Loading...
1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * Copyright (C) 2004 IBM Corporation
4 * Copyright (C) 2014 Intel Corporation
5 *
6 * Authors:
7 * Leendert van Doorn <leendert@watson.ibm.com>
8 * Dave Safford <safford@watson.ibm.com>
9 * Reiner Sailer <sailer@watson.ibm.com>
10 * Kylene Hall <kjhall@us.ibm.com>
11 *
12 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
13 *
14 * Device driver for TCG/TCPA TPM (trusted platform module).
15 * Specifications at www.trustedcomputinggroup.org
16 *
17 * Note, the TPM chip is not interrupt driven (only polling)
18 * and can have very long timeouts (minutes!). Hence the unusual
19 * calls to msleep.
20 */
21
22#include <linux/poll.h>
23#include <linux/slab.h>
24#include <linux/mutex.h>
25#include <linux/spinlock.h>
26#include <linux/suspend.h>
27#include <linux/freezer.h>
28#include <linux/tpm_eventlog.h>
29
30#include "tpm.h"
31
32/*
33 * Bug workaround - some TPM's don't flush the most
34 * recently changed pcr on suspend, so force the flush
35 * with an extend to the selected _unused_ non-volatile pcr.
36 */
37static u32 tpm_suspend_pcr;
38module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644);
39MODULE_PARM_DESC(suspend_pcr,
40 "PCR to use for dummy writes to facilitate flush on suspend.");
41
42/**
43 * tpm_calc_ordinal_duration() - calculate the maximum command duration
44 * @chip: TPM chip to use.
45 * @ordinal: TPM command ordinal.
46 *
47 * The function returns the maximum amount of time the chip could take
48 * to return the result for a particular ordinal in jiffies.
49 *
50 * Return: A maximal duration time for an ordinal in jiffies.
51 */
52unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
53{
54 if (chip->flags & TPM_CHIP_FLAG_TPM2)
55 return tpm2_calc_ordinal_duration(chip, ordinal);
56 else
57 return tpm1_calc_ordinal_duration(chip, ordinal);
58}
59EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration);
60
61static ssize_t tpm_try_transmit(struct tpm_chip *chip, void *buf, size_t bufsiz)
62{
63 struct tpm_header *header = buf;
64 int rc;
65 ssize_t len = 0;
66 u32 count, ordinal;
67 unsigned long stop;
68
69 if (bufsiz < TPM_HEADER_SIZE)
70 return -EINVAL;
71
72 if (bufsiz > TPM_BUFSIZE)
73 bufsiz = TPM_BUFSIZE;
74
75 count = be32_to_cpu(header->length);
76 ordinal = be32_to_cpu(header->ordinal);
77 if (count == 0)
78 return -ENODATA;
79 if (count > bufsiz) {
80 dev_err(&chip->dev,
81 "invalid count value %x %zx\n", count, bufsiz);
82 return -E2BIG;
83 }
84
85 rc = chip->ops->send(chip, buf, count);
86 if (rc < 0) {
87 if (rc != -EPIPE)
88 dev_err(&chip->dev,
89 "%s: send(): error %d\n", __func__, rc);
90 return rc;
91 }
92
93 /* A sanity check. send() should just return zero on success e.g.
94 * not the command length.
95 */
96 if (rc > 0) {
97 dev_warn(&chip->dev,
98 "%s: send(): invalid value %d\n", __func__, rc);
99 rc = 0;
100 }
101
102 if (chip->flags & TPM_CHIP_FLAG_IRQ)
103 goto out_recv;
104
105 stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal);
106 do {
107 u8 status = chip->ops->status(chip);
108 if ((status & chip->ops->req_complete_mask) ==
109 chip->ops->req_complete_val)
110 goto out_recv;
111
112 if (chip->ops->req_canceled(chip, status)) {
113 dev_err(&chip->dev, "Operation Canceled\n");
114 return -ECANCELED;
115 }
116
117 tpm_msleep(TPM_TIMEOUT_POLL);
118 rmb();
119 } while (time_before(jiffies, stop));
120
121 chip->ops->cancel(chip);
122 dev_err(&chip->dev, "Operation Timed out\n");
123 return -ETIME;
124
125out_recv:
126 len = chip->ops->recv(chip, buf, bufsiz);
127 if (len < 0) {
128 rc = len;
129 dev_err(&chip->dev, "tpm_transmit: tpm_recv: error %d\n", rc);
130 } else if (len < TPM_HEADER_SIZE || len != be32_to_cpu(header->length))
131 rc = -EFAULT;
132
133 return rc ? rc : len;
134}
135
136/**
137 * tpm_transmit - Internal kernel interface to transmit TPM commands.
138 * @chip: a TPM chip to use
139 * @buf: a TPM command buffer
140 * @bufsiz: length of the TPM command buffer
141 *
142 * A wrapper around tpm_try_transmit() that handles TPM2_RC_RETRY returns from
143 * the TPM and retransmits the command after a delay up to a maximum wait of
144 * TPM2_DURATION_LONG.
145 *
146 * Note that TPM 1.x never returns TPM2_RC_RETRY so the retry logic is TPM 2.0
147 * only.
148 *
149 * Return:
150 * * The response length - OK
151 * * -errno - A system error
152 */
153ssize_t tpm_transmit(struct tpm_chip *chip, u8 *buf, size_t bufsiz)
154{
155 struct tpm_header *header = (struct tpm_header *)buf;
156 /* space for header and handles */
157 u8 save[TPM_HEADER_SIZE + 3*sizeof(u32)];
158 unsigned int delay_msec = TPM2_DURATION_SHORT;
159 u32 rc = 0;
160 ssize_t ret;
161 const size_t save_size = min(sizeof(save), bufsiz);
162 /* the command code is where the return code will be */
163 u32 cc = be32_to_cpu(header->return_code);
164
165 /*
166 * Subtlety here: if we have a space, the handles will be
167 * transformed, so when we restore the header we also have to
168 * restore the handles.
169 */
170 memcpy(save, buf, save_size);
171
172 for (;;) {
173 ret = tpm_try_transmit(chip, buf, bufsiz);
174 if (ret < 0)
175 break;
176 rc = be32_to_cpu(header->return_code);
177 if (rc != TPM2_RC_RETRY && rc != TPM2_RC_TESTING)
178 break;
179 /*
180 * return immediately if self test returns test
181 * still running to shorten boot time.
182 */
183 if (rc == TPM2_RC_TESTING && cc == TPM2_CC_SELF_TEST)
184 break;
185
186 if (delay_msec > TPM2_DURATION_LONG) {
187 if (rc == TPM2_RC_RETRY)
188 dev_err(&chip->dev, "in retry loop\n");
189 else
190 dev_err(&chip->dev,
191 "self test is still running\n");
192 break;
193 }
194 tpm_msleep(delay_msec);
195 delay_msec *= 2;
196 memcpy(buf, save, save_size);
197 }
198 return ret;
199}
200
201/**
202 * tpm_transmit_cmd - send a tpm command to the device
203 * @chip: a TPM chip to use
204 * @buf: a TPM command buffer
205 * @min_rsp_body_length: minimum expected length of response body
206 * @desc: command description used in the error message
207 *
208 * Return:
209 * * 0 - OK
210 * * -errno - A system error
211 * * TPM_RC - A TPM error
212 */
213ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_buf *buf,
214 size_t min_rsp_body_length, const char *desc)
215{
216 const struct tpm_header *header = (struct tpm_header *)buf->data;
217 int err;
218 ssize_t len;
219
220 len = tpm_transmit(chip, buf->data, PAGE_SIZE);
221 if (len < 0)
222 return len;
223
224 err = be32_to_cpu(header->return_code);
225 if (err != 0 && err != TPM_ERR_DISABLED && err != TPM_ERR_DEACTIVATED
226 && err != TPM2_RC_TESTING && desc)
227 dev_err(&chip->dev, "A TPM error (%d) occurred %s\n", err,
228 desc);
229 if (err)
230 return err;
231
232 if (len < min_rsp_body_length + TPM_HEADER_SIZE)
233 return -EFAULT;
234
235 return 0;
236}
237EXPORT_SYMBOL_GPL(tpm_transmit_cmd);
238
239int tpm_get_timeouts(struct tpm_chip *chip)
240{
241 if (chip->flags & TPM_CHIP_FLAG_HAVE_TIMEOUTS)
242 return 0;
243
244 if (chip->flags & TPM_CHIP_FLAG_TPM2)
245 return tpm2_get_timeouts(chip);
246 else
247 return tpm1_get_timeouts(chip);
248}
249EXPORT_SYMBOL_GPL(tpm_get_timeouts);
250
251/**
252 * tpm_is_tpm2 - do we a have a TPM2 chip?
253 * @chip: a &struct tpm_chip instance, %NULL for the default chip
254 *
255 * Return:
256 * 1 if we have a TPM2 chip.
257 * 0 if we don't have a TPM2 chip.
258 * A negative number for system errors (errno).
259 */
260int tpm_is_tpm2(struct tpm_chip *chip)
261{
262 int rc;
263
264 chip = tpm_find_get_ops(chip);
265 if (!chip)
266 return -ENODEV;
267
268 rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0;
269
270 tpm_put_ops(chip);
271
272 return rc;
273}
274EXPORT_SYMBOL_GPL(tpm_is_tpm2);
275
276/**
277 * tpm_pcr_read - read a PCR value from SHA1 bank
278 * @chip: a &struct tpm_chip instance, %NULL for the default chip
279 * @pcr_idx: the PCR to be retrieved
280 * @digest: the PCR bank and buffer current PCR value is written to
281 *
282 * Return: same as with tpm_transmit_cmd()
283 */
284int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx,
285 struct tpm_digest *digest)
286{
287 int rc;
288
289 chip = tpm_find_get_ops(chip);
290 if (!chip)
291 return -ENODEV;
292
293 if (chip->flags & TPM_CHIP_FLAG_TPM2)
294 rc = tpm2_pcr_read(chip, pcr_idx, digest, NULL);
295 else
296 rc = tpm1_pcr_read(chip, pcr_idx, digest->digest);
297
298 tpm_put_ops(chip);
299 return rc;
300}
301EXPORT_SYMBOL_GPL(tpm_pcr_read);
302
303/**
304 * tpm_pcr_extend - extend a PCR value in SHA1 bank.
305 * @chip: a &struct tpm_chip instance, %NULL for the default chip
306 * @pcr_idx: the PCR to be retrieved
307 * @digests: array of tpm_digest structures used to extend PCRs
308 *
309 * Note: callers must pass a digest for every allocated PCR bank, in the same
310 * order of the banks in chip->allocated_banks.
311 *
312 * Return: same as with tpm_transmit_cmd()
313 */
314int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx,
315 struct tpm_digest *digests)
316{
317 int rc;
318 int i;
319
320 chip = tpm_find_get_ops(chip);
321 if (!chip)
322 return -ENODEV;
323
324 for (i = 0; i < chip->nr_allocated_banks; i++) {
325 if (digests[i].alg_id != chip->allocated_banks[i].alg_id) {
326 rc = -EINVAL;
327 goto out;
328 }
329 }
330
331 if (chip->flags & TPM_CHIP_FLAG_TPM2) {
332 rc = tpm2_pcr_extend(chip, pcr_idx, digests);
333 goto out;
334 }
335
336 rc = tpm1_pcr_extend(chip, pcr_idx, digests[0].digest,
337 "attempting extend a PCR value");
338
339out:
340 tpm_put_ops(chip);
341 return rc;
342}
343EXPORT_SYMBOL_GPL(tpm_pcr_extend);
344
345/**
346 * tpm_send - send a TPM command
347 * @chip: a &struct tpm_chip instance, %NULL for the default chip
348 * @cmd: a TPM command buffer
349 * @buflen: the length of the TPM command buffer
350 *
351 * Return: same as with tpm_transmit_cmd()
352 */
353int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen)
354{
355 struct tpm_buf buf;
356 int rc;
357
358 chip = tpm_find_get_ops(chip);
359 if (!chip)
360 return -ENODEV;
361
362 buf.data = cmd;
363 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to a send a command");
364
365 tpm_put_ops(chip);
366 return rc;
367}
368EXPORT_SYMBOL_GPL(tpm_send);
369
370int tpm_auto_startup(struct tpm_chip *chip)
371{
372 int rc;
373
374 if (!(chip->ops->flags & TPM_OPS_AUTO_STARTUP))
375 return 0;
376
377 if (chip->flags & TPM_CHIP_FLAG_TPM2)
378 rc = tpm2_auto_startup(chip);
379 else
380 rc = tpm1_auto_startup(chip);
381
382 return rc;
383}
384
385/*
386 * We are about to suspend. Save the TPM state
387 * so that it can be restored.
388 */
389int tpm_pm_suspend(struct device *dev)
390{
391 struct tpm_chip *chip = dev_get_drvdata(dev);
392 int rc = 0;
393
394 if (!chip)
395 return -ENODEV;
396
397 if (chip->flags & TPM_CHIP_FLAG_ALWAYS_POWERED)
398 goto suspended;
399
400 if ((chip->flags & TPM_CHIP_FLAG_FIRMWARE_POWER_MANAGED) &&
401 !pm_suspend_via_firmware())
402 goto suspended;
403
404 rc = tpm_try_get_ops(chip);
405 if (!rc) {
406 if (chip->flags & TPM_CHIP_FLAG_TPM2)
407 tpm2_shutdown(chip, TPM2_SU_STATE);
408 else
409 rc = tpm1_pm_suspend(chip, tpm_suspend_pcr);
410
411 tpm_put_ops(chip);
412 }
413
414suspended:
415 chip->flags |= TPM_CHIP_FLAG_SUSPENDED;
416
417 if (rc)
418 dev_err(dev, "Ignoring error %d while suspending\n", rc);
419 return 0;
420}
421EXPORT_SYMBOL_GPL(tpm_pm_suspend);
422
423/*
424 * Resume from a power safe. The BIOS already restored
425 * the TPM state.
426 */
427int tpm_pm_resume(struct device *dev)
428{
429 struct tpm_chip *chip = dev_get_drvdata(dev);
430
431 if (chip == NULL)
432 return -ENODEV;
433
434 chip->flags &= ~TPM_CHIP_FLAG_SUSPENDED;
435
436 /*
437 * Guarantee that SUSPENDED is written last, so that hwrng does not
438 * activate before the chip has been fully resumed.
439 */
440 wmb();
441
442 return 0;
443}
444EXPORT_SYMBOL_GPL(tpm_pm_resume);
445
446/**
447 * tpm_get_random() - get random bytes from the TPM's RNG
448 * @chip: a &struct tpm_chip instance, %NULL for the default chip
449 * @out: destination buffer for the random bytes
450 * @max: the max number of bytes to write to @out
451 *
452 * Return: number of random bytes read or a negative error value.
453 */
454int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max)
455{
456 int rc;
457
458 if (!out || max > TPM_MAX_RNG_DATA)
459 return -EINVAL;
460
461 chip = tpm_find_get_ops(chip);
462 if (!chip)
463 return -ENODEV;
464
465 if (chip->flags & TPM_CHIP_FLAG_TPM2)
466 rc = tpm2_get_random(chip, out, max);
467 else
468 rc = tpm1_get_random(chip, out, max);
469
470 tpm_put_ops(chip);
471 return rc;
472}
473EXPORT_SYMBOL_GPL(tpm_get_random);
474
475static int __init tpm_init(void)
476{
477 int rc;
478
479 rc = class_register(&tpm_class);
480 if (rc) {
481 pr_err("couldn't create tpm class\n");
482 return rc;
483 }
484
485 rc = class_register(&tpmrm_class);
486 if (rc) {
487 pr_err("couldn't create tpmrm class\n");
488 goto out_destroy_tpm_class;
489 }
490
491 rc = alloc_chrdev_region(&tpm_devt, 0, 2*TPM_NUM_DEVICES, "tpm");
492 if (rc < 0) {
493 pr_err("tpm: failed to allocate char dev region\n");
494 goto out_destroy_tpmrm_class;
495 }
496
497 rc = tpm_dev_common_init();
498 if (rc) {
499 pr_err("tpm: failed to allocate char dev region\n");
500 goto out_unreg_chrdev;
501 }
502
503 return 0;
504
505out_unreg_chrdev:
506 unregister_chrdev_region(tpm_devt, 2 * TPM_NUM_DEVICES);
507out_destroy_tpmrm_class:
508 class_unregister(&tpmrm_class);
509out_destroy_tpm_class:
510 class_unregister(&tpm_class);
511
512 return rc;
513}
514
515static void __exit tpm_exit(void)
516{
517 idr_destroy(&dev_nums_idr);
518 class_unregister(&tpm_class);
519 class_unregister(&tpmrm_class);
520 unregister_chrdev_region(tpm_devt, 2*TPM_NUM_DEVICES);
521 tpm_dev_common_exit();
522}
523
524subsys_initcall(tpm_init);
525module_exit(tpm_exit);
526
527MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)");
528MODULE_DESCRIPTION("TPM Driver");
529MODULE_VERSION("2.0");
530MODULE_LICENSE("GPL");
1/*
2 * Copyright (C) 2004 IBM Corporation
3 *
4 * Authors:
5 * Leendert van Doorn <leendert@watson.ibm.com>
6 * Dave Safford <safford@watson.ibm.com>
7 * Reiner Sailer <sailer@watson.ibm.com>
8 * Kylene Hall <kjhall@us.ibm.com>
9 *
10 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
11 *
12 * Device driver for TCG/TCPA TPM (trusted platform module).
13 * Specifications at www.trustedcomputinggroup.org
14 *
15 * This program is free software; you can redistribute it and/or
16 * modify it under the terms of the GNU General Public License as
17 * published by the Free Software Foundation, version 2 of the
18 * License.
19 *
20 * Note, the TPM chip is not interrupt driven (only polling)
21 * and can have very long timeouts (minutes!). Hence the unusual
22 * calls to msleep.
23 *
24 */
25
26#include <linux/poll.h>
27#include <linux/slab.h>
28#include <linux/mutex.h>
29#include <linux/spinlock.h>
30#include <linux/freezer.h>
31
32#include "tpm.h"
33#include "tpm_eventlog.h"
34
35#define TPM_MAX_ORDINAL 243
36#define TSC_MAX_ORDINAL 12
37#define TPM_PROTECTED_COMMAND 0x00
38#define TPM_CONNECTION_COMMAND 0x40
39
40/*
41 * Bug workaround - some TPM's don't flush the most
42 * recently changed pcr on suspend, so force the flush
43 * with an extend to the selected _unused_ non-volatile pcr.
44 */
45static int tpm_suspend_pcr;
46module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644);
47MODULE_PARM_DESC(suspend_pcr,
48 "PCR to use for dummy writes to faciltate flush on suspend.");
49
50static LIST_HEAD(tpm_chip_list);
51static DEFINE_SPINLOCK(driver_lock);
52static DECLARE_BITMAP(dev_mask, TPM_NUM_DEVICES);
53
54/*
55 * Array with one entry per ordinal defining the maximum amount
56 * of time the chip could take to return the result. The ordinal
57 * designation of short, medium or long is defined in a table in
58 * TCG Specification TPM Main Part 2 TPM Structures Section 17. The
59 * values of the SHORT, MEDIUM, and LONG durations are retrieved
60 * from the chip during initialization with a call to tpm_get_timeouts.
61 */
62static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = {
63 TPM_UNDEFINED, /* 0 */
64 TPM_UNDEFINED,
65 TPM_UNDEFINED,
66 TPM_UNDEFINED,
67 TPM_UNDEFINED,
68 TPM_UNDEFINED, /* 5 */
69 TPM_UNDEFINED,
70 TPM_UNDEFINED,
71 TPM_UNDEFINED,
72 TPM_UNDEFINED,
73 TPM_SHORT, /* 10 */
74 TPM_SHORT,
75 TPM_MEDIUM,
76 TPM_LONG,
77 TPM_LONG,
78 TPM_MEDIUM, /* 15 */
79 TPM_SHORT,
80 TPM_SHORT,
81 TPM_MEDIUM,
82 TPM_LONG,
83 TPM_SHORT, /* 20 */
84 TPM_SHORT,
85 TPM_MEDIUM,
86 TPM_MEDIUM,
87 TPM_MEDIUM,
88 TPM_SHORT, /* 25 */
89 TPM_SHORT,
90 TPM_MEDIUM,
91 TPM_SHORT,
92 TPM_SHORT,
93 TPM_MEDIUM, /* 30 */
94 TPM_LONG,
95 TPM_MEDIUM,
96 TPM_SHORT,
97 TPM_SHORT,
98 TPM_SHORT, /* 35 */
99 TPM_MEDIUM,
100 TPM_MEDIUM,
101 TPM_UNDEFINED,
102 TPM_UNDEFINED,
103 TPM_MEDIUM, /* 40 */
104 TPM_LONG,
105 TPM_MEDIUM,
106 TPM_SHORT,
107 TPM_SHORT,
108 TPM_SHORT, /* 45 */
109 TPM_SHORT,
110 TPM_SHORT,
111 TPM_SHORT,
112 TPM_LONG,
113 TPM_MEDIUM, /* 50 */
114 TPM_MEDIUM,
115 TPM_UNDEFINED,
116 TPM_UNDEFINED,
117 TPM_UNDEFINED,
118 TPM_UNDEFINED, /* 55 */
119 TPM_UNDEFINED,
120 TPM_UNDEFINED,
121 TPM_UNDEFINED,
122 TPM_UNDEFINED,
123 TPM_MEDIUM, /* 60 */
124 TPM_MEDIUM,
125 TPM_MEDIUM,
126 TPM_SHORT,
127 TPM_SHORT,
128 TPM_MEDIUM, /* 65 */
129 TPM_UNDEFINED,
130 TPM_UNDEFINED,
131 TPM_UNDEFINED,
132 TPM_UNDEFINED,
133 TPM_SHORT, /* 70 */
134 TPM_SHORT,
135 TPM_UNDEFINED,
136 TPM_UNDEFINED,
137 TPM_UNDEFINED,
138 TPM_UNDEFINED, /* 75 */
139 TPM_UNDEFINED,
140 TPM_UNDEFINED,
141 TPM_UNDEFINED,
142 TPM_UNDEFINED,
143 TPM_LONG, /* 80 */
144 TPM_UNDEFINED,
145 TPM_MEDIUM,
146 TPM_LONG,
147 TPM_SHORT,
148 TPM_UNDEFINED, /* 85 */
149 TPM_UNDEFINED,
150 TPM_UNDEFINED,
151 TPM_UNDEFINED,
152 TPM_UNDEFINED,
153 TPM_SHORT, /* 90 */
154 TPM_SHORT,
155 TPM_SHORT,
156 TPM_SHORT,
157 TPM_SHORT,
158 TPM_UNDEFINED, /* 95 */
159 TPM_UNDEFINED,
160 TPM_UNDEFINED,
161 TPM_UNDEFINED,
162 TPM_UNDEFINED,
163 TPM_MEDIUM, /* 100 */
164 TPM_SHORT,
165 TPM_SHORT,
166 TPM_UNDEFINED,
167 TPM_UNDEFINED,
168 TPM_UNDEFINED, /* 105 */
169 TPM_UNDEFINED,
170 TPM_UNDEFINED,
171 TPM_UNDEFINED,
172 TPM_UNDEFINED,
173 TPM_SHORT, /* 110 */
174 TPM_SHORT,
175 TPM_SHORT,
176 TPM_SHORT,
177 TPM_SHORT,
178 TPM_SHORT, /* 115 */
179 TPM_SHORT,
180 TPM_SHORT,
181 TPM_UNDEFINED,
182 TPM_UNDEFINED,
183 TPM_LONG, /* 120 */
184 TPM_LONG,
185 TPM_MEDIUM,
186 TPM_UNDEFINED,
187 TPM_SHORT,
188 TPM_SHORT, /* 125 */
189 TPM_SHORT,
190 TPM_LONG,
191 TPM_SHORT,
192 TPM_SHORT,
193 TPM_SHORT, /* 130 */
194 TPM_MEDIUM,
195 TPM_UNDEFINED,
196 TPM_SHORT,
197 TPM_MEDIUM,
198 TPM_UNDEFINED, /* 135 */
199 TPM_UNDEFINED,
200 TPM_UNDEFINED,
201 TPM_UNDEFINED,
202 TPM_UNDEFINED,
203 TPM_SHORT, /* 140 */
204 TPM_SHORT,
205 TPM_UNDEFINED,
206 TPM_UNDEFINED,
207 TPM_UNDEFINED,
208 TPM_UNDEFINED, /* 145 */
209 TPM_UNDEFINED,
210 TPM_UNDEFINED,
211 TPM_UNDEFINED,
212 TPM_UNDEFINED,
213 TPM_SHORT, /* 150 */
214 TPM_MEDIUM,
215 TPM_MEDIUM,
216 TPM_SHORT,
217 TPM_SHORT,
218 TPM_UNDEFINED, /* 155 */
219 TPM_UNDEFINED,
220 TPM_UNDEFINED,
221 TPM_UNDEFINED,
222 TPM_UNDEFINED,
223 TPM_SHORT, /* 160 */
224 TPM_SHORT,
225 TPM_SHORT,
226 TPM_SHORT,
227 TPM_UNDEFINED,
228 TPM_UNDEFINED, /* 165 */
229 TPM_UNDEFINED,
230 TPM_UNDEFINED,
231 TPM_UNDEFINED,
232 TPM_UNDEFINED,
233 TPM_LONG, /* 170 */
234 TPM_UNDEFINED,
235 TPM_UNDEFINED,
236 TPM_UNDEFINED,
237 TPM_UNDEFINED,
238 TPM_UNDEFINED, /* 175 */
239 TPM_UNDEFINED,
240 TPM_UNDEFINED,
241 TPM_UNDEFINED,
242 TPM_UNDEFINED,
243 TPM_MEDIUM, /* 180 */
244 TPM_SHORT,
245 TPM_MEDIUM,
246 TPM_MEDIUM,
247 TPM_MEDIUM,
248 TPM_MEDIUM, /* 185 */
249 TPM_SHORT,
250 TPM_UNDEFINED,
251 TPM_UNDEFINED,
252 TPM_UNDEFINED,
253 TPM_UNDEFINED, /* 190 */
254 TPM_UNDEFINED,
255 TPM_UNDEFINED,
256 TPM_UNDEFINED,
257 TPM_UNDEFINED,
258 TPM_UNDEFINED, /* 195 */
259 TPM_UNDEFINED,
260 TPM_UNDEFINED,
261 TPM_UNDEFINED,
262 TPM_UNDEFINED,
263 TPM_SHORT, /* 200 */
264 TPM_UNDEFINED,
265 TPM_UNDEFINED,
266 TPM_UNDEFINED,
267 TPM_SHORT,
268 TPM_SHORT, /* 205 */
269 TPM_SHORT,
270 TPM_SHORT,
271 TPM_SHORT,
272 TPM_SHORT,
273 TPM_MEDIUM, /* 210 */
274 TPM_UNDEFINED,
275 TPM_MEDIUM,
276 TPM_MEDIUM,
277 TPM_MEDIUM,
278 TPM_UNDEFINED, /* 215 */
279 TPM_MEDIUM,
280 TPM_UNDEFINED,
281 TPM_UNDEFINED,
282 TPM_SHORT,
283 TPM_SHORT, /* 220 */
284 TPM_SHORT,
285 TPM_SHORT,
286 TPM_SHORT,
287 TPM_SHORT,
288 TPM_UNDEFINED, /* 225 */
289 TPM_UNDEFINED,
290 TPM_UNDEFINED,
291 TPM_UNDEFINED,
292 TPM_UNDEFINED,
293 TPM_SHORT, /* 230 */
294 TPM_LONG,
295 TPM_MEDIUM,
296 TPM_UNDEFINED,
297 TPM_UNDEFINED,
298 TPM_UNDEFINED, /* 235 */
299 TPM_UNDEFINED,
300 TPM_UNDEFINED,
301 TPM_UNDEFINED,
302 TPM_UNDEFINED,
303 TPM_SHORT, /* 240 */
304 TPM_UNDEFINED,
305 TPM_MEDIUM,
306};
307
308/*
309 * Returns max number of jiffies to wait
310 */
311unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip,
312 u32 ordinal)
313{
314 int duration_idx = TPM_UNDEFINED;
315 int duration = 0;
316 u8 category = (ordinal >> 24) & 0xFF;
317
318 if ((category == TPM_PROTECTED_COMMAND && ordinal < TPM_MAX_ORDINAL) ||
319 (category == TPM_CONNECTION_COMMAND && ordinal < TSC_MAX_ORDINAL))
320 duration_idx = tpm_ordinal_duration[ordinal];
321
322 if (duration_idx != TPM_UNDEFINED)
323 duration = chip->vendor.duration[duration_idx];
324 if (duration <= 0)
325 return 2 * 60 * HZ;
326 else
327 return duration;
328}
329EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration);
330
331/*
332 * Internal kernel interface to transmit TPM commands
333 */
334ssize_t tpm_transmit(struct tpm_chip *chip, const char *buf,
335 size_t bufsiz)
336{
337 ssize_t rc;
338 u32 count, ordinal;
339 unsigned long stop;
340
341 if (bufsiz > TPM_BUFSIZE)
342 bufsiz = TPM_BUFSIZE;
343
344 count = be32_to_cpu(*((__be32 *) (buf + 2)));
345 ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
346 if (count == 0)
347 return -ENODATA;
348 if (count > bufsiz) {
349 dev_err(chip->dev,
350 "invalid count value %x %zx\n", count, bufsiz);
351 return -E2BIG;
352 }
353
354 mutex_lock(&chip->tpm_mutex);
355
356 rc = chip->ops->send(chip, (u8 *) buf, count);
357 if (rc < 0) {
358 dev_err(chip->dev,
359 "tpm_transmit: tpm_send: error %zd\n", rc);
360 goto out;
361 }
362
363 if (chip->vendor.irq)
364 goto out_recv;
365
366 stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal);
367 do {
368 u8 status = chip->ops->status(chip);
369 if ((status & chip->ops->req_complete_mask) ==
370 chip->ops->req_complete_val)
371 goto out_recv;
372
373 if (chip->ops->req_canceled(chip, status)) {
374 dev_err(chip->dev, "Operation Canceled\n");
375 rc = -ECANCELED;
376 goto out;
377 }
378
379 msleep(TPM_TIMEOUT); /* CHECK */
380 rmb();
381 } while (time_before(jiffies, stop));
382
383 chip->ops->cancel(chip);
384 dev_err(chip->dev, "Operation Timed out\n");
385 rc = -ETIME;
386 goto out;
387
388out_recv:
389 rc = chip->ops->recv(chip, (u8 *) buf, bufsiz);
390 if (rc < 0)
391 dev_err(chip->dev,
392 "tpm_transmit: tpm_recv: error %zd\n", rc);
393out:
394 mutex_unlock(&chip->tpm_mutex);
395 return rc;
396}
397
398#define TPM_DIGEST_SIZE 20
399#define TPM_RET_CODE_IDX 6
400
401static ssize_t transmit_cmd(struct tpm_chip *chip, struct tpm_cmd_t *cmd,
402 int len, const char *desc)
403{
404 int err;
405
406 len = tpm_transmit(chip, (u8 *) cmd, len);
407 if (len < 0)
408 return len;
409 else if (len < TPM_HEADER_SIZE)
410 return -EFAULT;
411
412 err = be32_to_cpu(cmd->header.out.return_code);
413 if (err != 0 && desc)
414 dev_err(chip->dev, "A TPM error (%d) occurred %s\n", err, desc);
415
416 return err;
417}
418
419#define TPM_INTERNAL_RESULT_SIZE 200
420#define TPM_ORD_GET_CAP cpu_to_be32(101)
421#define TPM_ORD_GET_RANDOM cpu_to_be32(70)
422
423static const struct tpm_input_header tpm_getcap_header = {
424 .tag = TPM_TAG_RQU_COMMAND,
425 .length = cpu_to_be32(22),
426 .ordinal = TPM_ORD_GET_CAP
427};
428
429ssize_t tpm_getcap(struct device *dev, __be32 subcap_id, cap_t *cap,
430 const char *desc)
431{
432 struct tpm_cmd_t tpm_cmd;
433 int rc;
434 struct tpm_chip *chip = dev_get_drvdata(dev);
435
436 tpm_cmd.header.in = tpm_getcap_header;
437 if (subcap_id == CAP_VERSION_1_1 || subcap_id == CAP_VERSION_1_2) {
438 tpm_cmd.params.getcap_in.cap = subcap_id;
439 /*subcap field not necessary */
440 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(0);
441 tpm_cmd.header.in.length -= cpu_to_be32(sizeof(__be32));
442 } else {
443 if (subcap_id == TPM_CAP_FLAG_PERM ||
444 subcap_id == TPM_CAP_FLAG_VOL)
445 tpm_cmd.params.getcap_in.cap = TPM_CAP_FLAG;
446 else
447 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
448 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
449 tpm_cmd.params.getcap_in.subcap = subcap_id;
450 }
451 rc = transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, desc);
452 if (!rc)
453 *cap = tpm_cmd.params.getcap_out.cap;
454 return rc;
455}
456
457void tpm_gen_interrupt(struct tpm_chip *chip)
458{
459 struct tpm_cmd_t tpm_cmd;
460 ssize_t rc;
461
462 tpm_cmd.header.in = tpm_getcap_header;
463 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
464 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
465 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT;
466
467 rc = transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE,
468 "attempting to determine the timeouts");
469}
470EXPORT_SYMBOL_GPL(tpm_gen_interrupt);
471
472#define TPM_ORD_STARTUP cpu_to_be32(153)
473#define TPM_ST_CLEAR cpu_to_be16(1)
474#define TPM_ST_STATE cpu_to_be16(2)
475#define TPM_ST_DEACTIVATED cpu_to_be16(3)
476static const struct tpm_input_header tpm_startup_header = {
477 .tag = TPM_TAG_RQU_COMMAND,
478 .length = cpu_to_be32(12),
479 .ordinal = TPM_ORD_STARTUP
480};
481
482static int tpm_startup(struct tpm_chip *chip, __be16 startup_type)
483{
484 struct tpm_cmd_t start_cmd;
485 start_cmd.header.in = tpm_startup_header;
486 start_cmd.params.startup_in.startup_type = startup_type;
487 return transmit_cmd(chip, &start_cmd, TPM_INTERNAL_RESULT_SIZE,
488 "attempting to start the TPM");
489}
490
491int tpm_get_timeouts(struct tpm_chip *chip)
492{
493 struct tpm_cmd_t tpm_cmd;
494 struct timeout_t *timeout_cap;
495 struct duration_t *duration_cap;
496 ssize_t rc;
497 u32 timeout;
498 unsigned int scale = 1;
499
500 tpm_cmd.header.in = tpm_getcap_header;
501 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
502 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
503 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT;
504 rc = transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, NULL);
505
506 if (rc == TPM_ERR_INVALID_POSTINIT) {
507 /* The TPM is not started, we are the first to talk to it.
508 Execute a startup command. */
509 dev_info(chip->dev, "Issuing TPM_STARTUP");
510 if (tpm_startup(chip, TPM_ST_CLEAR))
511 return rc;
512
513 tpm_cmd.header.in = tpm_getcap_header;
514 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
515 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
516 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT;
517 rc = transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE,
518 NULL);
519 }
520 if (rc) {
521 dev_err(chip->dev,
522 "A TPM error (%zd) occurred attempting to determine the timeouts\n",
523 rc);
524 goto duration;
525 }
526
527 if (be32_to_cpu(tpm_cmd.header.out.return_code) != 0 ||
528 be32_to_cpu(tpm_cmd.header.out.length)
529 != sizeof(tpm_cmd.header.out) + sizeof(u32) + 4 * sizeof(u32))
530 return -EINVAL;
531
532 timeout_cap = &tpm_cmd.params.getcap_out.cap.timeout;
533 /* Don't overwrite default if value is 0 */
534 timeout = be32_to_cpu(timeout_cap->a);
535 if (timeout && timeout < 1000) {
536 /* timeouts in msec rather usec */
537 scale = 1000;
538 chip->vendor.timeout_adjusted = true;
539 }
540 if (timeout)
541 chip->vendor.timeout_a = usecs_to_jiffies(timeout * scale);
542 timeout = be32_to_cpu(timeout_cap->b);
543 if (timeout)
544 chip->vendor.timeout_b = usecs_to_jiffies(timeout * scale);
545 timeout = be32_to_cpu(timeout_cap->c);
546 if (timeout)
547 chip->vendor.timeout_c = usecs_to_jiffies(timeout * scale);
548 timeout = be32_to_cpu(timeout_cap->d);
549 if (timeout)
550 chip->vendor.timeout_d = usecs_to_jiffies(timeout * scale);
551
552duration:
553 tpm_cmd.header.in = tpm_getcap_header;
554 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
555 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
556 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_DURATION;
557
558 rc = transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE,
559 "attempting to determine the durations");
560 if (rc)
561 return rc;
562
563 if (be32_to_cpu(tpm_cmd.header.out.return_code) != 0 ||
564 be32_to_cpu(tpm_cmd.header.out.length)
565 != sizeof(tpm_cmd.header.out) + sizeof(u32) + 3 * sizeof(u32))
566 return -EINVAL;
567
568 duration_cap = &tpm_cmd.params.getcap_out.cap.duration;
569 chip->vendor.duration[TPM_SHORT] =
570 usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_short));
571 chip->vendor.duration[TPM_MEDIUM] =
572 usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_medium));
573 chip->vendor.duration[TPM_LONG] =
574 usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_long));
575
576 /* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above
577 * value wrong and apparently reports msecs rather than usecs. So we
578 * fix up the resulting too-small TPM_SHORT value to make things work.
579 * We also scale the TPM_MEDIUM and -_LONG values by 1000.
580 */
581 if (chip->vendor.duration[TPM_SHORT] < (HZ / 100)) {
582 chip->vendor.duration[TPM_SHORT] = HZ;
583 chip->vendor.duration[TPM_MEDIUM] *= 1000;
584 chip->vendor.duration[TPM_LONG] *= 1000;
585 chip->vendor.duration_adjusted = true;
586 dev_info(chip->dev, "Adjusting TPM timeout parameters.");
587 }
588 return 0;
589}
590EXPORT_SYMBOL_GPL(tpm_get_timeouts);
591
592#define TPM_ORD_CONTINUE_SELFTEST 83
593#define CONTINUE_SELFTEST_RESULT_SIZE 10
594
595static struct tpm_input_header continue_selftest_header = {
596 .tag = TPM_TAG_RQU_COMMAND,
597 .length = cpu_to_be32(10),
598 .ordinal = cpu_to_be32(TPM_ORD_CONTINUE_SELFTEST),
599};
600
601/**
602 * tpm_continue_selftest -- run TPM's selftest
603 * @chip: TPM chip to use
604 *
605 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
606 * a TPM error code.
607 */
608static int tpm_continue_selftest(struct tpm_chip *chip)
609{
610 int rc;
611 struct tpm_cmd_t cmd;
612
613 cmd.header.in = continue_selftest_header;
614 rc = transmit_cmd(chip, &cmd, CONTINUE_SELFTEST_RESULT_SIZE,
615 "continue selftest");
616 return rc;
617}
618
619/*
620 * tpm_chip_find_get - return tpm_chip for given chip number
621 */
622static struct tpm_chip *tpm_chip_find_get(int chip_num)
623{
624 struct tpm_chip *pos, *chip = NULL;
625
626 rcu_read_lock();
627 list_for_each_entry_rcu(pos, &tpm_chip_list, list) {
628 if (chip_num != TPM_ANY_NUM && chip_num != pos->dev_num)
629 continue;
630
631 if (try_module_get(pos->dev->driver->owner)) {
632 chip = pos;
633 break;
634 }
635 }
636 rcu_read_unlock();
637 return chip;
638}
639
640#define TPM_ORDINAL_PCRREAD cpu_to_be32(21)
641#define READ_PCR_RESULT_SIZE 30
642static struct tpm_input_header pcrread_header = {
643 .tag = TPM_TAG_RQU_COMMAND,
644 .length = cpu_to_be32(14),
645 .ordinal = TPM_ORDINAL_PCRREAD
646};
647
648int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
649{
650 int rc;
651 struct tpm_cmd_t cmd;
652
653 cmd.header.in = pcrread_header;
654 cmd.params.pcrread_in.pcr_idx = cpu_to_be32(pcr_idx);
655 rc = transmit_cmd(chip, &cmd, READ_PCR_RESULT_SIZE,
656 "attempting to read a pcr value");
657
658 if (rc == 0)
659 memcpy(res_buf, cmd.params.pcrread_out.pcr_result,
660 TPM_DIGEST_SIZE);
661 return rc;
662}
663
664/**
665 * tpm_pcr_read - read a pcr value
666 * @chip_num: tpm idx # or ANY
667 * @pcr_idx: pcr idx to retrieve
668 * @res_buf: TPM_PCR value
669 * size of res_buf is 20 bytes (or NULL if you don't care)
670 *
671 * The TPM driver should be built-in, but for whatever reason it
672 * isn't, protect against the chip disappearing, by incrementing
673 * the module usage count.
674 */
675int tpm_pcr_read(u32 chip_num, int pcr_idx, u8 *res_buf)
676{
677 struct tpm_chip *chip;
678 int rc;
679
680 chip = tpm_chip_find_get(chip_num);
681 if (chip == NULL)
682 return -ENODEV;
683 rc = tpm_pcr_read_dev(chip, pcr_idx, res_buf);
684 tpm_chip_put(chip);
685 return rc;
686}
687EXPORT_SYMBOL_GPL(tpm_pcr_read);
688
689/**
690 * tpm_pcr_extend - extend pcr value with hash
691 * @chip_num: tpm idx # or AN&
692 * @pcr_idx: pcr idx to extend
693 * @hash: hash value used to extend pcr value
694 *
695 * The TPM driver should be built-in, but for whatever reason it
696 * isn't, protect against the chip disappearing, by incrementing
697 * the module usage count.
698 */
699#define TPM_ORD_PCR_EXTEND cpu_to_be32(20)
700#define EXTEND_PCR_RESULT_SIZE 34
701static struct tpm_input_header pcrextend_header = {
702 .tag = TPM_TAG_RQU_COMMAND,
703 .length = cpu_to_be32(34),
704 .ordinal = TPM_ORD_PCR_EXTEND
705};
706
707int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
708{
709 struct tpm_cmd_t cmd;
710 int rc;
711 struct tpm_chip *chip;
712
713 chip = tpm_chip_find_get(chip_num);
714 if (chip == NULL)
715 return -ENODEV;
716
717 cmd.header.in = pcrextend_header;
718 cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
719 memcpy(cmd.params.pcrextend_in.hash, hash, TPM_DIGEST_SIZE);
720 rc = transmit_cmd(chip, &cmd, EXTEND_PCR_RESULT_SIZE,
721 "attempting extend a PCR value");
722
723 tpm_chip_put(chip);
724 return rc;
725}
726EXPORT_SYMBOL_GPL(tpm_pcr_extend);
727
728/**
729 * tpm_do_selftest - have the TPM continue its selftest and wait until it
730 * can receive further commands
731 * @chip: TPM chip to use
732 *
733 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
734 * a TPM error code.
735 */
736int tpm_do_selftest(struct tpm_chip *chip)
737{
738 int rc;
739 unsigned int loops;
740 unsigned int delay_msec = 100;
741 unsigned long duration;
742 struct tpm_cmd_t cmd;
743
744 duration = tpm_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST);
745
746 loops = jiffies_to_msecs(duration) / delay_msec;
747
748 rc = tpm_continue_selftest(chip);
749 /* This may fail if there was no TPM driver during a suspend/resume
750 * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST)
751 */
752 if (rc)
753 return rc;
754
755 do {
756 /* Attempt to read a PCR value */
757 cmd.header.in = pcrread_header;
758 cmd.params.pcrread_in.pcr_idx = cpu_to_be32(0);
759 rc = tpm_transmit(chip, (u8 *) &cmd, READ_PCR_RESULT_SIZE);
760 /* Some buggy TPMs will not respond to tpm_tis_ready() for
761 * around 300ms while the self test is ongoing, keep trying
762 * until the self test duration expires. */
763 if (rc == -ETIME) {
764 dev_info(chip->dev, HW_ERR "TPM command timed out during continue self test");
765 msleep(delay_msec);
766 continue;
767 }
768
769 if (rc < TPM_HEADER_SIZE)
770 return -EFAULT;
771
772 rc = be32_to_cpu(cmd.header.out.return_code);
773 if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) {
774 dev_info(chip->dev,
775 "TPM is disabled/deactivated (0x%X)\n", rc);
776 /* TPM is disabled and/or deactivated; driver can
777 * proceed and TPM does handle commands for
778 * suspend/resume correctly
779 */
780 return 0;
781 }
782 if (rc != TPM_WARN_DOING_SELFTEST)
783 return rc;
784 msleep(delay_msec);
785 } while (--loops > 0);
786
787 return rc;
788}
789EXPORT_SYMBOL_GPL(tpm_do_selftest);
790
791int tpm_send(u32 chip_num, void *cmd, size_t buflen)
792{
793 struct tpm_chip *chip;
794 int rc;
795
796 chip = tpm_chip_find_get(chip_num);
797 if (chip == NULL)
798 return -ENODEV;
799
800 rc = transmit_cmd(chip, cmd, buflen, "attempting tpm_cmd");
801
802 tpm_chip_put(chip);
803 return rc;
804}
805EXPORT_SYMBOL_GPL(tpm_send);
806
807static bool wait_for_tpm_stat_cond(struct tpm_chip *chip, u8 mask,
808 bool check_cancel, bool *canceled)
809{
810 u8 status = chip->ops->status(chip);
811
812 *canceled = false;
813 if ((status & mask) == mask)
814 return true;
815 if (check_cancel && chip->ops->req_canceled(chip, status)) {
816 *canceled = true;
817 return true;
818 }
819 return false;
820}
821
822int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout,
823 wait_queue_head_t *queue, bool check_cancel)
824{
825 unsigned long stop;
826 long rc;
827 u8 status;
828 bool canceled = false;
829
830 /* check current status */
831 status = chip->ops->status(chip);
832 if ((status & mask) == mask)
833 return 0;
834
835 stop = jiffies + timeout;
836
837 if (chip->vendor.irq) {
838again:
839 timeout = stop - jiffies;
840 if ((long)timeout <= 0)
841 return -ETIME;
842 rc = wait_event_interruptible_timeout(*queue,
843 wait_for_tpm_stat_cond(chip, mask, check_cancel,
844 &canceled),
845 timeout);
846 if (rc > 0) {
847 if (canceled)
848 return -ECANCELED;
849 return 0;
850 }
851 if (rc == -ERESTARTSYS && freezing(current)) {
852 clear_thread_flag(TIF_SIGPENDING);
853 goto again;
854 }
855 } else {
856 do {
857 msleep(TPM_TIMEOUT);
858 status = chip->ops->status(chip);
859 if ((status & mask) == mask)
860 return 0;
861 } while (time_before(jiffies, stop));
862 }
863 return -ETIME;
864}
865EXPORT_SYMBOL_GPL(wait_for_tpm_stat);
866
867void tpm_remove_hardware(struct device *dev)
868{
869 struct tpm_chip *chip = dev_get_drvdata(dev);
870
871 if (chip == NULL) {
872 dev_err(dev, "No device data found\n");
873 return;
874 }
875
876 spin_lock(&driver_lock);
877 list_del_rcu(&chip->list);
878 spin_unlock(&driver_lock);
879 synchronize_rcu();
880
881 tpm_dev_del_device(chip);
882 tpm_sysfs_del_device(chip);
883 tpm_remove_ppi(&dev->kobj);
884 tpm_bios_log_teardown(chip->bios_dir);
885
886 /* write it this way to be explicit (chip->dev == dev) */
887 put_device(chip->dev);
888}
889EXPORT_SYMBOL_GPL(tpm_remove_hardware);
890
891#define TPM_ORD_SAVESTATE cpu_to_be32(152)
892#define SAVESTATE_RESULT_SIZE 10
893
894static struct tpm_input_header savestate_header = {
895 .tag = TPM_TAG_RQU_COMMAND,
896 .length = cpu_to_be32(10),
897 .ordinal = TPM_ORD_SAVESTATE
898};
899
900/*
901 * We are about to suspend. Save the TPM state
902 * so that it can be restored.
903 */
904int tpm_pm_suspend(struct device *dev)
905{
906 struct tpm_chip *chip = dev_get_drvdata(dev);
907 struct tpm_cmd_t cmd;
908 int rc, try;
909
910 u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 };
911
912 if (chip == NULL)
913 return -ENODEV;
914
915 /* for buggy tpm, flush pcrs with extend to selected dummy */
916 if (tpm_suspend_pcr) {
917 cmd.header.in = pcrextend_header;
918 cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(tpm_suspend_pcr);
919 memcpy(cmd.params.pcrextend_in.hash, dummy_hash,
920 TPM_DIGEST_SIZE);
921 rc = transmit_cmd(chip, &cmd, EXTEND_PCR_RESULT_SIZE,
922 "extending dummy pcr before suspend");
923 }
924
925 /* now do the actual savestate */
926 for (try = 0; try < TPM_RETRY; try++) {
927 cmd.header.in = savestate_header;
928 rc = transmit_cmd(chip, &cmd, SAVESTATE_RESULT_SIZE, NULL);
929
930 /*
931 * If the TPM indicates that it is too busy to respond to
932 * this command then retry before giving up. It can take
933 * several seconds for this TPM to be ready.
934 *
935 * This can happen if the TPM has already been sent the
936 * SaveState command before the driver has loaded. TCG 1.2
937 * specification states that any communication after SaveState
938 * may cause the TPM to invalidate previously saved state.
939 */
940 if (rc != TPM_WARN_RETRY)
941 break;
942 msleep(TPM_TIMEOUT_RETRY);
943 }
944
945 if (rc)
946 dev_err(chip->dev,
947 "Error (%d) sending savestate before suspend\n", rc);
948 else if (try > 0)
949 dev_warn(chip->dev, "TPM savestate took %dms\n",
950 try * TPM_TIMEOUT_RETRY);
951
952 return rc;
953}
954EXPORT_SYMBOL_GPL(tpm_pm_suspend);
955
956/*
957 * Resume from a power safe. The BIOS already restored
958 * the TPM state.
959 */
960int tpm_pm_resume(struct device *dev)
961{
962 struct tpm_chip *chip = dev_get_drvdata(dev);
963
964 if (chip == NULL)
965 return -ENODEV;
966
967 return 0;
968}
969EXPORT_SYMBOL_GPL(tpm_pm_resume);
970
971#define TPM_GETRANDOM_RESULT_SIZE 18
972static struct tpm_input_header tpm_getrandom_header = {
973 .tag = TPM_TAG_RQU_COMMAND,
974 .length = cpu_to_be32(14),
975 .ordinal = TPM_ORD_GET_RANDOM
976};
977
978/**
979 * tpm_get_random() - Get random bytes from the tpm's RNG
980 * @chip_num: A specific chip number for the request or TPM_ANY_NUM
981 * @out: destination buffer for the random bytes
982 * @max: the max number of bytes to write to @out
983 *
984 * Returns < 0 on error and the number of bytes read on success
985 */
986int tpm_get_random(u32 chip_num, u8 *out, size_t max)
987{
988 struct tpm_chip *chip;
989 struct tpm_cmd_t tpm_cmd;
990 u32 recd, num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA);
991 int err, total = 0, retries = 5;
992 u8 *dest = out;
993
994 chip = tpm_chip_find_get(chip_num);
995 if (chip == NULL)
996 return -ENODEV;
997
998 if (!out || !num_bytes || max > TPM_MAX_RNG_DATA)
999 return -EINVAL;
1000
1001 do {
1002 tpm_cmd.header.in = tpm_getrandom_header;
1003 tpm_cmd.params.getrandom_in.num_bytes = cpu_to_be32(num_bytes);
1004
1005 err = transmit_cmd(chip, &tpm_cmd,
1006 TPM_GETRANDOM_RESULT_SIZE + num_bytes,
1007 "attempting get random");
1008 if (err)
1009 break;
1010
1011 recd = be32_to_cpu(tpm_cmd.params.getrandom_out.rng_data_len);
1012 memcpy(dest, tpm_cmd.params.getrandom_out.rng_data, recd);
1013
1014 dest += recd;
1015 total += recd;
1016 num_bytes -= recd;
1017 } while (retries-- && total < max);
1018
1019 return total ? total : -EIO;
1020}
1021EXPORT_SYMBOL_GPL(tpm_get_random);
1022
1023/* In case vendor provided release function, call it too.*/
1024
1025void tpm_dev_vendor_release(struct tpm_chip *chip)
1026{
1027 if (!chip)
1028 return;
1029
1030 clear_bit(chip->dev_num, dev_mask);
1031}
1032EXPORT_SYMBOL_GPL(tpm_dev_vendor_release);
1033
1034
1035/*
1036 * Once all references to platform device are down to 0,
1037 * release all allocated structures.
1038 */
1039static void tpm_dev_release(struct device *dev)
1040{
1041 struct tpm_chip *chip = dev_get_drvdata(dev);
1042
1043 if (!chip)
1044 return;
1045
1046 tpm_dev_vendor_release(chip);
1047
1048 chip->release(dev);
1049 kfree(chip);
1050}
1051
1052/*
1053 * Called from tpm_<specific>.c probe function only for devices
1054 * the driver has determined it should claim. Prior to calling
1055 * this function the specific probe function has called pci_enable_device
1056 * upon errant exit from this function specific probe function should call
1057 * pci_disable_device
1058 */
1059struct tpm_chip *tpm_register_hardware(struct device *dev,
1060 const struct tpm_class_ops *ops)
1061{
1062 struct tpm_chip *chip;
1063
1064 /* Driver specific per-device data */
1065 chip = kzalloc(sizeof(*chip), GFP_KERNEL);
1066
1067 if (chip == NULL)
1068 return NULL;
1069
1070 mutex_init(&chip->tpm_mutex);
1071 INIT_LIST_HEAD(&chip->list);
1072
1073 chip->ops = ops;
1074 chip->dev_num = find_first_zero_bit(dev_mask, TPM_NUM_DEVICES);
1075
1076 if (chip->dev_num >= TPM_NUM_DEVICES) {
1077 dev_err(dev, "No available tpm device numbers\n");
1078 goto out_free;
1079 }
1080
1081 set_bit(chip->dev_num, dev_mask);
1082
1083 scnprintf(chip->devname, sizeof(chip->devname), "%s%d", "tpm",
1084 chip->dev_num);
1085
1086 chip->dev = get_device(dev);
1087 chip->release = dev->release;
1088 dev->release = tpm_dev_release;
1089 dev_set_drvdata(dev, chip);
1090
1091 if (tpm_dev_add_device(chip))
1092 goto put_device;
1093
1094 if (tpm_sysfs_add_device(chip))
1095 goto del_misc;
1096
1097 if (tpm_add_ppi(&dev->kobj))
1098 goto del_misc;
1099
1100 chip->bios_dir = tpm_bios_log_setup(chip->devname);
1101
1102 /* Make chip available */
1103 spin_lock(&driver_lock);
1104 list_add_rcu(&chip->list, &tpm_chip_list);
1105 spin_unlock(&driver_lock);
1106
1107 return chip;
1108
1109del_misc:
1110 tpm_dev_del_device(chip);
1111put_device:
1112 put_device(chip->dev);
1113out_free:
1114 kfree(chip);
1115 return NULL;
1116}
1117EXPORT_SYMBOL_GPL(tpm_register_hardware);
1118
1119MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)");
1120MODULE_DESCRIPTION("TPM Driver");
1121MODULE_VERSION("2.0");
1122MODULE_LICENSE("GPL");