From 3a3c8735027a20ddd51c8f322f78ede3f52f90f9 Mon Sep 17 00:00:00 2001 From: Stefan Berger Date: Wed, 28 Mar 2018 16:53:10 -0400 Subject: tpm: CRB: set the Idle flag by default MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stefan Berger Reviewed-by: Marc-André Lureau --- hw/tpm/tpm_crb.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hw/tpm/tpm_crb.c b/hw/tpm/tpm_crb.c index ef8b80e9aa..e728b551d9 100644 --- a/hw/tpm/tpm_crb.c +++ b/hw/tpm/tpm_crb.c @@ -220,6 +220,8 @@ static void tpm_crb_reset(void *dev) ARRAY_FIELD_DP32(s->regs, CRB_LOC_STATE, tpmRegValidSts, 1); + ARRAY_FIELD_DP32(s->regs, CRB_CTRL_STS, + tpmIdle, 1); ARRAY_FIELD_DP32(s->regs, CRB_INTF_ID, InterfaceType, CRB_INTF_TYPE_CRB_ACTIVE); ARRAY_FIELD_DP32(s->regs, CRB_INTF_ID, -- cgit v1.2.3 From 025bc9361960ba8a7ce8204a6128d716af0910fa Mon Sep 17 00:00:00 2001 From: Stefan Berger Date: Wed, 28 Mar 2018 15:43:30 -0400 Subject: tpm: CRB: Reset Granted flag when relinquishing locality MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Reset the Granted flag when relinquishing a locality. Signed-off-by: Stefan Berger Reviewed-by: Marc-André Lureau --- hw/tpm/tpm_crb.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hw/tpm/tpm_crb.c b/hw/tpm/tpm_crb.c index e728b551d9..ee6c87e8db 100644 --- a/hw/tpm/tpm_crb.c +++ b/hw/tpm/tpm_crb.c @@ -145,6 +145,8 @@ static void tpm_crb_mmio_write(void *opaque, hwaddr addr, case CRB_LOC_CTRL_RELINQUISH: ARRAY_FIELD_DP32(s->regs, CRB_LOC_STATE, locAssigned, 0); + ARRAY_FIELD_DP32(s->regs, CRB_LOC_STS, + Granted, 0); break; case CRB_LOC_CTRL_REQUEST_ACCESS: ARRAY_FIELD_DP32(s->regs, CRB_LOC_STS, -- cgit v1.2.3 From 384cf1fc6494b590bb4fe8060d6271717bfb3f4b Mon Sep 17 00:00:00 2001 From: Stefan Berger Date: Wed, 28 Mar 2018 15:39:17 -0400 Subject: tpm: CRB: Enforce locality is requested before processing buffer MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Section 5.5.3.2.2 of the CRB specs states that use of the TPM through the localty control method must first be requested, otherwise the command will be dropped. Signed-off-by: Stefan Berger Reviewed-by: Marc-André Lureau --- hw/tpm/tpm_crb.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/hw/tpm/tpm_crb.c b/hw/tpm/tpm_crb.c index ee6c87e8db..a92dd50437 100644 --- a/hw/tpm/tpm_crb.c +++ b/hw/tpm/tpm_crb.c @@ -76,6 +76,8 @@ enum crb_cancel { CRB_CANCEL_INVOKE = BIT(0), }; +#define TPM_CRB_NO_LOCALITY 0xff + static uint64_t tpm_crb_mmio_read(void *opaque, hwaddr addr, unsigned size) { @@ -95,10 +97,19 @@ static uint64_t tpm_crb_mmio_read(void *opaque, hwaddr addr, return val; } +static uint8_t tpm_crb_get_active_locty(CRBState *s) +{ + if (!ARRAY_FIELD_EX32(s->regs, CRB_LOC_STATE, locAssigned)) { + return TPM_CRB_NO_LOCALITY; + } + return ARRAY_FIELD_EX32(s->regs, CRB_LOC_STATE, activeLocality); +} + static void tpm_crb_mmio_write(void *opaque, hwaddr addr, uint64_t val, unsigned size) { CRBState *s = CRB(opaque); + uint8_t locty = addr >> 12; trace_tpm_crb_mmio_write(addr, size, val); @@ -123,7 +134,8 @@ static void tpm_crb_mmio_write(void *opaque, hwaddr addr, break; case A_CRB_CTRL_START: if (val == CRB_START_INVOKE && - !(s->regs[R_CRB_CTRL_START] & CRB_START_INVOKE)) { + !(s->regs[R_CRB_CTRL_START] & CRB_START_INVOKE) && + tpm_crb_get_active_locty(s) == locty) { void *mem = memory_region_get_ram_ptr(&s->cmdmem); s->regs[R_CRB_CTRL_START] |= CRB_START_INVOKE; -- cgit v1.2.3 From 4d0d1c077e5622da95fd0f6a8e7efb72e0f222b4 Mon Sep 17 00:00:00 2001 From: Stefan Berger Date: Wed, 28 Mar 2018 15:14:34 -0400 Subject: tests: Tests more flags of the CRB interface MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Test and modify more flags of the CRB interface. Signed-off-by: Stefan Berger Reviewed-by: Marc-André Lureau --- tests/tpm-crb-test.c | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 72 insertions(+), 2 deletions(-) diff --git a/tests/tpm-crb-test.c b/tests/tpm-crb-test.c index e1513cb69e..d8f9569203 100644 --- a/tests/tpm-crb-test.c +++ b/tests/tpm-crb-test.c @@ -28,6 +28,10 @@ static void tpm_crb_test(const void *data) uint64_t caddr = readq(TPM_CRB_ADDR_BASE + A_CRB_CTRL_CMD_LADDR); uint32_t rsize = readl(TPM_CRB_ADDR_BASE + A_CRB_CTRL_RSP_SIZE); uint64_t raddr = readq(TPM_CRB_ADDR_BASE + A_CRB_CTRL_RSP_ADDR); + uint8_t locstate = readb(TPM_CRB_ADDR_BASE + A_CRB_LOC_STATE); + uint32_t locctrl = readl(TPM_CRB_ADDR_BASE + A_CRB_LOC_CTRL); + uint32_t locsts = readl(TPM_CRB_ADDR_BASE + A_CRB_LOC_STS); + uint32_t sts = readl(TPM_CRB_ADDR_BASE + A_CRB_CTRL_STS); g_assert_cmpint(FIELD_EX32(intfid, CRB_INTF_ID, InterfaceType), ==, 1); g_assert_cmpint(FIELD_EX32(intfid, CRB_INTF_ID, InterfaceVersion), ==, 1); @@ -45,9 +49,47 @@ static void tpm_crb_test(const void *data) g_assert_cmpint(caddr, >, TPM_CRB_ADDR_BASE); g_assert_cmpint(raddr, >, TPM_CRB_ADDR_BASE); + g_assert_cmpint(FIELD_EX32(locstate, CRB_LOC_STATE, tpmEstablished), ==, 1); + g_assert_cmpint(FIELD_EX32(locstate, CRB_LOC_STATE, locAssigned), ==, 0); + g_assert_cmpint(FIELD_EX32(locstate, CRB_LOC_STATE, activeLocality), ==, 0); + g_assert_cmpint(FIELD_EX32(locstate, CRB_LOC_STATE, reserved), ==, 0); + g_assert_cmpint(FIELD_EX32(locstate, CRB_LOC_STATE, tpmRegValidSts), ==, 1); + + g_assert_cmpint(locctrl, ==, 0); + + g_assert_cmpint(FIELD_EX32(locsts, CRB_LOC_STS, Granted), ==, 0); + g_assert_cmpint(FIELD_EX32(locsts, CRB_LOC_STS, beenSeized), ==, 0); + + g_assert_cmpint(FIELD_EX32(sts, CRB_CTRL_STS, tpmIdle), ==, 1); + g_assert_cmpint(FIELD_EX32(sts, CRB_CTRL_STS, tpmSts), ==, 0); + + /* request access to locality 0 */ + writeb(TPM_CRB_ADDR_BASE + A_CRB_LOC_CTRL, 1); + + /* granted bit must be set now */ + locsts = readl(TPM_CRB_ADDR_BASE + A_CRB_LOC_STS); + g_assert_cmpint(FIELD_EX32(locsts, CRB_LOC_STS, Granted), ==, 1); + g_assert_cmpint(FIELD_EX32(locsts, CRB_LOC_STS, beenSeized), ==, 0); + + /* we must have an assigned locality */ + locstate = readb(TPM_CRB_ADDR_BASE + A_CRB_LOC_STATE); + g_assert_cmpint(FIELD_EX32(locstate, CRB_LOC_STATE, tpmEstablished), ==, 1); + g_assert_cmpint(FIELD_EX32(locstate, CRB_LOC_STATE, locAssigned), ==, 1); + g_assert_cmpint(FIELD_EX32(locstate, CRB_LOC_STATE, activeLocality), ==, 0); + g_assert_cmpint(FIELD_EX32(locstate, CRB_LOC_STATE, reserved), ==, 0); + g_assert_cmpint(FIELD_EX32(locstate, CRB_LOC_STATE, tpmRegValidSts), ==, 1); + + /* set into ready state */ + writel(TPM_CRB_ADDR_BASE + A_CRB_CTRL_REQ, 1); + + /* TPM must not be in the idle state */ + sts = readl(TPM_CRB_ADDR_BASE + A_CRB_CTRL_STS); + g_assert_cmpint(FIELD_EX32(sts, CRB_CTRL_STS, tpmIdle), ==, 0); + g_assert_cmpint(FIELD_EX32(sts, CRB_CTRL_STS, tpmSts), ==, 0); + memwrite(caddr, TPM_CMD, sizeof(TPM_CMD)); - uint32_t sts, start = 1; + uint32_t start = 1; uint64_t end_time = g_get_monotonic_time() + 5 * G_TIME_SPAN_SECOND; writel(TPM_CRB_ADDR_BASE + A_CRB_CTRL_START, start); do { @@ -58,12 +100,40 @@ static void tpm_crb_test(const void *data) } while (g_get_monotonic_time() < end_time); start = readl(TPM_CRB_ADDR_BASE + A_CRB_CTRL_START); g_assert_cmpint(start & 1, ==, 0); + + /* TPM must still not be in the idle state */ sts = readl(TPM_CRB_ADDR_BASE + A_CRB_CTRL_STS); - g_assert_cmpint(sts & 1, ==, 0); + g_assert_cmpint(FIELD_EX32(sts, CRB_CTRL_STS, tpmIdle), ==, 0); + g_assert_cmpint(FIELD_EX32(sts, CRB_CTRL_STS, tpmSts), ==, 0); struct tpm_hdr tpm_msg; memread(raddr, &tpm_msg, sizeof(tpm_msg)); g_assert_cmpmem(&tpm_msg, sizeof(tpm_msg), s->tpm_msg, sizeof(*s->tpm_msg)); + + /* set TPM into idle state */ + writel(TPM_CRB_ADDR_BASE + A_CRB_CTRL_REQ, 2); + + /* idle state must be indicated now */ + sts = readl(TPM_CRB_ADDR_BASE + A_CRB_CTRL_STS); + g_assert_cmpint(FIELD_EX32(sts, CRB_CTRL_STS, tpmIdle), ==, 1); + g_assert_cmpint(FIELD_EX32(sts, CRB_CTRL_STS, tpmSts), ==, 0); + + /* relinquish locality */ + writel(TPM_CRB_ADDR_BASE + A_CRB_LOC_CTRL, 2); + + /* Granted flag must be cleared */ + sts = readl(TPM_CRB_ADDR_BASE + A_CRB_LOC_STS); + g_assert_cmpint(FIELD_EX32(sts, CRB_LOC_STS, Granted), ==, 0); + g_assert_cmpint(FIELD_EX32(sts, CRB_LOC_STS, beenSeized), ==, 0); + + /* no locality may be assigned */ + locstate = readb(TPM_CRB_ADDR_BASE + A_CRB_LOC_STATE); + g_assert_cmpint(FIELD_EX32(locstate, CRB_LOC_STATE, tpmEstablished), ==, 1); + g_assert_cmpint(FIELD_EX32(locstate, CRB_LOC_STATE, locAssigned), ==, 0); + g_assert_cmpint(FIELD_EX32(locstate, CRB_LOC_STATE, activeLocality), ==, 0); + g_assert_cmpint(FIELD_EX32(locstate, CRB_LOC_STATE, reserved), ==, 0); + g_assert_cmpint(FIELD_EX32(locstate, CRB_LOC_STATE, tpmRegValidSts), ==, 1); + } int main(int argc, char **argv) -- cgit v1.2.3