE_CHECKER(TPMStateI2C, TPM_TIS_I2C,
>> + TYPE_TPM_TIS_I2C)
>> +
>> +/* Register map */
>> +typedef struct reg_map {
>> + uint16_t i2c_reg; /* I2C register */
>> + uint16_t tis_reg; /* TIS register */
>> + uint32_t data_size; /* data size expected */
>> +} i2c_reg_map;
>
> QEMU prefers CamelCase coding style for types.
I changed reg_map to CamelCase.
>
>> +
>> +/*
>> + * The register values in the common code is different than the latest
>> + * register numbers as per the spec hence add the conversion map
>> + */
>> +static const i2c_reg_map tpm_tis_reg_map[] = {
>> + { TPM_TIS_I2C_REG_LOC_SEL, TPM_TIS_REG_ACCESS, 1, },
>> + { TPM_TIS_I2C_REG_ACCESS, TPM_TIS_REG_ACCESS, 1, },
>> + { TPM_TIS_I2C_REG_INT_ENABLE, TPM_TIS_REG_INT_ENABLE,
>> 4, },
>> + { TPM_TIS_I2C_REG_INT_CAPABILITY,
>> TPM_TIS_REG_INT_VECTOR, 4, },
>> + { TPM_TIS_I2C_REG_STS, TPM_TIS_REG_STS, 4, },
>> + { TPM_TIS_I2C_REG_DATA_FIFO, TPM_TIS_REG_DATA_FIFO,
>> 0, },
>> + { TPM_TIS_I2C_REG_INTF_CAPABILITY,
>> TPM_TIS_REG_INTF_CAPABILITY, 4, },
>> + { TPM_TIS_I2C_REG_I2C_DEV_ADDRESS,
>> TPM_TIS_I2C_REG_I2C_DEV_ADDRESS, 2, },
>> + { TPM_TIS_I2C_REG_DATA_CSUM_ENABLE,
>> TPM_TIS_I2C_REG_DATA_CSUM_ENABLE, 1, },
>> + { TPM_TIS_I2C_REG_DATA_CSUM_GET,
>> TPM_TIS_I2C_REG_DATA_CSUM_GET, 2, },
>> + { TPM_TIS_I2C_REG_DID_VID, TPM_TIS_REG_DID_VID, 4, },
>> + { TPM_TIS_I2C_REG_RID, TPM_TIS_REG_RID, 1, },
>> +};
>> +
>> +/* Generate interface capability based on what is returned by TIS
>> and what is
>> + * expected by I2C. Save the capability in the data array
>> overwriting the TIS
>> + * capability.
>> + */
>> +static uint32_t tpm_i2c_interface_capability(TPMStateI2C *i2cst,
>> uint32_t tis_cap)
>> +{
>> + uint32_t i2c_cap = 0;
>> +
>> + i2cst->tis_intf_cap = tis_cap;
>> +
>> + /* Now generate i2c capability */
>> + i2c_cap = (TPM_I2C_CAP_INTERFACE_TYPE |
>> + TPM_I2C_CAP_INTERFACE_VER |
>> + TPM_I2C_CAP_TPM2_FAMILY |
>> + TPM_I2C_CAP_LOCALITY_CAP |
>> + TPM_I2C_CAP_BUS_SPEED |
>> + TPM_I2C_CAP_DEV_ADDR_CHANGE);
>> +
>> + /* Now check the TIS and set some capabilities */
>> +
>> + /* Static burst count set */
>> + if (i2cst->tis_intf_cap & 0x100) {
>> + i2c_cap |= TPM_I2C_CAP_BURST_COUNT_STATIC;
>> + }
>> +
>> + return i2c_cap;
>> +}
>> +
>> +static inline uint16_t tpm_tis_i2c_to_tis_reg(uint64_t i2c_reg, int
>> *size)
>> +{
>> + uint16_t tis_reg = i2c_reg;
>> + const i2c_reg_map *reg_map;
>> + int i;
>> +
>> + for (i = 0; i < ARRAY_SIZE(tpm_tis_reg_map); i++) {
>> + reg_map = &tpm_tis_reg_map[i];
>> + if (reg_map->i2c_reg == (i2c_reg & 0xff)) {
>> + tis_reg = reg_map->tis_reg;
>> + *size = reg_map->data_size;
>> + break;
>> + }
>> + }
>> +
>> + return tis_reg;
>> +}
>> +
>> +/* Initialize the cached data */
>> +static inline void tpm_tis_i2c_init_cache(TPMStateI2C *i2cst)
>> +{
>> + /* Clear operation and offset */
>> + i2cst->operation = 0;
>> + i2cst->offset = 0;
>> + i2cst->size = 0;
>> +
>> + return;
>> +}
>> +
>> +/* Send data to TPM */
>> +static inline void tpm_tis_i2c_tpm_send(TPMStateI2C *i2cst)
>> +{
>> + uint16_t tis_reg;
>> + uint32_t data;
>> + int i;
>> +
>> + if ((i2cst->operation == OP_SEND) && (i2cst->offset > 1)) {
>> +
>> + /*
>> + * Checksum is not handled by common code hence we will
>> consume the
>> + * register here.
>> + */
>> + if (i2cst->data[0] == TPM_TIS_I2C_REG_DATA_CSUM_ENABLE) {
>> + i2cst->csum_enable = true;
>> + } else if (i2cst->data[0] != TPM_TIS_I2C_REG_DATA_FIFO) {
>> + tis_reg = tpm_tis_i2c_to_tis_reg(i2cst->data[0],
>> &i2cst->size);
>> +
>> + /* Index 0 is always a register */
>> + for (i = 1; i < i2cst->offset; i++) {
>> + data = i2cst->data[i];
>> + tpm_tis_write_data(&i2cst->state, tis_reg, data, 1);
>> + }
>> + }
>> +
>> + tpm_tis_i2c_init_cache(i2cst);
>> + }
>> +
>> + return;
>> +}
>> +
>> +/* Callback from TPM to indicate that response is copied */
>> +static void tpm_tis_i2c_request_completed(TPMIf *ti, int ret)
>> +{
>> + TPMStateI2C *i2cst = TPM_TIS_I2C(ti);
>> + TPMState *s = &i2cst->state;
>> +
>> + /* Inform the common code. */
>> + tpm_tis_request_completed(s, ret);
>> +}
>> +
>> +static enum TPMVersion tpm_tis_i2c_get_tpm_version(TPMIf *ti)
>> +{
>> + TPMStateI2C *i2cst = TPM_TIS_I2C(ti);
>> + TPMState *s = &i2cst->state;
>> +
>> + return tpm_tis_get_tpm_version(s);
>> +}
>> +
>> +static int tpm_tis_i2c_event(I2CSlave *i2c, enum i2c_event event)
>> +{
>> + TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
>> + int ret = 0;
>> +
>> + switch (event) {
>> + case I2C_START_RECV:
>> + break;
>> + case I2C_START_SEND:
>> + tpm_tis_i2c_init_cache(i2cst);
>> + break;
>> + case I2C_FINISH:
>> + if (i2cst->operation == OP_SEND) {
>> + tpm_tis_i2c_tpm_send(i2cst);
>> + } else {
>> + tpm_tis_i2c_init_cache(i2cst);
>> + }
>> + break;
>> + default:
>> + break;
>> + }
>> +
>> + return ret;
>> +}
>> +
>> +/*
>> + * If data is for FIFO then it is received from tpm_tis_common buffer
>> + * otherwise it will be handled using single call to common code and
>> + * cached in the local buffer.
>> + */
>> +static uint8_t tpm_tis_i2c_recv(I2CSlave *i2c)
>> +{
>> + int ret = 0;
>> + int i, j;
>> + uint32_t addr;
>> + uint32_t data_read;
>> + uint16_t i2c_reg;
>> + TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
>> + TPMState *s = &i2cst->state;
>> +
>> + if (i2cst->operation == OP_RECV) {
>> +
>> + /* Do not cache FIFO data. */
>> + if (i2cst->data[0] == TPM_TIS_I2C_REG_DATA_FIFO) {
>> + addr = tpm_tis_i2c_to_tis_reg(TPM_TIS_I2C_REG_DATA_FIFO,
>> + &i2cst->size);
>> + data_read = tpm_tis_read_data(s, addr, 1);
>> + ret = (data_read & 0xff);
>> + } else if (i2cst->offset < 4096) {
>
> use a define or sizeof(i2cst->data)
Done
>
>> + ret = i2cst->data[i2cst->offset++];
>> + }
>> +
>> + } else if ((i2cst->operation == OP_SEND) && (i2cst->offset < 2)) {
>> + /* First receive call after send */
>> +
>> + i2c_reg = i2cst->data[0];
>> +
>> + i2cst->operation = OP_RECV;
>> + i2cst->offset = 1; /* keep the register value intact for
>> debug */
>> +
>> + addr = tpm_tis_i2c_to_tis_reg(i2c_reg, &i2cst->size);
>> +
>> + /* FIFO data is directly read from TPM TIS */
>> + if (i2c_reg == TPM_TIS_I2C_REG_DATA_FIFO) {
>> + data_read = tpm_tis_read_data(s, addr, 1);
>> + ret = (data_read & 0xff);
>> + } else {
>> + /*
>> + * Save the data in the data field. Save it in the little
>> + * endian format.
>> + */
>> + for (i = 1; i <= i2cst->size;) {
>> + /*
>> + * Checksum registers are not supported by common
>> code hence
>> + * call a common code to get the checksum.
>> + */
>> + if (i2c_reg == TPM_TIS_I2C_REG_DATA_CSUM_GET) {
>> + data_read = tpm_tis_get_checksum(s);
>> + } else {
>> + data_read = tpm_tis_read_data(s, addr, 4);
>> +
>> + if (i2c_reg == TPM_TIS_I2C_REG_INTF_CAPABILITY) {
>> + /* Prepare the capabilities as per I2C
>> interface */
>> + data_read = tpm_i2c_interface_capability(i2cst,
>> + data_read);
>> + } else if (i2c_reg == TPM_TIS_I2C_REG_STS) {
>> + /*
>> + * As per specs, STS bit 31:26 are reserved
>> and must
>> + * be set to 0
>> + */
>> + data_read &= TPM_I2C_STS_READ_MASK;
>> + }
>> + }
>> + for (j = 0; j < 4; j++) {
>> + i2cst->data[i++] = (data_read & 0xff);
>> + data_read >>= 8;
>> + }
>
> Why do you need 2 loops ? This is complex to follow.
You are right. Now that I moved writes to TIS , I am able to remove
outer loop.
>
>> + }
>> + /* Return first byte with this call */
>> + ret = i2cst->data[i2cst->offset++];
>> + }
>> + } else {
>> + i2cst->operation = OP_RECV;
>> + }
>> +
>> + return ret;
>> +}
>> +
>> +/*
>> + * Send function only remembers data in the buffer and then calls
>> + * TPM TIS common code during FINISH event.
>> + */
>> +static int tpm_tis_i2c_send(I2CSlave *i2c, uint8_t data)
>> +{
>> + TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
>> + uint16_t tis_reg;
>> +
>> + /* Reject non-supported registers. */
>> + if (i2cst->offset == 0) {
>> + /* We do not support device address change */
>> + if (data == TPM_TIS_I2C_REG_I2C_DEV_ADDRESS) {
>
> may be add a qemu_log_mask(LOG_UNIMP, " ...");
Done
>
>> + return 1;
>> + }
>> + }
>> +
>> + if (i2cst->offset < 4096) {
>
> use a define or sizeof(i2cst->data)
Done
>
>> + i2cst->operation = OP_SEND;
>> +
>> + /* Remember data locally for non-FIFO registers */
>> + if ((i2cst->offset == 0) ||
>> + (i2cst->data[0] != TPM_TIS_I2C_REG_DATA_FIFO)) {
>> + i2cst->data[i2cst->offset++] = data;
>> + } else {
>> + tis_reg = tpm_tis_i2c_to_tis_reg(i2cst->data[0],
>> &i2cst->size);
>> + tpm_tis_write_data(&i2cst->state, tis_reg, data, 1);
>> + }
>> +
>> + return 0;
>> +
>> + } else {
>> + /* Return non-zero to indicate NAK */
>> + return 1;
>> + }
>> +}
>> +
>> +static Property tpm_tis_i2c_properties[] = {
>> + DEFINE_PROP_UINT32("irq", TPMStateI2C, state.irq_num, TPM_TIS_IRQ),
>
> hmm, irq seems unused.
I is used in the TIS and backend.
>
>> + DEFINE_PROP_TPMBE("tpmdev", TPMStateI2C, state.be_driver),
>> + DEFINE_PROP_END_OF_LIST(),
>> +};
>
> I don't see an .instance_init routine initializing the TPMState sub
> device.
The TPMState initialization happens under tpm_tis_reset.
>
>> +
>> +static void tpm_tis_i2c_realizefn(DeviceState *dev, Error **errp)
>> +{
>> + TPMStateI2C *i2cst = TPM_TIS_I2C(dev);
>> + TPMState *s = &i2cst->state;
>> +
>> + if (!tpm_find()) {
>> + error_setg(errp, "at most one TPM device is permitted");
>> + return;
>> + }
>> +
>> + /*
>> + * Get the backend pointer. It is not initialized propery during
>> + * device_class_set_props
>> + */
>> + s->be_driver = qemu_find_tpm_be("tpm0");
>
> I don't understand that part. Looks weird to me.
It should happen under device_class_set_props() but this function is
getting invoked before tpm0 is created hence I had to query separately
in the realize function.
>
>> + if (!s->be_driver) {
>> + error_setg(errp, "'tpmdev' property is required");
>> + return;
>> + }
>> + if (s->irq_num > 15) {
>> + error_setg(errp, "IRQ %d is outside valid range of 0 to 15",
>> + s->irq_num);
>> + return;
>> + }
>
> The code above belongs to a TPMState realize routine it seems. I was
> expecting something like :
>
> if (!qdev_realize(qdev_realize(DEVICE(&i2cst->state), NULL, &errp)) {
> return;
> }
> Looking closer, this comment applies to some other tpm devices. May be
> I misunderstood how TPM is designed though.
>
I followed direction from tpm_tis_sysbus.c code. But I still had to call
find backend.
Thanks for the review.
Ninad
> Thanks,
>
> C.
>
>> +}
>> +
>> +static void tpm_tis_i2c_reset(DeviceState *dev)
>> +{
>> + TPMStateI2C *i2cst = TPM_TIS_I2C(dev);
>> + TPMState *s = &i2cst->state;
>> +
>> + tpm_tis_i2c_init_cache(i2cst);
>> +
>> + i2cst->csum_enable = false;
>> +
>> + return tpm_tis_reset(s);
>> +}
>> +
>> +static void tpm_tis_i2c_class_init(ObjectClass *klass, void *data)
>> +{
>> + DeviceClass *dc = DEVICE_CLASS(klass);
>> + I2CSlaveClass *k = I2C_SLAVE_CLASS(klass);
>> + TPMIfClass *tc = TPM_IF_CLASS(klass);
>> +
>> + dc->realize = tpm_tis_i2c_realizefn;
>> + dc->reset = tpm_tis_i2c_reset;
>> + device_class_set_props(dc, tpm_tis_i2c_properties);
>> +
>> + k->event = tpm_tis_i2c_event;
>> + k->recv = tpm_tis_i2c_recv;
>> + k->send = tpm_tis_i2c_send;
>> +
>> + tc->model = TPM_MODEL_TPM_TIS;
>> + tc->request_completed = tpm_tis_i2c_request_completed;
>> + tc->get_version = tpm_tis_i2c_get_tpm_version;
>> +}
>> +
>> +static const TypeInfo tpm_tis_i2c_info = {
>> + .name = TYPE_TPM_TIS_I2C,
>> + .parent = TYPE_I2C_SLAVE,
>> + .instance_size = sizeof(TPMStateI2C),
>> + .class_init = tpm_tis_i2c_class_init,
>> + .interfaces = (InterfaceInfo[]) {
>> + { TYPE_TPM_IF },
>> + { }
>> + }
>> +};
>> +
>> +static void tpm_tis_i2c_register_types(void)
>> +{
>> + type_register_static(&tpm_tis_i2c_info);
>> +}
>> +
>> +type_init(tpm_tis_i2c_register_types)
>> diff --git a/include/sysemu/tpm.h b/include/sysemu/tpm.h
>> index fb40e30ff6..66e3b45f30 100644
>> --- a/include/sysemu/tpm.h
>> +++ b/include/sysemu/tpm.h
>> @@ -48,6 +48,7 @@ struct TPMIfClass {
>> #define TYPE_TPM_TIS_SYSBUS "tpm-tis-device"
>> #define TYPE_TPM_CRB "tpm-crb"
>> #define TYPE_TPM_SPAPR "tpm-spapr"
>> +#define TYPE_TPM_TIS_I2C "tpm-tis-i2c"
>> #define TPM_IS_TIS_ISA(chr) \
>> object_dynamic_cast(OBJECT(chr), TYPE_TPM_TIS_ISA)
>> @@ -57,6 +58,8 @@ struct TPMIfClass {
>> object_dynamic_cast(OBJECT(chr), TYPE_TPM_CRB)
>> #define TPM_IS_SPAPR(chr) \
>> object_dynamic_cast(OBJECT(chr), TYPE_TPM_SPAPR)
>> +#define TPM_IS_TIS_I2C(chr) \
>> + object_dynamic_cast(OBJECT(chr), TYPE_TPM_TIS_I2C)
>> /* returns NULL unless there is exactly one TPM device */
>> static inline TPMIf *tpm_find(void)
>
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 0/3] Add support for TPM devices over I2C bus
2023-03-23 7:23 ` [PATCH 0/3] " Cédric Le Goater
@ 2023-03-23 22:35 ` Ninad Palsule
0 siblings, 0 replies; 20+ messages in thread
From: Ninad Palsule @ 2023-03-23 22:35 UTC (permalink / raw)
To: Cédric Le Goater, Ninad Palsule, qemu-devel; +Cc: joel, andrew, stefanb
On 3/23/23 2:23 AM, Cédric Le Goater wrote:
> Hello Ninad,
>
> On 3/23/23 04:01, Ninad Palsule wrote:
>> This drop adds support for the TPM devices attached to the I2C bus. It
>> only supports the TPM2 protocol. You need to run it with the external
>> TPM emulator like swtpm. I have tested it with swtpm.
>>
>> I have refered to the work done by zhdaniel@meta.com but at the core
>> level out implementation is different.
>> https://github.com/theopolis/qemu/commit/2e2e57cde9e419c36af8071bb85392ad1ed70966
>>
>>
>> Based-on: $MESSAGE_ID
>> ---
>> V2:
>> Incorporated Stephan's comments.
>
> Please add a version to the patchsets you send :
>
> git format-patch -v 2 --cover-letter ....
>
> it is better practice and easier to track in our mailboxes. The automated
> tools patchew, patchwork, also track them.
>
Yes, I noted down. Sorry I missed that last time.
>>
>> Ninad Palsule (3):
>> docs: Add support for TPM devices over I2C bus
>
> Generally we add the docs after support. No big deal.
Ok, I will remember this next time.
>
>
>> TPM TIS: Add support for TPM devices over I2C bus
>> New I2C: Add support for TPM devices over I2C bus
>
> Have you looked at adding tests ? qtest or avocado ?
>
> We discussed offline about it with Stefan and the I2C qos framework in
> qtest is a bit of a challenge for the TPM purpose. See the thread here :
>
> https://lore.kernel.org/qemu-devel/dd43ec84-51e4-11f7-e067-2fb57a567f09@linux.ibm.com/T/#u
Stefan has already created some tests. Thanks Stefan.
Thanks for the review!
Ninad
>
> Thanks,
>
> C.
>
>
>>
>> docs/specs/tpm.rst | 20 +-
>> hw/arm/Kconfig | 1 +
>> hw/tpm/Kconfig | 7 +
>> hw/tpm/meson.build | 1 +
>> hw/tpm/tpm_tis.h | 3 +
>> hw/tpm/tpm_tis_common.c | 32 +++
>> hw/tpm/tpm_tis_i2c.c | 440 ++++++++++++++++++++++++++++++++++++++++
>> include/sysemu/tpm.h | 3 +
>> 8 files changed, 506 insertions(+), 1 deletion(-)
>> create mode 100644 hw/tpm/tpm_tis_i2c.c
>>
>
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 1/3] docs: Add support for TPM devices over I2C bus
2023-03-23 7:49 ` Cédric Le Goater
2023-03-23 22:11 ` Ninad Palsule
@ 2023-03-24 3:23 ` Ninad Palsule
2023-03-24 5:11 ` Ninad Palsule
1 sibling, 1 reply; 20+ messages in thread
From: Ninad Palsule @ 2023-03-24 3:23 UTC (permalink / raw)
To: Cédric Le Goater, Ninad Palsule, qemu-devel; +Cc: joel, andrew, stefanb
Hello Cedric,
I tried to use ast2600-evb machine but it is not getting any message on
I2C bus.
Any suggestions?
# Start the software TPM emulator.
$ swtpm socket --tpmstate dir=/tmp/mytpm1 --ctrl
type=unixio,path=/tmp/mytpm1/swtpm-sock --tpm2 --log level=100
# Start a qemu and point at swtpm. I am using i2c bus 12 and address 0x2e
$ ~/qemu/build/qemu-system-arm -M ast2600-evb -nographic -kernel
$IMAGEDIR/zImage -dtb $IMAGEDIR/aspeed-ast2600-evb.dtb -initrd
$IMAGEDIR/rootfs.cpio -chardev
socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock -tpmdev
emulator,id=tpm0,chardev=chrtpm -device
tpm-tis-i2c,tpmdev=tpm0,bus=aspeed.i2c.bus.12,address=0x2e
# Inside the ast2600-evb machine. Insantiated the device
# echo 12 0x2e > /sys/bus/i2c/devices/i2c-12/new_device
[ 158.265321] i2c i2c-12: new_device: Instantiated device 12 at 0x2e
# Tried to instantiate TPM device but nothing happening on I2C bus.
# echo 12-002e > /sys/bus/i2c/drivers/tpm_tis_i2c/bind
sh: write error: No such device
Thanks & Regards,
Ninad Palsule
On 3/23/23 2:49 AM, Cédric Le Goater wrote:
> On 3/23/23 04:01, Ninad Palsule wrote:
>> This is a documentation change for I2C TPM device support.
>>
>> Qemu already supports devices attached to ISA and sysbus.
>> This drop adds support for the I2C bus attached TPM devices.
>>
>> Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
>>
>> ---
>> V2:
>>
>> Incorporated Stephen's review comments
>> - Added example in the document.
>> ---
>> docs/specs/tpm.rst | 20 +++++++++++++++++++-
>> 1 file changed, 19 insertions(+), 1 deletion(-)
>>
>> diff --git a/docs/specs/tpm.rst b/docs/specs/tpm.rst
>> index 535912a92b..bf7249b09c 100644
>> --- a/docs/specs/tpm.rst
>> +++ b/docs/specs/tpm.rst
>> @@ -21,11 +21,15 @@ QEMU files related to TPM TIS interface:
>> - ``hw/tpm/tpm_tis_common.c``
>> - ``hw/tpm/tpm_tis_isa.c``
>> - ``hw/tpm/tpm_tis_sysbus.c``
>> + - ``hw/tpm/tpm_tis_i2c.c``
>> - ``hw/tpm/tpm_tis.h``
>> Both an ISA device and a sysbus device are available. The former is
>> used with pc/q35 machine while the latter can be instantiated in the
>> -Arm virt machine.
>> +Arm virt machine. An I2C device support is also added which can be
>> +instantiated in the arm based emulation machine. An I2C device is also
>> +supported for the Arm virt machine. This device only supports the
>> +TPM 2 protocol.
>> CRB interface
>> -------------
>> @@ -348,6 +352,20 @@ In case an Arm virt machine is emulated, use the
>> following command line:
>> -drive if=pflash,format=raw,file=flash0.img,readonly=on \
>> -drive if=pflash,format=raw,file=flash1.img
>> +In case a Rainier bmc machine is emulated, use the following
>> command line:
>> +
>> +.. code-block:: console
>> +
>> + qemu-system-arm -M rainier-bmc -nographic \
>> + -kernel ${IMAGEPATH}/fitImage-linux.bin \
>> + -dtb ${IMAGEPATH}/aspeed-bmc-ibm-rainier.dtb \
>> + -initrd ${IMAGEPATH}/obmc-phosphor-initramfs.rootfs.cpio.xz \
>> + -drive
>> file=${IMAGEPATH}/obmc-phosphor-image.rootfs.wic.qcow2,if=sd,index=2\
>> + -net nic -net
>> user,hostfwd=:127.0.0.1:2222-:22,hostfwd=:127.0.0.1:2443-:443\
>> + -chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
>> + -tpmdev emulator,id=tpm0,chardev=chrtpm \
>> + -device tpm-tis-i2c,tpmdev=tpm0,bus=aspeed.i2c.bus.12,address=0x2e
>
>
> The rainier images are not the easiest to find. Could we use an
> AST2600 EVB
> machine instead and instantiate the device from user space ? see commit
> 3302184f7f or 7a7308eae0.
>
> Thanks,
>
> C.
>
>> In case SeaBIOS is used as firmware, it should show the TPM menu item
>> after entering the menu with 'ESC'.
>
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 1/3] docs: Add support for TPM devices over I2C bus
2023-03-24 3:23 ` Ninad Palsule
@ 2023-03-24 5:11 ` Ninad Palsule
2023-03-24 8:01 ` Cédric Le Goater
0 siblings, 1 reply; 20+ messages in thread
From: Ninad Palsule @ 2023-03-24 5:11 UTC (permalink / raw)
To: Cédric Le Goater, Ninad Palsule, qemu-devel; +Cc: joel, andrew, stefanb
Hello Cedric,
Joel helped me to configure the device and we are able to configure tpm
device on ast2600-evb.
I will include this example in the documentation.
# uname -a
Linux ast2600-evb 6.1.15 #1 SMP Thu Mar 23 20:48:29 CDT 2023 armv7l
GNU/Linux
# cat /etc/os-release
NAME=Buildroot
VERSION=2023.02-dirty
ID=buildroot
VERSION_ID=2023.02
PRETTY_NAME="Buildroot 2023.02"
# echo tpm_tis_i2c 0x2e > /sys/bus/i2c/devices/i2c-12/new_device
[ 59.681684] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1)
[ 59.703190] tpm tpm0: A TPM error (256) occurred attempting the self test
[ 59.705215] tpm tpm0: starting up the TPM manually
[ 59.892917] i2c i2c-12: new_device: Instantiated device tpm_tis_i2c at 0x2e
# cd /sys/class/tpm/tpm0
# ls
dev pcr-sha256 power uevent
device pcr-sha384 subsystem
pcr-sha1 pcr-sha512 tpm_version_major
On 3/23/23 10:23 PM, Ninad Palsule wrote:
> Hello Cedric,
>
> I tried to use ast2600-evb machine but it is not getting any message
> on I2C bus.
>
> Any suggestions?
>
> # Start the software TPM emulator.
> $ swtpm socket --tpmstate dir=/tmp/mytpm1 --ctrl
> type=unixio,path=/tmp/mytpm1/swtpm-sock --tpm2 --log level=100
>
> # Start a qemu and point at swtpm. I am using i2c bus 12 and address 0x2e
> $ ~/qemu/build/qemu-system-arm -M ast2600-evb -nographic -kernel
> $IMAGEDIR/zImage -dtb $IMAGEDIR/aspeed-ast2600-evb.dtb -initrd
> $IMAGEDIR/rootfs.cpio -chardev
> socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock -tpmdev
> emulator,id=tpm0,chardev=chrtpm -device
> tpm-tis-i2c,tpmdev=tpm0,bus=aspeed.i2c.bus.12,address=0x2e
>
> # Inside the ast2600-evb machine. Insantiated the device
> # echo 12 0x2e > /sys/bus/i2c/devices/i2c-12/new_device
> [ 158.265321] i2c i2c-12: new_device: Instantiated device 12 at 0x2e
>
> # Tried to instantiate TPM device but nothing happening on I2C bus.
> # echo 12-002e > /sys/bus/i2c/drivers/tpm_tis_i2c/bind
> sh: write error: No such device
>
> Thanks & Regards,
>
> Ninad Palsule
>
> On 3/23/23 2:49 AM, Cédric Le Goater wrote:
>> On 3/23/23 04:01, Ninad Palsule wrote:
>>> This is a documentation change for I2C TPM device support.
>>>
>>> Qemu already supports devices attached to ISA and sysbus.
>>> This drop adds support for the I2C bus attached TPM devices.
>>>
>>> Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
>>>
>>> ---
>>> V2:
>>>
>>> Incorporated Stephen's review comments
>>> - Added example in the document.
>>> ---
>>> docs/specs/tpm.rst | 20 +++++++++++++++++++-
>>> 1 file changed, 19 insertions(+), 1 deletion(-)
>>>
>>> diff --git a/docs/specs/tpm.rst b/docs/specs/tpm.rst
>>> index 535912a92b..bf7249b09c 100644
>>> --- a/docs/specs/tpm.rst
>>> +++ b/docs/specs/tpm.rst
>>> @@ -21,11 +21,15 @@ QEMU files related to TPM TIS interface:
>>> - ``hw/tpm/tpm_tis_common.c``
>>> - ``hw/tpm/tpm_tis_isa.c``
>>> - ``hw/tpm/tpm_tis_sysbus.c``
>>> + - ``hw/tpm/tpm_tis_i2c.c``
>>> - ``hw/tpm/tpm_tis.h``
>>> Both an ISA device and a sysbus device are available. The former is
>>> used with pc/q35 machine while the latter can be instantiated in the
>>> -Arm virt machine.
>>> +Arm virt machine. An I2C device support is also added which can be
>>> +instantiated in the arm based emulation machine. An I2C device is also
>>> +supported for the Arm virt machine. This device only supports the
>>> +TPM 2 protocol.
>>> CRB interface
>>> -------------
>>> @@ -348,6 +352,20 @@ In case an Arm virt machine is emulated, use
>>> the following command line:
>>> -drive if=pflash,format=raw,file=flash0.img,readonly=on \
>>> -drive if=pflash,format=raw,file=flash1.img
>>> +In case a Rainier bmc machine is emulated, use the following
>>> command line:
>>> +
>>> +.. code-block:: console
>>> +
>>> + qemu-system-arm -M rainier-bmc -nographic \
>>> + -kernel ${IMAGEPATH}/fitImage-linux.bin \
>>> + -dtb ${IMAGEPATH}/aspeed-bmc-ibm-rainier.dtb \
>>> + -initrd ${IMAGEPATH}/obmc-phosphor-initramfs.rootfs.cpio.xz \
>>> + -drive
>>> file=${IMAGEPATH}/obmc-phosphor-image.rootfs.wic.qcow2,if=sd,index=2\
>>> + -net nic -net
>>> user,hostfwd=:127.0.0.1:2222-:22,hostfwd=:127.0.0.1:2443-:443\
>>> + -chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
>>> + -tpmdev emulator,id=tpm0,chardev=chrtpm \
>>> + -device tpm-tis-i2c,tpmdev=tpm0,bus=aspeed.i2c.bus.12,address=0x2e
>>
>>
>> The rainier images are not the easiest to find. Could we use an
>> AST2600 EVB
>> machine instead and instantiate the device from user space ? see commit
>> 3302184f7f or 7a7308eae0.
>>
>> Thanks,
>>
>> C.
>>
>>> In case SeaBIOS is used as firmware, it should show the TPM menu item
>>> after entering the menu with 'ESC'.
>>
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 1/3] docs: Add support for TPM devices over I2C bus
2023-03-24 5:11 ` Ninad Palsule
@ 2023-03-24 8:01 ` Cédric Le Goater
2023-03-24 12:50 ` Ninad Palsule
0 siblings, 1 reply; 20+ messages in thread
From: Cédric Le Goater @ 2023-03-24 8:01 UTC (permalink / raw)
To: Ninad Palsule, Ninad Palsule, qemu-devel; +Cc: joel, andrew, stefanb
On 3/24/23 06:11, Ninad Palsule wrote:
> Hello Cedric,
>
> Joel helped me to configure the device and we are able to configure tpm device on ast2600-evb.
>
> I will include this example in the documentation.
>
> # uname -a
> Linux ast2600-evb 6.1.15 #1 SMP Thu Mar 23 20:48:29 CDT 2023 armv7l GNU/Linux
> # cat /etc/os-release
> NAME=Buildroot
> VERSION=2023.02-dirty
> ID=buildroot
> VERSION_ID=2023.02
> PRETTY_NAME="Buildroot 2023.02"
>
> # echo tpm_tis_i2c 0x2e > /sys/bus/i2c/devices/i2c-12/new_device
> [ 59.681684] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1)
> [ 59.703190] tpm tpm0: A TPM error (256) occurred attempting the self test
> [ 59.705215] tpm tpm0: starting up the TPM manually
> [ 59.892917] i2c i2c-12: new_device: Instantiated device tpm_tis_i2c at 0x2e
> # cd /sys/class/tpm/tpm0
> # ls
> dev pcr-sha256 power uevent
> device pcr-sha384 subsystem
> pcr-sha1 pcr-sha512 tpm_version_major
Nice. Did you need any special support in the kernel ?
I could update this image for avocado tests :
https://github.com/legoater/qemu-aspeed-boot/tree/master/images/ast2600-evb/buildroot-2023.02
Thanks,
C.
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 3/3] New I2C: Add support for TPM devices over I2C bus
2023-03-23 22:32 ` Ninad Palsule
@ 2023-03-24 8:06 ` Cédric Le Goater
0 siblings, 0 replies; 20+ messages in thread
From: Cédric Le Goater @ 2023-03-24 8:06 UTC (permalink / raw)
To: Ninad Palsule, Ninad Palsule, qemu-devel; +Cc: joel, andrew, stefanb
On 3/23/23 23:32, Ninad Palsule wrote:
>
> On 3/23/23 3:37 AM, Cédric Le Goater wrote:
>> On 3/23/23 04:01, Ninad Palsule wrote:
>>> Qemu already supports devices attached to ISA and sysbus. This drop adds
>>> support for the I2C bus attached TPM devices. I2C model only supports
>>> TPM2 protocol.
>>>
>>> This commit includes changes for the common code.
>>> - Added I2C emulation model. Logic was added in the model to temporarily
>>> cache the data as I2C interface works per byte basis.
>>> - New tpm type "tpm-tis-i2c" added for I2C support. User specify this
>>> string on command line.
>>>
>>> Testing:
>>> TPM I2C device modulte is tested using SWTPM (software based TPM
>>> package). The qemu used the rainier machine and it was connected to
>>> swtpm over the socket interface.
>>>
>>> The command to start swtpm is as follows:
>>> $ swtpm socket --tpmstate dir=/tmp/mytpm1 \
>>> --ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock \
>>> --tpm2 --log level=100
>>>
>>> The command to start qemu is as follows:
>>> $ qemu-system-arm -M rainier-bmc -nographic \
>>> -kernel ${IMAGEPATH}/fitImage-linux.bin \
>>> -dtb ${IMAGEPATH}/aspeed-bmc-ibm-rainier.dtb \
>>> -initrd ${IMAGEPATH}/obmc-phosphor-initramfs.rootfs.cpio.xz \
>>> -drive file=${IMAGEPATH}/obmc-phosphor-image.rootfs.wic.qcow2,if=sd,index=2 \
>>> -net nic -net user,hostfwd=:127.0.0.1:2222-:22,hostfwd=:127.0.0.1:2443-:443 \
>>> -chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
>>> -tpmdev emulator,id=tpm0,chardev=chrtpm \
>>> -device tpm-tis-i2c,tpmdev=tpm0,bus=aspeed.i2c.bus.12,address=0x2e
>>>
>>> Note: Currently you need to specify the I2C bus and device address on
>>> command line. In future we can add a device at board level.
>>
>> yes. Anyhow, it is better to start with user created device first than with
>> default devices created at the board level.
>
>
> I could not find the arch/arm/boot/dts/aspeed-ast2600-evb.dtb in https://jenkins.openbmc.org/job/ci-openbmc/lastSuccessfulBuild/ <https://jenkins.openbmc.org/job/ci-openbmc/lastSuccessfulBuild/>. Can you please point me to the location?
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/arch/arm/boot/dts/aspeed-ast2600-evb.dts
>
>>
>>>
>>> Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
>>> ---
>>> V2:
>>> Incorporated Stephen's review comments.
>>> - Handled checksum related register in I2C layer
>>> - Defined I2C interface capabilities and return those instead of
>>> capabilities from TPM TIS. Add required capabilities from TIS.
>>> - Do not cache FIFO data in the I2C layer.
>>> - Make sure that Device address change register is not passed to I2C
>>> layer as capability indicate that it is not supported.
>>> - Added boundary checks.
>>> - Make sure that bits 26-31 are zeroed for the TPM_STS register on read
>>> - Updated Kconfig files for new define.
>>> ---
>>> hw/arm/Kconfig | 1 +
>>> hw/tpm/Kconfig | 7 +
>>> hw/tpm/meson.build | 1 +
>>> hw/tpm/tpm_tis_i2c.c | 440 +++++++++++++++++++++++++++++++++++++++++++
>>> include/sysemu/tpm.h | 3 +
>>> 5 files changed, 452 insertions(+)
>>> create mode 100644 hw/tpm/tpm_tis_i2c.c
>>>
>>> diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
>>> index b5aed4aff5..05d6ef1a31 100644
>>> --- a/hw/arm/Kconfig
>>> +++ b/hw/arm/Kconfig
>>> @@ -6,6 +6,7 @@ config ARM_VIRT
>>> imply VFIO_PLATFORM
>>> imply VFIO_XGMAC
>>> imply TPM_TIS_SYSBUS
>>> + imply TPM_TIS_I2C
>>> imply NVDIMM
>>> select ARM_GIC
>>> select ACPI
>>> diff --git a/hw/tpm/Kconfig b/hw/tpm/Kconfig
>>> index 29e82f3c92..a46663288c 100644
>>> --- a/hw/tpm/Kconfig
>>> +++ b/hw/tpm/Kconfig
>>> @@ -1,3 +1,10 @@
>>> +config TPM_TIS_I2C
>>> + bool
>>> + depends on TPM
>>> + select TPM_BACKEND
>>> + select I2C
>>> + select TPM_TIS
>>> +
>>> config TPM_TIS_ISA
>>> bool
>>> depends on TPM && ISA_BUS
>>> diff --git a/hw/tpm/meson.build b/hw/tpm/meson.build
>>> index 7abc2d794a..76fe3cb098 100644
>>> --- a/hw/tpm/meson.build
>>> +++ b/hw/tpm/meson.build
>>> @@ -1,6 +1,7 @@
>>> softmmu_ss.add(when: 'CONFIG_TPM_TIS', if_true: files('tpm_tis_common.c'))
>>> softmmu_ss.add(when: 'CONFIG_TPM_TIS_ISA', if_true: files('tpm_tis_isa.c'))
>>> softmmu_ss.add(when: 'CONFIG_TPM_TIS_SYSBUS', if_true: files('tpm_tis_sysbus.c'))
>>> +softmmu_ss.add(when: 'CONFIG_TPM_TIS_I2C', if_true: files('tpm_tis_i2c.c'))
>>> softmmu_ss.add(when: 'CONFIG_TPM_CRB', if_true: files('tpm_crb.c'))
>>> softmmu_ss.add(when: 'CONFIG_TPM_TIS', if_true: files('tpm_ppi.c'))
>>> softmmu_ss.add(when: 'CONFIG_TPM_CRB', if_true: files('tpm_ppi.c'))
>>> diff --git a/hw/tpm/tpm_tis_i2c.c b/hw/tpm/tpm_tis_i2c.c
>>> new file mode 100644
>>> index 0000000000..5cec5f7806
>>> --- /dev/null
>>> +++ b/hw/tpm/tpm_tis_i2c.c
>>> @@ -0,0 +1,440 @@
>>> +/*
>>> + * tpm_tis_i2c.c - QEMU's TPM TIS I2C Device
>>> + *
>>> + * This work is licensed under the terms of the GNU GPL, version 2 or later.
>>> + * See the COPYING file in the top-level directory.
>>> + *
>>> + * Implementation of the TIS interface according to specs found at
>>> + * http://www.trustedcomputinggroup.org. This implementation currently
>>> + * supports version 1.3, 21 March 2013
>>> + * In the developers menu choose the PC Client section then find the TIS
>>> + * specification.
>>> + *
>>> + * TPM TIS for TPM 2 implementation following TCG PC Client Platform
>>> + * TPM Profile (PTP) Specification, Familiy 2.0, Revision 00.43
>>> + *
>>> + * TPM I2C implementation follows TCG TPM I2c Interface specification,
>>> + * Family 2.0, Level 00, Revision 1.00
>>> + */
>>> +
>>> +#include "qemu/osdep.h"
>>> +#include "hw/i2c/i2c.h"
>>> +#include "hw/qdev-properties.h"
>>> +#include "hw/acpi/tpm.h"
>>> +#include "migration/vmstate.h"
>>> +#include "tpm_prop.h"
>>> +#include "tpm_tis.h"
>>> +#include "qom/object.h"
>>> +#include "block/aio.h"
>>> +#include "qemu/main-loop.h"
>>> +
>>> +/* TPM TIS I2C registers */
>>> +#define TPM_TIS_I2C_REG_LOC_SEL 0x00
>>> +#define TPM_TIS_I2C_REG_ACCESS 0x04
>>> +#define TPM_TIS_I2C_REG_INT_ENABLE 0x08
>>> +#define TPM_TIS_I2C_REG_INT_CAPABILITY 0x14
>>> +#define TPM_TIS_I2C_REG_STS 0x18
>>> +#define TPM_TIS_I2C_REG_DATA_FIFO 0x24
>>> +#define TPM_TIS_I2C_REG_INTF_CAPABILITY 0x30
>>> +#define TPM_TIS_I2C_REG_I2C_DEV_ADDRESS 0x38
>>> +#define TPM_TIS_I2C_REG_DATA_CSUM_ENABLE 0x40
>>> +#define TPM_TIS_I2C_REG_DATA_CSUM_GET 0x44
>>> +#define TPM_TIS_I2C_REG_DID_VID 0x48
>>> +#define TPM_TIS_I2C_REG_RID 0x4c
>>> +#define TPM_TIS_I2C_REG_UNKNOWN 0xff
>>> +
>>> +/* I2C specific interface capabilities */
>>> +#define TPM_I2C_CAP_INTERFACE_TYPE (0x2 << 0) /* FIFO interface */
>>> +#define TPM_I2C_CAP_INTERFACE_VER (0x0 << 4) /* TCG I2C intf 1.0 */
>>> +#define TPM_I2C_CAP_TPM2_FAMILY (0x1 << 7) /* TPM 2.0 family. */
>>> +#define TPM_I2C_CAP_DEV_ADDR_CHANGE (0x0 << 27) /* No dev addr chng */
>>> +#define TPM_I2C_CAP_BURST_COUNT_STATIC (0x1 << 29) /* Burst count static */
>>> +#define TPM_I2C_CAP_LOCALITY_CAP (0x1 << 25) /* 0-5 locality */
>>> +#define TPM_I2C_CAP_BUS_SPEED (3 << 21) /* std and fast mode */
>>> +
>>> +/* TPM_STS mask for read bits 31:26 must be zero */
>>> +#define TPM_I2C_STS_READ_MASK 0x03ffffff
>>> +
>>> +/* Operations */
>>> +#define OP_SEND 1
>>> +#define OP_RECV 2
>>> +
>>> +typedef struct TPMStateI2C {
>>> + /*< private >*/
>>> + I2CSlave parent_obj;
>>> +
>>> + int offset; /* offset in to data[] */
>>> + int size; /* Size of the current reg data */
>>> + uint8_t operation; /* OP_SEND & OP_RECV */
>>> + uint8_t data[4096]; /* Data */
>>
>> That's a lot of bytes. What is the max in HW ?
> I was initially caching whole page now I change the login on write so I change the value to 16.
>>
>>> +
>>> + bool csum_enable;
>>> + uint32_t tis_intf_cap; /* save TIS interface Capabilities */
>>> +
>>> + /*< public >*/
>>> + TPMState state; /* not a QOM object */
>>
>> hmm, why ? is that per design of the TPM model ?
>>
> Yes, That is required for the TPM model.
>
>
>>> +
>>> +} TPMStateI2C;
>>> +
>>> +DECLARE_INSTANCE_CHECKER(TPMStateI2C, TPM_TIS_I2C,
>>> + TYPE_TPM_TIS_I2C)
>>> +
>>> +/* Register map */
>>> +typedef struct reg_map {
>>> + uint16_t i2c_reg; /* I2C register */
>>> + uint16_t tis_reg; /* TIS register */
>>> + uint32_t data_size; /* data size expected */
>>> +} i2c_reg_map;
>>
>> QEMU prefers CamelCase coding style for types.
>
>
> I changed reg_map to CamelCase.
>
>>
>>> +
>>> +/*
>>> + * The register values in the common code is different than the latest
>>> + * register numbers as per the spec hence add the conversion map
>>> + */
>>> +static const i2c_reg_map tpm_tis_reg_map[] = {
>>> + { TPM_TIS_I2C_REG_LOC_SEL, TPM_TIS_REG_ACCESS, 1, },
>>> + { TPM_TIS_I2C_REG_ACCESS, TPM_TIS_REG_ACCESS, 1, },
>>> + { TPM_TIS_I2C_REG_INT_ENABLE, TPM_TIS_REG_INT_ENABLE, 4, },
>>> + { TPM_TIS_I2C_REG_INT_CAPABILITY, TPM_TIS_REG_INT_VECTOR, 4, },
>>> + { TPM_TIS_I2C_REG_STS, TPM_TIS_REG_STS, 4, },
>>> + { TPM_TIS_I2C_REG_DATA_FIFO, TPM_TIS_REG_DATA_FIFO, 0, },
>>> + { TPM_TIS_I2C_REG_INTF_CAPABILITY, TPM_TIS_REG_INTF_CAPABILITY, 4, },
>>> + { TPM_TIS_I2C_REG_I2C_DEV_ADDRESS, TPM_TIS_I2C_REG_I2C_DEV_ADDRESS, 2, },
>>> + { TPM_TIS_I2C_REG_DATA_CSUM_ENABLE, TPM_TIS_I2C_REG_DATA_CSUM_ENABLE, 1, },
>>> + { TPM_TIS_I2C_REG_DATA_CSUM_GET, TPM_TIS_I2C_REG_DATA_CSUM_GET, 2, },
>>> + { TPM_TIS_I2C_REG_DID_VID, TPM_TIS_REG_DID_VID, 4, },
>>> + { TPM_TIS_I2C_REG_RID, TPM_TIS_REG_RID, 1, },
>>> +};
>>> +
>>> +/* Generate interface capability based on what is returned by TIS and what is
>>> + * expected by I2C. Save the capability in the data array overwriting the TIS
>>> + * capability.
>>> + */
>>> +static uint32_t tpm_i2c_interface_capability(TPMStateI2C *i2cst, uint32_t tis_cap)
>>> +{
>>> + uint32_t i2c_cap = 0;
>>> +
>>> + i2cst->tis_intf_cap = tis_cap;
>>> +
>>> + /* Now generate i2c capability */
>>> + i2c_cap = (TPM_I2C_CAP_INTERFACE_TYPE |
>>> + TPM_I2C_CAP_INTERFACE_VER |
>>> + TPM_I2C_CAP_TPM2_FAMILY |
>>> + TPM_I2C_CAP_LOCALITY_CAP |
>>> + TPM_I2C_CAP_BUS_SPEED |
>>> + TPM_I2C_CAP_DEV_ADDR_CHANGE);
>>> +
>>> + /* Now check the TIS and set some capabilities */
>>> +
>>> + /* Static burst count set */
>>> + if (i2cst->tis_intf_cap & 0x100) {
>>> + i2c_cap |= TPM_I2C_CAP_BURST_COUNT_STATIC;
>>> + }
>>> +
>>> + return i2c_cap;
>>> +}
>>> +
>>> +static inline uint16_t tpm_tis_i2c_to_tis_reg(uint64_t i2c_reg, int *size)
>>> +{
>>> + uint16_t tis_reg = i2c_reg;
>>> + const i2c_reg_map *reg_map;
>>> + int i;
>>> +
>>> + for (i = 0; i < ARRAY_SIZE(tpm_tis_reg_map); i++) {
>>> + reg_map = &tpm_tis_reg_map[i];
>>> + if (reg_map->i2c_reg == (i2c_reg & 0xff)) {
>>> + tis_reg = reg_map->tis_reg;
>>> + *size = reg_map->data_size;
>>> + break;
>>> + }
>>> + }
>>> +
>>> + return tis_reg;
>>> +}
>>> +
>>> +/* Initialize the cached data */
>>> +static inline void tpm_tis_i2c_init_cache(TPMStateI2C *i2cst)
>>> +{
>>> + /* Clear operation and offset */
>>> + i2cst->operation = 0;
>>> + i2cst->offset = 0;
>>> + i2cst->size = 0;
>>> +
>>> + return;
>>> +}
>>> +
>>> +/* Send data to TPM */
>>> +static inline void tpm_tis_i2c_tpm_send(TPMStateI2C *i2cst)
>>> +{
>>> + uint16_t tis_reg;
>>> + uint32_t data;
>>> + int i;
>>> +
>>> + if ((i2cst->operation == OP_SEND) && (i2cst->offset > 1)) {
>>> +
>>> + /*
>>> + * Checksum is not handled by common code hence we will consume the
>>> + * register here.
>>> + */
>>> + if (i2cst->data[0] == TPM_TIS_I2C_REG_DATA_CSUM_ENABLE) {
>>> + i2cst->csum_enable = true;
>>> + } else if (i2cst->data[0] != TPM_TIS_I2C_REG_DATA_FIFO) {
>>> + tis_reg = tpm_tis_i2c_to_tis_reg(i2cst->data[0], &i2cst->size);
>>> +
>>> + /* Index 0 is always a register */
>>> + for (i = 1; i < i2cst->offset; i++) {
>>> + data = i2cst->data[i];
>>> + tpm_tis_write_data(&i2cst->state, tis_reg, data, 1);
>>> + }
>>> + }
>>> +
>>> + tpm_tis_i2c_init_cache(i2cst);
>>> + }
>>> +
>>> + return;
>>> +}
>>> +
>>> +/* Callback from TPM to indicate that response is copied */
>>> +static void tpm_tis_i2c_request_completed(TPMIf *ti, int ret)
>>> +{
>>> + TPMStateI2C *i2cst = TPM_TIS_I2C(ti);
>>> + TPMState *s = &i2cst->state;
>>> +
>>> + /* Inform the common code. */
>>> + tpm_tis_request_completed(s, ret);
>>> +}
>>> +
>>> +static enum TPMVersion tpm_tis_i2c_get_tpm_version(TPMIf *ti)
>>> +{
>>> + TPMStateI2C *i2cst = TPM_TIS_I2C(ti);
>>> + TPMState *s = &i2cst->state;
>>> +
>>> + return tpm_tis_get_tpm_version(s);
>>> +}
>>> +
>>> +static int tpm_tis_i2c_event(I2CSlave *i2c, enum i2c_event event)
>>> +{
>>> + TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
>>> + int ret = 0;
>>> +
>>> + switch (event) {
>>> + case I2C_START_RECV:
>>> + break;
>>> + case I2C_START_SEND:
>>> + tpm_tis_i2c_init_cache(i2cst);
>>> + break;
>>> + case I2C_FINISH:
>>> + if (i2cst->operation == OP_SEND) {
>>> + tpm_tis_i2c_tpm_send(i2cst);
>>> + } else {
>>> + tpm_tis_i2c_init_cache(i2cst);
>>> + }
>>> + break;
>>> + default:
>>> + break;
>>> + }
>>> +
>>> + return ret;
>>> +}
>>> +
>>> +/*
>>> + * If data is for FIFO then it is received from tpm_tis_common buffer
>>> + * otherwise it will be handled using single call to common code and
>>> + * cached in the local buffer.
>>> + */
>>> +static uint8_t tpm_tis_i2c_recv(I2CSlave *i2c)
>>> +{
>>> + int ret = 0;
>>> + int i, j;
>>> + uint32_t addr;
>>> + uint32_t data_read;
>>> + uint16_t i2c_reg;
>>> + TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
>>> + TPMState *s = &i2cst->state;
>>> +
>>> + if (i2cst->operation == OP_RECV) {
>>> +
>>> + /* Do not cache FIFO data. */
>>> + if (i2cst->data[0] == TPM_TIS_I2C_REG_DATA_FIFO) {
>>> + addr = tpm_tis_i2c_to_tis_reg(TPM_TIS_I2C_REG_DATA_FIFO,
>>> + &i2cst->size);
>>> + data_read = tpm_tis_read_data(s, addr, 1);
>>> + ret = (data_read & 0xff);
>>> + } else if (i2cst->offset < 4096) {
>>
>> use a define or sizeof(i2cst->data)
> Done
>>
>>> + ret = i2cst->data[i2cst->offset++];
>>> + }
>>> +
>>> + } else if ((i2cst->operation == OP_SEND) && (i2cst->offset < 2)) {
>>> + /* First receive call after send */
>>> +
>>> + i2c_reg = i2cst->data[0];
>>> +
>>> + i2cst->operation = OP_RECV;
>>> + i2cst->offset = 1; /* keep the register value intact for debug */
>>> +
>>> + addr = tpm_tis_i2c_to_tis_reg(i2c_reg, &i2cst->size);
>>> +
>>> + /* FIFO data is directly read from TPM TIS */
>>> + if (i2c_reg == TPM_TIS_I2C_REG_DATA_FIFO) {
>>> + data_read = tpm_tis_read_data(s, addr, 1);
>>> + ret = (data_read & 0xff);
>>> + } else {
>>> + /*
>>> + * Save the data in the data field. Save it in the little
>>> + * endian format.
>>> + */
>>> + for (i = 1; i <= i2cst->size;) {
>>> + /*
>>> + * Checksum registers are not supported by common code hence
>>> + * call a common code to get the checksum.
>>> + */
>>> + if (i2c_reg == TPM_TIS_I2C_REG_DATA_CSUM_GET) {
>>> + data_read = tpm_tis_get_checksum(s);
>>> + } else {
>>> + data_read = tpm_tis_read_data(s, addr, 4);
>>> +
>>> + if (i2c_reg == TPM_TIS_I2C_REG_INTF_CAPABILITY) {
>>> + /* Prepare the capabilities as per I2C interface */
>>> + data_read = tpm_i2c_interface_capability(i2cst,
>>> + data_read);
>>> + } else if (i2c_reg == TPM_TIS_I2C_REG_STS) {
>>> + /*
>>> + * As per specs, STS bit 31:26 are reserved and must
>>> + * be set to 0
>>> + */
>>> + data_read &= TPM_I2C_STS_READ_MASK;
>>> + }
>>> + }
>>> + for (j = 0; j < 4; j++) {
>>> + i2cst->data[i++] = (data_read & 0xff);
>>> + data_read >>= 8;
>>> + }
>>
>> Why do you need 2 loops ? This is complex to follow.
> You are right. Now that I moved writes to TIS , I am able to remove outer loop.
>>
>>> + }
>>> + /* Return first byte with this call */
>>> + ret = i2cst->data[i2cst->offset++];
>>> + }
>>> + } else {
>>> + i2cst->operation = OP_RECV;
>>> + }
>>> +
>>> + return ret;
>>> +}
>>> +
>>> +/*
>>> + * Send function only remembers data in the buffer and then calls
>>> + * TPM TIS common code during FINISH event.
>>> + */
>>> +static int tpm_tis_i2c_send(I2CSlave *i2c, uint8_t data)
>>> +{
>>> + TPMStateI2C *i2cst = TPM_TIS_I2C(i2c);
>>> + uint16_t tis_reg;
>>> +
>>> + /* Reject non-supported registers. */
>>> + if (i2cst->offset == 0) {
>>> + /* We do not support device address change */
>>> + if (data == TPM_TIS_I2C_REG_I2C_DEV_ADDRESS) {
>>
>> may be add a qemu_log_mask(LOG_UNIMP, " ...");
> Done
>>
>>> + return 1;
>>> + }
>>> + }
>>> +
>>> + if (i2cst->offset < 4096) {
>>
>> use a define or sizeof(i2cst->data)
> Done
>>
>>> + i2cst->operation = OP_SEND;
>>> +
>>> + /* Remember data locally for non-FIFO registers */
>>> + if ((i2cst->offset == 0) ||
>>> + (i2cst->data[0] != TPM_TIS_I2C_REG_DATA_FIFO)) {
>>> + i2cst->data[i2cst->offset++] = data;
>>> + } else {
>>> + tis_reg = tpm_tis_i2c_to_tis_reg(i2cst->data[0], &i2cst->size);
>>> + tpm_tis_write_data(&i2cst->state, tis_reg, data, 1);
>>> + }
>>> +
>>> + return 0;
>>> +
>>> + } else {
>>> + /* Return non-zero to indicate NAK */
>>> + return 1;
>>> + }
>>> +}
>>> +
>>> +static Property tpm_tis_i2c_properties[] = {
>>> + DEFINE_PROP_UINT32("irq", TPMStateI2C, state.irq_num, TPM_TIS_IRQ),
>>
>> hmm, irq seems unused.
> I is used in the TIS and backend.
>>
>>> + DEFINE_PROP_TPMBE("tpmdev", TPMStateI2C, state.be_driver),
>>> + DEFINE_PROP_END_OF_LIST(),
>>> +};
>>
>> I don't see an .instance_init routine initializing the TPMState sub device.
>
>
> The TPMState initialization happens under tpm_tis_reset.
>
>
>>
>>> +
>>> +static void tpm_tis_i2c_realizefn(DeviceState *dev, Error **errp)
>>> +{
>>> + TPMStateI2C *i2cst = TPM_TIS_I2C(dev);
>>> + TPMState *s = &i2cst->state;
>>> +
>>> + if (!tpm_find()) {
>>> + error_setg(errp, "at most one TPM device is permitted");
>>> + return;
>>> + }
>>> +
>>> + /*
>>> + * Get the backend pointer. It is not initialized propery during
>>> + * device_class_set_props
>>> + */
>>> + s->be_driver = qemu_find_tpm_be("tpm0");
>>
>> I don't understand that part. Looks weird to me.
> It should happen under device_class_set_props() but this function is getting invoked before tpm0 is created hence I had to query separately in the realize function.
>>
>>> + if (!s->be_driver) {
>>> + error_setg(errp, "'tpmdev' property is required");
>>> + return;
>>> + }
>>> + if (s->irq_num > 15) {
>>> + error_setg(errp, "IRQ %d is outside valid range of 0 to 15",
>>> + s->irq_num);
>>> + return;
>>> + }
>>
>> The code above belongs to a TPMState realize routine it seems. I was
>> expecting something like :
>>
>> if (!qdev_realize(qdev_realize(DEVICE(&i2cst->state), NULL, &errp)) {
>> return;
>> }
>> Looking closer, this comment applies to some other tpm devices. May be
>> I misunderstood how TPM is designed though.
>>
> I followed direction from tpm_tis_sysbus.c code. But I still had to call find backend.
Can't you set a property of TPMState before it is realized ?
C.
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 1/3] docs: Add support for TPM devices over I2C bus
2023-03-24 8:01 ` Cédric Le Goater
@ 2023-03-24 12:50 ` Ninad Palsule
0 siblings, 0 replies; 20+ messages in thread
From: Ninad Palsule @ 2023-03-24 12:50 UTC (permalink / raw)
To: Cédric Le Goater, Ninad Palsule, qemu-devel; +Cc: joel, andrew, stefanb
On 3/24/23 3:01 AM, Cédric Le Goater wrote:
> On 3/24/23 06:11, Ninad Palsule wrote:
>> Hello Cedric,
>>
>> Joel helped me to configure the device and we are able to configure
>> tpm device on ast2600-evb.
>>
>> I will include this example in the documentation.
>>
>> # uname -a
>> Linux ast2600-evb 6.1.15 #1 SMP Thu Mar 23 20:48:29 CDT 2023 armv7l
>> GNU/Linux
>> # cat /etc/os-release
>> NAME=Buildroot
>> VERSION=2023.02-dirty
>> ID=buildroot
>> VERSION_ID=2023.02
>> PRETTY_NAME="Buildroot 2023.02"
>>
>> # echo tpm_tis_i2c 0x2e > /sys/bus/i2c/devices/i2c-12/new_device
>> [ 59.681684] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1)
>> [ 59.703190] tpm tpm0: A TPM error (256) occurred attempting the
>> self test
>> [ 59.705215] tpm tpm0: starting up the TPM manually
>> [ 59.892917] i2c i2c-12: new_device: Instantiated device
>> tpm_tis_i2c at 0x2e
>> # cd /sys/class/tpm/tpm0
>> # ls
>> dev pcr-sha256 power uevent
>> device pcr-sha384 subsystem
>> pcr-sha1 pcr-sha512 tpm_version_major
>
>
> Nice. Did you need any special support in the kernel ?
>
> I could update this image for avocado tests :
>
> https://github.com/legoater/qemu-aspeed-boot/tree/master/images/ast2600-evb/buildroot-2023.02
Kernel need a TPM i2c driver support. I built it with following head on
dev-6.1 branch. You also need to run "echo" command I mentioned above to
instantiate the device. Also start the swtpm as provided in my earlier mail.
$ git rev-parse HEAD
0e94476a8892056a9242bcd75e59e7d2b92ac435
Thanks,
Ninad
>
> Thanks,
>
> C.
^ permalink raw reply [flat|nested] 20+ messages in thread
* [PATCH 0/3] Add support for TPM devices over I2C bus
@ 2023-03-21 5:29 Ninad Palsule
0 siblings, 0 replies; 20+ messages in thread
From: Ninad Palsule @ 2023-03-21 5:29 UTC (permalink / raw)
To: qemu-devel; +Cc: Ninad Palsule, joel, andrew, stefanb, clg
This drop adds support for the TPM devices attached to the I2C bus. It
only supports the TPM2 protocol. You need to run it with the external
TPM emulator like swtpm. I have tested it with swtpm.
I have refered to the work done by zhdaniel@meta.com but at the core
level out implementation is different.
https://github.com/theopolis/qemu/commit/2e2e57cde9e419c36af8071bb85392ad1ed70966
Based-on: $MESSAGE_ID
Ninad Palsule (3):
Add support for TPM devices over I2C bus
Add support for TPM devices over I2C bus
Add support for TPM devices over I2C bus
docs/specs/tpm.rst | 5 +-
hw/tpm/meson.build | 1 +
hw/tpm/tpm_tis.h | 2 +
hw/tpm/tpm_tis_common.c | 33 ++++
hw/tpm/tpm_tis_i2c.c | 342 ++++++++++++++++++++++++++++++++++++++++
include/hw/acpi/tpm.h | 2 +
include/sysemu/tpm.h | 3 +
7 files changed, 387 insertions(+), 1 deletion(-)
create mode 100644 hw/tpm/tpm_tis_i2c.c
--
2.37.2
^ permalink raw reply [flat|nested] 20+ messages in thread
end of thread, other threads:[~2023-03-24 15:40 UTC | newest]
Thread overview: 20+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-03-23 3:01 [PATCH 0/3] Add support for TPM devices over I2C bus Ninad Palsule
2023-03-23 3:01 ` [PATCH 1/3] docs: " Ninad Palsule
2023-03-23 7:49 ` Cédric Le Goater
2023-03-23 22:11 ` Ninad Palsule
2023-03-24 3:23 ` Ninad Palsule
2023-03-24 5:11 ` Ninad Palsule
2023-03-24 8:01 ` Cédric Le Goater
2023-03-24 12:50 ` Ninad Palsule
2023-03-23 3:01 ` [PATCH 2/3] TPM TIS: " Ninad Palsule
2023-03-23 7:44 ` Cédric Le Goater
2023-03-23 15:35 ` Ninad Palsule
2023-03-23 3:01 ` [PATCH 3/3] New I2C: " Ninad Palsule
2023-03-23 8:37 ` Cédric Le Goater
2023-03-23 22:32 ` Ninad Palsule
2023-03-24 8:06 ` Cédric Le Goater
2023-03-23 12:18 ` Stefan Berger
2023-03-23 20:07 ` Ninad Palsule
2023-03-23 7:23 ` [PATCH 0/3] " Cédric Le Goater
2023-03-23 22:35 ` Ninad Palsule
-- strict thread matches above, loose matches on Subject: below --
2023-03-21 5:29 Ninad Palsule
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.