Loading...
1/*
2 * Copyright (C) 2004 IBM Corporation
3 * Copyright (C) 2014 Intel Corporation
4 *
5 * Authors:
6 * Leendert van Doorn <leendert@watson.ibm.com>
7 * Dave Safford <safford@watson.ibm.com>
8 * Reiner Sailer <sailer@watson.ibm.com>
9 * Kylene Hall <kjhall@us.ibm.com>
10 *
11 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
12 *
13 * Device driver for TCG/TCPA TPM (trusted platform module).
14 * Specifications at www.trustedcomputinggroup.org
15 *
16 * This program is free software; you can redistribute it and/or
17 * modify it under the terms of the GNU General Public License as
18 * published by the Free Software Foundation, version 2 of the
19 * License.
20 *
21 * Note, the TPM chip is not interrupt driven (only polling)
22 * and can have very long timeouts (minutes!). Hence the unusual
23 * calls to msleep.
24 *
25 */
26
27#include <linux/poll.h>
28#include <linux/slab.h>
29#include <linux/mutex.h>
30#include <linux/spinlock.h>
31#include <linux/freezer.h>
32
33#include "tpm.h"
34#include "tpm_eventlog.h"
35
36#define TPM_MAX_ORDINAL 243
37#define TSC_MAX_ORDINAL 12
38#define TPM_PROTECTED_COMMAND 0x00
39#define TPM_CONNECTION_COMMAND 0x40
40
41/*
42 * Bug workaround - some TPM's don't flush the most
43 * recently changed pcr on suspend, so force the flush
44 * with an extend to the selected _unused_ non-volatile pcr.
45 */
46static int tpm_suspend_pcr;
47module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644);
48MODULE_PARM_DESC(suspend_pcr,
49 "PCR to use for dummy writes to faciltate flush on suspend.");
50
51/*
52 * Array with one entry per ordinal defining the maximum amount
53 * of time the chip could take to return the result. The ordinal
54 * designation of short, medium or long is defined in a table in
55 * TCG Specification TPM Main Part 2 TPM Structures Section 17. The
56 * values of the SHORT, MEDIUM, and LONG durations are retrieved
57 * from the chip during initialization with a call to tpm_get_timeouts.
58 */
59static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = {
60 TPM_UNDEFINED, /* 0 */
61 TPM_UNDEFINED,
62 TPM_UNDEFINED,
63 TPM_UNDEFINED,
64 TPM_UNDEFINED,
65 TPM_UNDEFINED, /* 5 */
66 TPM_UNDEFINED,
67 TPM_UNDEFINED,
68 TPM_UNDEFINED,
69 TPM_UNDEFINED,
70 TPM_SHORT, /* 10 */
71 TPM_SHORT,
72 TPM_MEDIUM,
73 TPM_LONG,
74 TPM_LONG,
75 TPM_MEDIUM, /* 15 */
76 TPM_SHORT,
77 TPM_SHORT,
78 TPM_MEDIUM,
79 TPM_LONG,
80 TPM_SHORT, /* 20 */
81 TPM_SHORT,
82 TPM_MEDIUM,
83 TPM_MEDIUM,
84 TPM_MEDIUM,
85 TPM_SHORT, /* 25 */
86 TPM_SHORT,
87 TPM_MEDIUM,
88 TPM_SHORT,
89 TPM_SHORT,
90 TPM_MEDIUM, /* 30 */
91 TPM_LONG,
92 TPM_MEDIUM,
93 TPM_SHORT,
94 TPM_SHORT,
95 TPM_SHORT, /* 35 */
96 TPM_MEDIUM,
97 TPM_MEDIUM,
98 TPM_UNDEFINED,
99 TPM_UNDEFINED,
100 TPM_MEDIUM, /* 40 */
101 TPM_LONG,
102 TPM_MEDIUM,
103 TPM_SHORT,
104 TPM_SHORT,
105 TPM_SHORT, /* 45 */
106 TPM_SHORT,
107 TPM_SHORT,
108 TPM_SHORT,
109 TPM_LONG,
110 TPM_MEDIUM, /* 50 */
111 TPM_MEDIUM,
112 TPM_UNDEFINED,
113 TPM_UNDEFINED,
114 TPM_UNDEFINED,
115 TPM_UNDEFINED, /* 55 */
116 TPM_UNDEFINED,
117 TPM_UNDEFINED,
118 TPM_UNDEFINED,
119 TPM_UNDEFINED,
120 TPM_MEDIUM, /* 60 */
121 TPM_MEDIUM,
122 TPM_MEDIUM,
123 TPM_SHORT,
124 TPM_SHORT,
125 TPM_MEDIUM, /* 65 */
126 TPM_UNDEFINED,
127 TPM_UNDEFINED,
128 TPM_UNDEFINED,
129 TPM_UNDEFINED,
130 TPM_SHORT, /* 70 */
131 TPM_SHORT,
132 TPM_UNDEFINED,
133 TPM_UNDEFINED,
134 TPM_UNDEFINED,
135 TPM_UNDEFINED, /* 75 */
136 TPM_UNDEFINED,
137 TPM_UNDEFINED,
138 TPM_UNDEFINED,
139 TPM_UNDEFINED,
140 TPM_LONG, /* 80 */
141 TPM_UNDEFINED,
142 TPM_MEDIUM,
143 TPM_LONG,
144 TPM_SHORT,
145 TPM_UNDEFINED, /* 85 */
146 TPM_UNDEFINED,
147 TPM_UNDEFINED,
148 TPM_UNDEFINED,
149 TPM_UNDEFINED,
150 TPM_SHORT, /* 90 */
151 TPM_SHORT,
152 TPM_SHORT,
153 TPM_SHORT,
154 TPM_SHORT,
155 TPM_UNDEFINED, /* 95 */
156 TPM_UNDEFINED,
157 TPM_UNDEFINED,
158 TPM_UNDEFINED,
159 TPM_UNDEFINED,
160 TPM_MEDIUM, /* 100 */
161 TPM_SHORT,
162 TPM_SHORT,
163 TPM_UNDEFINED,
164 TPM_UNDEFINED,
165 TPM_UNDEFINED, /* 105 */
166 TPM_UNDEFINED,
167 TPM_UNDEFINED,
168 TPM_UNDEFINED,
169 TPM_UNDEFINED,
170 TPM_SHORT, /* 110 */
171 TPM_SHORT,
172 TPM_SHORT,
173 TPM_SHORT,
174 TPM_SHORT,
175 TPM_SHORT, /* 115 */
176 TPM_SHORT,
177 TPM_SHORT,
178 TPM_UNDEFINED,
179 TPM_UNDEFINED,
180 TPM_LONG, /* 120 */
181 TPM_LONG,
182 TPM_MEDIUM,
183 TPM_UNDEFINED,
184 TPM_SHORT,
185 TPM_SHORT, /* 125 */
186 TPM_SHORT,
187 TPM_LONG,
188 TPM_SHORT,
189 TPM_SHORT,
190 TPM_SHORT, /* 130 */
191 TPM_MEDIUM,
192 TPM_UNDEFINED,
193 TPM_SHORT,
194 TPM_MEDIUM,
195 TPM_UNDEFINED, /* 135 */
196 TPM_UNDEFINED,
197 TPM_UNDEFINED,
198 TPM_UNDEFINED,
199 TPM_UNDEFINED,
200 TPM_SHORT, /* 140 */
201 TPM_SHORT,
202 TPM_UNDEFINED,
203 TPM_UNDEFINED,
204 TPM_UNDEFINED,
205 TPM_UNDEFINED, /* 145 */
206 TPM_UNDEFINED,
207 TPM_UNDEFINED,
208 TPM_UNDEFINED,
209 TPM_UNDEFINED,
210 TPM_SHORT, /* 150 */
211 TPM_MEDIUM,
212 TPM_MEDIUM,
213 TPM_SHORT,
214 TPM_SHORT,
215 TPM_UNDEFINED, /* 155 */
216 TPM_UNDEFINED,
217 TPM_UNDEFINED,
218 TPM_UNDEFINED,
219 TPM_UNDEFINED,
220 TPM_SHORT, /* 160 */
221 TPM_SHORT,
222 TPM_SHORT,
223 TPM_SHORT,
224 TPM_UNDEFINED,
225 TPM_UNDEFINED, /* 165 */
226 TPM_UNDEFINED,
227 TPM_UNDEFINED,
228 TPM_UNDEFINED,
229 TPM_UNDEFINED,
230 TPM_LONG, /* 170 */
231 TPM_UNDEFINED,
232 TPM_UNDEFINED,
233 TPM_UNDEFINED,
234 TPM_UNDEFINED,
235 TPM_UNDEFINED, /* 175 */
236 TPM_UNDEFINED,
237 TPM_UNDEFINED,
238 TPM_UNDEFINED,
239 TPM_UNDEFINED,
240 TPM_MEDIUM, /* 180 */
241 TPM_SHORT,
242 TPM_MEDIUM,
243 TPM_MEDIUM,
244 TPM_MEDIUM,
245 TPM_MEDIUM, /* 185 */
246 TPM_SHORT,
247 TPM_UNDEFINED,
248 TPM_UNDEFINED,
249 TPM_UNDEFINED,
250 TPM_UNDEFINED, /* 190 */
251 TPM_UNDEFINED,
252 TPM_UNDEFINED,
253 TPM_UNDEFINED,
254 TPM_UNDEFINED,
255 TPM_UNDEFINED, /* 195 */
256 TPM_UNDEFINED,
257 TPM_UNDEFINED,
258 TPM_UNDEFINED,
259 TPM_UNDEFINED,
260 TPM_SHORT, /* 200 */
261 TPM_UNDEFINED,
262 TPM_UNDEFINED,
263 TPM_UNDEFINED,
264 TPM_SHORT,
265 TPM_SHORT, /* 205 */
266 TPM_SHORT,
267 TPM_SHORT,
268 TPM_SHORT,
269 TPM_SHORT,
270 TPM_MEDIUM, /* 210 */
271 TPM_UNDEFINED,
272 TPM_MEDIUM,
273 TPM_MEDIUM,
274 TPM_MEDIUM,
275 TPM_UNDEFINED, /* 215 */
276 TPM_MEDIUM,
277 TPM_UNDEFINED,
278 TPM_UNDEFINED,
279 TPM_SHORT,
280 TPM_SHORT, /* 220 */
281 TPM_SHORT,
282 TPM_SHORT,
283 TPM_SHORT,
284 TPM_SHORT,
285 TPM_UNDEFINED, /* 225 */
286 TPM_UNDEFINED,
287 TPM_UNDEFINED,
288 TPM_UNDEFINED,
289 TPM_UNDEFINED,
290 TPM_SHORT, /* 230 */
291 TPM_LONG,
292 TPM_MEDIUM,
293 TPM_UNDEFINED,
294 TPM_UNDEFINED,
295 TPM_UNDEFINED, /* 235 */
296 TPM_UNDEFINED,
297 TPM_UNDEFINED,
298 TPM_UNDEFINED,
299 TPM_UNDEFINED,
300 TPM_SHORT, /* 240 */
301 TPM_UNDEFINED,
302 TPM_MEDIUM,
303};
304
305/*
306 * Returns max number of jiffies to wait
307 */
308unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip,
309 u32 ordinal)
310{
311 int duration_idx = TPM_UNDEFINED;
312 int duration = 0;
313
314 /*
315 * We only have a duration table for protected commands, where the upper
316 * 16 bits are 0. For the few other ordinals the fallback will be used.
317 */
318 if (ordinal < TPM_MAX_ORDINAL)
319 duration_idx = tpm_ordinal_duration[ordinal];
320
321 if (duration_idx != TPM_UNDEFINED)
322 duration = chip->vendor.duration[duration_idx];
323 if (duration <= 0)
324 return 2 * 60 * HZ;
325 else
326 return duration;
327}
328EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration);
329
330/*
331 * Internal kernel interface to transmit TPM commands
332 */
333ssize_t tpm_transmit(struct tpm_chip *chip, const char *buf,
334 size_t bufsiz)
335{
336 ssize_t rc;
337 u32 count, ordinal;
338 unsigned long stop;
339
340 if (bufsiz > TPM_BUFSIZE)
341 bufsiz = TPM_BUFSIZE;
342
343 count = be32_to_cpu(*((__be32 *) (buf + 2)));
344 ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
345 if (count == 0)
346 return -ENODATA;
347 if (count > bufsiz) {
348 dev_err(chip->pdev,
349 "invalid count value %x %zx\n", count, bufsiz);
350 return -E2BIG;
351 }
352
353 mutex_lock(&chip->tpm_mutex);
354
355 rc = chip->ops->send(chip, (u8 *) buf, count);
356 if (rc < 0) {
357 dev_err(chip->pdev,
358 "tpm_transmit: tpm_send: error %zd\n", rc);
359 goto out;
360 }
361
362 if (chip->vendor.irq)
363 goto out_recv;
364
365 if (chip->flags & TPM_CHIP_FLAG_TPM2)
366 stop = jiffies + tpm2_calc_ordinal_duration(chip, ordinal);
367 else
368 stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal);
369 do {
370 u8 status = chip->ops->status(chip);
371 if ((status & chip->ops->req_complete_mask) ==
372 chip->ops->req_complete_val)
373 goto out_recv;
374
375 if (chip->ops->req_canceled(chip, status)) {
376 dev_err(chip->pdev, "Operation Canceled\n");
377 rc = -ECANCELED;
378 goto out;
379 }
380
381 msleep(TPM_TIMEOUT); /* CHECK */
382 rmb();
383 } while (time_before(jiffies, stop));
384
385 chip->ops->cancel(chip);
386 dev_err(chip->pdev, "Operation Timed out\n");
387 rc = -ETIME;
388 goto out;
389
390out_recv:
391 rc = chip->ops->recv(chip, (u8 *) buf, bufsiz);
392 if (rc < 0)
393 dev_err(chip->pdev,
394 "tpm_transmit: tpm_recv: error %zd\n", rc);
395out:
396 mutex_unlock(&chip->tpm_mutex);
397 return rc;
398}
399
400#define TPM_DIGEST_SIZE 20
401#define TPM_RET_CODE_IDX 6
402
403ssize_t tpm_transmit_cmd(struct tpm_chip *chip, void *cmd,
404 int len, const char *desc)
405{
406 struct tpm_output_header *header;
407 int err;
408
409 len = tpm_transmit(chip, (u8 *) cmd, len);
410 if (len < 0)
411 return len;
412 else if (len < TPM_HEADER_SIZE)
413 return -EFAULT;
414
415 header = cmd;
416
417 err = be32_to_cpu(header->return_code);
418 if (err != 0 && desc)
419 dev_err(chip->pdev, "A TPM error (%d) occurred %s\n", err,
420 desc);
421
422 return err;
423}
424
425#define TPM_INTERNAL_RESULT_SIZE 200
426#define TPM_ORD_GET_CAP cpu_to_be32(101)
427#define TPM_ORD_GET_RANDOM cpu_to_be32(70)
428
429static const struct tpm_input_header tpm_getcap_header = {
430 .tag = TPM_TAG_RQU_COMMAND,
431 .length = cpu_to_be32(22),
432 .ordinal = TPM_ORD_GET_CAP
433};
434
435ssize_t tpm_getcap(struct device *dev, __be32 subcap_id, cap_t *cap,
436 const char *desc)
437{
438 struct tpm_cmd_t tpm_cmd;
439 int rc;
440 struct tpm_chip *chip = dev_get_drvdata(dev);
441
442 tpm_cmd.header.in = tpm_getcap_header;
443 if (subcap_id == CAP_VERSION_1_1 || subcap_id == CAP_VERSION_1_2) {
444 tpm_cmd.params.getcap_in.cap = subcap_id;
445 /*subcap field not necessary */
446 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(0);
447 tpm_cmd.header.in.length -= cpu_to_be32(sizeof(__be32));
448 } else {
449 if (subcap_id == TPM_CAP_FLAG_PERM ||
450 subcap_id == TPM_CAP_FLAG_VOL)
451 tpm_cmd.params.getcap_in.cap = TPM_CAP_FLAG;
452 else
453 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
454 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
455 tpm_cmd.params.getcap_in.subcap = subcap_id;
456 }
457 rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, desc);
458 if (!rc)
459 *cap = tpm_cmd.params.getcap_out.cap;
460 return rc;
461}
462
463void tpm_gen_interrupt(struct tpm_chip *chip)
464{
465 struct tpm_cmd_t tpm_cmd;
466 ssize_t rc;
467
468 tpm_cmd.header.in = tpm_getcap_header;
469 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
470 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
471 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT;
472
473 rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE,
474 "attempting to determine the timeouts");
475}
476EXPORT_SYMBOL_GPL(tpm_gen_interrupt);
477
478#define TPM_ORD_STARTUP cpu_to_be32(153)
479#define TPM_ST_CLEAR cpu_to_be16(1)
480#define TPM_ST_STATE cpu_to_be16(2)
481#define TPM_ST_DEACTIVATED cpu_to_be16(3)
482static const struct tpm_input_header tpm_startup_header = {
483 .tag = TPM_TAG_RQU_COMMAND,
484 .length = cpu_to_be32(12),
485 .ordinal = TPM_ORD_STARTUP
486};
487
488static int tpm_startup(struct tpm_chip *chip, __be16 startup_type)
489{
490 struct tpm_cmd_t start_cmd;
491 start_cmd.header.in = tpm_startup_header;
492
493 start_cmd.params.startup_in.startup_type = startup_type;
494 return tpm_transmit_cmd(chip, &start_cmd, TPM_INTERNAL_RESULT_SIZE,
495 "attempting to start the TPM");
496}
497
498int tpm_get_timeouts(struct tpm_chip *chip)
499{
500 struct tpm_cmd_t tpm_cmd;
501 unsigned long new_timeout[4];
502 unsigned long old_timeout[4];
503 struct duration_t *duration_cap;
504 ssize_t rc;
505
506 if (chip->flags & TPM_CHIP_FLAG_TPM2) {
507 /* Fixed timeouts for TPM2 */
508 chip->vendor.timeout_a = msecs_to_jiffies(TPM2_TIMEOUT_A);
509 chip->vendor.timeout_b = msecs_to_jiffies(TPM2_TIMEOUT_B);
510 chip->vendor.timeout_c = msecs_to_jiffies(TPM2_TIMEOUT_C);
511 chip->vendor.timeout_d = msecs_to_jiffies(TPM2_TIMEOUT_D);
512 chip->vendor.duration[TPM_SHORT] =
513 msecs_to_jiffies(TPM2_DURATION_SHORT);
514 chip->vendor.duration[TPM_MEDIUM] =
515 msecs_to_jiffies(TPM2_DURATION_MEDIUM);
516 chip->vendor.duration[TPM_LONG] =
517 msecs_to_jiffies(TPM2_DURATION_LONG);
518 return 0;
519 }
520
521 tpm_cmd.header.in = tpm_getcap_header;
522 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
523 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
524 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT;
525 rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, NULL);
526
527 if (rc == TPM_ERR_INVALID_POSTINIT) {
528 /* The TPM is not started, we are the first to talk to it.
529 Execute a startup command. */
530 dev_info(chip->pdev, "Issuing TPM_STARTUP");
531 if (tpm_startup(chip, TPM_ST_CLEAR))
532 return rc;
533
534 tpm_cmd.header.in = tpm_getcap_header;
535 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
536 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
537 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT;
538 rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE,
539 NULL);
540 }
541 if (rc) {
542 dev_err(chip->pdev,
543 "A TPM error (%zd) occurred attempting to determine the timeouts\n",
544 rc);
545 goto duration;
546 }
547
548 if (be32_to_cpu(tpm_cmd.header.out.return_code) != 0 ||
549 be32_to_cpu(tpm_cmd.header.out.length)
550 != sizeof(tpm_cmd.header.out) + sizeof(u32) + 4 * sizeof(u32))
551 return -EINVAL;
552
553 old_timeout[0] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.a);
554 old_timeout[1] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.b);
555 old_timeout[2] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.c);
556 old_timeout[3] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.d);
557 memcpy(new_timeout, old_timeout, sizeof(new_timeout));
558
559 /*
560 * Provide ability for vendor overrides of timeout values in case
561 * of misreporting.
562 */
563 if (chip->ops->update_timeouts != NULL)
564 chip->vendor.timeout_adjusted =
565 chip->ops->update_timeouts(chip, new_timeout);
566
567 if (!chip->vendor.timeout_adjusted) {
568 /* Don't overwrite default if value is 0 */
569 if (new_timeout[0] != 0 && new_timeout[0] < 1000) {
570 int i;
571
572 /* timeouts in msec rather usec */
573 for (i = 0; i != ARRAY_SIZE(new_timeout); i++)
574 new_timeout[i] *= 1000;
575 chip->vendor.timeout_adjusted = true;
576 }
577 }
578
579 /* Report adjusted timeouts */
580 if (chip->vendor.timeout_adjusted) {
581 dev_info(chip->pdev,
582 HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n",
583 old_timeout[0], new_timeout[0],
584 old_timeout[1], new_timeout[1],
585 old_timeout[2], new_timeout[2],
586 old_timeout[3], new_timeout[3]);
587 }
588
589 chip->vendor.timeout_a = usecs_to_jiffies(new_timeout[0]);
590 chip->vendor.timeout_b = usecs_to_jiffies(new_timeout[1]);
591 chip->vendor.timeout_c = usecs_to_jiffies(new_timeout[2]);
592 chip->vendor.timeout_d = usecs_to_jiffies(new_timeout[3]);
593
594duration:
595 tpm_cmd.header.in = tpm_getcap_header;
596 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
597 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
598 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_DURATION;
599
600 rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE,
601 "attempting to determine the durations");
602 if (rc)
603 return rc;
604
605 if (be32_to_cpu(tpm_cmd.header.out.return_code) != 0 ||
606 be32_to_cpu(tpm_cmd.header.out.length)
607 != sizeof(tpm_cmd.header.out) + sizeof(u32) + 3 * sizeof(u32))
608 return -EINVAL;
609
610 duration_cap = &tpm_cmd.params.getcap_out.cap.duration;
611 chip->vendor.duration[TPM_SHORT] =
612 usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_short));
613 chip->vendor.duration[TPM_MEDIUM] =
614 usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_medium));
615 chip->vendor.duration[TPM_LONG] =
616 usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_long));
617
618 /* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above
619 * value wrong and apparently reports msecs rather than usecs. So we
620 * fix up the resulting too-small TPM_SHORT value to make things work.
621 * We also scale the TPM_MEDIUM and -_LONG values by 1000.
622 */
623 if (chip->vendor.duration[TPM_SHORT] < (HZ / 100)) {
624 chip->vendor.duration[TPM_SHORT] = HZ;
625 chip->vendor.duration[TPM_MEDIUM] *= 1000;
626 chip->vendor.duration[TPM_LONG] *= 1000;
627 chip->vendor.duration_adjusted = true;
628 dev_info(chip->pdev, "Adjusting TPM timeout parameters.");
629 }
630 return 0;
631}
632EXPORT_SYMBOL_GPL(tpm_get_timeouts);
633
634#define TPM_ORD_CONTINUE_SELFTEST 83
635#define CONTINUE_SELFTEST_RESULT_SIZE 10
636
637static struct tpm_input_header continue_selftest_header = {
638 .tag = TPM_TAG_RQU_COMMAND,
639 .length = cpu_to_be32(10),
640 .ordinal = cpu_to_be32(TPM_ORD_CONTINUE_SELFTEST),
641};
642
643/**
644 * tpm_continue_selftest -- run TPM's selftest
645 * @chip: TPM chip to use
646 *
647 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
648 * a TPM error code.
649 */
650static int tpm_continue_selftest(struct tpm_chip *chip)
651{
652 int rc;
653 struct tpm_cmd_t cmd;
654
655 cmd.header.in = continue_selftest_header;
656 rc = tpm_transmit_cmd(chip, &cmd, CONTINUE_SELFTEST_RESULT_SIZE,
657 "continue selftest");
658 return rc;
659}
660
661#define TPM_ORDINAL_PCRREAD cpu_to_be32(21)
662#define READ_PCR_RESULT_SIZE 30
663static struct tpm_input_header pcrread_header = {
664 .tag = TPM_TAG_RQU_COMMAND,
665 .length = cpu_to_be32(14),
666 .ordinal = TPM_ORDINAL_PCRREAD
667};
668
669int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
670{
671 int rc;
672 struct tpm_cmd_t cmd;
673
674 cmd.header.in = pcrread_header;
675 cmd.params.pcrread_in.pcr_idx = cpu_to_be32(pcr_idx);
676 rc = tpm_transmit_cmd(chip, &cmd, READ_PCR_RESULT_SIZE,
677 "attempting to read a pcr value");
678
679 if (rc == 0)
680 memcpy(res_buf, cmd.params.pcrread_out.pcr_result,
681 TPM_DIGEST_SIZE);
682 return rc;
683}
684
685/**
686 * tpm_is_tpm2 - is the chip a TPM2 chip?
687 * @chip_num: tpm idx # or ANY
688 *
689 * Returns < 0 on error, and 1 or 0 on success depending whether the chip
690 * is a TPM2 chip.
691 */
692int tpm_is_tpm2(u32 chip_num)
693{
694 struct tpm_chip *chip;
695 int rc;
696
697 chip = tpm_chip_find_get(chip_num);
698 if (chip == NULL)
699 return -ENODEV;
700
701 rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0;
702
703 tpm_chip_put(chip);
704
705 return rc;
706}
707EXPORT_SYMBOL_GPL(tpm_is_tpm2);
708
709/**
710 * tpm_pcr_read - read a pcr value
711 * @chip_num: tpm idx # or ANY
712 * @pcr_idx: pcr idx to retrieve
713 * @res_buf: TPM_PCR value
714 * size of res_buf is 20 bytes (or NULL if you don't care)
715 *
716 * The TPM driver should be built-in, but for whatever reason it
717 * isn't, protect against the chip disappearing, by incrementing
718 * the module usage count.
719 */
720int tpm_pcr_read(u32 chip_num, int pcr_idx, u8 *res_buf)
721{
722 struct tpm_chip *chip;
723 int rc;
724
725 chip = tpm_chip_find_get(chip_num);
726 if (chip == NULL)
727 return -ENODEV;
728 if (chip->flags & TPM_CHIP_FLAG_TPM2)
729 rc = tpm2_pcr_read(chip, pcr_idx, res_buf);
730 else
731 rc = tpm_pcr_read_dev(chip, pcr_idx, res_buf);
732 tpm_chip_put(chip);
733 return rc;
734}
735EXPORT_SYMBOL_GPL(tpm_pcr_read);
736
737/**
738 * tpm_pcr_extend - extend pcr value with hash
739 * @chip_num: tpm idx # or AN&
740 * @pcr_idx: pcr idx to extend
741 * @hash: hash value used to extend pcr value
742 *
743 * The TPM driver should be built-in, but for whatever reason it
744 * isn't, protect against the chip disappearing, by incrementing
745 * the module usage count.
746 */
747#define TPM_ORD_PCR_EXTEND cpu_to_be32(20)
748#define EXTEND_PCR_RESULT_SIZE 34
749static struct tpm_input_header pcrextend_header = {
750 .tag = TPM_TAG_RQU_COMMAND,
751 .length = cpu_to_be32(34),
752 .ordinal = TPM_ORD_PCR_EXTEND
753};
754
755int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
756{
757 struct tpm_cmd_t cmd;
758 int rc;
759 struct tpm_chip *chip;
760
761 chip = tpm_chip_find_get(chip_num);
762 if (chip == NULL)
763 return -ENODEV;
764
765 if (chip->flags & TPM_CHIP_FLAG_TPM2) {
766 rc = tpm2_pcr_extend(chip, pcr_idx, hash);
767 tpm_chip_put(chip);
768 return rc;
769 }
770
771 cmd.header.in = pcrextend_header;
772 cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
773 memcpy(cmd.params.pcrextend_in.hash, hash, TPM_DIGEST_SIZE);
774 rc = tpm_transmit_cmd(chip, &cmd, EXTEND_PCR_RESULT_SIZE,
775 "attempting extend a PCR value");
776
777 tpm_chip_put(chip);
778 return rc;
779}
780EXPORT_SYMBOL_GPL(tpm_pcr_extend);
781
782/**
783 * tpm_do_selftest - have the TPM continue its selftest and wait until it
784 * can receive further commands
785 * @chip: TPM chip to use
786 *
787 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
788 * a TPM error code.
789 */
790int tpm_do_selftest(struct tpm_chip *chip)
791{
792 int rc;
793 unsigned int loops;
794 unsigned int delay_msec = 100;
795 unsigned long duration;
796 struct tpm_cmd_t cmd;
797
798 duration = tpm_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST);
799
800 loops = jiffies_to_msecs(duration) / delay_msec;
801
802 rc = tpm_continue_selftest(chip);
803 /* This may fail if there was no TPM driver during a suspend/resume
804 * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST)
805 */
806 if (rc)
807 return rc;
808
809 do {
810 /* Attempt to read a PCR value */
811 cmd.header.in = pcrread_header;
812 cmd.params.pcrread_in.pcr_idx = cpu_to_be32(0);
813 rc = tpm_transmit(chip, (u8 *) &cmd, READ_PCR_RESULT_SIZE);
814 /* Some buggy TPMs will not respond to tpm_tis_ready() for
815 * around 300ms while the self test is ongoing, keep trying
816 * until the self test duration expires. */
817 if (rc == -ETIME) {
818 dev_info(chip->pdev, HW_ERR "TPM command timed out during continue self test");
819 msleep(delay_msec);
820 continue;
821 }
822
823 if (rc < TPM_HEADER_SIZE)
824 return -EFAULT;
825
826 rc = be32_to_cpu(cmd.header.out.return_code);
827 if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) {
828 dev_info(chip->pdev,
829 "TPM is disabled/deactivated (0x%X)\n", rc);
830 /* TPM is disabled and/or deactivated; driver can
831 * proceed and TPM does handle commands for
832 * suspend/resume correctly
833 */
834 return 0;
835 }
836 if (rc != TPM_WARN_DOING_SELFTEST)
837 return rc;
838 msleep(delay_msec);
839 } while (--loops > 0);
840
841 return rc;
842}
843EXPORT_SYMBOL_GPL(tpm_do_selftest);
844
845int tpm_send(u32 chip_num, void *cmd, size_t buflen)
846{
847 struct tpm_chip *chip;
848 int rc;
849
850 chip = tpm_chip_find_get(chip_num);
851 if (chip == NULL)
852 return -ENODEV;
853
854 rc = tpm_transmit_cmd(chip, cmd, buflen, "attempting tpm_cmd");
855
856 tpm_chip_put(chip);
857 return rc;
858}
859EXPORT_SYMBOL_GPL(tpm_send);
860
861static bool wait_for_tpm_stat_cond(struct tpm_chip *chip, u8 mask,
862 bool check_cancel, bool *canceled)
863{
864 u8 status = chip->ops->status(chip);
865
866 *canceled = false;
867 if ((status & mask) == mask)
868 return true;
869 if (check_cancel && chip->ops->req_canceled(chip, status)) {
870 *canceled = true;
871 return true;
872 }
873 return false;
874}
875
876int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout,
877 wait_queue_head_t *queue, bool check_cancel)
878{
879 unsigned long stop;
880 long rc;
881 u8 status;
882 bool canceled = false;
883
884 /* check current status */
885 status = chip->ops->status(chip);
886 if ((status & mask) == mask)
887 return 0;
888
889 stop = jiffies + timeout;
890
891 if (chip->vendor.irq) {
892again:
893 timeout = stop - jiffies;
894 if ((long)timeout <= 0)
895 return -ETIME;
896 rc = wait_event_interruptible_timeout(*queue,
897 wait_for_tpm_stat_cond(chip, mask, check_cancel,
898 &canceled),
899 timeout);
900 if (rc > 0) {
901 if (canceled)
902 return -ECANCELED;
903 return 0;
904 }
905 if (rc == -ERESTARTSYS && freezing(current)) {
906 clear_thread_flag(TIF_SIGPENDING);
907 goto again;
908 }
909 } else {
910 do {
911 msleep(TPM_TIMEOUT);
912 status = chip->ops->status(chip);
913 if ((status & mask) == mask)
914 return 0;
915 } while (time_before(jiffies, stop));
916 }
917 return -ETIME;
918}
919EXPORT_SYMBOL_GPL(wait_for_tpm_stat);
920
921#define TPM_ORD_SAVESTATE cpu_to_be32(152)
922#define SAVESTATE_RESULT_SIZE 10
923
924static struct tpm_input_header savestate_header = {
925 .tag = TPM_TAG_RQU_COMMAND,
926 .length = cpu_to_be32(10),
927 .ordinal = TPM_ORD_SAVESTATE
928};
929
930/*
931 * We are about to suspend. Save the TPM state
932 * so that it can be restored.
933 */
934int tpm_pm_suspend(struct device *dev)
935{
936 struct tpm_chip *chip = dev_get_drvdata(dev);
937 struct tpm_cmd_t cmd;
938 int rc, try;
939
940 u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 };
941
942 if (chip == NULL)
943 return -ENODEV;
944
945 if (chip->flags & TPM_CHIP_FLAG_TPM2) {
946 tpm2_shutdown(chip, TPM2_SU_STATE);
947 return 0;
948 }
949
950 /* for buggy tpm, flush pcrs with extend to selected dummy */
951 if (tpm_suspend_pcr) {
952 cmd.header.in = pcrextend_header;
953 cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(tpm_suspend_pcr);
954 memcpy(cmd.params.pcrextend_in.hash, dummy_hash,
955 TPM_DIGEST_SIZE);
956 rc = tpm_transmit_cmd(chip, &cmd, EXTEND_PCR_RESULT_SIZE,
957 "extending dummy pcr before suspend");
958 }
959
960 /* now do the actual savestate */
961 for (try = 0; try < TPM_RETRY; try++) {
962 cmd.header.in = savestate_header;
963 rc = tpm_transmit_cmd(chip, &cmd, SAVESTATE_RESULT_SIZE, NULL);
964
965 /*
966 * If the TPM indicates that it is too busy to respond to
967 * this command then retry before giving up. It can take
968 * several seconds for this TPM to be ready.
969 *
970 * This can happen if the TPM has already been sent the
971 * SaveState command before the driver has loaded. TCG 1.2
972 * specification states that any communication after SaveState
973 * may cause the TPM to invalidate previously saved state.
974 */
975 if (rc != TPM_WARN_RETRY)
976 break;
977 msleep(TPM_TIMEOUT_RETRY);
978 }
979
980 if (rc)
981 dev_err(chip->pdev,
982 "Error (%d) sending savestate before suspend\n", rc);
983 else if (try > 0)
984 dev_warn(chip->pdev, "TPM savestate took %dms\n",
985 try * TPM_TIMEOUT_RETRY);
986
987 return rc;
988}
989EXPORT_SYMBOL_GPL(tpm_pm_suspend);
990
991/*
992 * Resume from a power safe. The BIOS already restored
993 * the TPM state.
994 */
995int tpm_pm_resume(struct device *dev)
996{
997 struct tpm_chip *chip = dev_get_drvdata(dev);
998
999 if (chip == NULL)
1000 return -ENODEV;
1001
1002 return 0;
1003}
1004EXPORT_SYMBOL_GPL(tpm_pm_resume);
1005
1006#define TPM_GETRANDOM_RESULT_SIZE 18
1007static struct tpm_input_header tpm_getrandom_header = {
1008 .tag = TPM_TAG_RQU_COMMAND,
1009 .length = cpu_to_be32(14),
1010 .ordinal = TPM_ORD_GET_RANDOM
1011};
1012
1013/**
1014 * tpm_get_random() - Get random bytes from the tpm's RNG
1015 * @chip_num: A specific chip number for the request or TPM_ANY_NUM
1016 * @out: destination buffer for the random bytes
1017 * @max: the max number of bytes to write to @out
1018 *
1019 * Returns < 0 on error and the number of bytes read on success
1020 */
1021int tpm_get_random(u32 chip_num, u8 *out, size_t max)
1022{
1023 struct tpm_chip *chip;
1024 struct tpm_cmd_t tpm_cmd;
1025 u32 recd, num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA);
1026 int err, total = 0, retries = 5;
1027 u8 *dest = out;
1028
1029 if (!out || !num_bytes || max > TPM_MAX_RNG_DATA)
1030 return -EINVAL;
1031
1032 chip = tpm_chip_find_get(chip_num);
1033 if (chip == NULL)
1034 return -ENODEV;
1035
1036 if (chip->flags & TPM_CHIP_FLAG_TPM2) {
1037 err = tpm2_get_random(chip, out, max);
1038 tpm_chip_put(chip);
1039 return err;
1040 }
1041
1042 do {
1043 tpm_cmd.header.in = tpm_getrandom_header;
1044 tpm_cmd.params.getrandom_in.num_bytes = cpu_to_be32(num_bytes);
1045
1046 err = tpm_transmit_cmd(chip, &tpm_cmd,
1047 TPM_GETRANDOM_RESULT_SIZE + num_bytes,
1048 "attempting get random");
1049 if (err)
1050 break;
1051
1052 recd = be32_to_cpu(tpm_cmd.params.getrandom_out.rng_data_len);
1053 memcpy(dest, tpm_cmd.params.getrandom_out.rng_data, recd);
1054
1055 dest += recd;
1056 total += recd;
1057 num_bytes -= recd;
1058 } while (retries-- && total < max);
1059
1060 tpm_chip_put(chip);
1061 return total ? total : -EIO;
1062}
1063EXPORT_SYMBOL_GPL(tpm_get_random);
1064
1065/**
1066 * tpm_seal_trusted() - seal a trusted key
1067 * @chip_num: A specific chip number for the request or TPM_ANY_NUM
1068 * @options: authentication values and other options
1069 * @payload: the key data in clear and encrypted form
1070 *
1071 * Returns < 0 on error and 0 on success. At the moment, only TPM 2.0 chips
1072 * are supported.
1073 */
1074int tpm_seal_trusted(u32 chip_num, struct trusted_key_payload *payload,
1075 struct trusted_key_options *options)
1076{
1077 struct tpm_chip *chip;
1078 int rc;
1079
1080 chip = tpm_chip_find_get(chip_num);
1081 if (chip == NULL || !(chip->flags & TPM_CHIP_FLAG_TPM2))
1082 return -ENODEV;
1083
1084 rc = tpm2_seal_trusted(chip, payload, options);
1085
1086 tpm_chip_put(chip);
1087 return rc;
1088}
1089EXPORT_SYMBOL_GPL(tpm_seal_trusted);
1090
1091/**
1092 * tpm_unseal_trusted() - unseal a trusted key
1093 * @chip_num: A specific chip number for the request or TPM_ANY_NUM
1094 * @options: authentication values and other options
1095 * @payload: the key data in clear and encrypted form
1096 *
1097 * Returns < 0 on error and 0 on success. At the moment, only TPM 2.0 chips
1098 * are supported.
1099 */
1100int tpm_unseal_trusted(u32 chip_num, struct trusted_key_payload *payload,
1101 struct trusted_key_options *options)
1102{
1103 struct tpm_chip *chip;
1104 int rc;
1105
1106 chip = tpm_chip_find_get(chip_num);
1107 if (chip == NULL || !(chip->flags & TPM_CHIP_FLAG_TPM2))
1108 return -ENODEV;
1109
1110 rc = tpm2_unseal_trusted(chip, payload, options);
1111
1112 tpm_chip_put(chip);
1113 return rc;
1114}
1115EXPORT_SYMBOL_GPL(tpm_unseal_trusted);
1116
1117static int __init tpm_init(void)
1118{
1119 int rc;
1120
1121 tpm_class = class_create(THIS_MODULE, "tpm");
1122 if (IS_ERR(tpm_class)) {
1123 pr_err("couldn't create tpm class\n");
1124 return PTR_ERR(tpm_class);
1125 }
1126
1127 rc = alloc_chrdev_region(&tpm_devt, 0, TPM_NUM_DEVICES, "tpm");
1128 if (rc < 0) {
1129 pr_err("tpm: failed to allocate char dev region\n");
1130 class_destroy(tpm_class);
1131 return rc;
1132 }
1133
1134 return 0;
1135}
1136
1137static void __exit tpm_exit(void)
1138{
1139 class_destroy(tpm_class);
1140 unregister_chrdev_region(tpm_devt, TPM_NUM_DEVICES);
1141}
1142
1143subsys_initcall(tpm_init);
1144module_exit(tpm_exit);
1145
1146MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)");
1147MODULE_DESCRIPTION("TPM Driver");
1148MODULE_VERSION("2.0");
1149MODULE_LICENSE("GPL");
1/*
2 * Copyright (C) 2004 IBM Corporation
3 * Copyright (C) 2014 Intel Corporation
4 *
5 * Authors:
6 * Leendert van Doorn <leendert@watson.ibm.com>
7 * Dave Safford <safford@watson.ibm.com>
8 * Reiner Sailer <sailer@watson.ibm.com>
9 * Kylene Hall <kjhall@us.ibm.com>
10 *
11 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
12 *
13 * Device driver for TCG/TCPA TPM (trusted platform module).
14 * Specifications at www.trustedcomputinggroup.org
15 *
16 * This program is free software; you can redistribute it and/or
17 * modify it under the terms of the GNU General Public License as
18 * published by the Free Software Foundation, version 2 of the
19 * License.
20 *
21 * Note, the TPM chip is not interrupt driven (only polling)
22 * and can have very long timeouts (minutes!). Hence the unusual
23 * calls to msleep.
24 *
25 */
26
27#include <linux/poll.h>
28#include <linux/slab.h>
29#include <linux/mutex.h>
30#include <linux/spinlock.h>
31#include <linux/freezer.h>
32#include <linux/pm_runtime.h>
33#include <linux/tpm_eventlog.h>
34
35#include "tpm.h"
36
37#define TPM_MAX_ORDINAL 243
38#define TSC_MAX_ORDINAL 12
39#define TPM_PROTECTED_COMMAND 0x00
40#define TPM_CONNECTION_COMMAND 0x40
41
42/*
43 * Bug workaround - some TPM's don't flush the most
44 * recently changed pcr on suspend, so force the flush
45 * with an extend to the selected _unused_ non-volatile pcr.
46 */
47static int tpm_suspend_pcr;
48module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644);
49MODULE_PARM_DESC(suspend_pcr,
50 "PCR to use for dummy writes to facilitate flush on suspend.");
51
52/*
53 * Array with one entry per ordinal defining the maximum amount
54 * of time the chip could take to return the result. The ordinal
55 * designation of short, medium or long is defined in a table in
56 * TCG Specification TPM Main Part 2 TPM Structures Section 17. The
57 * values of the SHORT, MEDIUM, and LONG durations are retrieved
58 * from the chip during initialization with a call to tpm_get_timeouts.
59 */
60static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = {
61 TPM_UNDEFINED, /* 0 */
62 TPM_UNDEFINED,
63 TPM_UNDEFINED,
64 TPM_UNDEFINED,
65 TPM_UNDEFINED,
66 TPM_UNDEFINED, /* 5 */
67 TPM_UNDEFINED,
68 TPM_UNDEFINED,
69 TPM_UNDEFINED,
70 TPM_UNDEFINED,
71 TPM_SHORT, /* 10 */
72 TPM_SHORT,
73 TPM_MEDIUM,
74 TPM_LONG,
75 TPM_LONG,
76 TPM_MEDIUM, /* 15 */
77 TPM_SHORT,
78 TPM_SHORT,
79 TPM_MEDIUM,
80 TPM_LONG,
81 TPM_SHORT, /* 20 */
82 TPM_SHORT,
83 TPM_MEDIUM,
84 TPM_MEDIUM,
85 TPM_MEDIUM,
86 TPM_SHORT, /* 25 */
87 TPM_SHORT,
88 TPM_MEDIUM,
89 TPM_SHORT,
90 TPM_SHORT,
91 TPM_MEDIUM, /* 30 */
92 TPM_LONG,
93 TPM_MEDIUM,
94 TPM_SHORT,
95 TPM_SHORT,
96 TPM_SHORT, /* 35 */
97 TPM_MEDIUM,
98 TPM_MEDIUM,
99 TPM_UNDEFINED,
100 TPM_UNDEFINED,
101 TPM_MEDIUM, /* 40 */
102 TPM_LONG,
103 TPM_MEDIUM,
104 TPM_SHORT,
105 TPM_SHORT,
106 TPM_SHORT, /* 45 */
107 TPM_SHORT,
108 TPM_SHORT,
109 TPM_SHORT,
110 TPM_LONG,
111 TPM_MEDIUM, /* 50 */
112 TPM_MEDIUM,
113 TPM_UNDEFINED,
114 TPM_UNDEFINED,
115 TPM_UNDEFINED,
116 TPM_UNDEFINED, /* 55 */
117 TPM_UNDEFINED,
118 TPM_UNDEFINED,
119 TPM_UNDEFINED,
120 TPM_UNDEFINED,
121 TPM_MEDIUM, /* 60 */
122 TPM_MEDIUM,
123 TPM_MEDIUM,
124 TPM_SHORT,
125 TPM_SHORT,
126 TPM_MEDIUM, /* 65 */
127 TPM_UNDEFINED,
128 TPM_UNDEFINED,
129 TPM_UNDEFINED,
130 TPM_UNDEFINED,
131 TPM_SHORT, /* 70 */
132 TPM_SHORT,
133 TPM_UNDEFINED,
134 TPM_UNDEFINED,
135 TPM_UNDEFINED,
136 TPM_UNDEFINED, /* 75 */
137 TPM_UNDEFINED,
138 TPM_UNDEFINED,
139 TPM_UNDEFINED,
140 TPM_UNDEFINED,
141 TPM_LONG, /* 80 */
142 TPM_UNDEFINED,
143 TPM_MEDIUM,
144 TPM_LONG,
145 TPM_SHORT,
146 TPM_UNDEFINED, /* 85 */
147 TPM_UNDEFINED,
148 TPM_UNDEFINED,
149 TPM_UNDEFINED,
150 TPM_UNDEFINED,
151 TPM_SHORT, /* 90 */
152 TPM_SHORT,
153 TPM_SHORT,
154 TPM_SHORT,
155 TPM_SHORT,
156 TPM_UNDEFINED, /* 95 */
157 TPM_UNDEFINED,
158 TPM_UNDEFINED,
159 TPM_UNDEFINED,
160 TPM_UNDEFINED,
161 TPM_MEDIUM, /* 100 */
162 TPM_SHORT,
163 TPM_SHORT,
164 TPM_UNDEFINED,
165 TPM_UNDEFINED,
166 TPM_UNDEFINED, /* 105 */
167 TPM_UNDEFINED,
168 TPM_UNDEFINED,
169 TPM_UNDEFINED,
170 TPM_UNDEFINED,
171 TPM_SHORT, /* 110 */
172 TPM_SHORT,
173 TPM_SHORT,
174 TPM_SHORT,
175 TPM_SHORT,
176 TPM_SHORT, /* 115 */
177 TPM_SHORT,
178 TPM_SHORT,
179 TPM_UNDEFINED,
180 TPM_UNDEFINED,
181 TPM_LONG, /* 120 */
182 TPM_LONG,
183 TPM_MEDIUM,
184 TPM_UNDEFINED,
185 TPM_SHORT,
186 TPM_SHORT, /* 125 */
187 TPM_SHORT,
188 TPM_LONG,
189 TPM_SHORT,
190 TPM_SHORT,
191 TPM_SHORT, /* 130 */
192 TPM_MEDIUM,
193 TPM_UNDEFINED,
194 TPM_SHORT,
195 TPM_MEDIUM,
196 TPM_UNDEFINED, /* 135 */
197 TPM_UNDEFINED,
198 TPM_UNDEFINED,
199 TPM_UNDEFINED,
200 TPM_UNDEFINED,
201 TPM_SHORT, /* 140 */
202 TPM_SHORT,
203 TPM_UNDEFINED,
204 TPM_UNDEFINED,
205 TPM_UNDEFINED,
206 TPM_UNDEFINED, /* 145 */
207 TPM_UNDEFINED,
208 TPM_UNDEFINED,
209 TPM_UNDEFINED,
210 TPM_UNDEFINED,
211 TPM_SHORT, /* 150 */
212 TPM_MEDIUM,
213 TPM_MEDIUM,
214 TPM_SHORT,
215 TPM_SHORT,
216 TPM_UNDEFINED, /* 155 */
217 TPM_UNDEFINED,
218 TPM_UNDEFINED,
219 TPM_UNDEFINED,
220 TPM_UNDEFINED,
221 TPM_SHORT, /* 160 */
222 TPM_SHORT,
223 TPM_SHORT,
224 TPM_SHORT,
225 TPM_UNDEFINED,
226 TPM_UNDEFINED, /* 165 */
227 TPM_UNDEFINED,
228 TPM_UNDEFINED,
229 TPM_UNDEFINED,
230 TPM_UNDEFINED,
231 TPM_LONG, /* 170 */
232 TPM_UNDEFINED,
233 TPM_UNDEFINED,
234 TPM_UNDEFINED,
235 TPM_UNDEFINED,
236 TPM_UNDEFINED, /* 175 */
237 TPM_UNDEFINED,
238 TPM_UNDEFINED,
239 TPM_UNDEFINED,
240 TPM_UNDEFINED,
241 TPM_MEDIUM, /* 180 */
242 TPM_SHORT,
243 TPM_MEDIUM,
244 TPM_MEDIUM,
245 TPM_MEDIUM,
246 TPM_MEDIUM, /* 185 */
247 TPM_SHORT,
248 TPM_UNDEFINED,
249 TPM_UNDEFINED,
250 TPM_UNDEFINED,
251 TPM_UNDEFINED, /* 190 */
252 TPM_UNDEFINED,
253 TPM_UNDEFINED,
254 TPM_UNDEFINED,
255 TPM_UNDEFINED,
256 TPM_UNDEFINED, /* 195 */
257 TPM_UNDEFINED,
258 TPM_UNDEFINED,
259 TPM_UNDEFINED,
260 TPM_UNDEFINED,
261 TPM_SHORT, /* 200 */
262 TPM_UNDEFINED,
263 TPM_UNDEFINED,
264 TPM_UNDEFINED,
265 TPM_SHORT,
266 TPM_SHORT, /* 205 */
267 TPM_SHORT,
268 TPM_SHORT,
269 TPM_SHORT,
270 TPM_SHORT,
271 TPM_MEDIUM, /* 210 */
272 TPM_UNDEFINED,
273 TPM_MEDIUM,
274 TPM_MEDIUM,
275 TPM_MEDIUM,
276 TPM_UNDEFINED, /* 215 */
277 TPM_MEDIUM,
278 TPM_UNDEFINED,
279 TPM_UNDEFINED,
280 TPM_SHORT,
281 TPM_SHORT, /* 220 */
282 TPM_SHORT,
283 TPM_SHORT,
284 TPM_SHORT,
285 TPM_SHORT,
286 TPM_UNDEFINED, /* 225 */
287 TPM_UNDEFINED,
288 TPM_UNDEFINED,
289 TPM_UNDEFINED,
290 TPM_UNDEFINED,
291 TPM_SHORT, /* 230 */
292 TPM_LONG,
293 TPM_MEDIUM,
294 TPM_UNDEFINED,
295 TPM_UNDEFINED,
296 TPM_UNDEFINED, /* 235 */
297 TPM_UNDEFINED,
298 TPM_UNDEFINED,
299 TPM_UNDEFINED,
300 TPM_UNDEFINED,
301 TPM_SHORT, /* 240 */
302 TPM_UNDEFINED,
303 TPM_MEDIUM,
304};
305
306/*
307 * Returns max number of jiffies to wait
308 */
309unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip,
310 u32 ordinal)
311{
312 int duration_idx = TPM_UNDEFINED;
313 int duration = 0;
314
315 /*
316 * We only have a duration table for protected commands, where the upper
317 * 16 bits are 0. For the few other ordinals the fallback will be used.
318 */
319 if (ordinal < TPM_MAX_ORDINAL)
320 duration_idx = tpm_ordinal_duration[ordinal];
321
322 if (duration_idx != TPM_UNDEFINED)
323 duration = chip->duration[duration_idx];
324 if (duration <= 0)
325 return 2 * 60 * HZ;
326 else
327 return duration;
328}
329EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration);
330
331static int tpm_validate_command(struct tpm_chip *chip,
332 struct tpm_space *space,
333 const u8 *cmd,
334 size_t len)
335{
336 const struct tpm_input_header *header = (const void *)cmd;
337 int i;
338 u32 cc;
339 u32 attrs;
340 unsigned int nr_handles;
341
342 if (len < TPM_HEADER_SIZE)
343 return -EINVAL;
344
345 if (!space)
346 return 0;
347
348 if (chip->flags & TPM_CHIP_FLAG_TPM2 && chip->nr_commands) {
349 cc = be32_to_cpu(header->ordinal);
350
351 i = tpm2_find_cc(chip, cc);
352 if (i < 0) {
353 dev_dbg(&chip->dev, "0x%04X is an invalid command\n",
354 cc);
355 return -EOPNOTSUPP;
356 }
357
358 attrs = chip->cc_attrs_tbl[i];
359 nr_handles =
360 4 * ((attrs >> TPM2_CC_ATTR_CHANDLES) & GENMASK(2, 0));
361 if (len < TPM_HEADER_SIZE + 4 * nr_handles)
362 goto err_len;
363 }
364
365 return 0;
366err_len:
367 dev_dbg(&chip->dev,
368 "%s: insufficient command length %zu", __func__, len);
369 return -EINVAL;
370}
371
372static int tpm_request_locality(struct tpm_chip *chip)
373{
374 int rc;
375
376 if (!chip->ops->request_locality)
377 return 0;
378
379 rc = chip->ops->request_locality(chip, 0);
380 if (rc < 0)
381 return rc;
382
383 chip->locality = rc;
384
385 return 0;
386}
387
388static void tpm_relinquish_locality(struct tpm_chip *chip)
389{
390 int rc;
391
392 if (!chip->ops->relinquish_locality)
393 return;
394
395 rc = chip->ops->relinquish_locality(chip, chip->locality);
396 if (rc)
397 dev_err(&chip->dev, "%s: : error %d\n", __func__, rc);
398
399 chip->locality = -1;
400}
401
402static ssize_t tpm_try_transmit(struct tpm_chip *chip,
403 struct tpm_space *space,
404 u8 *buf, size_t bufsiz,
405 unsigned int flags)
406{
407 struct tpm_output_header *header = (void *)buf;
408 int rc;
409 ssize_t len = 0;
410 u32 count, ordinal;
411 unsigned long stop;
412 bool need_locality;
413
414 rc = tpm_validate_command(chip, space, buf, bufsiz);
415 if (rc == -EINVAL)
416 return rc;
417 /*
418 * If the command is not implemented by the TPM, synthesize a
419 * response with a TPM2_RC_COMMAND_CODE return for user-space.
420 */
421 if (rc == -EOPNOTSUPP) {
422 header->length = cpu_to_be32(sizeof(*header));
423 header->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS);
424 header->return_code = cpu_to_be32(TPM2_RC_COMMAND_CODE |
425 TSS2_RESMGR_TPM_RC_LAYER);
426 return bufsiz;
427 }
428
429 if (bufsiz > TPM_BUFSIZE)
430 bufsiz = TPM_BUFSIZE;
431
432 count = be32_to_cpu(*((__be32 *) (buf + 2)));
433 ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
434 if (count == 0)
435 return -ENODATA;
436 if (count > bufsiz) {
437 dev_err(&chip->dev,
438 "invalid count value %x %zx\n", count, bufsiz);
439 return -E2BIG;
440 }
441
442 if (!(flags & TPM_TRANSMIT_UNLOCKED))
443 mutex_lock(&chip->tpm_mutex);
444
445
446 if (chip->ops->clk_enable != NULL)
447 chip->ops->clk_enable(chip, true);
448
449 /* Store the decision as chip->locality will be changed. */
450 need_locality = chip->locality == -1;
451
452 if (!(flags & TPM_TRANSMIT_RAW) && need_locality) {
453 rc = tpm_request_locality(chip);
454 if (rc < 0)
455 goto out_no_locality;
456 }
457
458 if (chip->dev.parent)
459 pm_runtime_get_sync(chip->dev.parent);
460
461 rc = tpm2_prepare_space(chip, space, ordinal, buf);
462 if (rc)
463 goto out;
464
465 rc = chip->ops->send(chip, buf, count);
466 if (rc < 0) {
467 if (rc != -EPIPE)
468 dev_err(&chip->dev,
469 "%s: tpm_send: error %d\n", __func__, rc);
470 goto out;
471 }
472
473 if (chip->flags & TPM_CHIP_FLAG_IRQ)
474 goto out_recv;
475
476 if (chip->flags & TPM_CHIP_FLAG_TPM2)
477 stop = jiffies + tpm2_calc_ordinal_duration(chip, ordinal);
478 else
479 stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal);
480 do {
481 u8 status = chip->ops->status(chip);
482 if ((status & chip->ops->req_complete_mask) ==
483 chip->ops->req_complete_val)
484 goto out_recv;
485
486 if (chip->ops->req_canceled(chip, status)) {
487 dev_err(&chip->dev, "Operation Canceled\n");
488 rc = -ECANCELED;
489 goto out;
490 }
491
492 tpm_msleep(TPM_TIMEOUT);
493 rmb();
494 } while (time_before(jiffies, stop));
495
496 chip->ops->cancel(chip);
497 dev_err(&chip->dev, "Operation Timed out\n");
498 rc = -ETIME;
499 goto out;
500
501out_recv:
502 len = chip->ops->recv(chip, buf, bufsiz);
503 if (len < 0) {
504 rc = len;
505 dev_err(&chip->dev,
506 "tpm_transmit: tpm_recv: error %d\n", rc);
507 goto out;
508 } else if (len < TPM_HEADER_SIZE) {
509 rc = -EFAULT;
510 goto out;
511 }
512
513 if (len != be32_to_cpu(header->length)) {
514 rc = -EFAULT;
515 goto out;
516 }
517
518 rc = tpm2_commit_space(chip, space, ordinal, buf, &len);
519
520out:
521 if (chip->dev.parent)
522 pm_runtime_put_sync(chip->dev.parent);
523
524 if (need_locality)
525 tpm_relinquish_locality(chip);
526
527out_no_locality:
528 if (chip->ops->clk_enable != NULL)
529 chip->ops->clk_enable(chip, false);
530
531 if (!(flags & TPM_TRANSMIT_UNLOCKED))
532 mutex_unlock(&chip->tpm_mutex);
533 return rc ? rc : len;
534}
535
536/**
537 * tpm_transmit - Internal kernel interface to transmit TPM commands.
538 *
539 * @chip: TPM chip to use
540 * @space: tpm space
541 * @buf: TPM command buffer
542 * @bufsiz: length of the TPM command buffer
543 * @flags: tpm transmit flags - bitmap
544 *
545 * A wrapper around tpm_try_transmit that handles TPM2_RC_RETRY
546 * returns from the TPM and retransmits the command after a delay up
547 * to a maximum wait of TPM2_DURATION_LONG.
548 *
549 * Note: TPM1 never returns TPM2_RC_RETRY so the retry logic is TPM2
550 * only
551 *
552 * Return:
553 * the length of the return when the operation is successful.
554 * A negative number for system errors (errno).
555 */
556ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space,
557 u8 *buf, size_t bufsiz, unsigned int flags)
558{
559 struct tpm_output_header *header = (struct tpm_output_header *)buf;
560 /* space for header and handles */
561 u8 save[TPM_HEADER_SIZE + 3*sizeof(u32)];
562 unsigned int delay_msec = TPM2_DURATION_SHORT;
563 u32 rc = 0;
564 ssize_t ret;
565 const size_t save_size = min(space ? sizeof(save) : TPM_HEADER_SIZE,
566 bufsiz);
567 /* the command code is where the return code will be */
568 u32 cc = be32_to_cpu(header->return_code);
569
570 /*
571 * Subtlety here: if we have a space, the handles will be
572 * transformed, so when we restore the header we also have to
573 * restore the handles.
574 */
575 memcpy(save, buf, save_size);
576
577 for (;;) {
578 ret = tpm_try_transmit(chip, space, buf, bufsiz, flags);
579 if (ret < 0)
580 break;
581 rc = be32_to_cpu(header->return_code);
582 if (rc != TPM2_RC_RETRY && rc != TPM2_RC_TESTING)
583 break;
584 /*
585 * return immediately if self test returns test
586 * still running to shorten boot time.
587 */
588 if (rc == TPM2_RC_TESTING && cc == TPM2_CC_SELF_TEST)
589 break;
590 delay_msec *= 2;
591 if (delay_msec > TPM2_DURATION_LONG) {
592 if (rc == TPM2_RC_RETRY)
593 dev_err(&chip->dev, "in retry loop\n");
594 else
595 dev_err(&chip->dev,
596 "self test is still running\n");
597 break;
598 }
599 tpm_msleep(delay_msec);
600 memcpy(buf, save, save_size);
601 }
602 return ret;
603}
604/**
605 * tpm_transmit_cmd - send a tpm command to the device
606 * The function extracts tpm out header return code
607 *
608 * @chip: TPM chip to use
609 * @space: tpm space
610 * @buf: TPM command buffer
611 * @bufsiz: length of the buffer
612 * @min_rsp_body_length: minimum expected length of response body
613 * @flags: tpm transmit flags - bitmap
614 * @desc: command description used in the error message
615 *
616 * Return:
617 * 0 when the operation is successful.
618 * A negative number for system errors (errno).
619 * A positive number for a TPM error.
620 */
621ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space,
622 void *buf, size_t bufsiz,
623 size_t min_rsp_body_length, unsigned int flags,
624 const char *desc)
625{
626 const struct tpm_output_header *header = buf;
627 int err;
628 ssize_t len;
629
630 len = tpm_transmit(chip, space, buf, bufsiz, flags);
631 if (len < 0)
632 return len;
633
634 err = be32_to_cpu(header->return_code);
635 if (err != 0 && desc)
636 dev_err(&chip->dev, "A TPM error (%d) occurred %s\n", err,
637 desc);
638 if (err)
639 return err;
640
641 if (len < min_rsp_body_length + TPM_HEADER_SIZE)
642 return -EFAULT;
643
644 return 0;
645}
646EXPORT_SYMBOL_GPL(tpm_transmit_cmd);
647
648#define TPM_ORD_STARTUP 153
649#define TPM_ST_CLEAR 1
650
651/**
652 * tpm_startup - turn on the TPM
653 * @chip: TPM chip to use
654 *
655 * Normally the firmware should start the TPM. This function is provided as a
656 * workaround if this does not happen. A legal case for this could be for
657 * example when a TPM emulator is used.
658 *
659 * Return: same as tpm_transmit_cmd()
660 */
661int tpm_startup(struct tpm_chip *chip)
662{
663 struct tpm_buf buf;
664 int rc;
665
666 dev_info(&chip->dev, "starting up the TPM manually\n");
667
668 if (chip->flags & TPM_CHIP_FLAG_TPM2) {
669 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_STARTUP);
670 if (rc < 0)
671 return rc;
672
673 tpm_buf_append_u16(&buf, TPM2_SU_CLEAR);
674 } else {
675 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_STARTUP);
676 if (rc < 0)
677 return rc;
678
679 tpm_buf_append_u16(&buf, TPM_ST_CLEAR);
680 }
681
682 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0,
683 "attempting to start the TPM");
684
685 tpm_buf_destroy(&buf);
686 return rc;
687}
688
689#define TPM_DIGEST_SIZE 20
690#define TPM_RET_CODE_IDX 6
691#define TPM_INTERNAL_RESULT_SIZE 200
692#define TPM_ORD_GET_CAP 101
693#define TPM_ORD_GET_RANDOM 70
694
695static const struct tpm_input_header tpm_getcap_header = {
696 .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
697 .length = cpu_to_be32(22),
698 .ordinal = cpu_to_be32(TPM_ORD_GET_CAP)
699};
700
701ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
702 const char *desc, size_t min_cap_length)
703{
704 struct tpm_buf buf;
705 int rc;
706
707 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_CAP);
708 if (rc)
709 return rc;
710
711 if (subcap_id == TPM_CAP_VERSION_1_1 ||
712 subcap_id == TPM_CAP_VERSION_1_2) {
713 tpm_buf_append_u32(&buf, subcap_id);
714 tpm_buf_append_u32(&buf, 0);
715 } else {
716 if (subcap_id == TPM_CAP_FLAG_PERM ||
717 subcap_id == TPM_CAP_FLAG_VOL)
718 tpm_buf_append_u32(&buf, TPM_CAP_FLAG);
719 else
720 tpm_buf_append_u32(&buf, TPM_CAP_PROP);
721
722 tpm_buf_append_u32(&buf, 4);
723 tpm_buf_append_u32(&buf, subcap_id);
724 }
725 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE,
726 min_cap_length, 0, desc);
727 if (!rc)
728 *cap = *(cap_t *)&buf.data[TPM_HEADER_SIZE + 4];
729
730 tpm_buf_destroy(&buf);
731 return rc;
732}
733EXPORT_SYMBOL_GPL(tpm_getcap);
734
735int tpm_get_timeouts(struct tpm_chip *chip)
736{
737 cap_t cap;
738 unsigned long timeout_old[4], timeout_chip[4], timeout_eff[4];
739 ssize_t rc;
740
741 if (chip->flags & TPM_CHIP_FLAG_HAVE_TIMEOUTS)
742 return 0;
743
744 if (chip->flags & TPM_CHIP_FLAG_TPM2) {
745 /* Fixed timeouts for TPM2 */
746 chip->timeout_a = msecs_to_jiffies(TPM2_TIMEOUT_A);
747 chip->timeout_b = msecs_to_jiffies(TPM2_TIMEOUT_B);
748 chip->timeout_c = msecs_to_jiffies(TPM2_TIMEOUT_C);
749 chip->timeout_d = msecs_to_jiffies(TPM2_TIMEOUT_D);
750 chip->duration[TPM_SHORT] =
751 msecs_to_jiffies(TPM2_DURATION_SHORT);
752 chip->duration[TPM_MEDIUM] =
753 msecs_to_jiffies(TPM2_DURATION_MEDIUM);
754 chip->duration[TPM_LONG] =
755 msecs_to_jiffies(TPM2_DURATION_LONG);
756 chip->duration[TPM_LONG_LONG] =
757 msecs_to_jiffies(TPM2_DURATION_LONG_LONG);
758
759 chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS;
760 return 0;
761 }
762
763 rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL,
764 sizeof(cap.timeout));
765 if (rc == TPM_ERR_INVALID_POSTINIT) {
766 if (tpm_startup(chip))
767 return rc;
768
769 rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap,
770 "attempting to determine the timeouts",
771 sizeof(cap.timeout));
772 }
773
774 if (rc) {
775 dev_err(&chip->dev,
776 "A TPM error (%zd) occurred attempting to determine the timeouts\n",
777 rc);
778 return rc;
779 }
780
781 timeout_old[0] = jiffies_to_usecs(chip->timeout_a);
782 timeout_old[1] = jiffies_to_usecs(chip->timeout_b);
783 timeout_old[2] = jiffies_to_usecs(chip->timeout_c);
784 timeout_old[3] = jiffies_to_usecs(chip->timeout_d);
785 timeout_chip[0] = be32_to_cpu(cap.timeout.a);
786 timeout_chip[1] = be32_to_cpu(cap.timeout.b);
787 timeout_chip[2] = be32_to_cpu(cap.timeout.c);
788 timeout_chip[3] = be32_to_cpu(cap.timeout.d);
789 memcpy(timeout_eff, timeout_chip, sizeof(timeout_eff));
790
791 /*
792 * Provide ability for vendor overrides of timeout values in case
793 * of misreporting.
794 */
795 if (chip->ops->update_timeouts != NULL)
796 chip->timeout_adjusted =
797 chip->ops->update_timeouts(chip, timeout_eff);
798
799 if (!chip->timeout_adjusted) {
800 /* Restore default if chip reported 0 */
801 int i;
802
803 for (i = 0; i < ARRAY_SIZE(timeout_eff); i++) {
804 if (timeout_eff[i])
805 continue;
806
807 timeout_eff[i] = timeout_old[i];
808 chip->timeout_adjusted = true;
809 }
810
811 if (timeout_eff[0] != 0 && timeout_eff[0] < 1000) {
812 /* timeouts in msec rather usec */
813 for (i = 0; i != ARRAY_SIZE(timeout_eff); i++)
814 timeout_eff[i] *= 1000;
815 chip->timeout_adjusted = true;
816 }
817 }
818
819 /* Report adjusted timeouts */
820 if (chip->timeout_adjusted) {
821 dev_info(&chip->dev,
822 HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n",
823 timeout_chip[0], timeout_eff[0],
824 timeout_chip[1], timeout_eff[1],
825 timeout_chip[2], timeout_eff[2],
826 timeout_chip[3], timeout_eff[3]);
827 }
828
829 chip->timeout_a = usecs_to_jiffies(timeout_eff[0]);
830 chip->timeout_b = usecs_to_jiffies(timeout_eff[1]);
831 chip->timeout_c = usecs_to_jiffies(timeout_eff[2]);
832 chip->timeout_d = usecs_to_jiffies(timeout_eff[3]);
833
834 rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_DURATION, &cap,
835 "attempting to determine the durations",
836 sizeof(cap.duration));
837 if (rc)
838 return rc;
839
840 chip->duration[TPM_SHORT] =
841 usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_short));
842 chip->duration[TPM_MEDIUM] =
843 usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_medium));
844 chip->duration[TPM_LONG] =
845 usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_long));
846 chip->duration[TPM_LONG_LONG] = 0; /* not used under 1.2 */
847
848 /* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above
849 * value wrong and apparently reports msecs rather than usecs. So we
850 * fix up the resulting too-small TPM_SHORT value to make things work.
851 * We also scale the TPM_MEDIUM and -_LONG values by 1000.
852 */
853 if (chip->duration[TPM_SHORT] < (HZ / 100)) {
854 chip->duration[TPM_SHORT] = HZ;
855 chip->duration[TPM_MEDIUM] *= 1000;
856 chip->duration[TPM_LONG] *= 1000;
857 chip->duration_adjusted = true;
858 dev_info(&chip->dev, "Adjusting TPM timeout parameters.");
859 }
860
861 chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS;
862 return 0;
863}
864EXPORT_SYMBOL_GPL(tpm_get_timeouts);
865
866#define TPM_ORD_CONTINUE_SELFTEST 83
867#define CONTINUE_SELFTEST_RESULT_SIZE 10
868
869static const struct tpm_input_header continue_selftest_header = {
870 .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
871 .length = cpu_to_be32(10),
872 .ordinal = cpu_to_be32(TPM_ORD_CONTINUE_SELFTEST),
873};
874
875/**
876 * tpm_continue_selftest -- run TPM's selftest
877 * @chip: TPM chip to use
878 *
879 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
880 * a TPM error code.
881 */
882static int tpm_continue_selftest(struct tpm_chip *chip)
883{
884 int rc;
885 struct tpm_cmd_t cmd;
886
887 cmd.header.in = continue_selftest_header;
888 rc = tpm_transmit_cmd(chip, NULL, &cmd, CONTINUE_SELFTEST_RESULT_SIZE,
889 0, 0, "continue selftest");
890 return rc;
891}
892
893#define TPM_ORDINAL_PCRREAD 21
894#define READ_PCR_RESULT_SIZE 30
895#define READ_PCR_RESULT_BODY_SIZE 20
896static const struct tpm_input_header pcrread_header = {
897 .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
898 .length = cpu_to_be32(14),
899 .ordinal = cpu_to_be32(TPM_ORDINAL_PCRREAD)
900};
901
902int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
903{
904 int rc;
905 struct tpm_cmd_t cmd;
906
907 cmd.header.in = pcrread_header;
908 cmd.params.pcrread_in.pcr_idx = cpu_to_be32(pcr_idx);
909 rc = tpm_transmit_cmd(chip, NULL, &cmd, READ_PCR_RESULT_SIZE,
910 READ_PCR_RESULT_BODY_SIZE, 0,
911 "attempting to read a pcr value");
912
913 if (rc == 0)
914 memcpy(res_buf, cmd.params.pcrread_out.pcr_result,
915 TPM_DIGEST_SIZE);
916 return rc;
917}
918
919/**
920 * tpm_is_tpm2 - do we a have a TPM2 chip?
921 * @chip: a &struct tpm_chip instance, %NULL for the default chip
922 *
923 * Return:
924 * 1 if we have a TPM2 chip.
925 * 0 if we don't have a TPM2 chip.
926 * A negative number for system errors (errno).
927 */
928int tpm_is_tpm2(struct tpm_chip *chip)
929{
930 int rc;
931
932 chip = tpm_chip_find_get(chip);
933 if (!chip)
934 return -ENODEV;
935
936 rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0;
937
938 tpm_put_ops(chip);
939
940 return rc;
941}
942EXPORT_SYMBOL_GPL(tpm_is_tpm2);
943
944/**
945 * tpm_pcr_read - read a PCR value from SHA1 bank
946 * @chip: a &struct tpm_chip instance, %NULL for the default chip
947 * @pcr_idx: the PCR to be retrieved
948 * @res_buf: the value of the PCR
949 *
950 * Return: same as with tpm_transmit_cmd()
951 */
952int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
953{
954 int rc;
955
956 chip = tpm_chip_find_get(chip);
957 if (!chip)
958 return -ENODEV;
959 if (chip->flags & TPM_CHIP_FLAG_TPM2)
960 rc = tpm2_pcr_read(chip, pcr_idx, res_buf);
961 else
962 rc = tpm_pcr_read_dev(chip, pcr_idx, res_buf);
963 tpm_put_ops(chip);
964 return rc;
965}
966EXPORT_SYMBOL_GPL(tpm_pcr_read);
967
968#define TPM_ORD_PCR_EXTEND 20
969#define EXTEND_PCR_RESULT_SIZE 34
970#define EXTEND_PCR_RESULT_BODY_SIZE 20
971static const struct tpm_input_header pcrextend_header = {
972 .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
973 .length = cpu_to_be32(34),
974 .ordinal = cpu_to_be32(TPM_ORD_PCR_EXTEND)
975};
976
977static int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
978 char *log_msg)
979{
980 struct tpm_buf buf;
981 int rc;
982
983 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCR_EXTEND);
984 if (rc)
985 return rc;
986
987 tpm_buf_append_u32(&buf, pcr_idx);
988 tpm_buf_append(&buf, hash, TPM_DIGEST_SIZE);
989
990 rc = tpm_transmit_cmd(chip, NULL, buf.data, EXTEND_PCR_RESULT_SIZE,
991 EXTEND_PCR_RESULT_BODY_SIZE, 0, log_msg);
992 tpm_buf_destroy(&buf);
993 return rc;
994}
995
996/**
997 * tpm_pcr_extend - extend a PCR value in SHA1 bank.
998 * @chip: a &struct tpm_chip instance, %NULL for the default chip
999 * @pcr_idx: the PCR to be retrieved
1000 * @hash: the hash value used to extend the PCR value
1001 *
1002 * Note: with TPM 2.0 extends also those banks with a known digest size to the
1003 * cryto subsystem in order to prevent malicious use of those PCR banks. In the
1004 * future we should dynamically determine digest sizes.
1005 *
1006 * Return: same as with tpm_transmit_cmd()
1007 */
1008int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
1009{
1010 int rc;
1011 struct tpm2_digest digest_list[ARRAY_SIZE(chip->active_banks)];
1012 u32 count = 0;
1013 int i;
1014
1015 chip = tpm_chip_find_get(chip);
1016 if (!chip)
1017 return -ENODEV;
1018
1019 if (chip->flags & TPM_CHIP_FLAG_TPM2) {
1020 memset(digest_list, 0, sizeof(digest_list));
1021
1022 for (i = 0; i < ARRAY_SIZE(chip->active_banks) &&
1023 chip->active_banks[i] != TPM2_ALG_ERROR; i++) {
1024 digest_list[i].alg_id = chip->active_banks[i];
1025 memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE);
1026 count++;
1027 }
1028
1029 rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list);
1030 tpm_put_ops(chip);
1031 return rc;
1032 }
1033
1034 rc = tpm1_pcr_extend(chip, pcr_idx, hash,
1035 "attempting extend a PCR value");
1036 tpm_put_ops(chip);
1037 return rc;
1038}
1039EXPORT_SYMBOL_GPL(tpm_pcr_extend);
1040
1041/**
1042 * tpm_do_selftest - have the TPM continue its selftest and wait until it
1043 * can receive further commands
1044 * @chip: TPM chip to use
1045 *
1046 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
1047 * a TPM error code.
1048 */
1049int tpm_do_selftest(struct tpm_chip *chip)
1050{
1051 int rc;
1052 unsigned int loops;
1053 unsigned int delay_msec = 100;
1054 unsigned long duration;
1055 u8 dummy[TPM_DIGEST_SIZE];
1056
1057 duration = tpm_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST);
1058
1059 loops = jiffies_to_msecs(duration) / delay_msec;
1060
1061 rc = tpm_continue_selftest(chip);
1062 if (rc == TPM_ERR_INVALID_POSTINIT) {
1063 chip->flags |= TPM_CHIP_FLAG_ALWAYS_POWERED;
1064 dev_info(&chip->dev, "TPM not ready (%d)\n", rc);
1065 }
1066 /* This may fail if there was no TPM driver during a suspend/resume
1067 * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST)
1068 */
1069 if (rc)
1070 return rc;
1071
1072 do {
1073 /* Attempt to read a PCR value */
1074 rc = tpm_pcr_read_dev(chip, 0, dummy);
1075
1076 /* Some buggy TPMs will not respond to tpm_tis_ready() for
1077 * around 300ms while the self test is ongoing, keep trying
1078 * until the self test duration expires. */
1079 if (rc == -ETIME) {
1080 dev_info(
1081 &chip->dev, HW_ERR
1082 "TPM command timed out during continue self test");
1083 tpm_msleep(delay_msec);
1084 continue;
1085 }
1086
1087 if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) {
1088 dev_info(&chip->dev,
1089 "TPM is disabled/deactivated (0x%X)\n", rc);
1090 /* TPM is disabled and/or deactivated; driver can
1091 * proceed and TPM does handle commands for
1092 * suspend/resume correctly
1093 */
1094 return 0;
1095 }
1096 if (rc != TPM_WARN_DOING_SELFTEST)
1097 return rc;
1098 tpm_msleep(delay_msec);
1099 } while (--loops > 0);
1100
1101 return rc;
1102}
1103EXPORT_SYMBOL_GPL(tpm_do_selftest);
1104
1105/**
1106 * tpm1_auto_startup - Perform the standard automatic TPM initialization
1107 * sequence
1108 * @chip: TPM chip to use
1109 *
1110 * Returns 0 on success, < 0 in case of fatal error.
1111 */
1112int tpm1_auto_startup(struct tpm_chip *chip)
1113{
1114 int rc;
1115
1116 rc = tpm_get_timeouts(chip);
1117 if (rc)
1118 goto out;
1119 rc = tpm_do_selftest(chip);
1120 if (rc) {
1121 dev_err(&chip->dev, "TPM self test failed\n");
1122 goto out;
1123 }
1124
1125 return rc;
1126out:
1127 if (rc > 0)
1128 rc = -ENODEV;
1129 return rc;
1130}
1131
1132/**
1133 * tpm_send - send a TPM command
1134 * @chip: a &struct tpm_chip instance, %NULL for the default chip
1135 * @cmd: a TPM command buffer
1136 * @buflen: the length of the TPM command buffer
1137 *
1138 * Return: same as with tpm_transmit_cmd()
1139 */
1140int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen)
1141{
1142 int rc;
1143
1144 chip = tpm_chip_find_get(chip);
1145 if (!chip)
1146 return -ENODEV;
1147
1148 rc = tpm_transmit_cmd(chip, NULL, cmd, buflen, 0, 0,
1149 "attempting to a send a command");
1150 tpm_put_ops(chip);
1151 return rc;
1152}
1153EXPORT_SYMBOL_GPL(tpm_send);
1154
1155#define TPM_ORD_SAVESTATE 152
1156#define SAVESTATE_RESULT_SIZE 10
1157
1158static const struct tpm_input_header savestate_header = {
1159 .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
1160 .length = cpu_to_be32(10),
1161 .ordinal = cpu_to_be32(TPM_ORD_SAVESTATE)
1162};
1163
1164/*
1165 * We are about to suspend. Save the TPM state
1166 * so that it can be restored.
1167 */
1168int tpm_pm_suspend(struct device *dev)
1169{
1170 struct tpm_chip *chip = dev_get_drvdata(dev);
1171 struct tpm_cmd_t cmd;
1172 int rc, try;
1173
1174 u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 };
1175
1176 if (chip == NULL)
1177 return -ENODEV;
1178
1179 if (chip->flags & TPM_CHIP_FLAG_ALWAYS_POWERED)
1180 return 0;
1181
1182 if (chip->flags & TPM_CHIP_FLAG_TPM2) {
1183 tpm2_shutdown(chip, TPM2_SU_STATE);
1184 return 0;
1185 }
1186
1187 /* for buggy tpm, flush pcrs with extend to selected dummy */
1188 if (tpm_suspend_pcr)
1189 rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash,
1190 "extending dummy pcr before suspend");
1191
1192 /* now do the actual savestate */
1193 for (try = 0; try < TPM_RETRY; try++) {
1194 cmd.header.in = savestate_header;
1195 rc = tpm_transmit_cmd(chip, NULL, &cmd, SAVESTATE_RESULT_SIZE,
1196 0, 0, NULL);
1197
1198 /*
1199 * If the TPM indicates that it is too busy to respond to
1200 * this command then retry before giving up. It can take
1201 * several seconds for this TPM to be ready.
1202 *
1203 * This can happen if the TPM has already been sent the
1204 * SaveState command before the driver has loaded. TCG 1.2
1205 * specification states that any communication after SaveState
1206 * may cause the TPM to invalidate previously saved state.
1207 */
1208 if (rc != TPM_WARN_RETRY)
1209 break;
1210 tpm_msleep(TPM_TIMEOUT_RETRY);
1211 }
1212
1213 if (rc)
1214 dev_err(&chip->dev,
1215 "Error (%d) sending savestate before suspend\n", rc);
1216 else if (try > 0)
1217 dev_warn(&chip->dev, "TPM savestate took %dms\n",
1218 try * TPM_TIMEOUT_RETRY);
1219
1220 return rc;
1221}
1222EXPORT_SYMBOL_GPL(tpm_pm_suspend);
1223
1224/*
1225 * Resume from a power safe. The BIOS already restored
1226 * the TPM state.
1227 */
1228int tpm_pm_resume(struct device *dev)
1229{
1230 struct tpm_chip *chip = dev_get_drvdata(dev);
1231
1232 if (chip == NULL)
1233 return -ENODEV;
1234
1235 return 0;
1236}
1237EXPORT_SYMBOL_GPL(tpm_pm_resume);
1238
1239#define TPM_GETRANDOM_RESULT_SIZE 18
1240static const struct tpm_input_header tpm_getrandom_header = {
1241 .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
1242 .length = cpu_to_be32(14),
1243 .ordinal = cpu_to_be32(TPM_ORD_GET_RANDOM)
1244};
1245
1246/**
1247 * tpm_get_random() - get random bytes from the TPM's RNG
1248 * @chip: a &struct tpm_chip instance, %NULL for the default chip
1249 * @out: destination buffer for the random bytes
1250 * @max: the max number of bytes to write to @out
1251 *
1252 * Return: same as with tpm_transmit_cmd()
1253 */
1254int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max)
1255{
1256 struct tpm_cmd_t tpm_cmd;
1257 u32 recd, num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA), rlength;
1258 int err, total = 0, retries = 5;
1259 u8 *dest = out;
1260
1261 if (!out || !num_bytes || max > TPM_MAX_RNG_DATA)
1262 return -EINVAL;
1263
1264 chip = tpm_chip_find_get(chip);
1265 if (!chip)
1266 return -ENODEV;
1267
1268 if (chip->flags & TPM_CHIP_FLAG_TPM2) {
1269 err = tpm2_get_random(chip, out, max);
1270 tpm_put_ops(chip);
1271 return err;
1272 }
1273
1274 do {
1275 tpm_cmd.header.in = tpm_getrandom_header;
1276 tpm_cmd.params.getrandom_in.num_bytes = cpu_to_be32(num_bytes);
1277
1278 err = tpm_transmit_cmd(chip, NULL, &tpm_cmd,
1279 TPM_GETRANDOM_RESULT_SIZE + num_bytes,
1280 offsetof(struct tpm_getrandom_out,
1281 rng_data),
1282 0, "attempting get random");
1283 if (err)
1284 break;
1285
1286 recd = be32_to_cpu(tpm_cmd.params.getrandom_out.rng_data_len);
1287 if (recd > num_bytes) {
1288 total = -EFAULT;
1289 break;
1290 }
1291
1292 rlength = be32_to_cpu(tpm_cmd.header.out.length);
1293 if (rlength < offsetof(struct tpm_getrandom_out, rng_data) +
1294 recd) {
1295 total = -EFAULT;
1296 break;
1297 }
1298 memcpy(dest, tpm_cmd.params.getrandom_out.rng_data, recd);
1299
1300 dest += recd;
1301 total += recd;
1302 num_bytes -= recd;
1303 } while (retries-- && total < max);
1304
1305 tpm_put_ops(chip);
1306 return total ? total : -EIO;
1307}
1308EXPORT_SYMBOL_GPL(tpm_get_random);
1309
1310/**
1311 * tpm_seal_trusted() - seal a trusted key payload
1312 * @chip: a &struct tpm_chip instance, %NULL for the default chip
1313 * @options: authentication values and other options
1314 * @payload: the key data in clear and encrypted form
1315 *
1316 * Note: only TPM 2.0 chip are supported. TPM 1.x implementation is located in
1317 * the keyring subsystem.
1318 *
1319 * Return: same as with tpm_transmit_cmd()
1320 */
1321int tpm_seal_trusted(struct tpm_chip *chip, struct trusted_key_payload *payload,
1322 struct trusted_key_options *options)
1323{
1324 int rc;
1325
1326 chip = tpm_chip_find_get(chip);
1327 if (!chip || !(chip->flags & TPM_CHIP_FLAG_TPM2))
1328 return -ENODEV;
1329
1330 rc = tpm2_seal_trusted(chip, payload, options);
1331
1332 tpm_put_ops(chip);
1333 return rc;
1334}
1335EXPORT_SYMBOL_GPL(tpm_seal_trusted);
1336
1337/**
1338 * tpm_unseal_trusted() - unseal a trusted key
1339 * @chip: a &struct tpm_chip instance, %NULL for the default chip
1340 * @options: authentication values and other options
1341 * @payload: the key data in clear and encrypted form
1342 *
1343 * Note: only TPM 2.0 chip are supported. TPM 1.x implementation is located in
1344 * the keyring subsystem.
1345 *
1346 * Return: same as with tpm_transmit_cmd()
1347 */
1348int tpm_unseal_trusted(struct tpm_chip *chip,
1349 struct trusted_key_payload *payload,
1350 struct trusted_key_options *options)
1351{
1352 int rc;
1353
1354 chip = tpm_chip_find_get(chip);
1355 if (!chip || !(chip->flags & TPM_CHIP_FLAG_TPM2))
1356 return -ENODEV;
1357
1358 rc = tpm2_unseal_trusted(chip, payload, options);
1359
1360 tpm_put_ops(chip);
1361
1362 return rc;
1363}
1364EXPORT_SYMBOL_GPL(tpm_unseal_trusted);
1365
1366static int __init tpm_init(void)
1367{
1368 int rc;
1369
1370 tpm_class = class_create(THIS_MODULE, "tpm");
1371 if (IS_ERR(tpm_class)) {
1372 pr_err("couldn't create tpm class\n");
1373 return PTR_ERR(tpm_class);
1374 }
1375
1376 tpmrm_class = class_create(THIS_MODULE, "tpmrm");
1377 if (IS_ERR(tpmrm_class)) {
1378 pr_err("couldn't create tpmrm class\n");
1379 class_destroy(tpm_class);
1380 return PTR_ERR(tpmrm_class);
1381 }
1382
1383 rc = alloc_chrdev_region(&tpm_devt, 0, 2*TPM_NUM_DEVICES, "tpm");
1384 if (rc < 0) {
1385 pr_err("tpm: failed to allocate char dev region\n");
1386 class_destroy(tpmrm_class);
1387 class_destroy(tpm_class);
1388 return rc;
1389 }
1390
1391 return 0;
1392}
1393
1394static void __exit tpm_exit(void)
1395{
1396 idr_destroy(&dev_nums_idr);
1397 class_destroy(tpm_class);
1398 class_destroy(tpmrm_class);
1399 unregister_chrdev_region(tpm_devt, 2*TPM_NUM_DEVICES);
1400}
1401
1402subsys_initcall(tpm_init);
1403module_exit(tpm_exit);
1404
1405MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)");
1406MODULE_DESCRIPTION("TPM Driver");
1407MODULE_VERSION("2.0");
1408MODULE_LICENSE("GPL");