19deb0eb7SJason Gunthorpe /* 29deb0eb7SJason Gunthorpe * Copyright (C) 2004 IBM Corporation 3afb5abc2SJarkko Sakkinen * Copyright (C) 2014 Intel Corporation 49deb0eb7SJason Gunthorpe * 59deb0eb7SJason Gunthorpe * Authors: 69deb0eb7SJason Gunthorpe * Leendert van Doorn <leendert@watson.ibm.com> 79deb0eb7SJason Gunthorpe * Dave Safford <safford@watson.ibm.com> 89deb0eb7SJason Gunthorpe * Reiner Sailer <sailer@watson.ibm.com> 99deb0eb7SJason Gunthorpe * Kylene Hall <kjhall@us.ibm.com> 109deb0eb7SJason Gunthorpe * 119deb0eb7SJason Gunthorpe * Maintained by: <tpmdd-devel@lists.sourceforge.net> 129deb0eb7SJason Gunthorpe * 139deb0eb7SJason Gunthorpe * Device driver for TCG/TCPA TPM (trusted platform module). 149deb0eb7SJason Gunthorpe * Specifications at www.trustedcomputinggroup.org 159deb0eb7SJason Gunthorpe * 169deb0eb7SJason Gunthorpe * This program is free software; you can redistribute it and/or 179deb0eb7SJason Gunthorpe * modify it under the terms of the GNU General Public License as 189deb0eb7SJason Gunthorpe * published by the Free Software Foundation, version 2 of the 199deb0eb7SJason Gunthorpe * License. 209deb0eb7SJason Gunthorpe * 219deb0eb7SJason Gunthorpe * Note, the TPM chip is not interrupt driven (only polling) 229deb0eb7SJason Gunthorpe * and can have very long timeouts (minutes!). Hence the unusual 239deb0eb7SJason Gunthorpe * calls to msleep. 249deb0eb7SJason Gunthorpe * 259deb0eb7SJason Gunthorpe */ 269deb0eb7SJason Gunthorpe 279deb0eb7SJason Gunthorpe #include <linux/poll.h> 289deb0eb7SJason Gunthorpe #include <linux/slab.h> 299deb0eb7SJason Gunthorpe #include <linux/mutex.h> 309deb0eb7SJason Gunthorpe #include <linux/spinlock.h> 319deb0eb7SJason Gunthorpe #include <linux/freezer.h> 32fd3ec366SThiebaud Weksteen #include <linux/tpm_eventlog.h> 339deb0eb7SJason Gunthorpe 349deb0eb7SJason Gunthorpe #include "tpm.h" 359deb0eb7SJason Gunthorpe 369deb0eb7SJason Gunthorpe #define TPM_MAX_ORDINAL 243 379deb0eb7SJason Gunthorpe #define TSC_MAX_ORDINAL 12 389deb0eb7SJason Gunthorpe #define TPM_PROTECTED_COMMAND 0x00 399deb0eb7SJason Gunthorpe #define TPM_CONNECTION_COMMAND 0x40 409deb0eb7SJason Gunthorpe 419deb0eb7SJason Gunthorpe /* 429deb0eb7SJason Gunthorpe * Bug workaround - some TPM's don't flush the most 439deb0eb7SJason Gunthorpe * recently changed pcr on suspend, so force the flush 449deb0eb7SJason Gunthorpe * with an extend to the selected _unused_ non-volatile pcr. 459deb0eb7SJason Gunthorpe */ 469deb0eb7SJason Gunthorpe static int tpm_suspend_pcr; 479deb0eb7SJason Gunthorpe module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644); 489deb0eb7SJason Gunthorpe MODULE_PARM_DESC(suspend_pcr, 4939f5712bSDmitry Torokhov "PCR to use for dummy writes to facilitate flush on suspend."); 509deb0eb7SJason Gunthorpe 519deb0eb7SJason Gunthorpe /* 529deb0eb7SJason Gunthorpe * Array with one entry per ordinal defining the maximum amount 539deb0eb7SJason Gunthorpe * of time the chip could take to return the result. The ordinal 549deb0eb7SJason Gunthorpe * designation of short, medium or long is defined in a table in 559deb0eb7SJason Gunthorpe * TCG Specification TPM Main Part 2 TPM Structures Section 17. The 569deb0eb7SJason Gunthorpe * values of the SHORT, MEDIUM, and LONG durations are retrieved 579deb0eb7SJason Gunthorpe * from the chip during initialization with a call to tpm_get_timeouts. 589deb0eb7SJason Gunthorpe */ 599deb0eb7SJason Gunthorpe static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = { 609deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 0 */ 619deb0eb7SJason Gunthorpe TPM_UNDEFINED, 629deb0eb7SJason Gunthorpe TPM_UNDEFINED, 639deb0eb7SJason Gunthorpe TPM_UNDEFINED, 649deb0eb7SJason Gunthorpe TPM_UNDEFINED, 659deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 5 */ 669deb0eb7SJason Gunthorpe TPM_UNDEFINED, 679deb0eb7SJason Gunthorpe TPM_UNDEFINED, 689deb0eb7SJason Gunthorpe TPM_UNDEFINED, 699deb0eb7SJason Gunthorpe TPM_UNDEFINED, 709deb0eb7SJason Gunthorpe TPM_SHORT, /* 10 */ 719deb0eb7SJason Gunthorpe TPM_SHORT, 729deb0eb7SJason Gunthorpe TPM_MEDIUM, 739deb0eb7SJason Gunthorpe TPM_LONG, 749deb0eb7SJason Gunthorpe TPM_LONG, 759deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 15 */ 769deb0eb7SJason Gunthorpe TPM_SHORT, 779deb0eb7SJason Gunthorpe TPM_SHORT, 789deb0eb7SJason Gunthorpe TPM_MEDIUM, 799deb0eb7SJason Gunthorpe TPM_LONG, 809deb0eb7SJason Gunthorpe TPM_SHORT, /* 20 */ 819deb0eb7SJason Gunthorpe TPM_SHORT, 829deb0eb7SJason Gunthorpe TPM_MEDIUM, 839deb0eb7SJason Gunthorpe TPM_MEDIUM, 849deb0eb7SJason Gunthorpe TPM_MEDIUM, 859deb0eb7SJason Gunthorpe TPM_SHORT, /* 25 */ 869deb0eb7SJason Gunthorpe TPM_SHORT, 879deb0eb7SJason Gunthorpe TPM_MEDIUM, 889deb0eb7SJason Gunthorpe TPM_SHORT, 899deb0eb7SJason Gunthorpe TPM_SHORT, 909deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 30 */ 919deb0eb7SJason Gunthorpe TPM_LONG, 929deb0eb7SJason Gunthorpe TPM_MEDIUM, 939deb0eb7SJason Gunthorpe TPM_SHORT, 949deb0eb7SJason Gunthorpe TPM_SHORT, 959deb0eb7SJason Gunthorpe TPM_SHORT, /* 35 */ 969deb0eb7SJason Gunthorpe TPM_MEDIUM, 979deb0eb7SJason Gunthorpe TPM_MEDIUM, 989deb0eb7SJason Gunthorpe TPM_UNDEFINED, 999deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1009deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 40 */ 1019deb0eb7SJason Gunthorpe TPM_LONG, 1029deb0eb7SJason Gunthorpe TPM_MEDIUM, 1039deb0eb7SJason Gunthorpe TPM_SHORT, 1049deb0eb7SJason Gunthorpe TPM_SHORT, 1059deb0eb7SJason Gunthorpe TPM_SHORT, /* 45 */ 1069deb0eb7SJason Gunthorpe TPM_SHORT, 1079deb0eb7SJason Gunthorpe TPM_SHORT, 1089deb0eb7SJason Gunthorpe TPM_SHORT, 1099deb0eb7SJason Gunthorpe TPM_LONG, 1109deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 50 */ 1119deb0eb7SJason Gunthorpe TPM_MEDIUM, 1129deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1139deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1149deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1159deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 55 */ 1169deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1179deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1189deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1199deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1209deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 60 */ 1219deb0eb7SJason Gunthorpe TPM_MEDIUM, 1229deb0eb7SJason Gunthorpe TPM_MEDIUM, 1239deb0eb7SJason Gunthorpe TPM_SHORT, 1249deb0eb7SJason Gunthorpe TPM_SHORT, 1259deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 65 */ 1269deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1279deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1289deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1299deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1309deb0eb7SJason Gunthorpe TPM_SHORT, /* 70 */ 1319deb0eb7SJason Gunthorpe TPM_SHORT, 1329deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1339deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1349deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1359deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 75 */ 1369deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1379deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1389deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1399deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1409deb0eb7SJason Gunthorpe TPM_LONG, /* 80 */ 1419deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1429deb0eb7SJason Gunthorpe TPM_MEDIUM, 1439deb0eb7SJason Gunthorpe TPM_LONG, 1449deb0eb7SJason Gunthorpe TPM_SHORT, 1459deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 85 */ 1469deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1479deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1489deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1499deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1509deb0eb7SJason Gunthorpe TPM_SHORT, /* 90 */ 1519deb0eb7SJason Gunthorpe TPM_SHORT, 1529deb0eb7SJason Gunthorpe TPM_SHORT, 1539deb0eb7SJason Gunthorpe TPM_SHORT, 1549deb0eb7SJason Gunthorpe TPM_SHORT, 1559deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 95 */ 1569deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1579deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1589deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1599deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1609deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 100 */ 1619deb0eb7SJason Gunthorpe TPM_SHORT, 1629deb0eb7SJason Gunthorpe TPM_SHORT, 1639deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1649deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1659deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 105 */ 1669deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1679deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1689deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1699deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1709deb0eb7SJason Gunthorpe TPM_SHORT, /* 110 */ 1719deb0eb7SJason Gunthorpe TPM_SHORT, 1729deb0eb7SJason Gunthorpe TPM_SHORT, 1739deb0eb7SJason Gunthorpe TPM_SHORT, 1749deb0eb7SJason Gunthorpe TPM_SHORT, 1759deb0eb7SJason Gunthorpe TPM_SHORT, /* 115 */ 1769deb0eb7SJason Gunthorpe TPM_SHORT, 1779deb0eb7SJason Gunthorpe TPM_SHORT, 1789deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1799deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1809deb0eb7SJason Gunthorpe TPM_LONG, /* 120 */ 1819deb0eb7SJason Gunthorpe TPM_LONG, 1829deb0eb7SJason Gunthorpe TPM_MEDIUM, 1839deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1849deb0eb7SJason Gunthorpe TPM_SHORT, 1859deb0eb7SJason Gunthorpe TPM_SHORT, /* 125 */ 1869deb0eb7SJason Gunthorpe TPM_SHORT, 1879deb0eb7SJason Gunthorpe TPM_LONG, 1889deb0eb7SJason Gunthorpe TPM_SHORT, 1899deb0eb7SJason Gunthorpe TPM_SHORT, 1909deb0eb7SJason Gunthorpe TPM_SHORT, /* 130 */ 1919deb0eb7SJason Gunthorpe TPM_MEDIUM, 1929deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1939deb0eb7SJason Gunthorpe TPM_SHORT, 1949deb0eb7SJason Gunthorpe TPM_MEDIUM, 1959deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 135 */ 1969deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1979deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1989deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1999deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2009deb0eb7SJason Gunthorpe TPM_SHORT, /* 140 */ 2019deb0eb7SJason Gunthorpe TPM_SHORT, 2029deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2039deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2049deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2059deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 145 */ 2069deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2079deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2089deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2099deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2109deb0eb7SJason Gunthorpe TPM_SHORT, /* 150 */ 2119deb0eb7SJason Gunthorpe TPM_MEDIUM, 2129deb0eb7SJason Gunthorpe TPM_MEDIUM, 2139deb0eb7SJason Gunthorpe TPM_SHORT, 2149deb0eb7SJason Gunthorpe TPM_SHORT, 2159deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 155 */ 2169deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2179deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2189deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2199deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2209deb0eb7SJason Gunthorpe TPM_SHORT, /* 160 */ 2219deb0eb7SJason Gunthorpe TPM_SHORT, 2229deb0eb7SJason Gunthorpe TPM_SHORT, 2239deb0eb7SJason Gunthorpe TPM_SHORT, 2249deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2259deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 165 */ 2269deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2279deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2289deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2299deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2309deb0eb7SJason Gunthorpe TPM_LONG, /* 170 */ 2319deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2329deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2339deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2349deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2359deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 175 */ 2369deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2379deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2389deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2399deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2409deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 180 */ 2419deb0eb7SJason Gunthorpe TPM_SHORT, 2429deb0eb7SJason Gunthorpe TPM_MEDIUM, 2439deb0eb7SJason Gunthorpe TPM_MEDIUM, 2449deb0eb7SJason Gunthorpe TPM_MEDIUM, 2459deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 185 */ 2469deb0eb7SJason Gunthorpe TPM_SHORT, 2479deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2489deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2499deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2509deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 190 */ 2519deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2529deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2539deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2549deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2559deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 195 */ 2569deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2579deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2589deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2599deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2609deb0eb7SJason Gunthorpe TPM_SHORT, /* 200 */ 2619deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2629deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2639deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2649deb0eb7SJason Gunthorpe TPM_SHORT, 2659deb0eb7SJason Gunthorpe TPM_SHORT, /* 205 */ 2669deb0eb7SJason Gunthorpe TPM_SHORT, 2679deb0eb7SJason Gunthorpe TPM_SHORT, 2689deb0eb7SJason Gunthorpe TPM_SHORT, 2699deb0eb7SJason Gunthorpe TPM_SHORT, 2709deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 210 */ 2719deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2729deb0eb7SJason Gunthorpe TPM_MEDIUM, 2739deb0eb7SJason Gunthorpe TPM_MEDIUM, 2749deb0eb7SJason Gunthorpe TPM_MEDIUM, 2759deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 215 */ 2769deb0eb7SJason Gunthorpe TPM_MEDIUM, 2779deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2789deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2799deb0eb7SJason Gunthorpe TPM_SHORT, 2809deb0eb7SJason Gunthorpe TPM_SHORT, /* 220 */ 2819deb0eb7SJason Gunthorpe TPM_SHORT, 2829deb0eb7SJason Gunthorpe TPM_SHORT, 2839deb0eb7SJason Gunthorpe TPM_SHORT, 2849deb0eb7SJason Gunthorpe TPM_SHORT, 2859deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 225 */ 2869deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2879deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2889deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2899deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2909deb0eb7SJason Gunthorpe TPM_SHORT, /* 230 */ 2919deb0eb7SJason Gunthorpe TPM_LONG, 2929deb0eb7SJason Gunthorpe TPM_MEDIUM, 2939deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2949deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2959deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 235 */ 2969deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2979deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2989deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2999deb0eb7SJason Gunthorpe TPM_UNDEFINED, 3009deb0eb7SJason Gunthorpe TPM_SHORT, /* 240 */ 3019deb0eb7SJason Gunthorpe TPM_UNDEFINED, 3029deb0eb7SJason Gunthorpe TPM_MEDIUM, 3039deb0eb7SJason Gunthorpe }; 3049deb0eb7SJason Gunthorpe 3059deb0eb7SJason Gunthorpe /* 3069deb0eb7SJason Gunthorpe * Returns max number of jiffies to wait 3079deb0eb7SJason Gunthorpe */ 3089deb0eb7SJason Gunthorpe unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, 3099deb0eb7SJason Gunthorpe u32 ordinal) 3109deb0eb7SJason Gunthorpe { 3119deb0eb7SJason Gunthorpe int duration_idx = TPM_UNDEFINED; 3129deb0eb7SJason Gunthorpe int duration = 0; 3139deb0eb7SJason Gunthorpe 314f7286430SMartin Wilck /* 315f7286430SMartin Wilck * We only have a duration table for protected commands, where the upper 316f7286430SMartin Wilck * 16 bits are 0. For the few other ordinals the fallback will be used. 317f7286430SMartin Wilck */ 318f7286430SMartin Wilck if (ordinal < TPM_MAX_ORDINAL) 3199deb0eb7SJason Gunthorpe duration_idx = tpm_ordinal_duration[ordinal]; 3209deb0eb7SJason Gunthorpe 3219deb0eb7SJason Gunthorpe if (duration_idx != TPM_UNDEFINED) 322af782f33SChristophe Ricard duration = chip->duration[duration_idx]; 3239deb0eb7SJason Gunthorpe if (duration <= 0) 3249deb0eb7SJason Gunthorpe return 2 * 60 * HZ; 3259deb0eb7SJason Gunthorpe else 3269deb0eb7SJason Gunthorpe return duration; 3279deb0eb7SJason Gunthorpe } 3289deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration); 3299deb0eb7SJason Gunthorpe 330095531f8SJavier Martinez Canillas static int tpm_validate_command(struct tpm_chip *chip, 331745b361eSJarkko Sakkinen struct tpm_space *space, 332745b361eSJarkko Sakkinen const u8 *cmd, 33358472f5cSJarkko Sakkinen size_t len) 33458472f5cSJarkko Sakkinen { 33558472f5cSJarkko Sakkinen const struct tpm_input_header *header = (const void *)cmd; 33658472f5cSJarkko Sakkinen int i; 33758472f5cSJarkko Sakkinen u32 cc; 33858472f5cSJarkko Sakkinen u32 attrs; 33958472f5cSJarkko Sakkinen unsigned int nr_handles; 34058472f5cSJarkko Sakkinen 34158472f5cSJarkko Sakkinen if (len < TPM_HEADER_SIZE) 342095531f8SJavier Martinez Canillas return -EINVAL; 34358472f5cSJarkko Sakkinen 344745b361eSJarkko Sakkinen if (!space) 345095531f8SJavier Martinez Canillas return 0; 346745b361eSJarkko Sakkinen 34758472f5cSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2 && chip->nr_commands) { 34858472f5cSJarkko Sakkinen cc = be32_to_cpu(header->ordinal); 34958472f5cSJarkko Sakkinen 35058472f5cSJarkko Sakkinen i = tpm2_find_cc(chip, cc); 35158472f5cSJarkko Sakkinen if (i < 0) { 35258472f5cSJarkko Sakkinen dev_dbg(&chip->dev, "0x%04X is an invalid command\n", 35358472f5cSJarkko Sakkinen cc); 354095531f8SJavier Martinez Canillas return -EOPNOTSUPP; 35558472f5cSJarkko Sakkinen } 35658472f5cSJarkko Sakkinen 35758472f5cSJarkko Sakkinen attrs = chip->cc_attrs_tbl[i]; 35858472f5cSJarkko Sakkinen nr_handles = 35958472f5cSJarkko Sakkinen 4 * ((attrs >> TPM2_CC_ATTR_CHANDLES) & GENMASK(2, 0)); 36058472f5cSJarkko Sakkinen if (len < TPM_HEADER_SIZE + 4 * nr_handles) 36158472f5cSJarkko Sakkinen goto err_len; 36258472f5cSJarkko Sakkinen } 36358472f5cSJarkko Sakkinen 364095531f8SJavier Martinez Canillas return 0; 36558472f5cSJarkko Sakkinen err_len: 36658472f5cSJarkko Sakkinen dev_dbg(&chip->dev, 36758472f5cSJarkko Sakkinen "%s: insufficient command length %zu", __func__, len); 368095531f8SJavier Martinez Canillas return -EINVAL; 36958472f5cSJarkko Sakkinen } 37058472f5cSJarkko Sakkinen 371627448e8STomas Winkler static int tpm_request_locality(struct tpm_chip *chip, unsigned int flags) 372888d867dSTomas Winkler { 373888d867dSTomas Winkler int rc; 374888d867dSTomas Winkler 37558bac8ccSJarkko Sakkinen if (flags & TPM_TRANSMIT_NESTED) 376627448e8STomas Winkler return 0; 377627448e8STomas Winkler 378888d867dSTomas Winkler if (!chip->ops->request_locality) 379888d867dSTomas Winkler return 0; 380888d867dSTomas Winkler 381888d867dSTomas Winkler rc = chip->ops->request_locality(chip, 0); 382888d867dSTomas Winkler if (rc < 0) 383888d867dSTomas Winkler return rc; 384888d867dSTomas Winkler 385888d867dSTomas Winkler chip->locality = rc; 386888d867dSTomas Winkler 387888d867dSTomas Winkler return 0; 388888d867dSTomas Winkler } 389888d867dSTomas Winkler 390627448e8STomas Winkler static void tpm_relinquish_locality(struct tpm_chip *chip, unsigned int flags) 391888d867dSTomas Winkler { 392888d867dSTomas Winkler int rc; 393888d867dSTomas Winkler 39458bac8ccSJarkko Sakkinen if (flags & TPM_TRANSMIT_NESTED) 395627448e8STomas Winkler return; 396627448e8STomas Winkler 397888d867dSTomas Winkler if (!chip->ops->relinquish_locality) 398888d867dSTomas Winkler return; 399888d867dSTomas Winkler 400888d867dSTomas Winkler rc = chip->ops->relinquish_locality(chip, chip->locality); 401888d867dSTomas Winkler if (rc) 402888d867dSTomas Winkler dev_err(&chip->dev, "%s: : error %d\n", __func__, rc); 403888d867dSTomas Winkler 404888d867dSTomas Winkler chip->locality = -1; 405888d867dSTomas Winkler } 406888d867dSTomas Winkler 407627448e8STomas Winkler static int tpm_cmd_ready(struct tpm_chip *chip, unsigned int flags) 408627448e8STomas Winkler { 40958bac8ccSJarkko Sakkinen if (flags & TPM_TRANSMIT_NESTED) 410627448e8STomas Winkler return 0; 411627448e8STomas Winkler 412627448e8STomas Winkler if (!chip->ops->cmd_ready) 413627448e8STomas Winkler return 0; 414627448e8STomas Winkler 415627448e8STomas Winkler return chip->ops->cmd_ready(chip); 416627448e8STomas Winkler } 417627448e8STomas Winkler 418627448e8STomas Winkler static int tpm_go_idle(struct tpm_chip *chip, unsigned int flags) 419627448e8STomas Winkler { 42058bac8ccSJarkko Sakkinen if (flags & TPM_TRANSMIT_NESTED) 421627448e8STomas Winkler return 0; 422627448e8STomas Winkler 423627448e8STomas Winkler if (!chip->ops->go_idle) 424627448e8STomas Winkler return 0; 425627448e8STomas Winkler 426627448e8STomas Winkler return chip->ops->go_idle(chip); 427627448e8STomas Winkler } 428627448e8STomas Winkler 429e2fb992dSJames Bottomley static ssize_t tpm_try_transmit(struct tpm_chip *chip, 430e2fb992dSJames Bottomley struct tpm_space *space, 431e2fb992dSJames Bottomley u8 *buf, size_t bufsiz, 432e2fb992dSJames Bottomley unsigned int flags) 4339deb0eb7SJason Gunthorpe { 434745b361eSJarkko Sakkinen struct tpm_output_header *header = (void *)buf; 435745b361eSJarkko Sakkinen int rc; 436745b361eSJarkko Sakkinen ssize_t len = 0; 4379deb0eb7SJason Gunthorpe u32 count, ordinal; 4389deb0eb7SJason Gunthorpe unsigned long stop; 439877c57d0SJarkko Sakkinen bool need_locality; 4409deb0eb7SJason Gunthorpe 441095531f8SJavier Martinez Canillas rc = tpm_validate_command(chip, space, buf, bufsiz); 442095531f8SJavier Martinez Canillas if (rc == -EINVAL) 443095531f8SJavier Martinez Canillas return rc; 444095531f8SJavier Martinez Canillas /* 445095531f8SJavier Martinez Canillas * If the command is not implemented by the TPM, synthesize a 446095531f8SJavier Martinez Canillas * response with a TPM2_RC_COMMAND_CODE return for user-space. 447095531f8SJavier Martinez Canillas */ 448095531f8SJavier Martinez Canillas if (rc == -EOPNOTSUPP) { 449095531f8SJavier Martinez Canillas header->length = cpu_to_be32(sizeof(*header)); 450095531f8SJavier Martinez Canillas header->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS); 451095531f8SJavier Martinez Canillas header->return_code = cpu_to_be32(TPM2_RC_COMMAND_CODE | 452095531f8SJavier Martinez Canillas TSS2_RESMGR_TPM_RC_LAYER); 45336a11029SRicardo Schwarzmeier return sizeof(*header); 454095531f8SJavier Martinez Canillas } 455ebfd7532SJarkko Sakkinen 4569deb0eb7SJason Gunthorpe if (bufsiz > TPM_BUFSIZE) 4579deb0eb7SJason Gunthorpe bufsiz = TPM_BUFSIZE; 4589deb0eb7SJason Gunthorpe 4599deb0eb7SJason Gunthorpe count = be32_to_cpu(*((__be32 *) (buf + 2))); 4609deb0eb7SJason Gunthorpe ordinal = be32_to_cpu(*((__be32 *) (buf + 6))); 4619deb0eb7SJason Gunthorpe if (count == 0) 4629deb0eb7SJason Gunthorpe return -ENODATA; 4639deb0eb7SJason Gunthorpe if (count > bufsiz) { 4648cfffc9dSJason Gunthorpe dev_err(&chip->dev, 4659deb0eb7SJason Gunthorpe "invalid count value %x %zx\n", count, bufsiz); 4669deb0eb7SJason Gunthorpe return -E2BIG; 4679deb0eb7SJason Gunthorpe } 4689deb0eb7SJason Gunthorpe 46958bac8ccSJarkko Sakkinen if (!(flags & TPM_TRANSMIT_UNLOCKED) && !(flags & TPM_TRANSMIT_NESTED)) 4709deb0eb7SJason Gunthorpe mutex_lock(&chip->tpm_mutex); 4719deb0eb7SJason Gunthorpe 472b3e958ceSAzhar Shaikh if (chip->ops->clk_enable != NULL) 473b3e958ceSAzhar Shaikh chip->ops->clk_enable(chip, true); 474b3e958ceSAzhar Shaikh 475877c57d0SJarkko Sakkinen /* Store the decision as chip->locality will be changed. */ 476877c57d0SJarkko Sakkinen need_locality = chip->locality == -1; 477877c57d0SJarkko Sakkinen 478627448e8STomas Winkler if (need_locality) { 479627448e8STomas Winkler rc = tpm_request_locality(chip, flags); 480877c57d0SJarkko Sakkinen if (rc < 0) 481877c57d0SJarkko Sakkinen goto out_no_locality; 482877c57d0SJarkko Sakkinen } 483877c57d0SJarkko Sakkinen 484627448e8STomas Winkler rc = tpm_cmd_ready(chip, flags); 485627448e8STomas Winkler if (rc) 486627448e8STomas Winkler goto out; 487888d867dSTomas Winkler 488745b361eSJarkko Sakkinen rc = tpm2_prepare_space(chip, space, ordinal, buf); 489745b361eSJarkko Sakkinen if (rc) 490745b361eSJarkko Sakkinen goto out; 491745b361eSJarkko Sakkinen 49262c09e12SWinkler, Tomas rc = chip->ops->send(chip, buf, count); 4939deb0eb7SJason Gunthorpe if (rc < 0) { 494402149c6SStefan Berger if (rc != -EPIPE) 4958cfffc9dSJason Gunthorpe dev_err(&chip->dev, 496402149c6SStefan Berger "%s: tpm_send: error %d\n", __func__, rc); 4979deb0eb7SJason Gunthorpe goto out; 4989deb0eb7SJason Gunthorpe } 4999deb0eb7SJason Gunthorpe 500570a3609SChristophe Ricard if (chip->flags & TPM_CHIP_FLAG_IRQ) 5019deb0eb7SJason Gunthorpe goto out_recv; 5029deb0eb7SJason Gunthorpe 5037a1d7e6dSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) 5047a1d7e6dSJarkko Sakkinen stop = jiffies + tpm2_calc_ordinal_duration(chip, ordinal); 5057a1d7e6dSJarkko Sakkinen else 5069deb0eb7SJason Gunthorpe stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal); 5079deb0eb7SJason Gunthorpe do { 5085f82e9f0SJason Gunthorpe u8 status = chip->ops->status(chip); 5095f82e9f0SJason Gunthorpe if ((status & chip->ops->req_complete_mask) == 5105f82e9f0SJason Gunthorpe chip->ops->req_complete_val) 5119deb0eb7SJason Gunthorpe goto out_recv; 5129deb0eb7SJason Gunthorpe 5135f82e9f0SJason Gunthorpe if (chip->ops->req_canceled(chip, status)) { 5148cfffc9dSJason Gunthorpe dev_err(&chip->dev, "Operation Canceled\n"); 5159deb0eb7SJason Gunthorpe rc = -ECANCELED; 5169deb0eb7SJason Gunthorpe goto out; 5179deb0eb7SJason Gunthorpe } 5189deb0eb7SJason Gunthorpe 51959f5a6b0SNayna Jain tpm_msleep(TPM_TIMEOUT_POLL); 5209deb0eb7SJason Gunthorpe rmb(); 5219deb0eb7SJason Gunthorpe } while (time_before(jiffies, stop)); 5229deb0eb7SJason Gunthorpe 5235f82e9f0SJason Gunthorpe chip->ops->cancel(chip); 5248cfffc9dSJason Gunthorpe dev_err(&chip->dev, "Operation Timed out\n"); 5259deb0eb7SJason Gunthorpe rc = -ETIME; 5269deb0eb7SJason Gunthorpe goto out; 5279deb0eb7SJason Gunthorpe 5289deb0eb7SJason Gunthorpe out_recv: 52962c09e12SWinkler, Tomas len = chip->ops->recv(chip, buf, bufsiz); 530745b361eSJarkko Sakkinen if (len < 0) { 531745b361eSJarkko Sakkinen rc = len; 5328cfffc9dSJason Gunthorpe dev_err(&chip->dev, 533745b361eSJarkko Sakkinen "tpm_transmit: tpm_recv: error %d\n", rc); 534a147918eSJarkko Sakkinen goto out; 535745b361eSJarkko Sakkinen } else if (len < TPM_HEADER_SIZE) { 536a147918eSJarkko Sakkinen rc = -EFAULT; 537a147918eSJarkko Sakkinen goto out; 538a147918eSJarkko Sakkinen } 539a147918eSJarkko Sakkinen 540745b361eSJarkko Sakkinen if (len != be32_to_cpu(header->length)) { 541745b361eSJarkko Sakkinen rc = -EFAULT; 542a147918eSJarkko Sakkinen goto out; 543745b361eSJarkko Sakkinen } 544745b361eSJarkko Sakkinen 545745b361eSJarkko Sakkinen rc = tpm2_commit_space(chip, space, ordinal, buf, &len); 546627448e8STomas Winkler if (rc) 547627448e8STomas Winkler dev_err(&chip->dev, "tpm2_commit_space: error %d\n", rc); 548a147918eSJarkko Sakkinen 5499deb0eb7SJason Gunthorpe out: 550627448e8STomas Winkler rc = tpm_go_idle(chip, flags); 551627448e8STomas Winkler if (rc) 552627448e8STomas Winkler goto out; 553888d867dSTomas Winkler 554888d867dSTomas Winkler if (need_locality) 555627448e8STomas Winkler tpm_relinquish_locality(chip, flags); 556888d867dSTomas Winkler 557877c57d0SJarkko Sakkinen out_no_locality: 558b3e958ceSAzhar Shaikh if (chip->ops->clk_enable != NULL) 559b3e958ceSAzhar Shaikh chip->ops->clk_enable(chip, false); 560b3e958ceSAzhar Shaikh 56158bac8ccSJarkko Sakkinen if (!(flags & TPM_TRANSMIT_UNLOCKED) && !(flags & TPM_TRANSMIT_NESTED)) 5629deb0eb7SJason Gunthorpe mutex_unlock(&chip->tpm_mutex); 563745b361eSJarkko Sakkinen return rc ? rc : len; 5649deb0eb7SJason Gunthorpe } 5659deb0eb7SJason Gunthorpe 566f865c196SWinkler, Tomas /** 567e2fb992dSJames Bottomley * tpm_transmit - Internal kernel interface to transmit TPM commands. 568e2fb992dSJames Bottomley * 569e2fb992dSJames Bottomley * @chip: TPM chip to use 570e2fb992dSJames Bottomley * @space: tpm space 571e2fb992dSJames Bottomley * @buf: TPM command buffer 572e2fb992dSJames Bottomley * @bufsiz: length of the TPM command buffer 573e2fb992dSJames Bottomley * @flags: tpm transmit flags - bitmap 574e2fb992dSJames Bottomley * 575e2fb992dSJames Bottomley * A wrapper around tpm_try_transmit that handles TPM2_RC_RETRY 576e2fb992dSJames Bottomley * returns from the TPM and retransmits the command after a delay up 577e2fb992dSJames Bottomley * to a maximum wait of TPM2_DURATION_LONG. 578e2fb992dSJames Bottomley * 579e2fb992dSJames Bottomley * Note: TPM1 never returns TPM2_RC_RETRY so the retry logic is TPM2 580e2fb992dSJames Bottomley * only 581e2fb992dSJames Bottomley * 582e2fb992dSJames Bottomley * Return: 583e2fb992dSJames Bottomley * the length of the return when the operation is successful. 584e2fb992dSJames Bottomley * A negative number for system errors (errno). 585e2fb992dSJames Bottomley */ 586e2fb992dSJames Bottomley ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space, 587e2fb992dSJames Bottomley u8 *buf, size_t bufsiz, unsigned int flags) 588e2fb992dSJames Bottomley { 589e2fb992dSJames Bottomley struct tpm_output_header *header = (struct tpm_output_header *)buf; 590e2fb992dSJames Bottomley /* space for header and handles */ 591e2fb992dSJames Bottomley u8 save[TPM_HEADER_SIZE + 3*sizeof(u32)]; 592e2fb992dSJames Bottomley unsigned int delay_msec = TPM2_DURATION_SHORT; 593e2fb992dSJames Bottomley u32 rc = 0; 594e2fb992dSJames Bottomley ssize_t ret; 595e2fb992dSJames Bottomley const size_t save_size = min(space ? sizeof(save) : TPM_HEADER_SIZE, 596e2fb992dSJames Bottomley bufsiz); 5972be8ffedSJames Bottomley /* the command code is where the return code will be */ 5982be8ffedSJames Bottomley u32 cc = be32_to_cpu(header->return_code); 599e2fb992dSJames Bottomley 600e2fb992dSJames Bottomley /* 601e2fb992dSJames Bottomley * Subtlety here: if we have a space, the handles will be 602e2fb992dSJames Bottomley * transformed, so when we restore the header we also have to 603e2fb992dSJames Bottomley * restore the handles. 604e2fb992dSJames Bottomley */ 605e2fb992dSJames Bottomley memcpy(save, buf, save_size); 606e2fb992dSJames Bottomley 607e2fb992dSJames Bottomley for (;;) { 608e2fb992dSJames Bottomley ret = tpm_try_transmit(chip, space, buf, bufsiz, flags); 609e2fb992dSJames Bottomley if (ret < 0) 610e2fb992dSJames Bottomley break; 611e2fb992dSJames Bottomley rc = be32_to_cpu(header->return_code); 6122be8ffedSJames Bottomley if (rc != TPM2_RC_RETRY && rc != TPM2_RC_TESTING) 6132be8ffedSJames Bottomley break; 6142be8ffedSJames Bottomley /* 6152be8ffedSJames Bottomley * return immediately if self test returns test 6162be8ffedSJames Bottomley * still running to shorten boot time. 6172be8ffedSJames Bottomley */ 6182be8ffedSJames Bottomley if (rc == TPM2_RC_TESTING && cc == TPM2_CC_SELF_TEST) 619e2fb992dSJames Bottomley break; 62092980756SNayna Jain 621e2fb992dSJames Bottomley if (delay_msec > TPM2_DURATION_LONG) { 6222be8ffedSJames Bottomley if (rc == TPM2_RC_RETRY) 6232be8ffedSJames Bottomley dev_err(&chip->dev, "in retry loop\n"); 6242be8ffedSJames Bottomley else 6252be8ffedSJames Bottomley dev_err(&chip->dev, 6262be8ffedSJames Bottomley "self test is still running\n"); 627e2fb992dSJames Bottomley break; 628e2fb992dSJames Bottomley } 629e2fb992dSJames Bottomley tpm_msleep(delay_msec); 63092980756SNayna Jain delay_msec *= 2; 631e2fb992dSJames Bottomley memcpy(buf, save, save_size); 632e2fb992dSJames Bottomley } 633e2fb992dSJames Bottomley return ret; 634e2fb992dSJames Bottomley } 635e2fb992dSJames Bottomley /** 63665520d46SWinkler, Tomas * tpm_transmit_cmd - send a tpm command to the device 637f865c196SWinkler, Tomas * The function extracts tpm out header return code 638f865c196SWinkler, Tomas * 639f865c196SWinkler, Tomas * @chip: TPM chip to use 64065520d46SWinkler, Tomas * @space: tpm space 641c659af78SStefan Berger * @buf: TPM command buffer 642c659af78SStefan Berger * @bufsiz: length of the buffer 643c659af78SStefan Berger * @min_rsp_body_length: minimum expected length of response body 644f865c196SWinkler, Tomas * @flags: tpm transmit flags - bitmap 645f865c196SWinkler, Tomas * @desc: command description used in the error message 646f865c196SWinkler, Tomas * 647f865c196SWinkler, Tomas * Return: 648f865c196SWinkler, Tomas * 0 when the operation is successful. 649f865c196SWinkler, Tomas * A negative number for system errors (errno). 650f865c196SWinkler, Tomas * A positive number for a TPM error. 651f865c196SWinkler, Tomas */ 652745b361eSJarkko Sakkinen ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space, 65362c09e12SWinkler, Tomas void *buf, size_t bufsiz, 654745b361eSJarkko Sakkinen size_t min_rsp_body_length, unsigned int flags, 655745b361eSJarkko Sakkinen const char *desc) 6569deb0eb7SJason Gunthorpe { 657a147918eSJarkko Sakkinen const struct tpm_output_header *header = buf; 6589deb0eb7SJason Gunthorpe int err; 659c659af78SStefan Berger ssize_t len; 6609deb0eb7SJason Gunthorpe 66162c09e12SWinkler, Tomas len = tpm_transmit(chip, space, buf, bufsiz, flags); 6629deb0eb7SJason Gunthorpe if (len < 0) 6639deb0eb7SJason Gunthorpe return len; 66487155b73SJarkko Sakkinen 66587155b73SJarkko Sakkinen err = be32_to_cpu(header->return_code); 666*0d6d0d62SJavier Martinez Canillas if (err != 0 && err != TPM_ERR_DISABLED && err != TPM_ERR_DEACTIVATED 667*0d6d0d62SJavier Martinez Canillas && desc) 6688cfffc9dSJason Gunthorpe dev_err(&chip->dev, "A TPM error (%d) occurred %s\n", err, 66971ed848fSJarkko Sakkinen desc); 670c659af78SStefan Berger if (err) 6719deb0eb7SJason Gunthorpe return err; 672c659af78SStefan Berger 673c659af78SStefan Berger if (len < min_rsp_body_length + TPM_HEADER_SIZE) 674c659af78SStefan Berger return -EFAULT; 675c659af78SStefan Berger 676c659af78SStefan Berger return 0; 6779deb0eb7SJason Gunthorpe } 678be4c9acfSStefan Berger EXPORT_SYMBOL_GPL(tpm_transmit_cmd); 6799deb0eb7SJason Gunthorpe 68019cbe4f6SJarkko Sakkinen #define TPM_ORD_STARTUP 153 68119cbe4f6SJarkko Sakkinen #define TPM_ST_CLEAR 1 68219cbe4f6SJarkko Sakkinen 68319cbe4f6SJarkko Sakkinen /** 68419cbe4f6SJarkko Sakkinen * tpm_startup - turn on the TPM 68519cbe4f6SJarkko Sakkinen * @chip: TPM chip to use 68619cbe4f6SJarkko Sakkinen * 68719cbe4f6SJarkko Sakkinen * Normally the firmware should start the TPM. This function is provided as a 68819cbe4f6SJarkko Sakkinen * workaround if this does not happen. A legal case for this could be for 68919cbe4f6SJarkko Sakkinen * example when a TPM emulator is used. 69019cbe4f6SJarkko Sakkinen * 69119cbe4f6SJarkko Sakkinen * Return: same as tpm_transmit_cmd() 69219cbe4f6SJarkko Sakkinen */ 69319cbe4f6SJarkko Sakkinen int tpm_startup(struct tpm_chip *chip) 69419cbe4f6SJarkko Sakkinen { 69519cbe4f6SJarkko Sakkinen struct tpm_buf buf; 69619cbe4f6SJarkko Sakkinen int rc; 69719cbe4f6SJarkko Sakkinen 69819cbe4f6SJarkko Sakkinen dev_info(&chip->dev, "starting up the TPM manually\n"); 69919cbe4f6SJarkko Sakkinen 70019cbe4f6SJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) { 70119cbe4f6SJarkko Sakkinen rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_STARTUP); 70219cbe4f6SJarkko Sakkinen if (rc < 0) 70319cbe4f6SJarkko Sakkinen return rc; 70419cbe4f6SJarkko Sakkinen 70519cbe4f6SJarkko Sakkinen tpm_buf_append_u16(&buf, TPM2_SU_CLEAR); 70619cbe4f6SJarkko Sakkinen } else { 70719cbe4f6SJarkko Sakkinen rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_STARTUP); 70819cbe4f6SJarkko Sakkinen if (rc < 0) 70919cbe4f6SJarkko Sakkinen return rc; 71019cbe4f6SJarkko Sakkinen 71119cbe4f6SJarkko Sakkinen tpm_buf_append_u16(&buf, TPM_ST_CLEAR); 71219cbe4f6SJarkko Sakkinen } 71319cbe4f6SJarkko Sakkinen 71419cbe4f6SJarkko Sakkinen rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0, 71519cbe4f6SJarkko Sakkinen "attempting to start the TPM"); 71619cbe4f6SJarkko Sakkinen 71719cbe4f6SJarkko Sakkinen tpm_buf_destroy(&buf); 71819cbe4f6SJarkko Sakkinen return rc; 71919cbe4f6SJarkko Sakkinen } 72019cbe4f6SJarkko Sakkinen 721f865c196SWinkler, Tomas #define TPM_DIGEST_SIZE 20 722f865c196SWinkler, Tomas #define TPM_RET_CODE_IDX 6 7239deb0eb7SJason Gunthorpe #define TPM_INTERNAL_RESULT_SIZE 200 724a69faebfSRoberto Sassu #define TPM_ORD_GET_CAP 101 725a69faebfSRoberto Sassu #define TPM_ORD_GET_RANDOM 70 7269deb0eb7SJason Gunthorpe 7279deb0eb7SJason Gunthorpe static const struct tpm_input_header tpm_getcap_header = { 72806e93279SRoberto Sassu .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), 7299deb0eb7SJason Gunthorpe .length = cpu_to_be32(22), 730a69faebfSRoberto Sassu .ordinal = cpu_to_be32(TPM_ORD_GET_CAP) 7319deb0eb7SJason Gunthorpe }; 7329deb0eb7SJason Gunthorpe 73384fda152SJarkko Sakkinen ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap, 734c659af78SStefan Berger const char *desc, size_t min_cap_length) 7359deb0eb7SJason Gunthorpe { 736124bdcf4SJarkko Sakkinen struct tpm_buf buf; 7379deb0eb7SJason Gunthorpe int rc; 7389deb0eb7SJason Gunthorpe 739124bdcf4SJarkko Sakkinen rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_CAP); 740124bdcf4SJarkko Sakkinen if (rc) 741124bdcf4SJarkko Sakkinen return rc; 742124bdcf4SJarkko Sakkinen 74384fda152SJarkko Sakkinen if (subcap_id == TPM_CAP_VERSION_1_1 || 74484fda152SJarkko Sakkinen subcap_id == TPM_CAP_VERSION_1_2) { 745124bdcf4SJarkko Sakkinen tpm_buf_append_u32(&buf, subcap_id); 746124bdcf4SJarkko Sakkinen tpm_buf_append_u32(&buf, 0); 7479deb0eb7SJason Gunthorpe } else { 7489deb0eb7SJason Gunthorpe if (subcap_id == TPM_CAP_FLAG_PERM || 7499deb0eb7SJason Gunthorpe subcap_id == TPM_CAP_FLAG_VOL) 750124bdcf4SJarkko Sakkinen tpm_buf_append_u32(&buf, TPM_CAP_FLAG); 7519deb0eb7SJason Gunthorpe else 752124bdcf4SJarkko Sakkinen tpm_buf_append_u32(&buf, TPM_CAP_PROP); 753124bdcf4SJarkko Sakkinen 754124bdcf4SJarkko Sakkinen tpm_buf_append_u32(&buf, 4); 755124bdcf4SJarkko Sakkinen tpm_buf_append_u32(&buf, subcap_id); 7569deb0eb7SJason Gunthorpe } 757124bdcf4SJarkko Sakkinen rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 758c659af78SStefan Berger min_cap_length, 0, desc); 7599deb0eb7SJason Gunthorpe if (!rc) 760124bdcf4SJarkko Sakkinen *cap = *(cap_t *)&buf.data[TPM_HEADER_SIZE + 4]; 761124bdcf4SJarkko Sakkinen 762124bdcf4SJarkko Sakkinen tpm_buf_destroy(&buf); 7639deb0eb7SJason Gunthorpe return rc; 7649deb0eb7SJason Gunthorpe } 765eb5854e7SJarkko Sakkinen EXPORT_SYMBOL_GPL(tpm_getcap); 7669deb0eb7SJason Gunthorpe 7679deb0eb7SJason Gunthorpe int tpm_get_timeouts(struct tpm_chip *chip) 7689deb0eb7SJason Gunthorpe { 769aaa6f7f6SEd Swierk cap_t cap; 7701d70fe9dSMaciej S. Szmigiero unsigned long timeout_old[4], timeout_chip[4], timeout_eff[4]; 7719deb0eb7SJason Gunthorpe ssize_t rc; 7729deb0eb7SJason Gunthorpe 773d1d253cfSJason Gunthorpe if (chip->flags & TPM_CHIP_FLAG_HAVE_TIMEOUTS) 774d1d253cfSJason Gunthorpe return 0; 775d1d253cfSJason Gunthorpe 77625112048SJason Gunthorpe if (chip->flags & TPM_CHIP_FLAG_TPM2) { 77725112048SJason Gunthorpe /* Fixed timeouts for TPM2 */ 778af782f33SChristophe Ricard chip->timeout_a = msecs_to_jiffies(TPM2_TIMEOUT_A); 779af782f33SChristophe Ricard chip->timeout_b = msecs_to_jiffies(TPM2_TIMEOUT_B); 780af782f33SChristophe Ricard chip->timeout_c = msecs_to_jiffies(TPM2_TIMEOUT_C); 781af782f33SChristophe Ricard chip->timeout_d = msecs_to_jiffies(TPM2_TIMEOUT_D); 782af782f33SChristophe Ricard chip->duration[TPM_SHORT] = 78325112048SJason Gunthorpe msecs_to_jiffies(TPM2_DURATION_SHORT); 784af782f33SChristophe Ricard chip->duration[TPM_MEDIUM] = 78525112048SJason Gunthorpe msecs_to_jiffies(TPM2_DURATION_MEDIUM); 786af782f33SChristophe Ricard chip->duration[TPM_LONG] = 78725112048SJason Gunthorpe msecs_to_jiffies(TPM2_DURATION_LONG); 788076d3564STomas Winkler chip->duration[TPM_LONG_LONG] = 789076d3564STomas Winkler msecs_to_jiffies(TPM2_DURATION_LONG_LONG); 790d1d253cfSJason Gunthorpe 791d1d253cfSJason Gunthorpe chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS; 79225112048SJason Gunthorpe return 0; 79325112048SJason Gunthorpe } 79425112048SJason Gunthorpe 795c659af78SStefan Berger rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL, 796c659af78SStefan Berger sizeof(cap.timeout)); 7979deb0eb7SJason Gunthorpe if (rc == TPM_ERR_INVALID_POSTINIT) { 79819cbe4f6SJarkko Sakkinen if (tpm_startup(chip)) 7999deb0eb7SJason Gunthorpe return rc; 8009deb0eb7SJason Gunthorpe 801aaa6f7f6SEd Swierk rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, 802c659af78SStefan Berger "attempting to determine the timeouts", 803c659af78SStefan Berger sizeof(cap.timeout)); 8049deb0eb7SJason Gunthorpe } 805c659af78SStefan Berger 80662bfdacbSJason Gunthorpe if (rc) { 80762bfdacbSJason Gunthorpe dev_err(&chip->dev, 80862bfdacbSJason Gunthorpe "A TPM error (%zd) occurred attempting to determine the timeouts\n", 80962bfdacbSJason Gunthorpe rc); 810aaa6f7f6SEd Swierk return rc; 81162bfdacbSJason Gunthorpe } 8129deb0eb7SJason Gunthorpe 8131d70fe9dSMaciej S. Szmigiero timeout_old[0] = jiffies_to_usecs(chip->timeout_a); 8141d70fe9dSMaciej S. Szmigiero timeout_old[1] = jiffies_to_usecs(chip->timeout_b); 8151d70fe9dSMaciej S. Szmigiero timeout_old[2] = jiffies_to_usecs(chip->timeout_c); 8161d70fe9dSMaciej S. Szmigiero timeout_old[3] = jiffies_to_usecs(chip->timeout_d); 8171d70fe9dSMaciej S. Szmigiero timeout_chip[0] = be32_to_cpu(cap.timeout.a); 8181d70fe9dSMaciej S. Szmigiero timeout_chip[1] = be32_to_cpu(cap.timeout.b); 8191d70fe9dSMaciej S. Szmigiero timeout_chip[2] = be32_to_cpu(cap.timeout.c); 8201d70fe9dSMaciej S. Szmigiero timeout_chip[3] = be32_to_cpu(cap.timeout.d); 8211d70fe9dSMaciej S. Szmigiero memcpy(timeout_eff, timeout_chip, sizeof(timeout_eff)); 8228e54caf4SJason Gunthorpe 8238e54caf4SJason Gunthorpe /* 8248e54caf4SJason Gunthorpe * Provide ability for vendor overrides of timeout values in case 8258e54caf4SJason Gunthorpe * of misreporting. 8268e54caf4SJason Gunthorpe */ 8278e54caf4SJason Gunthorpe if (chip->ops->update_timeouts != NULL) 828af782f33SChristophe Ricard chip->timeout_adjusted = 8291d70fe9dSMaciej S. Szmigiero chip->ops->update_timeouts(chip, timeout_eff); 8308e54caf4SJason Gunthorpe 831af782f33SChristophe Ricard if (!chip->timeout_adjusted) { 8321d70fe9dSMaciej S. Szmigiero /* Restore default if chip reported 0 */ 8338e54caf4SJason Gunthorpe int i; 8348e54caf4SJason Gunthorpe 8351d70fe9dSMaciej S. Szmigiero for (i = 0; i < ARRAY_SIZE(timeout_eff); i++) { 8361d70fe9dSMaciej S. Szmigiero if (timeout_eff[i]) 8371d70fe9dSMaciej S. Szmigiero continue; 8381d70fe9dSMaciej S. Szmigiero 8391d70fe9dSMaciej S. Szmigiero timeout_eff[i] = timeout_old[i]; 8401d70fe9dSMaciej S. Szmigiero chip->timeout_adjusted = true; 8411d70fe9dSMaciej S. Szmigiero } 8421d70fe9dSMaciej S. Szmigiero 8431d70fe9dSMaciej S. Szmigiero if (timeout_eff[0] != 0 && timeout_eff[0] < 1000) { 8449deb0eb7SJason Gunthorpe /* timeouts in msec rather usec */ 8451d70fe9dSMaciej S. Szmigiero for (i = 0; i != ARRAY_SIZE(timeout_eff); i++) 8461d70fe9dSMaciej S. Szmigiero timeout_eff[i] *= 1000; 847af782f33SChristophe Ricard chip->timeout_adjusted = true; 8489deb0eb7SJason Gunthorpe } 8498e54caf4SJason Gunthorpe } 8508e54caf4SJason Gunthorpe 8518e54caf4SJason Gunthorpe /* Report adjusted timeouts */ 852af782f33SChristophe Ricard if (chip->timeout_adjusted) { 8538cfffc9dSJason Gunthorpe dev_info(&chip->dev, 8548e54caf4SJason Gunthorpe HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n", 8551d70fe9dSMaciej S. Szmigiero timeout_chip[0], timeout_eff[0], 8561d70fe9dSMaciej S. Szmigiero timeout_chip[1], timeout_eff[1], 8571d70fe9dSMaciej S. Szmigiero timeout_chip[2], timeout_eff[2], 8581d70fe9dSMaciej S. Szmigiero timeout_chip[3], timeout_eff[3]); 8598e54caf4SJason Gunthorpe } 8608e54caf4SJason Gunthorpe 8611d70fe9dSMaciej S. Szmigiero chip->timeout_a = usecs_to_jiffies(timeout_eff[0]); 8621d70fe9dSMaciej S. Szmigiero chip->timeout_b = usecs_to_jiffies(timeout_eff[1]); 8631d70fe9dSMaciej S. Szmigiero chip->timeout_c = usecs_to_jiffies(timeout_eff[2]); 8641d70fe9dSMaciej S. Szmigiero chip->timeout_d = usecs_to_jiffies(timeout_eff[3]); 8659deb0eb7SJason Gunthorpe 866aaa6f7f6SEd Swierk rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_DURATION, &cap, 867c659af78SStefan Berger "attempting to determine the durations", 868c659af78SStefan Berger sizeof(cap.duration)); 8699deb0eb7SJason Gunthorpe if (rc) 8709deb0eb7SJason Gunthorpe return rc; 8719deb0eb7SJason Gunthorpe 872af782f33SChristophe Ricard chip->duration[TPM_SHORT] = 873aaa6f7f6SEd Swierk usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_short)); 874af782f33SChristophe Ricard chip->duration[TPM_MEDIUM] = 875aaa6f7f6SEd Swierk usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_medium)); 876af782f33SChristophe Ricard chip->duration[TPM_LONG] = 877aaa6f7f6SEd Swierk usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_long)); 878076d3564STomas Winkler chip->duration[TPM_LONG_LONG] = 0; /* not used under 1.2 */ 8799deb0eb7SJason Gunthorpe 8809deb0eb7SJason Gunthorpe /* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above 8819deb0eb7SJason Gunthorpe * value wrong and apparently reports msecs rather than usecs. So we 8829deb0eb7SJason Gunthorpe * fix up the resulting too-small TPM_SHORT value to make things work. 8839deb0eb7SJason Gunthorpe * We also scale the TPM_MEDIUM and -_LONG values by 1000. 8849deb0eb7SJason Gunthorpe */ 885af782f33SChristophe Ricard if (chip->duration[TPM_SHORT] < (HZ / 100)) { 886af782f33SChristophe Ricard chip->duration[TPM_SHORT] = HZ; 887af782f33SChristophe Ricard chip->duration[TPM_MEDIUM] *= 1000; 888af782f33SChristophe Ricard chip->duration[TPM_LONG] *= 1000; 889af782f33SChristophe Ricard chip->duration_adjusted = true; 8908cfffc9dSJason Gunthorpe dev_info(&chip->dev, "Adjusting TPM timeout parameters."); 8919deb0eb7SJason Gunthorpe } 892d1d253cfSJason Gunthorpe 893d1d253cfSJason Gunthorpe chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS; 8949deb0eb7SJason Gunthorpe return 0; 8959deb0eb7SJason Gunthorpe } 8969deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_get_timeouts); 8979deb0eb7SJason Gunthorpe 8989deb0eb7SJason Gunthorpe #define TPM_ORD_CONTINUE_SELFTEST 83 8999deb0eb7SJason Gunthorpe #define CONTINUE_SELFTEST_RESULT_SIZE 10 9009deb0eb7SJason Gunthorpe 9010014777fSJulia Lawall static const struct tpm_input_header continue_selftest_header = { 90206e93279SRoberto Sassu .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), 9039deb0eb7SJason Gunthorpe .length = cpu_to_be32(10), 9049deb0eb7SJason Gunthorpe .ordinal = cpu_to_be32(TPM_ORD_CONTINUE_SELFTEST), 9059deb0eb7SJason Gunthorpe }; 9069deb0eb7SJason Gunthorpe 9079deb0eb7SJason Gunthorpe /** 9089deb0eb7SJason Gunthorpe * tpm_continue_selftest -- run TPM's selftest 9099deb0eb7SJason Gunthorpe * @chip: TPM chip to use 9109deb0eb7SJason Gunthorpe * 9119deb0eb7SJason Gunthorpe * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing 9129deb0eb7SJason Gunthorpe * a TPM error code. 9139deb0eb7SJason Gunthorpe */ 9149deb0eb7SJason Gunthorpe static int tpm_continue_selftest(struct tpm_chip *chip) 9159deb0eb7SJason Gunthorpe { 9169deb0eb7SJason Gunthorpe int rc; 9179deb0eb7SJason Gunthorpe struct tpm_cmd_t cmd; 9189deb0eb7SJason Gunthorpe 9199deb0eb7SJason Gunthorpe cmd.header.in = continue_selftest_header; 920745b361eSJarkko Sakkinen rc = tpm_transmit_cmd(chip, NULL, &cmd, CONTINUE_SELFTEST_RESULT_SIZE, 921745b361eSJarkko Sakkinen 0, 0, "continue selftest"); 9229deb0eb7SJason Gunthorpe return rc; 9239deb0eb7SJason Gunthorpe } 9249deb0eb7SJason Gunthorpe 925a69faebfSRoberto Sassu #define TPM_ORDINAL_PCRREAD 21 9269deb0eb7SJason Gunthorpe #define READ_PCR_RESULT_SIZE 30 927c659af78SStefan Berger #define READ_PCR_RESULT_BODY_SIZE 20 9280014777fSJulia Lawall static const struct tpm_input_header pcrread_header = { 92906e93279SRoberto Sassu .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), 9309deb0eb7SJason Gunthorpe .length = cpu_to_be32(14), 931a69faebfSRoberto Sassu .ordinal = cpu_to_be32(TPM_ORDINAL_PCRREAD) 9329deb0eb7SJason Gunthorpe }; 9339deb0eb7SJason Gunthorpe 934000a07b0SJason Gunthorpe int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) 9359deb0eb7SJason Gunthorpe { 9369deb0eb7SJason Gunthorpe int rc; 9379deb0eb7SJason Gunthorpe struct tpm_cmd_t cmd; 9389deb0eb7SJason Gunthorpe 9399deb0eb7SJason Gunthorpe cmd.header.in = pcrread_header; 9409deb0eb7SJason Gunthorpe cmd.params.pcrread_in.pcr_idx = cpu_to_be32(pcr_idx); 941745b361eSJarkko Sakkinen rc = tpm_transmit_cmd(chip, NULL, &cmd, READ_PCR_RESULT_SIZE, 942c659af78SStefan Berger READ_PCR_RESULT_BODY_SIZE, 0, 9439deb0eb7SJason Gunthorpe "attempting to read a pcr value"); 9449deb0eb7SJason Gunthorpe 9459deb0eb7SJason Gunthorpe if (rc == 0) 9469deb0eb7SJason Gunthorpe memcpy(res_buf, cmd.params.pcrread_out.pcr_result, 9479deb0eb7SJason Gunthorpe TPM_DIGEST_SIZE); 9489deb0eb7SJason Gunthorpe return rc; 9499deb0eb7SJason Gunthorpe } 9509deb0eb7SJason Gunthorpe 9519deb0eb7SJason Gunthorpe /** 952aad887f6SJarkko Sakkinen * tpm_is_tpm2 - do we a have a TPM2 chip? 953aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 954954650efSJarkko Sakkinen * 955aad887f6SJarkko Sakkinen * Return: 956aad887f6SJarkko Sakkinen * 1 if we have a TPM2 chip. 957aad887f6SJarkko Sakkinen * 0 if we don't have a TPM2 chip. 958aad887f6SJarkko Sakkinen * A negative number for system errors (errno). 959954650efSJarkko Sakkinen */ 960aad887f6SJarkko Sakkinen int tpm_is_tpm2(struct tpm_chip *chip) 961954650efSJarkko Sakkinen { 962954650efSJarkko Sakkinen int rc; 963954650efSJarkko Sakkinen 964fc1d52b7SStefan Berger chip = tpm_find_get_ops(chip); 965aad887f6SJarkko Sakkinen if (!chip) 966954650efSJarkko Sakkinen return -ENODEV; 967954650efSJarkko Sakkinen 968954650efSJarkko Sakkinen rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0; 969954650efSJarkko Sakkinen 9704e26195fSJason Gunthorpe tpm_put_ops(chip); 971954650efSJarkko Sakkinen 972954650efSJarkko Sakkinen return rc; 973954650efSJarkko Sakkinen } 974954650efSJarkko Sakkinen EXPORT_SYMBOL_GPL(tpm_is_tpm2); 975954650efSJarkko Sakkinen 976954650efSJarkko Sakkinen /** 977aad887f6SJarkko Sakkinen * tpm_pcr_read - read a PCR value from SHA1 bank 978aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 979aad887f6SJarkko Sakkinen * @pcr_idx: the PCR to be retrieved 980aad887f6SJarkko Sakkinen * @res_buf: the value of the PCR 9819deb0eb7SJason Gunthorpe * 982aad887f6SJarkko Sakkinen * Return: same as with tpm_transmit_cmd() 9839deb0eb7SJason Gunthorpe */ 984aad887f6SJarkko Sakkinen int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) 9859deb0eb7SJason Gunthorpe { 9869deb0eb7SJason Gunthorpe int rc; 9879deb0eb7SJason Gunthorpe 988fc1d52b7SStefan Berger chip = tpm_find_get_ops(chip); 989aad887f6SJarkko Sakkinen if (!chip) 9909deb0eb7SJason Gunthorpe return -ENODEV; 9917a1d7e6dSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) 9927a1d7e6dSJarkko Sakkinen rc = tpm2_pcr_read(chip, pcr_idx, res_buf); 9937a1d7e6dSJarkko Sakkinen else 994000a07b0SJason Gunthorpe rc = tpm_pcr_read_dev(chip, pcr_idx, res_buf); 9954e26195fSJason Gunthorpe tpm_put_ops(chip); 9969deb0eb7SJason Gunthorpe return rc; 9979deb0eb7SJason Gunthorpe } 9989deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_pcr_read); 9999deb0eb7SJason Gunthorpe 1000a69faebfSRoberto Sassu #define TPM_ORD_PCR_EXTEND 20 1001ca6d4580SWinkler, Tomas #define EXTEND_PCR_RESULT_SIZE 34 100251b0be64SStefan Berger #define EXTEND_PCR_RESULT_BODY_SIZE 20 1003ca6d4580SWinkler, Tomas static const struct tpm_input_header pcrextend_header = { 100406e93279SRoberto Sassu .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), 1005ca6d4580SWinkler, Tomas .length = cpu_to_be32(34), 1006a69faebfSRoberto Sassu .ordinal = cpu_to_be32(TPM_ORD_PCR_EXTEND) 1007ca6d4580SWinkler, Tomas }; 1008ca6d4580SWinkler, Tomas 1009175d5b2aSRoberto Sassu static int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash, 1010175d5b2aSRoberto Sassu char *log_msg) 1011175d5b2aSRoberto Sassu { 1012175d5b2aSRoberto Sassu struct tpm_buf buf; 1013175d5b2aSRoberto Sassu int rc; 1014175d5b2aSRoberto Sassu 1015175d5b2aSRoberto Sassu rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCR_EXTEND); 1016175d5b2aSRoberto Sassu if (rc) 1017175d5b2aSRoberto Sassu return rc; 1018175d5b2aSRoberto Sassu 1019175d5b2aSRoberto Sassu tpm_buf_append_u32(&buf, pcr_idx); 1020175d5b2aSRoberto Sassu tpm_buf_append(&buf, hash, TPM_DIGEST_SIZE); 1021175d5b2aSRoberto Sassu 1022175d5b2aSRoberto Sassu rc = tpm_transmit_cmd(chip, NULL, buf.data, EXTEND_PCR_RESULT_SIZE, 1023175d5b2aSRoberto Sassu EXTEND_PCR_RESULT_BODY_SIZE, 0, log_msg); 1024175d5b2aSRoberto Sassu tpm_buf_destroy(&buf); 1025175d5b2aSRoberto Sassu return rc; 1026175d5b2aSRoberto Sassu } 1027175d5b2aSRoberto Sassu 10289deb0eb7SJason Gunthorpe /** 1029aad887f6SJarkko Sakkinen * tpm_pcr_extend - extend a PCR value in SHA1 bank. 1030aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 1031aad887f6SJarkko Sakkinen * @pcr_idx: the PCR to be retrieved 1032aad887f6SJarkko Sakkinen * @hash: the hash value used to extend the PCR value 10339deb0eb7SJason Gunthorpe * 1034aad887f6SJarkko Sakkinen * Note: with TPM 2.0 extends also those banks with a known digest size to the 1035aad887f6SJarkko Sakkinen * cryto subsystem in order to prevent malicious use of those PCR banks. In the 1036aad887f6SJarkko Sakkinen * future we should dynamically determine digest sizes. 1037aad887f6SJarkko Sakkinen * 1038aad887f6SJarkko Sakkinen * Return: same as with tpm_transmit_cmd() 10399deb0eb7SJason Gunthorpe */ 1040aad887f6SJarkko Sakkinen int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash) 10419deb0eb7SJason Gunthorpe { 10429deb0eb7SJason Gunthorpe int rc; 1043c1f92b4bSNayna Jain struct tpm2_digest digest_list[ARRAY_SIZE(chip->active_banks)]; 1044c1f92b4bSNayna Jain u32 count = 0; 1045c1f92b4bSNayna Jain int i; 10469deb0eb7SJason Gunthorpe 1047fc1d52b7SStefan Berger chip = tpm_find_get_ops(chip); 1048aad887f6SJarkko Sakkinen if (!chip) 10499deb0eb7SJason Gunthorpe return -ENODEV; 10509deb0eb7SJason Gunthorpe 10517a1d7e6dSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) { 1052c1f92b4bSNayna Jain memset(digest_list, 0, sizeof(digest_list)); 1053c1f92b4bSNayna Jain 105470ea1636SDan Carpenter for (i = 0; i < ARRAY_SIZE(chip->active_banks) && 105570ea1636SDan Carpenter chip->active_banks[i] != TPM2_ALG_ERROR; i++) { 1056c1f92b4bSNayna Jain digest_list[i].alg_id = chip->active_banks[i]; 1057c1f92b4bSNayna Jain memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE); 1058c1f92b4bSNayna Jain count++; 1059c1f92b4bSNayna Jain } 1060c1f92b4bSNayna Jain 1061c1f92b4bSNayna Jain rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list); 10624e26195fSJason Gunthorpe tpm_put_ops(chip); 10637a1d7e6dSJarkko Sakkinen return rc; 10647a1d7e6dSJarkko Sakkinen } 10657a1d7e6dSJarkko Sakkinen 1066175d5b2aSRoberto Sassu rc = tpm1_pcr_extend(chip, pcr_idx, hash, 10679deb0eb7SJason Gunthorpe "attempting extend a PCR value"); 10684e26195fSJason Gunthorpe tpm_put_ops(chip); 10699deb0eb7SJason Gunthorpe return rc; 10709deb0eb7SJason Gunthorpe } 10719deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_pcr_extend); 10729deb0eb7SJason Gunthorpe 10739deb0eb7SJason Gunthorpe /** 10749deb0eb7SJason Gunthorpe * tpm_do_selftest - have the TPM continue its selftest and wait until it 10759deb0eb7SJason Gunthorpe * can receive further commands 10769deb0eb7SJason Gunthorpe * @chip: TPM chip to use 10779deb0eb7SJason Gunthorpe * 10789deb0eb7SJason Gunthorpe * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing 10799deb0eb7SJason Gunthorpe * a TPM error code. 10809deb0eb7SJason Gunthorpe */ 10819deb0eb7SJason Gunthorpe int tpm_do_selftest(struct tpm_chip *chip) 10829deb0eb7SJason Gunthorpe { 10839deb0eb7SJason Gunthorpe int rc; 10849deb0eb7SJason Gunthorpe unsigned int loops; 10859deb0eb7SJason Gunthorpe unsigned int delay_msec = 100; 10869deb0eb7SJason Gunthorpe unsigned long duration; 10870c541332SJarkko Sakkinen u8 dummy[TPM_DIGEST_SIZE]; 10889deb0eb7SJason Gunthorpe 10899deb0eb7SJason Gunthorpe duration = tpm_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST); 10909deb0eb7SJason Gunthorpe 10919deb0eb7SJason Gunthorpe loops = jiffies_to_msecs(duration) / delay_msec; 10929deb0eb7SJason Gunthorpe 10939deb0eb7SJason Gunthorpe rc = tpm_continue_selftest(chip); 10940803d7beSChris Chiu if (rc == TPM_ERR_INVALID_POSTINIT) { 10950803d7beSChris Chiu chip->flags |= TPM_CHIP_FLAG_ALWAYS_POWERED; 10960803d7beSChris Chiu dev_info(&chip->dev, "TPM not ready (%d)\n", rc); 10970803d7beSChris Chiu } 10989deb0eb7SJason Gunthorpe /* This may fail if there was no TPM driver during a suspend/resume 10999deb0eb7SJason Gunthorpe * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST) 11009deb0eb7SJason Gunthorpe */ 11019deb0eb7SJason Gunthorpe if (rc) 11029deb0eb7SJason Gunthorpe return rc; 11039deb0eb7SJason Gunthorpe 11049deb0eb7SJason Gunthorpe do { 11059deb0eb7SJason Gunthorpe /* Attempt to read a PCR value */ 11060c541332SJarkko Sakkinen rc = tpm_pcr_read_dev(chip, 0, dummy); 11070c541332SJarkko Sakkinen 11089deb0eb7SJason Gunthorpe /* Some buggy TPMs will not respond to tpm_tis_ready() for 11099deb0eb7SJason Gunthorpe * around 300ms while the self test is ongoing, keep trying 11109deb0eb7SJason Gunthorpe * until the self test duration expires. */ 11119deb0eb7SJason Gunthorpe if (rc == -ETIME) { 11128cfffc9dSJason Gunthorpe dev_info( 11138cfffc9dSJason Gunthorpe &chip->dev, HW_ERR 11148cfffc9dSJason Gunthorpe "TPM command timed out during continue self test"); 11159f3fc7bcSHamza Attak tpm_msleep(delay_msec); 11169deb0eb7SJason Gunthorpe continue; 11179deb0eb7SJason Gunthorpe } 11189deb0eb7SJason Gunthorpe 11199deb0eb7SJason Gunthorpe if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) { 11208cfffc9dSJason Gunthorpe dev_info(&chip->dev, 11219deb0eb7SJason Gunthorpe "TPM is disabled/deactivated (0x%X)\n", rc); 11229deb0eb7SJason Gunthorpe /* TPM is disabled and/or deactivated; driver can 11239deb0eb7SJason Gunthorpe * proceed and TPM does handle commands for 11249deb0eb7SJason Gunthorpe * suspend/resume correctly 11259deb0eb7SJason Gunthorpe */ 11269deb0eb7SJason Gunthorpe return 0; 11279deb0eb7SJason Gunthorpe } 11289deb0eb7SJason Gunthorpe if (rc != TPM_WARN_DOING_SELFTEST) 11299deb0eb7SJason Gunthorpe return rc; 11309f3fc7bcSHamza Attak tpm_msleep(delay_msec); 11319deb0eb7SJason Gunthorpe } while (--loops > 0); 11329deb0eb7SJason Gunthorpe 11339deb0eb7SJason Gunthorpe return rc; 11349deb0eb7SJason Gunthorpe } 11359deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_do_selftest); 11369deb0eb7SJason Gunthorpe 1137cae8b441SJason Gunthorpe /** 1138cae8b441SJason Gunthorpe * tpm1_auto_startup - Perform the standard automatic TPM initialization 1139cae8b441SJason Gunthorpe * sequence 1140cae8b441SJason Gunthorpe * @chip: TPM chip to use 1141cae8b441SJason Gunthorpe * 1142cae8b441SJason Gunthorpe * Returns 0 on success, < 0 in case of fatal error. 1143cae8b441SJason Gunthorpe */ 1144cae8b441SJason Gunthorpe int tpm1_auto_startup(struct tpm_chip *chip) 1145cae8b441SJason Gunthorpe { 1146cae8b441SJason Gunthorpe int rc; 1147cae8b441SJason Gunthorpe 1148cae8b441SJason Gunthorpe rc = tpm_get_timeouts(chip); 1149cae8b441SJason Gunthorpe if (rc) 1150cae8b441SJason Gunthorpe goto out; 1151cae8b441SJason Gunthorpe rc = tpm_do_selftest(chip); 1152cae8b441SJason Gunthorpe if (rc) { 1153cae8b441SJason Gunthorpe dev_err(&chip->dev, "TPM self test failed\n"); 1154cae8b441SJason Gunthorpe goto out; 1155cae8b441SJason Gunthorpe } 1156cae8b441SJason Gunthorpe 1157cae8b441SJason Gunthorpe return rc; 1158cae8b441SJason Gunthorpe out: 1159cae8b441SJason Gunthorpe if (rc > 0) 1160cae8b441SJason Gunthorpe rc = -ENODEV; 1161cae8b441SJason Gunthorpe return rc; 1162cae8b441SJason Gunthorpe } 1163cae8b441SJason Gunthorpe 1164aad887f6SJarkko Sakkinen /** 1165aad887f6SJarkko Sakkinen * tpm_send - send a TPM command 1166aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 1167aad887f6SJarkko Sakkinen * @cmd: a TPM command buffer 1168aad887f6SJarkko Sakkinen * @buflen: the length of the TPM command buffer 1169aad887f6SJarkko Sakkinen * 1170aad887f6SJarkko Sakkinen * Return: same as with tpm_transmit_cmd() 1171aad887f6SJarkko Sakkinen */ 1172aad887f6SJarkko Sakkinen int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen) 11739deb0eb7SJason Gunthorpe { 11749deb0eb7SJason Gunthorpe int rc; 11759deb0eb7SJason Gunthorpe 1176fc1d52b7SStefan Berger chip = tpm_find_get_ops(chip); 1177aad887f6SJarkko Sakkinen if (!chip) 11789deb0eb7SJason Gunthorpe return -ENODEV; 11799deb0eb7SJason Gunthorpe 1180745b361eSJarkko Sakkinen rc = tpm_transmit_cmd(chip, NULL, cmd, buflen, 0, 0, 1181aad887f6SJarkko Sakkinen "attempting to a send a command"); 11824e26195fSJason Gunthorpe tpm_put_ops(chip); 11839deb0eb7SJason Gunthorpe return rc; 11849deb0eb7SJason Gunthorpe } 11859deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_send); 11869deb0eb7SJason Gunthorpe 1187a69faebfSRoberto Sassu #define TPM_ORD_SAVESTATE 152 11889deb0eb7SJason Gunthorpe #define SAVESTATE_RESULT_SIZE 10 11899deb0eb7SJason Gunthorpe 11900014777fSJulia Lawall static const struct tpm_input_header savestate_header = { 119106e93279SRoberto Sassu .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), 11929deb0eb7SJason Gunthorpe .length = cpu_to_be32(10), 1193a69faebfSRoberto Sassu .ordinal = cpu_to_be32(TPM_ORD_SAVESTATE) 11949deb0eb7SJason Gunthorpe }; 11959deb0eb7SJason Gunthorpe 11969deb0eb7SJason Gunthorpe /* 11979deb0eb7SJason Gunthorpe * We are about to suspend. Save the TPM state 11989deb0eb7SJason Gunthorpe * so that it can be restored. 11999deb0eb7SJason Gunthorpe */ 12009deb0eb7SJason Gunthorpe int tpm_pm_suspend(struct device *dev) 12019deb0eb7SJason Gunthorpe { 1202ec03c50bSStefan Berger struct tpm_chip *chip = dev_get_drvdata(dev); 12039deb0eb7SJason Gunthorpe struct tpm_cmd_t cmd; 12049deb0eb7SJason Gunthorpe int rc, try; 12059deb0eb7SJason Gunthorpe 12069deb0eb7SJason Gunthorpe u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 }; 12079deb0eb7SJason Gunthorpe 12089deb0eb7SJason Gunthorpe if (chip == NULL) 12099deb0eb7SJason Gunthorpe return -ENODEV; 12109deb0eb7SJason Gunthorpe 1211b5d0ebc9SEnric Balletbo i Serra if (chip->flags & TPM_CHIP_FLAG_ALWAYS_POWERED) 1212b5d0ebc9SEnric Balletbo i Serra return 0; 1213b5d0ebc9SEnric Balletbo i Serra 121474d6b3ceSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) { 121574d6b3ceSJarkko Sakkinen tpm2_shutdown(chip, TPM2_SU_STATE); 121674d6b3ceSJarkko Sakkinen return 0; 121774d6b3ceSJarkko Sakkinen } 121830fc8d13SJarkko Sakkinen 12199deb0eb7SJason Gunthorpe /* for buggy tpm, flush pcrs with extend to selected dummy */ 1220175d5b2aSRoberto Sassu if (tpm_suspend_pcr) 1221175d5b2aSRoberto Sassu rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash, 12229deb0eb7SJason Gunthorpe "extending dummy pcr before suspend"); 12239deb0eb7SJason Gunthorpe 12249deb0eb7SJason Gunthorpe /* now do the actual savestate */ 12259deb0eb7SJason Gunthorpe for (try = 0; try < TPM_RETRY; try++) { 12269deb0eb7SJason Gunthorpe cmd.header.in = savestate_header; 1227745b361eSJarkko Sakkinen rc = tpm_transmit_cmd(chip, NULL, &cmd, SAVESTATE_RESULT_SIZE, 1228745b361eSJarkko Sakkinen 0, 0, NULL); 12299deb0eb7SJason Gunthorpe 12309deb0eb7SJason Gunthorpe /* 12319deb0eb7SJason Gunthorpe * If the TPM indicates that it is too busy to respond to 12329deb0eb7SJason Gunthorpe * this command then retry before giving up. It can take 12339deb0eb7SJason Gunthorpe * several seconds for this TPM to be ready. 12349deb0eb7SJason Gunthorpe * 12359deb0eb7SJason Gunthorpe * This can happen if the TPM has already been sent the 12369deb0eb7SJason Gunthorpe * SaveState command before the driver has loaded. TCG 1.2 12379deb0eb7SJason Gunthorpe * specification states that any communication after SaveState 12389deb0eb7SJason Gunthorpe * may cause the TPM to invalidate previously saved state. 12399deb0eb7SJason Gunthorpe */ 12409deb0eb7SJason Gunthorpe if (rc != TPM_WARN_RETRY) 12419deb0eb7SJason Gunthorpe break; 12429f3fc7bcSHamza Attak tpm_msleep(TPM_TIMEOUT_RETRY); 12439deb0eb7SJason Gunthorpe } 12449deb0eb7SJason Gunthorpe 12459deb0eb7SJason Gunthorpe if (rc) 12468cfffc9dSJason Gunthorpe dev_err(&chip->dev, 12479deb0eb7SJason Gunthorpe "Error (%d) sending savestate before suspend\n", rc); 12489deb0eb7SJason Gunthorpe else if (try > 0) 12498cfffc9dSJason Gunthorpe dev_warn(&chip->dev, "TPM savestate took %dms\n", 12509deb0eb7SJason Gunthorpe try * TPM_TIMEOUT_RETRY); 12519deb0eb7SJason Gunthorpe 12529deb0eb7SJason Gunthorpe return rc; 12539deb0eb7SJason Gunthorpe } 12549deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_pm_suspend); 12559deb0eb7SJason Gunthorpe 12569deb0eb7SJason Gunthorpe /* 12579deb0eb7SJason Gunthorpe * Resume from a power safe. The BIOS already restored 12589deb0eb7SJason Gunthorpe * the TPM state. 12599deb0eb7SJason Gunthorpe */ 12609deb0eb7SJason Gunthorpe int tpm_pm_resume(struct device *dev) 12619deb0eb7SJason Gunthorpe { 1262ec03c50bSStefan Berger struct tpm_chip *chip = dev_get_drvdata(dev); 12639deb0eb7SJason Gunthorpe 12649deb0eb7SJason Gunthorpe if (chip == NULL) 12659deb0eb7SJason Gunthorpe return -ENODEV; 12669deb0eb7SJason Gunthorpe 12679deb0eb7SJason Gunthorpe return 0; 12689deb0eb7SJason Gunthorpe } 12699deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_pm_resume); 12709deb0eb7SJason Gunthorpe 12719deb0eb7SJason Gunthorpe #define TPM_GETRANDOM_RESULT_SIZE 18 12720014777fSJulia Lawall static const struct tpm_input_header tpm_getrandom_header = { 127306e93279SRoberto Sassu .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), 12749deb0eb7SJason Gunthorpe .length = cpu_to_be32(14), 1275a69faebfSRoberto Sassu .ordinal = cpu_to_be32(TPM_ORD_GET_RANDOM) 12769deb0eb7SJason Gunthorpe }; 12779deb0eb7SJason Gunthorpe 12789deb0eb7SJason Gunthorpe /** 1279aad887f6SJarkko Sakkinen * tpm_get_random() - get random bytes from the TPM's RNG 1280aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 12819deb0eb7SJason Gunthorpe * @out: destination buffer for the random bytes 12829deb0eb7SJason Gunthorpe * @max: the max number of bytes to write to @out 12839deb0eb7SJason Gunthorpe * 1284aad887f6SJarkko Sakkinen * Return: same as with tpm_transmit_cmd() 12859deb0eb7SJason Gunthorpe */ 1286aad887f6SJarkko Sakkinen int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max) 12879deb0eb7SJason Gunthorpe { 12889deb0eb7SJason Gunthorpe struct tpm_cmd_t tpm_cmd; 1289c659af78SStefan Berger u32 recd, num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA), rlength; 12909deb0eb7SJason Gunthorpe int err, total = 0, retries = 5; 12919deb0eb7SJason Gunthorpe u8 *dest = out; 12929deb0eb7SJason Gunthorpe 12933e14d83eSJarkko Sakkinen if (!out || !num_bytes || max > TPM_MAX_RNG_DATA) 12943e14d83eSJarkko Sakkinen return -EINVAL; 12953e14d83eSJarkko Sakkinen 1296fc1d52b7SStefan Berger chip = tpm_find_get_ops(chip); 1297aad887f6SJarkko Sakkinen if (!chip) 12989deb0eb7SJason Gunthorpe return -ENODEV; 12999deb0eb7SJason Gunthorpe 13007a1d7e6dSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) { 13017a1d7e6dSJarkko Sakkinen err = tpm2_get_random(chip, out, max); 13024e26195fSJason Gunthorpe tpm_put_ops(chip); 13037a1d7e6dSJarkko Sakkinen return err; 13047a1d7e6dSJarkko Sakkinen } 13057a1d7e6dSJarkko Sakkinen 13069deb0eb7SJason Gunthorpe do { 13079deb0eb7SJason Gunthorpe tpm_cmd.header.in = tpm_getrandom_header; 13089deb0eb7SJason Gunthorpe tpm_cmd.params.getrandom_in.num_bytes = cpu_to_be32(num_bytes); 13099deb0eb7SJason Gunthorpe 1310745b361eSJarkko Sakkinen err = tpm_transmit_cmd(chip, NULL, &tpm_cmd, 13119deb0eb7SJason Gunthorpe TPM_GETRANDOM_RESULT_SIZE + num_bytes, 1312c659af78SStefan Berger offsetof(struct tpm_getrandom_out, 1313c659af78SStefan Berger rng_data), 1314d4816edfSJarkko Sakkinen 0, "attempting get random"); 13159deb0eb7SJason Gunthorpe if (err) 13169deb0eb7SJason Gunthorpe break; 13179deb0eb7SJason Gunthorpe 13189deb0eb7SJason Gunthorpe recd = be32_to_cpu(tpm_cmd.params.getrandom_out.rng_data_len); 13193be23274SJeremy Boone if (recd > num_bytes) { 13203be23274SJeremy Boone total = -EFAULT; 13213be23274SJeremy Boone break; 13223be23274SJeremy Boone } 1323c659af78SStefan Berger 1324c659af78SStefan Berger rlength = be32_to_cpu(tpm_cmd.header.out.length); 132584b59f64SJarkko Sakkinen if (rlength < TPM_HEADER_SIZE + 132684b59f64SJarkko Sakkinen offsetof(struct tpm_getrandom_out, rng_data) + 1327c659af78SStefan Berger recd) { 1328c659af78SStefan Berger total = -EFAULT; 1329c659af78SStefan Berger break; 1330c659af78SStefan Berger } 13319deb0eb7SJason Gunthorpe memcpy(dest, tpm_cmd.params.getrandom_out.rng_data, recd); 13329deb0eb7SJason Gunthorpe 13339deb0eb7SJason Gunthorpe dest += recd; 13349deb0eb7SJason Gunthorpe total += recd; 13359deb0eb7SJason Gunthorpe num_bytes -= recd; 13369deb0eb7SJason Gunthorpe } while (retries-- && total < max); 13379deb0eb7SJason Gunthorpe 13384e26195fSJason Gunthorpe tpm_put_ops(chip); 13399deb0eb7SJason Gunthorpe return total ? total : -EIO; 13409deb0eb7SJason Gunthorpe } 13419deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_get_random); 13429deb0eb7SJason Gunthorpe 1343954650efSJarkko Sakkinen /** 1344aad887f6SJarkko Sakkinen * tpm_seal_trusted() - seal a trusted key payload 1345aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 1346954650efSJarkko Sakkinen * @options: authentication values and other options 1347954650efSJarkko Sakkinen * @payload: the key data in clear and encrypted form 1348954650efSJarkko Sakkinen * 1349aad887f6SJarkko Sakkinen * Note: only TPM 2.0 chip are supported. TPM 1.x implementation is located in 1350aad887f6SJarkko Sakkinen * the keyring subsystem. 1351aad887f6SJarkko Sakkinen * 1352aad887f6SJarkko Sakkinen * Return: same as with tpm_transmit_cmd() 1353954650efSJarkko Sakkinen */ 1354aad887f6SJarkko Sakkinen int tpm_seal_trusted(struct tpm_chip *chip, struct trusted_key_payload *payload, 1355954650efSJarkko Sakkinen struct trusted_key_options *options) 1356954650efSJarkko Sakkinen { 1357954650efSJarkko Sakkinen int rc; 1358954650efSJarkko Sakkinen 1359fc1d52b7SStefan Berger chip = tpm_find_get_ops(chip); 1360aad887f6SJarkko Sakkinen if (!chip || !(chip->flags & TPM_CHIP_FLAG_TPM2)) 1361954650efSJarkko Sakkinen return -ENODEV; 1362954650efSJarkko Sakkinen 1363954650efSJarkko Sakkinen rc = tpm2_seal_trusted(chip, payload, options); 1364954650efSJarkko Sakkinen 13654e26195fSJason Gunthorpe tpm_put_ops(chip); 1366954650efSJarkko Sakkinen return rc; 1367954650efSJarkko Sakkinen } 1368954650efSJarkko Sakkinen EXPORT_SYMBOL_GPL(tpm_seal_trusted); 1369954650efSJarkko Sakkinen 1370954650efSJarkko Sakkinen /** 1371954650efSJarkko Sakkinen * tpm_unseal_trusted() - unseal a trusted key 1372aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 1373954650efSJarkko Sakkinen * @options: authentication values and other options 1374954650efSJarkko Sakkinen * @payload: the key data in clear and encrypted form 1375954650efSJarkko Sakkinen * 1376aad887f6SJarkko Sakkinen * Note: only TPM 2.0 chip are supported. TPM 1.x implementation is located in 1377aad887f6SJarkko Sakkinen * the keyring subsystem. 1378aad887f6SJarkko Sakkinen * 1379aad887f6SJarkko Sakkinen * Return: same as with tpm_transmit_cmd() 1380954650efSJarkko Sakkinen */ 1381aad887f6SJarkko Sakkinen int tpm_unseal_trusted(struct tpm_chip *chip, 1382aad887f6SJarkko Sakkinen struct trusted_key_payload *payload, 1383954650efSJarkko Sakkinen struct trusted_key_options *options) 1384954650efSJarkko Sakkinen { 1385954650efSJarkko Sakkinen int rc; 1386954650efSJarkko Sakkinen 1387fc1d52b7SStefan Berger chip = tpm_find_get_ops(chip); 1388aad887f6SJarkko Sakkinen if (!chip || !(chip->flags & TPM_CHIP_FLAG_TPM2)) 1389954650efSJarkko Sakkinen return -ENODEV; 1390954650efSJarkko Sakkinen 1391954650efSJarkko Sakkinen rc = tpm2_unseal_trusted(chip, payload, options); 1392954650efSJarkko Sakkinen 13934e26195fSJason Gunthorpe tpm_put_ops(chip); 13944e26195fSJason Gunthorpe 1395954650efSJarkko Sakkinen return rc; 1396954650efSJarkko Sakkinen } 1397954650efSJarkko Sakkinen EXPORT_SYMBOL_GPL(tpm_unseal_trusted); 1398954650efSJarkko Sakkinen 1399313d21eeSJarkko Sakkinen static int __init tpm_init(void) 1400313d21eeSJarkko Sakkinen { 1401313d21eeSJarkko Sakkinen int rc; 1402313d21eeSJarkko Sakkinen 1403313d21eeSJarkko Sakkinen tpm_class = class_create(THIS_MODULE, "tpm"); 1404313d21eeSJarkko Sakkinen if (IS_ERR(tpm_class)) { 1405313d21eeSJarkko Sakkinen pr_err("couldn't create tpm class\n"); 1406313d21eeSJarkko Sakkinen return PTR_ERR(tpm_class); 1407313d21eeSJarkko Sakkinen } 1408313d21eeSJarkko Sakkinen 1409fdc915f7SJames Bottomley tpmrm_class = class_create(THIS_MODULE, "tpmrm"); 1410fdc915f7SJames Bottomley if (IS_ERR(tpmrm_class)) { 1411fdc915f7SJames Bottomley pr_err("couldn't create tpmrm class\n"); 1412fdc915f7SJames Bottomley class_destroy(tpm_class); 1413fdc915f7SJames Bottomley return PTR_ERR(tpmrm_class); 1414fdc915f7SJames Bottomley } 1415fdc915f7SJames Bottomley 1416fdc915f7SJames Bottomley rc = alloc_chrdev_region(&tpm_devt, 0, 2*TPM_NUM_DEVICES, "tpm"); 1417313d21eeSJarkko Sakkinen if (rc < 0) { 1418313d21eeSJarkko Sakkinen pr_err("tpm: failed to allocate char dev region\n"); 1419fdc915f7SJames Bottomley class_destroy(tpmrm_class); 1420313d21eeSJarkko Sakkinen class_destroy(tpm_class); 1421313d21eeSJarkko Sakkinen return rc; 1422313d21eeSJarkko Sakkinen } 1423313d21eeSJarkko Sakkinen 1424313d21eeSJarkko Sakkinen return 0; 1425313d21eeSJarkko Sakkinen } 1426313d21eeSJarkko Sakkinen 1427313d21eeSJarkko Sakkinen static void __exit tpm_exit(void) 1428313d21eeSJarkko Sakkinen { 142915516788SStefan Berger idr_destroy(&dev_nums_idr); 1430313d21eeSJarkko Sakkinen class_destroy(tpm_class); 1431fdc915f7SJames Bottomley class_destroy(tpmrm_class); 1432fdc915f7SJames Bottomley unregister_chrdev_region(tpm_devt, 2*TPM_NUM_DEVICES); 1433313d21eeSJarkko Sakkinen } 1434313d21eeSJarkko Sakkinen 1435313d21eeSJarkko Sakkinen subsys_initcall(tpm_init); 1436313d21eeSJarkko Sakkinen module_exit(tpm_exit); 1437313d21eeSJarkko Sakkinen 14389deb0eb7SJason Gunthorpe MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)"); 14399deb0eb7SJason Gunthorpe MODULE_DESCRIPTION("TPM Driver"); 14409deb0eb7SJason Gunthorpe MODULE_VERSION("2.0"); 14419deb0eb7SJason Gunthorpe MODULE_LICENSE("GPL"); 1442