projects / deliverable / linux.git / blob
? search:


c17aa45024aaacdad75b71772462ee2ee54f7491
[deliverable/linux.git] / drivers / char / tpm / tpm-interface.c
1 /*
2 * Copyright (C) 2004 IBM Corporation
3 *
4 * Authors:
5 * Leendert van Doorn <leendert@watson.ibm.com>
6 * Dave Safford <safford@watson.ibm.com>
7 * Reiner Sailer <sailer@watson.ibm.com>
8 * Kylene Hall <kjhall@us.ibm.com>
9 *
10 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
11 *
12 * Device driver for TCG/TCPA TPM (trusted platform module).
13 * Specifications at www.trustedcomputinggroup.org
14 *
15 * This program is free software; you can redistribute it and/or
16 * modify it under the terms of the GNU General Public License as
17 * published by the Free Software Foundation, version 2 of the
18 * License.
19 *
20 * Note, the TPM chip is not interrupt driven (only polling)
21 * and can have very long timeouts (minutes!). Hence the unusual
22 * calls to msleep.
23 *
24 */
25
26 #include <linux/poll.h>
27 #include <linux/slab.h>
28 #include <linux/mutex.h>
29 #include <linux/spinlock.h>
30 #include <linux/freezer.h>
31
32 #include "tpm.h"
33 #include "tpm_eventlog.h"
34
35 #define TPM_MAX_ORDINAL 243
36 #define TSC_MAX_ORDINAL 12
37 #define TPM_PROTECTED_COMMAND 0x00
38 #define TPM_CONNECTION_COMMAND 0x40
39
40 /*
41 * Bug workaround - some TPM's don't flush the most
42 * recently changed pcr on suspend, so force the flush
43 * with an extend to the selected _unused_ non-volatile pcr.
44 */
45 static int tpm_suspend_pcr;
46 module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644);
47 MODULE_PARM_DESC(suspend_pcr,
48 "PCR to use for dummy writes to faciltate flush on suspend.");
49
50 static LIST_HEAD(tpm_chip_list);
51 static DEFINE_SPINLOCK(driver_lock);
52 static DECLARE_BITMAP(dev_mask, TPM_NUM_DEVICES);
53
54 /*
55 * Array with one entry per ordinal defining the maximum amount
56 * of time the chip could take to return the result. The ordinal
57 * designation of short, medium or long is defined in a table in
58 * TCG Specification TPM Main Part 2 TPM Structures Section 17. The
59 * values of the SHORT, MEDIUM, and LONG durations are retrieved
60 * from the chip during initialization with a call to tpm_get_timeouts.
61 */
62 static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = {
63 TPM_UNDEFINED, /* 0 */
64 TPM_UNDEFINED,
65 TPM_UNDEFINED,
66 TPM_UNDEFINED,
67 TPM_UNDEFINED,
68 TPM_UNDEFINED, /* 5 */
69 TPM_UNDEFINED,
70 TPM_UNDEFINED,
71 TPM_UNDEFINED,
72 TPM_UNDEFINED,
73 TPM_SHORT, /* 10 */
74 TPM_SHORT,
75 TPM_MEDIUM,
76 TPM_LONG,
77 TPM_LONG,
78 TPM_MEDIUM, /* 15 */
79 TPM_SHORT,
80 TPM_SHORT,
81 TPM_MEDIUM,
82 TPM_LONG,
83 TPM_SHORT, /* 20 */
84 TPM_SHORT,
85 TPM_MEDIUM,
86 TPM_MEDIUM,
87 TPM_MEDIUM,
88 TPM_SHORT, /* 25 */
89 TPM_SHORT,
90 TPM_MEDIUM,
91 TPM_SHORT,
92 TPM_SHORT,
93 TPM_MEDIUM, /* 30 */
94 TPM_LONG,
95 TPM_MEDIUM,
96 TPM_SHORT,
97 TPM_SHORT,
98 TPM_SHORT, /* 35 */
99 TPM_MEDIUM,
100 TPM_MEDIUM,
101 TPM_UNDEFINED,
102 TPM_UNDEFINED,
103 TPM_MEDIUM, /* 40 */
104 TPM_LONG,
105 TPM_MEDIUM,
106 TPM_SHORT,
107 TPM_SHORT,
108 TPM_SHORT, /* 45 */
109 TPM_SHORT,
110 TPM_SHORT,
111 TPM_SHORT,
112 TPM_LONG,
113 TPM_MEDIUM, /* 50 */
114 TPM_MEDIUM,
115 TPM_UNDEFINED,
116 TPM_UNDEFINED,
117 TPM_UNDEFINED,
118 TPM_UNDEFINED, /* 55 */
119 TPM_UNDEFINED,
120 TPM_UNDEFINED,
121 TPM_UNDEFINED,
122 TPM_UNDEFINED,
123 TPM_MEDIUM, /* 60 */
124 TPM_MEDIUM,
125 TPM_MEDIUM,
126 TPM_SHORT,
127 TPM_SHORT,
128 TPM_MEDIUM, /* 65 */
129 TPM_UNDEFINED,
130 TPM_UNDEFINED,
131 TPM_UNDEFINED,
132 TPM_UNDEFINED,
133 TPM_SHORT, /* 70 */
134 TPM_SHORT,
135 TPM_UNDEFINED,
136 TPM_UNDEFINED,
137 TPM_UNDEFINED,
138 TPM_UNDEFINED, /* 75 */
139 TPM_UNDEFINED,
140 TPM_UNDEFINED,
141 TPM_UNDEFINED,
142 TPM_UNDEFINED,
143 TPM_LONG, /* 80 */
144 TPM_UNDEFINED,
145 TPM_MEDIUM,
146 TPM_LONG,
147 TPM_SHORT,
148 TPM_UNDEFINED, /* 85 */
149 TPM_UNDEFINED,
150 TPM_UNDEFINED,
151 TPM_UNDEFINED,
152 TPM_UNDEFINED,
153 TPM_SHORT, /* 90 */
154 TPM_SHORT,
155 TPM_SHORT,
156 TPM_SHORT,
157 TPM_SHORT,
158 TPM_UNDEFINED, /* 95 */
159 TPM_UNDEFINED,
160 TPM_UNDEFINED,
161 TPM_UNDEFINED,
162 TPM_UNDEFINED,
163 TPM_MEDIUM, /* 100 */
164 TPM_SHORT,
165 TPM_SHORT,
166 TPM_UNDEFINED,
167 TPM_UNDEFINED,
168 TPM_UNDEFINED, /* 105 */
169 TPM_UNDEFINED,
170 TPM_UNDEFINED,
171 TPM_UNDEFINED,
172 TPM_UNDEFINED,
173 TPM_SHORT, /* 110 */
174 TPM_SHORT,
175 TPM_SHORT,
176 TPM_SHORT,
177 TPM_SHORT,
178 TPM_SHORT, /* 115 */
179 TPM_SHORT,
180 TPM_SHORT,
181 TPM_UNDEFINED,
182 TPM_UNDEFINED,
183 TPM_LONG, /* 120 */
184 TPM_LONG,
185 TPM_MEDIUM,
186 TPM_UNDEFINED,
187 TPM_SHORT,
188 TPM_SHORT, /* 125 */
189 TPM_SHORT,
190 TPM_LONG,
191 TPM_SHORT,
192 TPM_SHORT,
193 TPM_SHORT, /* 130 */
194 TPM_MEDIUM,
195 TPM_UNDEFINED,
196 TPM_SHORT,
197 TPM_MEDIUM,
198 TPM_UNDEFINED, /* 135 */
199 TPM_UNDEFINED,
200 TPM_UNDEFINED,
201 TPM_UNDEFINED,
202 TPM_UNDEFINED,
203 TPM_SHORT, /* 140 */
204 TPM_SHORT,
205 TPM_UNDEFINED,
206 TPM_UNDEFINED,
207 TPM_UNDEFINED,
208 TPM_UNDEFINED, /* 145 */
209 TPM_UNDEFINED,
210 TPM_UNDEFINED,
211 TPM_UNDEFINED,
212 TPM_UNDEFINED,
213 TPM_SHORT, /* 150 */
214 TPM_MEDIUM,
215 TPM_MEDIUM,
216 TPM_SHORT,
217 TPM_SHORT,
218 TPM_UNDEFINED, /* 155 */
219 TPM_UNDEFINED,
220 TPM_UNDEFINED,
221 TPM_UNDEFINED,
222 TPM_UNDEFINED,
223 TPM_SHORT, /* 160 */
224 TPM_SHORT,
225 TPM_SHORT,
226 TPM_SHORT,
227 TPM_UNDEFINED,
228 TPM_UNDEFINED, /* 165 */
229 TPM_UNDEFINED,
230 TPM_UNDEFINED,
231 TPM_UNDEFINED,
232 TPM_UNDEFINED,
233 TPM_LONG, /* 170 */
234 TPM_UNDEFINED,
235 TPM_UNDEFINED,
236 TPM_UNDEFINED,
237 TPM_UNDEFINED,
238 TPM_UNDEFINED, /* 175 */
239 TPM_UNDEFINED,
240 TPM_UNDEFINED,
241 TPM_UNDEFINED,
242 TPM_UNDEFINED,
243 TPM_MEDIUM, /* 180 */
244 TPM_SHORT,
245 TPM_MEDIUM,
246 TPM_MEDIUM,
247 TPM_MEDIUM,
248 TPM_MEDIUM, /* 185 */
249 TPM_SHORT,
250 TPM_UNDEFINED,
251 TPM_UNDEFINED,
252 TPM_UNDEFINED,
253 TPM_UNDEFINED, /* 190 */
254 TPM_UNDEFINED,
255 TPM_UNDEFINED,
256 TPM_UNDEFINED,
257 TPM_UNDEFINED,
258 TPM_UNDEFINED, /* 195 */
259 TPM_UNDEFINED,
260 TPM_UNDEFINED,
261 TPM_UNDEFINED,
262 TPM_UNDEFINED,
263 TPM_SHORT, /* 200 */
264 TPM_UNDEFINED,
265 TPM_UNDEFINED,
266 TPM_UNDEFINED,
267 TPM_SHORT,
268 TPM_SHORT, /* 205 */
269 TPM_SHORT,
270 TPM_SHORT,
271 TPM_SHORT,
272 TPM_SHORT,
273 TPM_MEDIUM, /* 210 */
274 TPM_UNDEFINED,
275 TPM_MEDIUM,
276 TPM_MEDIUM,
277 TPM_MEDIUM,
278 TPM_UNDEFINED, /* 215 */
279 TPM_MEDIUM,
280 TPM_UNDEFINED,
281 TPM_UNDEFINED,
282 TPM_SHORT,
283 TPM_SHORT, /* 220 */
284 TPM_SHORT,
285 TPM_SHORT,
286 TPM_SHORT,
287 TPM_SHORT,
288 TPM_UNDEFINED, /* 225 */
289 TPM_UNDEFINED,
290 TPM_UNDEFINED,
291 TPM_UNDEFINED,
292 TPM_UNDEFINED,
293 TPM_SHORT, /* 230 */
294 TPM_LONG,
295 TPM_MEDIUM,
296 TPM_UNDEFINED,
297 TPM_UNDEFINED,
298 TPM_UNDEFINED, /* 235 */
299 TPM_UNDEFINED,
300 TPM_UNDEFINED,
301 TPM_UNDEFINED,
302 TPM_UNDEFINED,
303 TPM_SHORT, /* 240 */
304 TPM_UNDEFINED,
305 TPM_MEDIUM,
306 };
307
308 /*
309 * Returns max number of jiffies to wait
310 */
311 unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip,
312 u32 ordinal)
313 {
314 int duration_idx = TPM_UNDEFINED;
315 int duration = 0;
316 u8 category = (ordinal >> 24) & 0xFF;
317
318 if ((category == TPM_PROTECTED_COMMAND && ordinal < TPM_MAX_ORDINAL) ||
319 (category == TPM_CONNECTION_COMMAND && ordinal < TSC_MAX_ORDINAL))
320 duration_idx = tpm_ordinal_duration[ordinal];
321
322 if (duration_idx != TPM_UNDEFINED)
323 duration = chip->vendor.duration[duration_idx];
324 if (duration <= 0)
325 return 2 * 60 * HZ;
326 else
327 return duration;
328 }
329 EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration);
330
331 /*
332 * Internal kernel interface to transmit TPM commands
333 */
334 ssize_t tpm_transmit(struct tpm_chip *chip, const char *buf,
335 size_t bufsiz)
336 {
337 ssize_t rc;
338 u32 count, ordinal;
339 unsigned long stop;
340
341 if (bufsiz > TPM_BUFSIZE)
342 bufsiz = TPM_BUFSIZE;
343
344 count = be32_to_cpu(*((__be32 *) (buf + 2)));
345 ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
346 if (count == 0)
347 return -ENODATA;
348 if (count > bufsiz) {
349 dev_err(chip->dev,
350 "invalid count value %x %zx\n", count, bufsiz);
351 return -E2BIG;
352 }
353
354 mutex_lock(&chip->tpm_mutex);
355
356 rc = chip->ops->send(chip, (u8 *) buf, count);
357 if (rc < 0) {
358 dev_err(chip->dev,
359 "tpm_transmit: tpm_send: error %zd\n", rc);
360 goto out;
361 }
362
363 if (chip->vendor.irq)
364 goto out_recv;
365
366 stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal);
367 do {
368 u8 status = chip->ops->status(chip);
369 if ((status & chip->ops->req_complete_mask) ==
370 chip->ops->req_complete_val)
371 goto out_recv;
372
373 if (chip->ops->req_canceled(chip, status)) {
374 dev_err(chip->dev, "Operation Canceled\n");
375 rc = -ECANCELED;
376 goto out;
377 }
378
379 msleep(TPM_TIMEOUT); /* CHECK */
380 rmb();
381 } while (time_before(jiffies, stop));
382
383 chip->ops->cancel(chip);
384 dev_err(chip->dev, "Operation Timed out\n");
385 rc = -ETIME;
386 goto out;
387
388 out_recv:
389 rc = chip->ops->recv(chip, (u8 *) buf, bufsiz);
390 if (rc < 0)
391 dev_err(chip->dev,
392 "tpm_transmit: tpm_recv: error %zd\n", rc);
393 out:
394 mutex_unlock(&chip->tpm_mutex);
395 return rc;
396 }
397
398 #define TPM_DIGEST_SIZE 20
399 #define TPM_RET_CODE_IDX 6
400
401 ssize_t tpm_transmit_cmd(struct tpm_chip *chip, void *cmd,
402 int len, const char *desc)
403 {
404 struct tpm_output_header *header;
405 int err;
406
407 len = tpm_transmit(chip, (u8 *) cmd, len);
408 if (len < 0)
409 return len;
410 else if (len < TPM_HEADER_SIZE)
411 return -EFAULT;
412
413 header = cmd;
414
415 err = be32_to_cpu(header->return_code);
416 if (err != 0 && desc)
417 dev_err(chip->dev, "A TPM error (%d) occurred %s\n", err, desc);
418
419 return err;
420 }
421
422 #define TPM_INTERNAL_RESULT_SIZE 200
423 #define TPM_ORD_GET_CAP cpu_to_be32(101)
424 #define TPM_ORD_GET_RANDOM cpu_to_be32(70)
425
426 static const struct tpm_input_header tpm_getcap_header = {
427 .tag = TPM_TAG_RQU_COMMAND,
428 .length = cpu_to_be32(22),
429 .ordinal = TPM_ORD_GET_CAP
430 };
431
432 ssize_t tpm_getcap(struct device *dev, __be32 subcap_id, cap_t *cap,
433 const char *desc)
434 {
435 struct tpm_cmd_t tpm_cmd;
436 int rc;
437 struct tpm_chip *chip = dev_get_drvdata(dev);
438
439 tpm_cmd.header.in = tpm_getcap_header;
440 if (subcap_id == CAP_VERSION_1_1 || subcap_id == CAP_VERSION_1_2) {
441 tpm_cmd.params.getcap_in.cap = subcap_id;
442 /*subcap field not necessary */
443 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(0);
444 tpm_cmd.header.in.length -= cpu_to_be32(sizeof(__be32));
445 } else {
446 if (subcap_id == TPM_CAP_FLAG_PERM ||
447 subcap_id == TPM_CAP_FLAG_VOL)
448 tpm_cmd.params.getcap_in.cap = TPM_CAP_FLAG;
449 else
450 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
451 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
452 tpm_cmd.params.getcap_in.subcap = subcap_id;
453 }
454 rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, desc);
455 if (!rc)
456 *cap = tpm_cmd.params.getcap_out.cap;
457 return rc;
458 }
459
460 void tpm_gen_interrupt(struct tpm_chip *chip)
461 {
462 struct tpm_cmd_t tpm_cmd;
463 ssize_t rc;
464
465 tpm_cmd.header.in = tpm_getcap_header;
466 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
467 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
468 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT;
469
470 rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE,
471 "attempting to determine the timeouts");
472 }
473 EXPORT_SYMBOL_GPL(tpm_gen_interrupt);
474
475 #define TPM_ORD_STARTUP cpu_to_be32(153)
476 #define TPM_ST_CLEAR cpu_to_be16(1)
477 #define TPM_ST_STATE cpu_to_be16(2)
478 #define TPM_ST_DEACTIVATED cpu_to_be16(3)
479 static const struct tpm_input_header tpm_startup_header = {
480 .tag = TPM_TAG_RQU_COMMAND,
481 .length = cpu_to_be32(12),
482 .ordinal = TPM_ORD_STARTUP
483 };
484
485 static int tpm_startup(struct tpm_chip *chip, __be16 startup_type)
486 {
487 struct tpm_cmd_t start_cmd;
488 start_cmd.header.in = tpm_startup_header;
489 start_cmd.params.startup_in.startup_type = startup_type;
490 return tpm_transmit_cmd(chip, &start_cmd, TPM_INTERNAL_RESULT_SIZE,
491 "attempting to start the TPM");
492 }
493
494 int tpm_get_timeouts(struct tpm_chip *chip)
495 {
496 struct tpm_cmd_t tpm_cmd;
497 unsigned long new_timeout[4];
498 unsigned long old_timeout[4];
499 struct duration_t *duration_cap;
500 ssize_t rc;
501
502 tpm_cmd.header.in = tpm_getcap_header;
503 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
504 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
505 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT;
506 rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, NULL);
507
508 if (rc == TPM_ERR_INVALID_POSTINIT) {
509 /* The TPM is not started, we are the first to talk to it.
510 Execute a startup command. */
511 dev_info(chip->dev, "Issuing TPM_STARTUP");
512 if (tpm_startup(chip, TPM_ST_CLEAR))
513 return rc;
514
515 tpm_cmd.header.in = tpm_getcap_header;
516 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
517 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
518 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT;
519 rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE,
520 NULL);
521 }
522 if (rc) {
523 dev_err(chip->dev,
524 "A TPM error (%zd) occurred attempting to determine the timeouts\n",
525 rc);
526 goto duration;
527 }
528
529 if (be32_to_cpu(tpm_cmd.header.out.return_code) != 0 ||
530 be32_to_cpu(tpm_cmd.header.out.length)
531 != sizeof(tpm_cmd.header.out) + sizeof(u32) + 4 * sizeof(u32))
532 return -EINVAL;
533
534 old_timeout[0] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.a);
535 old_timeout[1] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.b);
536 old_timeout[2] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.c);
537 old_timeout[3] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.d);
538 memcpy(new_timeout, old_timeout, sizeof(new_timeout));
539
540 /*
541 * Provide ability for vendor overrides of timeout values in case
542 * of misreporting.
543 */
544 if (chip->ops->update_timeouts != NULL)
545 chip->vendor.timeout_adjusted =
546 chip->ops->update_timeouts(chip, new_timeout);
547
548 if (!chip->vendor.timeout_adjusted) {
549 /* Don't overwrite default if value is 0 */
550 if (new_timeout[0] != 0 && new_timeout[0] < 1000) {
551 int i;
552
553 /* timeouts in msec rather usec */
554 for (i = 0; i != ARRAY_SIZE(new_timeout); i++)
555 new_timeout[i] *= 1000;
556 chip->vendor.timeout_adjusted = true;
557 }
558 }
559
560 /* Report adjusted timeouts */
561 if (chip->vendor.timeout_adjusted) {
562 dev_info(chip->dev,
563 HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n",
564 old_timeout[0], new_timeout[0],
565 old_timeout[1], new_timeout[1],
566 old_timeout[2], new_timeout[2],
567 old_timeout[3], new_timeout[3]);
568 }
569
570 chip->vendor.timeout_a = usecs_to_jiffies(new_timeout[0]);
571 chip->vendor.timeout_b = usecs_to_jiffies(new_timeout[1]);
572 chip->vendor.timeout_c = usecs_to_jiffies(new_timeout[2]);
573 chip->vendor.timeout_d = usecs_to_jiffies(new_timeout[3]);
574
575 duration:
576 tpm_cmd.header.in = tpm_getcap_header;
577 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
578 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
579 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_DURATION;
580
581 rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE,
582 "attempting to determine the durations");
583 if (rc)
584 return rc;
585
586 if (be32_to_cpu(tpm_cmd.header.out.return_code) != 0 ||
587 be32_to_cpu(tpm_cmd.header.out.length)
588 != sizeof(tpm_cmd.header.out) + sizeof(u32) + 3 * sizeof(u32))
589 return -EINVAL;
590
591 duration_cap = &tpm_cmd.params.getcap_out.cap.duration;
592 chip->vendor.duration[TPM_SHORT] =
593 usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_short));
594 chip->vendor.duration[TPM_MEDIUM] =
595 usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_medium));
596 chip->vendor.duration[TPM_LONG] =
597 usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_long));
598
599 /* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above
600 * value wrong and apparently reports msecs rather than usecs. So we
601 * fix up the resulting too-small TPM_SHORT value to make things work.
602 * We also scale the TPM_MEDIUM and -_LONG values by 1000.
603 */
604 if (chip->vendor.duration[TPM_SHORT] < (HZ / 100)) {
605 chip->vendor.duration[TPM_SHORT] = HZ;
606 chip->vendor.duration[TPM_MEDIUM] *= 1000;
607 chip->vendor.duration[TPM_LONG] *= 1000;
608 chip->vendor.duration_adjusted = true;
609 dev_info(chip->dev, "Adjusting TPM timeout parameters.");
610 }
611 return 0;
612 }
613 EXPORT_SYMBOL_GPL(tpm_get_timeouts);
614
615 #define TPM_ORD_CONTINUE_SELFTEST 83
616 #define CONTINUE_SELFTEST_RESULT_SIZE 10
617
618 static struct tpm_input_header continue_selftest_header = {
619 .tag = TPM_TAG_RQU_COMMAND,
620 .length = cpu_to_be32(10),
621 .ordinal = cpu_to_be32(TPM_ORD_CONTINUE_SELFTEST),
622 };
623
624 /**
625 * tpm_continue_selftest -- run TPM's selftest
626 * @chip: TPM chip to use
627 *
628 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
629 * a TPM error code.
630 */
631 static int tpm_continue_selftest(struct tpm_chip *chip)
632 {
633 int rc;
634 struct tpm_cmd_t cmd;
635
636 cmd.header.in = continue_selftest_header;
637 rc = tpm_transmit_cmd(chip, &cmd, CONTINUE_SELFTEST_RESULT_SIZE,
638 "continue selftest");
639 return rc;
640 }
641
642 /*
643 * tpm_chip_find_get - return tpm_chip for given chip number
644 */
645 static struct tpm_chip *tpm_chip_find_get(int chip_num)
646 {
647 struct tpm_chip *pos, *chip = NULL;
648
649 rcu_read_lock();
650 list_for_each_entry_rcu(pos, &tpm_chip_list, list) {
651 if (chip_num != TPM_ANY_NUM && chip_num != pos->dev_num)
652 continue;
653
654 if (try_module_get(pos->dev->driver->owner)) {
655 chip = pos;
656 break;
657 }
658 }
659 rcu_read_unlock();
660 return chip;
661 }
662
663 #define TPM_ORDINAL_PCRREAD cpu_to_be32(21)
664 #define READ_PCR_RESULT_SIZE 30
665 static struct tpm_input_header pcrread_header = {
666 .tag = TPM_TAG_RQU_COMMAND,
667 .length = cpu_to_be32(14),
668 .ordinal = TPM_ORDINAL_PCRREAD
669 };
670
671 int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
672 {
673 int rc;
674 struct tpm_cmd_t cmd;
675
676 cmd.header.in = pcrread_header;
677 cmd.params.pcrread_in.pcr_idx = cpu_to_be32(pcr_idx);
678 rc = tpm_transmit_cmd(chip, &cmd, READ_PCR_RESULT_SIZE,
679 "attempting to read a pcr value");
680
681 if (rc == 0)
682 memcpy(res_buf, cmd.params.pcrread_out.pcr_result,
683 TPM_DIGEST_SIZE);
684 return rc;
685 }
686
687 /**
688 * tpm_pcr_read - read a pcr value
689 * @chip_num: tpm idx # or ANY
690 * @pcr_idx: pcr idx to retrieve
691 * @res_buf: TPM_PCR value
692 * size of res_buf is 20 bytes (or NULL if you don't care)
693 *
694 * The TPM driver should be built-in, but for whatever reason it
695 * isn't, protect against the chip disappearing, by incrementing
696 * the module usage count.
697 */
698 int tpm_pcr_read(u32 chip_num, int pcr_idx, u8 *res_buf)
699 {
700 struct tpm_chip *chip;
701 int rc;
702
703 chip = tpm_chip_find_get(chip_num);
704 if (chip == NULL)
705 return -ENODEV;
706 rc = tpm_pcr_read_dev(chip, pcr_idx, res_buf);
707 tpm_chip_put(chip);
708 return rc;
709 }
710 EXPORT_SYMBOL_GPL(tpm_pcr_read);
711
712 /**
713 * tpm_pcr_extend - extend pcr value with hash
714 * @chip_num: tpm idx # or AN&
715 * @pcr_idx: pcr idx to extend
716 * @hash: hash value used to extend pcr value
717 *
718 * The TPM driver should be built-in, but for whatever reason it
719 * isn't, protect against the chip disappearing, by incrementing
720 * the module usage count.
721 */
722 #define TPM_ORD_PCR_EXTEND cpu_to_be32(20)
723 #define EXTEND_PCR_RESULT_SIZE 34
724 static struct tpm_input_header pcrextend_header = {
725 .tag = TPM_TAG_RQU_COMMAND,
726 .length = cpu_to_be32(34),
727 .ordinal = TPM_ORD_PCR_EXTEND
728 };
729
730 int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
731 {
732 struct tpm_cmd_t cmd;
733 int rc;
734 struct tpm_chip *chip;
735
736 chip = tpm_chip_find_get(chip_num);
737 if (chip == NULL)
738 return -ENODEV;
739
740 cmd.header.in = pcrextend_header;
741 cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
742 memcpy(cmd.params.pcrextend_in.hash, hash, TPM_DIGEST_SIZE);
743 rc = tpm_transmit_cmd(chip, &cmd, EXTEND_PCR_RESULT_SIZE,
744 "attempting extend a PCR value");
745
746 tpm_chip_put(chip);
747 return rc;
748 }
749 EXPORT_SYMBOL_GPL(tpm_pcr_extend);
750
751 /**
752 * tpm_do_selftest - have the TPM continue its selftest and wait until it
753 * can receive further commands
754 * @chip: TPM chip to use
755 *
756 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
757 * a TPM error code.
758 */
759 int tpm_do_selftest(struct tpm_chip *chip)
760 {
761 int rc;
762 unsigned int loops;
763 unsigned int delay_msec = 100;
764 unsigned long duration;
765 struct tpm_cmd_t cmd;
766
767 duration = tpm_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST);
768
769 loops = jiffies_to_msecs(duration) / delay_msec;
770
771 rc = tpm_continue_selftest(chip);
772 /* This may fail if there was no TPM driver during a suspend/resume
773 * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST)
774 */
775 if (rc)
776 return rc;
777
778 do {
779 /* Attempt to read a PCR value */
780 cmd.header.in = pcrread_header;
781 cmd.params.pcrread_in.pcr_idx = cpu_to_be32(0);
782 rc = tpm_transmit(chip, (u8 *) &cmd, READ_PCR_RESULT_SIZE);
783 /* Some buggy TPMs will not respond to tpm_tis_ready() for
784 * around 300ms while the self test is ongoing, keep trying
785 * until the self test duration expires. */
786 if (rc == -ETIME) {
787 dev_info(chip->dev, HW_ERR "TPM command timed out during continue self test");
788 msleep(delay_msec);
789 continue;
790 }
791
792 if (rc < TPM_HEADER_SIZE)
793 return -EFAULT;
794
795 rc = be32_to_cpu(cmd.header.out.return_code);
796 if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) {
797 dev_info(chip->dev,
798 "TPM is disabled/deactivated (0x%X)\n", rc);
799 /* TPM is disabled and/or deactivated; driver can
800 * proceed and TPM does handle commands for
801 * suspend/resume correctly
802 */
803 return 0;
804 }
805 if (rc != TPM_WARN_DOING_SELFTEST)
806 return rc;
807 msleep(delay_msec);
808 } while (--loops > 0);
809
810 return rc;
811 }
812 EXPORT_SYMBOL_GPL(tpm_do_selftest);
813
814 int tpm_send(u32 chip_num, void *cmd, size_t buflen)
815 {
816 struct tpm_chip *chip;
817 int rc;
818
819 chip = tpm_chip_find_get(chip_num);
820 if (chip == NULL)
821 return -ENODEV;
822
823 rc = tpm_transmit_cmd(chip, cmd, buflen, "attempting tpm_cmd");
824
825 tpm_chip_put(chip);
826 return rc;
827 }
828 EXPORT_SYMBOL_GPL(tpm_send);
829
830 static bool wait_for_tpm_stat_cond(struct tpm_chip *chip, u8 mask,
831 bool check_cancel, bool *canceled)
832 {
833 u8 status = chip->ops->status(chip);
834
835 *canceled = false;
836 if ((status & mask) == mask)
837 return true;
838 if (check_cancel && chip->ops->req_canceled(chip, status)) {
839 *canceled = true;
840 return true;
841 }
842 return false;
843 }
844
845 int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout,
846 wait_queue_head_t *queue, bool check_cancel)
847 {
848 unsigned long stop;
849 long rc;
850 u8 status;
851 bool canceled = false;
852
853 /* check current status */
854 status = chip->ops->status(chip);
855 if ((status & mask) == mask)
856 return 0;
857
858 stop = jiffies + timeout;
859
860 if (chip->vendor.irq) {
861 again:
862 timeout = stop - jiffies;
863 if ((long)timeout <= 0)
864 return -ETIME;
865 rc = wait_event_interruptible_timeout(*queue,
866 wait_for_tpm_stat_cond(chip, mask, check_cancel,
867 &canceled),
868 timeout);
869 if (rc > 0) {
870 if (canceled)
871 return -ECANCELED;
872 return 0;
873 }
874 if (rc == -ERESTARTSYS && freezing(current)) {
875 clear_thread_flag(TIF_SIGPENDING);
876 goto again;
877 }
878 } else {
879 do {
880 msleep(TPM_TIMEOUT);
881 status = chip->ops->status(chip);
882 if ((status & mask) == mask)
883 return 0;
884 } while (time_before(jiffies, stop));
885 }
886 return -ETIME;
887 }
888 EXPORT_SYMBOL_GPL(wait_for_tpm_stat);
889
890 void tpm_remove_hardware(struct device *dev)
891 {
892 struct tpm_chip *chip = dev_get_drvdata(dev);
893
894 if (chip == NULL) {
895 dev_err(dev, "No device data found\n");
896 return;
897 }
898
899 spin_lock(&driver_lock);
900 list_del_rcu(&chip->list);
901 spin_unlock(&driver_lock);
902 synchronize_rcu();
903
904 tpm_dev_del_device(chip);
905 tpm_sysfs_del_device(chip);
906 tpm_remove_ppi(&dev->kobj);
907 tpm_bios_log_teardown(chip->bios_dir);
908
909 /* write it this way to be explicit (chip->dev == dev) */
910 put_device(chip->dev);
911 }
912 EXPORT_SYMBOL_GPL(tpm_remove_hardware);
913
914 #define TPM_ORD_SAVESTATE cpu_to_be32(152)
915 #define SAVESTATE_RESULT_SIZE 10
916
917 static struct tpm_input_header savestate_header = {
918 .tag = TPM_TAG_RQU_COMMAND,
919 .length = cpu_to_be32(10),
920 .ordinal = TPM_ORD_SAVESTATE
921 };
922
923 /*
924 * We are about to suspend. Save the TPM state
925 * so that it can be restored.
926 */
927 int tpm_pm_suspend(struct device *dev)
928 {
929 struct tpm_chip *chip = dev_get_drvdata(dev);
930 struct tpm_cmd_t cmd;
931 int rc, try;
932
933 u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 };
934
935 if (chip == NULL)
936 return -ENODEV;
937
938 /* for buggy tpm, flush pcrs with extend to selected dummy */
939 if (tpm_suspend_pcr) {
940 cmd.header.in = pcrextend_header;
941 cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(tpm_suspend_pcr);
942 memcpy(cmd.params.pcrextend_in.hash, dummy_hash,
943 TPM_DIGEST_SIZE);
944 rc = tpm_transmit_cmd(chip, &cmd, EXTEND_PCR_RESULT_SIZE,
945 "extending dummy pcr before suspend");
946 }
947
948 /* now do the actual savestate */
949 for (try = 0; try < TPM_RETRY; try++) {
950 cmd.header.in = savestate_header;
951 rc = tpm_transmit_cmd(chip, &cmd, SAVESTATE_RESULT_SIZE, NULL);
952
953 /*
954 * If the TPM indicates that it is too busy to respond to
955 * this command then retry before giving up. It can take
956 * several seconds for this TPM to be ready.
957 *
958 * This can happen if the TPM has already been sent the
959 * SaveState command before the driver has loaded. TCG 1.2
960 * specification states that any communication after SaveState
961 * may cause the TPM to invalidate previously saved state.
962 */
963 if (rc != TPM_WARN_RETRY)
964 break;
965 msleep(TPM_TIMEOUT_RETRY);
966 }
967
968 if (rc)
969 dev_err(chip->dev,
970 "Error (%d) sending savestate before suspend\n", rc);
971 else if (try > 0)
972 dev_warn(chip->dev, "TPM savestate took %dms\n",
973 try * TPM_TIMEOUT_RETRY);
974
975 return rc;
976 }
977 EXPORT_SYMBOL_GPL(tpm_pm_suspend);
978
979 /*
980 * Resume from a power safe. The BIOS already restored
981 * the TPM state.
982 */
983 int tpm_pm_resume(struct device *dev)
984 {
985 struct tpm_chip *chip = dev_get_drvdata(dev);
986
987 if (chip == NULL)
988 return -ENODEV;
989
990 return 0;
991 }
992 EXPORT_SYMBOL_GPL(tpm_pm_resume);
993
994 #define TPM_GETRANDOM_RESULT_SIZE 18
995 static struct tpm_input_header tpm_getrandom_header = {
996 .tag = TPM_TAG_RQU_COMMAND,
997 .length = cpu_to_be32(14),
998 .ordinal = TPM_ORD_GET_RANDOM
999 };
1000
1001 /**
1002 * tpm_get_random() - Get random bytes from the tpm's RNG
1003 * @chip_num: A specific chip number for the request or TPM_ANY_NUM
1004 * @out: destination buffer for the random bytes
1005 * @max: the max number of bytes to write to @out
1006 *
1007 * Returns < 0 on error and the number of bytes read on success
1008 */
1009 int tpm_get_random(u32 chip_num, u8 *out, size_t max)
1010 {
1011 struct tpm_chip *chip;
1012 struct tpm_cmd_t tpm_cmd;
1013 u32 recd, num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA);
1014 int err, total = 0, retries = 5;
1015 u8 *dest = out;
1016
1017 if (!out || !num_bytes || max > TPM_MAX_RNG_DATA)
1018 return -EINVAL;
1019
1020 chip = tpm_chip_find_get(chip_num);
1021 if (chip == NULL)
1022 return -ENODEV;
1023
1024 do {
1025 tpm_cmd.header.in = tpm_getrandom_header;
1026 tpm_cmd.params.getrandom_in.num_bytes = cpu_to_be32(num_bytes);
1027
1028 err = tpm_transmit_cmd(chip, &tpm_cmd,
1029 TPM_GETRANDOM_RESULT_SIZE + num_bytes,
1030 "attempting get random");
1031 if (err)
1032 break;
1033
1034 recd = be32_to_cpu(tpm_cmd.params.getrandom_out.rng_data_len);
1035 memcpy(dest, tpm_cmd.params.getrandom_out.rng_data, recd);
1036
1037 dest += recd;
1038 total += recd;
1039 num_bytes -= recd;
1040 } while (retries-- && total < max);
1041
1042 tpm_chip_put(chip);
1043 return total ? total : -EIO;
1044 }
1045 EXPORT_SYMBOL_GPL(tpm_get_random);
1046
1047 /* In case vendor provided release function, call it too.*/
1048
1049 void tpm_dev_vendor_release(struct tpm_chip *chip)
1050 {
1051 if (!chip)
1052 return;
1053
1054 clear_bit(chip->dev_num, dev_mask);
1055 }
1056 EXPORT_SYMBOL_GPL(tpm_dev_vendor_release);
1057
1058
1059 /*
1060 * Once all references to platform device are down to 0,
1061 * release all allocated structures.
1062 */
1063 static void tpm_dev_release(struct device *dev)
1064 {
1065 struct tpm_chip *chip = dev_get_drvdata(dev);
1066
1067 if (!chip)
1068 return;
1069
1070 tpm_dev_vendor_release(chip);
1071
1072 chip->release(dev);
1073 kfree(chip);
1074 }
1075
1076 /*
1077 * Called from tpm_<specific>.c probe function only for devices
1078 * the driver has determined it should claim. Prior to calling
1079 * this function the specific probe function has called pci_enable_device
1080 * upon errant exit from this function specific probe function should call
1081 * pci_disable_device
1082 */
1083 struct tpm_chip *tpm_register_hardware(struct device *dev,
1084 const struct tpm_class_ops *ops)
1085 {
1086 struct tpm_chip *chip;
1087
1088 /* Driver specific per-device data */
1089 chip = kzalloc(sizeof(*chip), GFP_KERNEL);
1090
1091 if (chip == NULL)
1092 return NULL;
1093
1094 mutex_init(&chip->tpm_mutex);
1095 INIT_LIST_HEAD(&chip->list);
1096
1097 chip->ops = ops;
1098 chip->dev_num = find_first_zero_bit(dev_mask, TPM_NUM_DEVICES);
1099
1100 if (chip->dev_num >= TPM_NUM_DEVICES) {
1101 dev_err(dev, "No available tpm device numbers\n");
1102 goto out_free;
1103 }
1104
1105 set_bit(chip->dev_num, dev_mask);
1106
1107 scnprintf(chip->devname, sizeof(chip->devname), "%s%d", "tpm",
1108 chip->dev_num);
1109
1110 chip->dev = get_device(dev);
1111 chip->release = dev->release;
1112 dev->release = tpm_dev_release;
1113 dev_set_drvdata(dev, chip);
1114
1115 if (tpm_dev_add_device(chip))
1116 goto put_device;
1117
1118 if (tpm_sysfs_add_device(chip))
1119 goto del_misc;
1120
1121 if (tpm_add_ppi(&dev->kobj))
1122 goto del_sysfs;
1123
1124 chip->bios_dir = tpm_bios_log_setup(chip->devname);
1125
1126 /* Make chip available */
1127 spin_lock(&driver_lock);
1128 list_add_tail_rcu(&chip->list, &tpm_chip_list);
1129 spin_unlock(&driver_lock);
1130
1131 return chip;
1132
1133 del_sysfs:
1134 tpm_sysfs_del_device(chip);
1135 del_misc:
1136 tpm_dev_del_device(chip);
1137 put_device:
1138 put_device(chip->dev);
1139 out_free:
1140 kfree(chip);
1141 return NULL;
1142 }
1143 EXPORT_SYMBOL_GPL(tpm_register_hardware);
1144
1145 MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)");
1146 MODULE_DESCRIPTION("TPM Driver");
1147 MODULE_VERSION("2.0");
1148 MODULE_LICENSE("GPL");
Linux kernel - Deliverables
This page took 0.097184 seconds and 4 git commands to generate.