xref: /openbmc/qemu/hw/acpi/tpm.c (revision 30e702ab)
1 /* Support for generating ACPI TPM tables
2  *
3  * Copyright (C) 2018 IBM, Corp.
4  * Copyright (C) 2018 Red Hat Inc
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License as published by
8  * the Free Software Foundation; either version 2 of the License, or
9  * (at your option) any later version.
10 
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  * GNU General Public License for more details.
15 
16  * You should have received a copy of the GNU General Public License along
17  * with this program; if not, see <http://www.gnu.org/licenses/>.
18  */
19 #include "qemu/osdep.h"
20 #include "qapi/error.h"
21 #include "hw/acpi/tpm.h"
22 
23 void tpm_build_ppi_acpi(TPMIf *tpm, Aml *dev)
24 {
25     Aml *method, *field, *ifctx, *ifctx2, *ifctx3, *func_mask,
26         *not_implemented, *pak, *tpm2, *tpm3, *pprm, *pprq, *zero, *one;
27 
28     if (!object_property_get_bool(OBJECT(tpm), "ppi", &error_abort)) {
29         return;
30     }
31 
32     zero = aml_int(0);
33     one = aml_int(1);
34     func_mask = aml_int(TPM_PPI_FUNC_MASK);
35     not_implemented = aml_int(TPM_PPI_FUNC_NOT_IMPLEMENTED);
36 
37     /*
38      * TPP2 is for the registers that ACPI code used to pass
39      * the PPI code and parameter (PPRQ, PPRM) to the firmware.
40      */
41     aml_append(dev,
42                aml_operation_region("TPP2", AML_SYSTEM_MEMORY,
43                                     aml_int(TPM_PPI_ADDR_BASE + 0x100),
44                                     0x5A));
45     field = aml_field("TPP2", AML_ANY_ACC, AML_NOLOCK, AML_PRESERVE);
46     aml_append(field, aml_named_field("PPIN", 8));
47     aml_append(field, aml_named_field("PPIP", 32));
48     aml_append(field, aml_named_field("PPRP", 32));
49     aml_append(field, aml_named_field("PPRQ", 32));
50     aml_append(field, aml_named_field("PPRM", 32));
51     aml_append(field, aml_named_field("LPPR", 32));
52     aml_append(dev, field);
53     pprq = aml_name("PPRQ");
54     pprm = aml_name("PPRM");
55 
56     aml_append(dev,
57                aml_operation_region(
58                    "TPP3", AML_SYSTEM_MEMORY,
59                    aml_int(TPM_PPI_ADDR_BASE +
60                            0x15a /* movv, docs/specs/tpm.rst */),
61                            0x1));
62     field = aml_field("TPP3", AML_BYTE_ACC, AML_NOLOCK, AML_PRESERVE);
63     aml_append(field, aml_named_field("MOVV", 8));
64     aml_append(dev, field);
65 
66     /*
67      * DerefOf in Windows is broken with SYSTEM_MEMORY.  Use a dynamic
68      * operation region inside of a method for getting FUNC[op].
69      */
70     method = aml_method("TPFN", 1, AML_SERIALIZED);
71     {
72         Aml *op = aml_arg(0);
73         ifctx = aml_if(aml_lgreater_equal(op, aml_int(0x100)));
74         {
75             aml_append(ifctx, aml_return(zero));
76         }
77         aml_append(method, ifctx);
78 
79         aml_append(method,
80             aml_operation_region("TPP1", AML_SYSTEM_MEMORY,
81                 aml_add(aml_int(TPM_PPI_ADDR_BASE), op, NULL), 0x1));
82         field = aml_field("TPP1", AML_BYTE_ACC, AML_NOLOCK, AML_PRESERVE);
83         aml_append(field, aml_named_field("TPPF", 8));
84         aml_append(method, field);
85         aml_append(method, aml_return(aml_name("TPPF")));
86     }
87     aml_append(dev, method);
88 
89     /*
90      * Use global TPM2 & TPM3 variables to workaround Windows ACPI bug
91      * when returning packages.
92      */
93     pak = aml_package(2);
94     aml_append(pak, zero);
95     aml_append(pak, zero);
96     aml_append(dev, aml_name_decl("TPM2", pak));
97     tpm2 = aml_name("TPM2");
98 
99     pak = aml_package(3);
100     aml_append(pak, zero);
101     aml_append(pak, zero);
102     aml_append(pak, zero);
103     aml_append(dev, aml_name_decl("TPM3", pak));
104     tpm3 = aml_name("TPM3");
105 
106     method = aml_method("_DSM", 4, AML_SERIALIZED);
107     {
108         uint8_t zerobyte[1] = { 0 };
109         Aml *function, *arguments, *rev, *op, *op_arg, *op_flags, *uuid;
110 
111         uuid = aml_arg(0);
112         rev = aml_arg(1);
113         function = aml_arg(2);
114         arguments = aml_arg(3);
115         op = aml_local(0);
116         op_flags = aml_local(1);
117 
118         /* Physical Presence Interface */
119         ifctx = aml_if(
120             aml_equal(uuid,
121                       aml_touuid("3DDDFAA6-361B-4EB4-A424-8D10089D1653")));
122         {
123             /* standard DSM query function */
124             ifctx2 = aml_if(aml_equal(function, zero));
125             {
126                 uint8_t byte_list[2] = { 0xff, 0x01 }; /* functions 1-8 */
127 
128                 aml_append(ifctx2,
129                            aml_return(aml_buffer(sizeof(byte_list),
130                                                  byte_list)));
131             }
132             aml_append(ifctx, ifctx2);
133 
134             /*
135              * PPI 1.0: 2.1.1 Get Physical Presence Interface Version
136              *
137              * Arg 2 (Integer): Function Index = 1
138              * Arg 3 (Package): Arguments = Empty Package
139              * Returns: Type: String
140              */
141             ifctx2 = aml_if(aml_equal(function, one));
142             {
143                 aml_append(ifctx2, aml_return(aml_string("1.3")));
144             }
145             aml_append(ifctx, ifctx2);
146 
147             /*
148              * PPI 1.0: 2.1.3 Submit TPM Operation Request to Pre-OS Environment
149              *
150              * Arg 2 (Integer): Function Index = 2
151              * Arg 3 (Package): Arguments = Package: Type: Integer
152              *                              Operation Value of the Request
153              * Returns: Type: Integer
154              *          0: Success
155              *          1: Operation Value of the Request Not Supported
156              *          2: General Failure
157              */
158             ifctx2 = aml_if(aml_equal(function, aml_int(2)));
159             {
160                 /* get opcode */
161                 aml_append(ifctx2,
162                            aml_store(aml_derefof(aml_index(arguments,
163                                                            zero)), op));
164 
165                 /* get opcode flags */
166                 aml_append(ifctx2,
167                            aml_store(aml_call1("TPFN", op), op_flags));
168 
169                 /* if func[opcode] & TPM_PPI_FUNC_NOT_IMPLEMENTED */
170                 ifctx3 = aml_if(
171                     aml_equal(
172                         aml_and(op_flags, func_mask, NULL),
173                         not_implemented));
174                 {
175                     /* 1: Operation Value of the Request Not Supported */
176                     aml_append(ifctx3, aml_return(one));
177                 }
178                 aml_append(ifctx2, ifctx3);
179 
180                 aml_append(ifctx2, aml_store(op, pprq));
181                 aml_append(ifctx2, aml_store(zero, pprm));
182                 /* 0: success */
183                 aml_append(ifctx2, aml_return(zero));
184             }
185             aml_append(ifctx, ifctx2);
186 
187             /*
188              * PPI 1.0: 2.1.4 Get Pending TPM Operation Requested By the OS
189              *
190              * Arg 2 (Integer): Function Index = 3
191              * Arg 3 (Package): Arguments = Empty Package
192              * Returns: Type: Package of Integers
193              *          Integer 1: Function Return code
194              *                     0: Success
195              *                     1: General Failure
196              *          Integer 2: Pending operation requested by the OS
197              *                     0: None
198              *                    >0: Operation Value of the Pending Request
199              *          Integer 3: Optional argument to pending operation
200              *                     requested by the OS
201              *                     0: None
202              *                    >0: Argument Value of the Pending Request
203              */
204             ifctx2 = aml_if(aml_equal(function, aml_int(3)));
205             {
206                 /*
207                  * Revision ID of 1, no integer parameter beyond
208                  * parameter two are expected
209                  */
210                 ifctx3 = aml_if(aml_equal(rev, one));
211                 {
212                     /* TPM2[1] = PPRQ */
213                     aml_append(ifctx3,
214                                aml_store(pprq, aml_index(tpm2, one)));
215                     aml_append(ifctx3, aml_return(tpm2));
216                 }
217                 aml_append(ifctx2, ifctx3);
218 
219                 /*
220                  * A return value of {0, 23, 1} indicates that
221                  * operation 23 with argument 1 is pending.
222                  */
223                 ifctx3 = aml_if(aml_equal(rev, aml_int(2)));
224                 {
225                     /* TPM3[1] = PPRQ */
226                     aml_append(ifctx3,
227                                aml_store(pprq, aml_index(tpm3, one)));
228                     /* TPM3[2] = PPRM */
229                     aml_append(ifctx3,
230                                aml_store(pprm, aml_index(tpm3, aml_int(2))));
231                     aml_append(ifctx3, aml_return(tpm3));
232                 }
233                 aml_append(ifctx2, ifctx3);
234             }
235             aml_append(ifctx, ifctx2);
236 
237             /*
238              * PPI 1.0: 2.1.5 Get Platform-Specific Action to Transition to
239              *     Pre-OS Environment
240              *
241              * Arg 2 (Integer): Function Index = 4
242              * Arg 3 (Package): Arguments = Empty Package
243              * Returns: Type: Integer
244              *          0: None
245              *          1: Shutdown
246              *          2: Reboot
247              *          3: OS Vendor-specific
248              */
249             ifctx2 = aml_if(aml_equal(function, aml_int(4)));
250             {
251                 /* reboot */
252                 aml_append(ifctx2, aml_return(aml_int(2)));
253             }
254             aml_append(ifctx, ifctx2);
255 
256             /*
257              * PPI 1.0: 2.1.6 Return TPM Operation Response to OS Environment
258              *
259              * Arg 2 (Integer): Function Index = 5
260              * Arg 3 (Package): Arguments = Empty Package
261              * Returns: Type: Package of Integer
262              *          Integer 1: Function Return code
263              *                     0: Success
264              *                     1: General Failure
265              *          Integer 2: Most recent operation request
266              *                     0: None
267              *                    >0: Operation Value of the most recent request
268              *          Integer 3: Response to the most recent operation request
269              *                     0: Success
270              *                     0x00000001..0x00000FFF: Corresponding TPM
271              *                                             error code
272              *                     0xFFFFFFF0: User Abort or timeout of dialog
273              *                     0xFFFFFFF1: firmware Failure
274              */
275             ifctx2 = aml_if(aml_equal(function, aml_int(5)));
276             {
277                 /* TPM3[1] = LPPR */
278                 aml_append(ifctx2,
279                            aml_store(aml_name("LPPR"),
280                                      aml_index(tpm3, one)));
281                 /* TPM3[2] = PPRP */
282                 aml_append(ifctx2,
283                            aml_store(aml_name("PPRP"),
284                                      aml_index(tpm3, aml_int(2))));
285                 aml_append(ifctx2, aml_return(tpm3));
286             }
287             aml_append(ifctx, ifctx2);
288 
289             /*
290              * PPI 1.0: 2.1.7 Submit preferred user language
291              *
292              * Arg 2 (Integer): Function Index = 6
293              * Arg 3 (Package): Arguments = String Package
294              *                  Preferred language code
295              * Returns: Type: Integer
296              * Function Return Code
297              *          3: Not implemented
298              */
299             ifctx2 = aml_if(aml_equal(function, aml_int(6)));
300             {
301                 /* 3 = not implemented */
302                 aml_append(ifctx2, aml_return(aml_int(3)));
303             }
304             aml_append(ifctx, ifctx2);
305 
306             /*
307              * PPI 1.1: 2.1.7 Submit TPM Operation Request to
308              *     Pre-OS Environment 2
309              *
310              * Arg 2 (Integer): Function Index = 7
311              * Arg 3 (Package): Arguments = Package: Type: Integer
312              *                  Integer 1: Operation Value of the Request
313              *                  Integer 2: Argument for Operation (optional)
314              * Returns: Type: Integer
315              *          0: Success
316              *          1: Not Implemented
317              *          2: General Failure
318              *          3: Operation blocked by current firmware settings
319              */
320             ifctx2 = aml_if(aml_equal(function, aml_int(7)));
321             {
322                 /* get opcode */
323                 aml_append(ifctx2, aml_store(aml_derefof(aml_index(arguments,
324                                                                    zero)),
325                                              op));
326 
327                 /* get opcode flags */
328                 aml_append(ifctx2, aml_store(aml_call1("TPFN", op),
329                                              op_flags));
330                 /* if func[opcode] & TPM_PPI_FUNC_NOT_IMPLEMENTED */
331                 ifctx3 = aml_if(
332                     aml_equal(
333                         aml_and(op_flags, func_mask, NULL),
334                         not_implemented));
335                 {
336                     /* 1: not implemented */
337                     aml_append(ifctx3, aml_return(one));
338                 }
339                 aml_append(ifctx2, ifctx3);
340 
341                 /* if func[opcode] & TPM_PPI_FUNC_BLOCKED */
342                 ifctx3 = aml_if(
343                     aml_equal(
344                         aml_and(op_flags, func_mask, NULL),
345                         aml_int(TPM_PPI_FUNC_BLOCKED)));
346                 {
347                     /* 3: blocked by firmware */
348                     aml_append(ifctx3, aml_return(aml_int(3)));
349                 }
350                 aml_append(ifctx2, ifctx3);
351 
352                 /* revision to integer */
353                 ifctx3 = aml_if(aml_equal(rev, one));
354                 {
355                     /* revision 1 */
356                     /* PPRQ = op */
357                     aml_append(ifctx3, aml_store(op, pprq));
358                     /* no argument, PPRM = 0 */
359                     aml_append(ifctx3, aml_store(zero, pprm));
360                 }
361                 aml_append(ifctx2, ifctx3);
362 
363                 ifctx3 = aml_if(aml_equal(rev, aml_int(2)));
364                 {
365                     /* revision 2 */
366                     /* PPRQ = op */
367                     op_arg = aml_derefof(aml_index(arguments, one));
368                     aml_append(ifctx3, aml_store(op, pprq));
369                     /* PPRM = arg3[1] */
370                     aml_append(ifctx3, aml_store(op_arg, pprm));
371                 }
372                 aml_append(ifctx2, ifctx3);
373                 /* 0: success */
374                 aml_append(ifctx2, aml_return(zero));
375             }
376             aml_append(ifctx, ifctx2);
377 
378             /*
379              * PPI 1.1: 2.1.8 Get User Confirmation Status for Operation
380              *
381              * Arg 2 (Integer): Function Index = 8
382              * Arg 3 (Package): Arguments = Package: Type: Integer
383              *                  Operation Value that may need user confirmation
384              * Returns: Type: Integer
385              *          0: Not implemented
386              *          1: Firmware only
387              *          2: Blocked for OS by firmware configuration
388              *          3: Allowed and physically present user required
389              *          4: Allowed and physically present user not required
390              */
391             ifctx2 = aml_if(aml_equal(function, aml_int(8)));
392             {
393                 /* get opcode */
394                 aml_append(ifctx2,
395                            aml_store(aml_derefof(aml_index(arguments,
396                                                            zero)),
397                                      op));
398 
399                 /* get opcode flags */
400                 aml_append(ifctx2, aml_store(aml_call1("TPFN", op),
401                                              op_flags));
402                 /* return confirmation status code */
403                 aml_append(ifctx2,
404                            aml_return(
405                                aml_and(op_flags, func_mask, NULL)));
406             }
407             aml_append(ifctx, ifctx2);
408 
409             aml_append(ifctx, aml_return(aml_buffer(1, zerobyte)));
410         }
411         aml_append(method, ifctx);
412 
413         /*
414          * "TCG Platform Reset Attack Mitigation Specification 1.00",
415          * Chapter 6 "ACPI _DSM Function"
416          */
417         ifctx = aml_if(
418             aml_equal(uuid,
419                       aml_touuid("376054ED-CC13-4675-901C-4756D7F2D45D")));
420         {
421             /* standard DSM query function */
422             ifctx2 = aml_if(aml_equal(function, zero));
423             {
424                 uint8_t byte_list[1] = { 0x03 }; /* functions 1-2 supported */
425 
426                 aml_append(ifctx2,
427                            aml_return(aml_buffer(sizeof(byte_list),
428                                                  byte_list)));
429             }
430             aml_append(ifctx, ifctx2);
431 
432             /*
433              * TCG Platform Reset Attack Mitigation Specification 1.0 Ch.6
434              *
435              * Arg 2 (Integer): Function Index = 1
436              * Arg 3 (Package): Arguments = Package: Type: Integer
437              *                  Operation Value of the Request
438              * Returns: Type: Integer
439              *          0: Success
440              *          1: General Failure
441              */
442             ifctx2 = aml_if(aml_equal(function, one));
443             {
444                 aml_append(ifctx2,
445                            aml_store(aml_derefof(aml_index(arguments, zero)),
446                                      op));
447                 {
448                     aml_append(ifctx2, aml_store(op, aml_name("MOVV")));
449 
450                     /* 0: success */
451                     aml_append(ifctx2, aml_return(zero));
452                 }
453             }
454             aml_append(ifctx, ifctx2);
455         }
456         aml_append(method, ifctx);
457     }
458     aml_append(dev, method);
459 }
460