19deb0eb7SJason Gunthorpe /* 29deb0eb7SJason Gunthorpe * Copyright (C) 2004 IBM Corporation 3afb5abc2SJarkko Sakkinen * Copyright (C) 2014 Intel Corporation 49deb0eb7SJason Gunthorpe * 59deb0eb7SJason Gunthorpe * Authors: 69deb0eb7SJason Gunthorpe * Leendert van Doorn <leendert@watson.ibm.com> 79deb0eb7SJason Gunthorpe * Dave Safford <safford@watson.ibm.com> 89deb0eb7SJason Gunthorpe * Reiner Sailer <sailer@watson.ibm.com> 99deb0eb7SJason Gunthorpe * Kylene Hall <kjhall@us.ibm.com> 109deb0eb7SJason Gunthorpe * 119deb0eb7SJason Gunthorpe * Maintained by: <tpmdd-devel@lists.sourceforge.net> 129deb0eb7SJason Gunthorpe * 139deb0eb7SJason Gunthorpe * Device driver for TCG/TCPA TPM (trusted platform module). 149deb0eb7SJason Gunthorpe * Specifications at www.trustedcomputinggroup.org 159deb0eb7SJason Gunthorpe * 169deb0eb7SJason Gunthorpe * This program is free software; you can redistribute it and/or 179deb0eb7SJason Gunthorpe * modify it under the terms of the GNU General Public License as 189deb0eb7SJason Gunthorpe * published by the Free Software Foundation, version 2 of the 199deb0eb7SJason Gunthorpe * License. 209deb0eb7SJason Gunthorpe * 219deb0eb7SJason Gunthorpe * Note, the TPM chip is not interrupt driven (only polling) 229deb0eb7SJason Gunthorpe * and can have very long timeouts (minutes!). Hence the unusual 239deb0eb7SJason Gunthorpe * calls to msleep. 249deb0eb7SJason Gunthorpe * 259deb0eb7SJason Gunthorpe */ 269deb0eb7SJason Gunthorpe 279deb0eb7SJason Gunthorpe #include <linux/poll.h> 289deb0eb7SJason Gunthorpe #include <linux/slab.h> 299deb0eb7SJason Gunthorpe #include <linux/mutex.h> 309deb0eb7SJason Gunthorpe #include <linux/spinlock.h> 319deb0eb7SJason Gunthorpe #include <linux/freezer.h> 32fd3ec366SThiebaud Weksteen #include <linux/tpm_eventlog.h> 339deb0eb7SJason Gunthorpe 349deb0eb7SJason Gunthorpe #include "tpm.h" 359deb0eb7SJason Gunthorpe 369deb0eb7SJason Gunthorpe #define TPM_MAX_ORDINAL 243 379deb0eb7SJason Gunthorpe #define TSC_MAX_ORDINAL 12 389deb0eb7SJason Gunthorpe #define TPM_PROTECTED_COMMAND 0x00 399deb0eb7SJason Gunthorpe #define TPM_CONNECTION_COMMAND 0x40 409deb0eb7SJason Gunthorpe 419deb0eb7SJason Gunthorpe /* 429deb0eb7SJason Gunthorpe * Bug workaround - some TPM's don't flush the most 439deb0eb7SJason Gunthorpe * recently changed pcr on suspend, so force the flush 449deb0eb7SJason Gunthorpe * with an extend to the selected _unused_ non-volatile pcr. 459deb0eb7SJason Gunthorpe */ 469deb0eb7SJason Gunthorpe static int tpm_suspend_pcr; 479deb0eb7SJason Gunthorpe module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644); 489deb0eb7SJason Gunthorpe MODULE_PARM_DESC(suspend_pcr, 4939f5712bSDmitry Torokhov "PCR to use for dummy writes to facilitate flush on suspend."); 509deb0eb7SJason Gunthorpe 519deb0eb7SJason Gunthorpe /* 529deb0eb7SJason Gunthorpe * Array with one entry per ordinal defining the maximum amount 539deb0eb7SJason Gunthorpe * of time the chip could take to return the result. The ordinal 549deb0eb7SJason Gunthorpe * designation of short, medium or long is defined in a table in 559deb0eb7SJason Gunthorpe * TCG Specification TPM Main Part 2 TPM Structures Section 17. The 569deb0eb7SJason Gunthorpe * values of the SHORT, MEDIUM, and LONG durations are retrieved 579deb0eb7SJason Gunthorpe * from the chip during initialization with a call to tpm_get_timeouts. 589deb0eb7SJason Gunthorpe */ 599deb0eb7SJason Gunthorpe static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = { 609deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 0 */ 619deb0eb7SJason Gunthorpe TPM_UNDEFINED, 629deb0eb7SJason Gunthorpe TPM_UNDEFINED, 639deb0eb7SJason Gunthorpe TPM_UNDEFINED, 649deb0eb7SJason Gunthorpe TPM_UNDEFINED, 659deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 5 */ 669deb0eb7SJason Gunthorpe TPM_UNDEFINED, 679deb0eb7SJason Gunthorpe TPM_UNDEFINED, 689deb0eb7SJason Gunthorpe TPM_UNDEFINED, 699deb0eb7SJason Gunthorpe TPM_UNDEFINED, 709deb0eb7SJason Gunthorpe TPM_SHORT, /* 10 */ 719deb0eb7SJason Gunthorpe TPM_SHORT, 729deb0eb7SJason Gunthorpe TPM_MEDIUM, 739deb0eb7SJason Gunthorpe TPM_LONG, 749deb0eb7SJason Gunthorpe TPM_LONG, 759deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 15 */ 769deb0eb7SJason Gunthorpe TPM_SHORT, 779deb0eb7SJason Gunthorpe TPM_SHORT, 789deb0eb7SJason Gunthorpe TPM_MEDIUM, 799deb0eb7SJason Gunthorpe TPM_LONG, 809deb0eb7SJason Gunthorpe TPM_SHORT, /* 20 */ 819deb0eb7SJason Gunthorpe TPM_SHORT, 829deb0eb7SJason Gunthorpe TPM_MEDIUM, 839deb0eb7SJason Gunthorpe TPM_MEDIUM, 849deb0eb7SJason Gunthorpe TPM_MEDIUM, 859deb0eb7SJason Gunthorpe TPM_SHORT, /* 25 */ 869deb0eb7SJason Gunthorpe TPM_SHORT, 879deb0eb7SJason Gunthorpe TPM_MEDIUM, 889deb0eb7SJason Gunthorpe TPM_SHORT, 899deb0eb7SJason Gunthorpe TPM_SHORT, 909deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 30 */ 919deb0eb7SJason Gunthorpe TPM_LONG, 929deb0eb7SJason Gunthorpe TPM_MEDIUM, 939deb0eb7SJason Gunthorpe TPM_SHORT, 949deb0eb7SJason Gunthorpe TPM_SHORT, 959deb0eb7SJason Gunthorpe TPM_SHORT, /* 35 */ 969deb0eb7SJason Gunthorpe TPM_MEDIUM, 979deb0eb7SJason Gunthorpe TPM_MEDIUM, 989deb0eb7SJason Gunthorpe TPM_UNDEFINED, 999deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1009deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 40 */ 1019deb0eb7SJason Gunthorpe TPM_LONG, 1029deb0eb7SJason Gunthorpe TPM_MEDIUM, 1039deb0eb7SJason Gunthorpe TPM_SHORT, 1049deb0eb7SJason Gunthorpe TPM_SHORT, 1059deb0eb7SJason Gunthorpe TPM_SHORT, /* 45 */ 1069deb0eb7SJason Gunthorpe TPM_SHORT, 1079deb0eb7SJason Gunthorpe TPM_SHORT, 1089deb0eb7SJason Gunthorpe TPM_SHORT, 1099deb0eb7SJason Gunthorpe TPM_LONG, 1109deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 50 */ 1119deb0eb7SJason Gunthorpe TPM_MEDIUM, 1129deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1139deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1149deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1159deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 55 */ 1169deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1179deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1189deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1199deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1209deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 60 */ 1219deb0eb7SJason Gunthorpe TPM_MEDIUM, 1229deb0eb7SJason Gunthorpe TPM_MEDIUM, 1239deb0eb7SJason Gunthorpe TPM_SHORT, 1249deb0eb7SJason Gunthorpe TPM_SHORT, 1259deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 65 */ 1269deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1279deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1289deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1299deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1309deb0eb7SJason Gunthorpe TPM_SHORT, /* 70 */ 1319deb0eb7SJason Gunthorpe TPM_SHORT, 1329deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1339deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1349deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1359deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 75 */ 1369deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1379deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1389deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1399deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1409deb0eb7SJason Gunthorpe TPM_LONG, /* 80 */ 1419deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1429deb0eb7SJason Gunthorpe TPM_MEDIUM, 1439deb0eb7SJason Gunthorpe TPM_LONG, 1449deb0eb7SJason Gunthorpe TPM_SHORT, 1459deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 85 */ 1469deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1479deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1489deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1499deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1509deb0eb7SJason Gunthorpe TPM_SHORT, /* 90 */ 1519deb0eb7SJason Gunthorpe TPM_SHORT, 1529deb0eb7SJason Gunthorpe TPM_SHORT, 1539deb0eb7SJason Gunthorpe TPM_SHORT, 1549deb0eb7SJason Gunthorpe TPM_SHORT, 1559deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 95 */ 1569deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1579deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1589deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1599deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1609deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 100 */ 1619deb0eb7SJason Gunthorpe TPM_SHORT, 1629deb0eb7SJason Gunthorpe TPM_SHORT, 1639deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1649deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1659deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 105 */ 1669deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1679deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1689deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1699deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1709deb0eb7SJason Gunthorpe TPM_SHORT, /* 110 */ 1719deb0eb7SJason Gunthorpe TPM_SHORT, 1729deb0eb7SJason Gunthorpe TPM_SHORT, 1739deb0eb7SJason Gunthorpe TPM_SHORT, 1749deb0eb7SJason Gunthorpe TPM_SHORT, 1759deb0eb7SJason Gunthorpe TPM_SHORT, /* 115 */ 1769deb0eb7SJason Gunthorpe TPM_SHORT, 1779deb0eb7SJason Gunthorpe TPM_SHORT, 1789deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1799deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1809deb0eb7SJason Gunthorpe TPM_LONG, /* 120 */ 1819deb0eb7SJason Gunthorpe TPM_LONG, 1829deb0eb7SJason Gunthorpe TPM_MEDIUM, 1839deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1849deb0eb7SJason Gunthorpe TPM_SHORT, 1859deb0eb7SJason Gunthorpe TPM_SHORT, /* 125 */ 1869deb0eb7SJason Gunthorpe TPM_SHORT, 1879deb0eb7SJason Gunthorpe TPM_LONG, 1889deb0eb7SJason Gunthorpe TPM_SHORT, 1899deb0eb7SJason Gunthorpe TPM_SHORT, 1909deb0eb7SJason Gunthorpe TPM_SHORT, /* 130 */ 1919deb0eb7SJason Gunthorpe TPM_MEDIUM, 1929deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1939deb0eb7SJason Gunthorpe TPM_SHORT, 1949deb0eb7SJason Gunthorpe TPM_MEDIUM, 1959deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 135 */ 1969deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1979deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1989deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1999deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2009deb0eb7SJason Gunthorpe TPM_SHORT, /* 140 */ 2019deb0eb7SJason Gunthorpe TPM_SHORT, 2029deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2039deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2049deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2059deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 145 */ 2069deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2079deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2089deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2099deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2109deb0eb7SJason Gunthorpe TPM_SHORT, /* 150 */ 2119deb0eb7SJason Gunthorpe TPM_MEDIUM, 2129deb0eb7SJason Gunthorpe TPM_MEDIUM, 2139deb0eb7SJason Gunthorpe TPM_SHORT, 2149deb0eb7SJason Gunthorpe TPM_SHORT, 2159deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 155 */ 2169deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2179deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2189deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2199deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2209deb0eb7SJason Gunthorpe TPM_SHORT, /* 160 */ 2219deb0eb7SJason Gunthorpe TPM_SHORT, 2229deb0eb7SJason Gunthorpe TPM_SHORT, 2239deb0eb7SJason Gunthorpe TPM_SHORT, 2249deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2259deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 165 */ 2269deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2279deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2289deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2299deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2309deb0eb7SJason Gunthorpe TPM_LONG, /* 170 */ 2319deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2329deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2339deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2349deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2359deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 175 */ 2369deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2379deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2389deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2399deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2409deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 180 */ 2419deb0eb7SJason Gunthorpe TPM_SHORT, 2429deb0eb7SJason Gunthorpe TPM_MEDIUM, 2439deb0eb7SJason Gunthorpe TPM_MEDIUM, 2449deb0eb7SJason Gunthorpe TPM_MEDIUM, 2459deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 185 */ 2469deb0eb7SJason Gunthorpe TPM_SHORT, 2479deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2489deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2499deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2509deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 190 */ 2519deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2529deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2539deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2549deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2559deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 195 */ 2569deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2579deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2589deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2599deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2609deb0eb7SJason Gunthorpe TPM_SHORT, /* 200 */ 2619deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2629deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2639deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2649deb0eb7SJason Gunthorpe TPM_SHORT, 2659deb0eb7SJason Gunthorpe TPM_SHORT, /* 205 */ 2669deb0eb7SJason Gunthorpe TPM_SHORT, 2679deb0eb7SJason Gunthorpe TPM_SHORT, 2689deb0eb7SJason Gunthorpe TPM_SHORT, 2699deb0eb7SJason Gunthorpe TPM_SHORT, 2709deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 210 */ 2719deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2729deb0eb7SJason Gunthorpe TPM_MEDIUM, 2739deb0eb7SJason Gunthorpe TPM_MEDIUM, 2749deb0eb7SJason Gunthorpe TPM_MEDIUM, 2759deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 215 */ 2769deb0eb7SJason Gunthorpe TPM_MEDIUM, 2779deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2789deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2799deb0eb7SJason Gunthorpe TPM_SHORT, 2809deb0eb7SJason Gunthorpe TPM_SHORT, /* 220 */ 2819deb0eb7SJason Gunthorpe TPM_SHORT, 2829deb0eb7SJason Gunthorpe TPM_SHORT, 2839deb0eb7SJason Gunthorpe TPM_SHORT, 2849deb0eb7SJason Gunthorpe TPM_SHORT, 2859deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 225 */ 2869deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2879deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2889deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2899deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2909deb0eb7SJason Gunthorpe TPM_SHORT, /* 230 */ 2919deb0eb7SJason Gunthorpe TPM_LONG, 2929deb0eb7SJason Gunthorpe TPM_MEDIUM, 2939deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2949deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2959deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 235 */ 2969deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2979deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2989deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2999deb0eb7SJason Gunthorpe TPM_UNDEFINED, 3009deb0eb7SJason Gunthorpe TPM_SHORT, /* 240 */ 3019deb0eb7SJason Gunthorpe TPM_UNDEFINED, 3029deb0eb7SJason Gunthorpe TPM_MEDIUM, 3039deb0eb7SJason Gunthorpe }; 3049deb0eb7SJason Gunthorpe 3059deb0eb7SJason Gunthorpe /* 3069deb0eb7SJason Gunthorpe * Returns max number of jiffies to wait 3079deb0eb7SJason Gunthorpe */ 3089deb0eb7SJason Gunthorpe unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, 3099deb0eb7SJason Gunthorpe u32 ordinal) 3109deb0eb7SJason Gunthorpe { 3119deb0eb7SJason Gunthorpe int duration_idx = TPM_UNDEFINED; 3129deb0eb7SJason Gunthorpe int duration = 0; 3139deb0eb7SJason Gunthorpe 314f7286430SMartin Wilck /* 315f7286430SMartin Wilck * We only have a duration table for protected commands, where the upper 316f7286430SMartin Wilck * 16 bits are 0. For the few other ordinals the fallback will be used. 317f7286430SMartin Wilck */ 318f7286430SMartin Wilck if (ordinal < TPM_MAX_ORDINAL) 3199deb0eb7SJason Gunthorpe duration_idx = tpm_ordinal_duration[ordinal]; 3209deb0eb7SJason Gunthorpe 3219deb0eb7SJason Gunthorpe if (duration_idx != TPM_UNDEFINED) 322af782f33SChristophe Ricard duration = chip->duration[duration_idx]; 3239deb0eb7SJason Gunthorpe if (duration <= 0) 3249deb0eb7SJason Gunthorpe return 2 * 60 * HZ; 3259deb0eb7SJason Gunthorpe else 3269deb0eb7SJason Gunthorpe return duration; 3279deb0eb7SJason Gunthorpe } 3289deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration); 3299deb0eb7SJason Gunthorpe 330095531f8SJavier Martinez Canillas static int tpm_validate_command(struct tpm_chip *chip, 331745b361eSJarkko Sakkinen struct tpm_space *space, 332745b361eSJarkko Sakkinen const u8 *cmd, 33358472f5cSJarkko Sakkinen size_t len) 33458472f5cSJarkko Sakkinen { 33558472f5cSJarkko Sakkinen const struct tpm_input_header *header = (const void *)cmd; 33658472f5cSJarkko Sakkinen int i; 33758472f5cSJarkko Sakkinen u32 cc; 33858472f5cSJarkko Sakkinen u32 attrs; 33958472f5cSJarkko Sakkinen unsigned int nr_handles; 34058472f5cSJarkko Sakkinen 34158472f5cSJarkko Sakkinen if (len < TPM_HEADER_SIZE) 342095531f8SJavier Martinez Canillas return -EINVAL; 34358472f5cSJarkko Sakkinen 344745b361eSJarkko Sakkinen if (!space) 345095531f8SJavier Martinez Canillas return 0; 346745b361eSJarkko Sakkinen 34758472f5cSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2 && chip->nr_commands) { 34858472f5cSJarkko Sakkinen cc = be32_to_cpu(header->ordinal); 34958472f5cSJarkko Sakkinen 35058472f5cSJarkko Sakkinen i = tpm2_find_cc(chip, cc); 35158472f5cSJarkko Sakkinen if (i < 0) { 35258472f5cSJarkko Sakkinen dev_dbg(&chip->dev, "0x%04X is an invalid command\n", 35358472f5cSJarkko Sakkinen cc); 354095531f8SJavier Martinez Canillas return -EOPNOTSUPP; 35558472f5cSJarkko Sakkinen } 35658472f5cSJarkko Sakkinen 35758472f5cSJarkko Sakkinen attrs = chip->cc_attrs_tbl[i]; 35858472f5cSJarkko Sakkinen nr_handles = 35958472f5cSJarkko Sakkinen 4 * ((attrs >> TPM2_CC_ATTR_CHANDLES) & GENMASK(2, 0)); 36058472f5cSJarkko Sakkinen if (len < TPM_HEADER_SIZE + 4 * nr_handles) 36158472f5cSJarkko Sakkinen goto err_len; 36258472f5cSJarkko Sakkinen } 36358472f5cSJarkko Sakkinen 364095531f8SJavier Martinez Canillas return 0; 36558472f5cSJarkko Sakkinen err_len: 36658472f5cSJarkko Sakkinen dev_dbg(&chip->dev, 36758472f5cSJarkko Sakkinen "%s: insufficient command length %zu", __func__, len); 368095531f8SJavier Martinez Canillas return -EINVAL; 36958472f5cSJarkko Sakkinen } 37058472f5cSJarkko Sakkinen 371627448e8STomas Winkler static int tpm_request_locality(struct tpm_chip *chip, unsigned int flags) 372888d867dSTomas Winkler { 373888d867dSTomas Winkler int rc; 374888d867dSTomas Winkler 375*58bac8ccSJarkko Sakkinen if (flags & TPM_TRANSMIT_NESTED) 376627448e8STomas Winkler return 0; 377627448e8STomas Winkler 378888d867dSTomas Winkler if (!chip->ops->request_locality) 379888d867dSTomas Winkler return 0; 380888d867dSTomas Winkler 381888d867dSTomas Winkler rc = chip->ops->request_locality(chip, 0); 382888d867dSTomas Winkler if (rc < 0) 383888d867dSTomas Winkler return rc; 384888d867dSTomas Winkler 385888d867dSTomas Winkler chip->locality = rc; 386888d867dSTomas Winkler 387888d867dSTomas Winkler return 0; 388888d867dSTomas Winkler } 389888d867dSTomas Winkler 390627448e8STomas Winkler static void tpm_relinquish_locality(struct tpm_chip *chip, unsigned int flags) 391888d867dSTomas Winkler { 392888d867dSTomas Winkler int rc; 393888d867dSTomas Winkler 394*58bac8ccSJarkko Sakkinen if (flags & TPM_TRANSMIT_NESTED) 395627448e8STomas Winkler return; 396627448e8STomas Winkler 397888d867dSTomas Winkler if (!chip->ops->relinquish_locality) 398888d867dSTomas Winkler return; 399888d867dSTomas Winkler 400888d867dSTomas Winkler rc = chip->ops->relinquish_locality(chip, chip->locality); 401888d867dSTomas Winkler if (rc) 402888d867dSTomas Winkler dev_err(&chip->dev, "%s: : error %d\n", __func__, rc); 403888d867dSTomas Winkler 404888d867dSTomas Winkler chip->locality = -1; 405888d867dSTomas Winkler } 406888d867dSTomas Winkler 407627448e8STomas Winkler static int tpm_cmd_ready(struct tpm_chip *chip, unsigned int flags) 408627448e8STomas Winkler { 409*58bac8ccSJarkko Sakkinen if (flags & TPM_TRANSMIT_NESTED) 410627448e8STomas Winkler return 0; 411627448e8STomas Winkler 412627448e8STomas Winkler if (!chip->ops->cmd_ready) 413627448e8STomas Winkler return 0; 414627448e8STomas Winkler 415627448e8STomas Winkler return chip->ops->cmd_ready(chip); 416627448e8STomas Winkler } 417627448e8STomas Winkler 418627448e8STomas Winkler static int tpm_go_idle(struct tpm_chip *chip, unsigned int flags) 419627448e8STomas Winkler { 420*58bac8ccSJarkko Sakkinen if (flags & TPM_TRANSMIT_NESTED) 421627448e8STomas Winkler return 0; 422627448e8STomas Winkler 423627448e8STomas Winkler if (!chip->ops->go_idle) 424627448e8STomas Winkler return 0; 425627448e8STomas Winkler 426627448e8STomas Winkler return chip->ops->go_idle(chip); 427627448e8STomas Winkler } 428627448e8STomas Winkler 429e2fb992dSJames Bottomley static ssize_t tpm_try_transmit(struct tpm_chip *chip, 430e2fb992dSJames Bottomley struct tpm_space *space, 431e2fb992dSJames Bottomley u8 *buf, size_t bufsiz, 432e2fb992dSJames Bottomley unsigned int flags) 4339deb0eb7SJason Gunthorpe { 434745b361eSJarkko Sakkinen struct tpm_output_header *header = (void *)buf; 435745b361eSJarkko Sakkinen int rc; 436745b361eSJarkko Sakkinen ssize_t len = 0; 4379deb0eb7SJason Gunthorpe u32 count, ordinal; 4389deb0eb7SJason Gunthorpe unsigned long stop; 439877c57d0SJarkko Sakkinen bool need_locality; 4409deb0eb7SJason Gunthorpe 441095531f8SJavier Martinez Canillas rc = tpm_validate_command(chip, space, buf, bufsiz); 442095531f8SJavier Martinez Canillas if (rc == -EINVAL) 443095531f8SJavier Martinez Canillas return rc; 444095531f8SJavier Martinez Canillas /* 445095531f8SJavier Martinez Canillas * If the command is not implemented by the TPM, synthesize a 446095531f8SJavier Martinez Canillas * response with a TPM2_RC_COMMAND_CODE return for user-space. 447095531f8SJavier Martinez Canillas */ 448095531f8SJavier Martinez Canillas if (rc == -EOPNOTSUPP) { 449095531f8SJavier Martinez Canillas header->length = cpu_to_be32(sizeof(*header)); 450095531f8SJavier Martinez Canillas header->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS); 451095531f8SJavier Martinez Canillas header->return_code = cpu_to_be32(TPM2_RC_COMMAND_CODE | 452095531f8SJavier Martinez Canillas TSS2_RESMGR_TPM_RC_LAYER); 45336a11029SRicardo Schwarzmeier return sizeof(*header); 454095531f8SJavier Martinez Canillas } 455ebfd7532SJarkko Sakkinen 4569deb0eb7SJason Gunthorpe if (bufsiz > TPM_BUFSIZE) 4579deb0eb7SJason Gunthorpe bufsiz = TPM_BUFSIZE; 4589deb0eb7SJason Gunthorpe 4599deb0eb7SJason Gunthorpe count = be32_to_cpu(*((__be32 *) (buf + 2))); 4609deb0eb7SJason Gunthorpe ordinal = be32_to_cpu(*((__be32 *) (buf + 6))); 4619deb0eb7SJason Gunthorpe if (count == 0) 4629deb0eb7SJason Gunthorpe return -ENODATA; 4639deb0eb7SJason Gunthorpe if (count > bufsiz) { 4648cfffc9dSJason Gunthorpe dev_err(&chip->dev, 4659deb0eb7SJason Gunthorpe "invalid count value %x %zx\n", count, bufsiz); 4669deb0eb7SJason Gunthorpe return -E2BIG; 4679deb0eb7SJason Gunthorpe } 4689deb0eb7SJason Gunthorpe 469*58bac8ccSJarkko Sakkinen if (!(flags & TPM_TRANSMIT_UNLOCKED) && !(flags & TPM_TRANSMIT_NESTED)) 4709deb0eb7SJason Gunthorpe mutex_lock(&chip->tpm_mutex); 4719deb0eb7SJason Gunthorpe 472b3e958ceSAzhar Shaikh if (chip->ops->clk_enable != NULL) 473b3e958ceSAzhar Shaikh chip->ops->clk_enable(chip, true); 474b3e958ceSAzhar Shaikh 475877c57d0SJarkko Sakkinen /* Store the decision as chip->locality will be changed. */ 476877c57d0SJarkko Sakkinen need_locality = chip->locality == -1; 477877c57d0SJarkko Sakkinen 478627448e8STomas Winkler if (need_locality) { 479627448e8STomas Winkler rc = tpm_request_locality(chip, flags); 480877c57d0SJarkko Sakkinen if (rc < 0) 481877c57d0SJarkko Sakkinen goto out_no_locality; 482877c57d0SJarkko Sakkinen } 483877c57d0SJarkko Sakkinen 484627448e8STomas Winkler rc = tpm_cmd_ready(chip, flags); 485627448e8STomas Winkler if (rc) 486627448e8STomas Winkler goto out; 487888d867dSTomas Winkler 488745b361eSJarkko Sakkinen rc = tpm2_prepare_space(chip, space, ordinal, buf); 489745b361eSJarkko Sakkinen if (rc) 490745b361eSJarkko Sakkinen goto out; 491745b361eSJarkko Sakkinen 49262c09e12SWinkler, Tomas rc = chip->ops->send(chip, buf, count); 4939deb0eb7SJason Gunthorpe if (rc < 0) { 494402149c6SStefan Berger if (rc != -EPIPE) 4958cfffc9dSJason Gunthorpe dev_err(&chip->dev, 496402149c6SStefan Berger "%s: tpm_send: error %d\n", __func__, rc); 4979deb0eb7SJason Gunthorpe goto out; 4989deb0eb7SJason Gunthorpe } 4999deb0eb7SJason Gunthorpe 500570a3609SChristophe Ricard if (chip->flags & TPM_CHIP_FLAG_IRQ) 5019deb0eb7SJason Gunthorpe goto out_recv; 5029deb0eb7SJason Gunthorpe 5037a1d7e6dSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) 5047a1d7e6dSJarkko Sakkinen stop = jiffies + tpm2_calc_ordinal_duration(chip, ordinal); 5057a1d7e6dSJarkko Sakkinen else 5069deb0eb7SJason Gunthorpe stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal); 5079deb0eb7SJason Gunthorpe do { 5085f82e9f0SJason Gunthorpe u8 status = chip->ops->status(chip); 5095f82e9f0SJason Gunthorpe if ((status & chip->ops->req_complete_mask) == 5105f82e9f0SJason Gunthorpe chip->ops->req_complete_val) 5119deb0eb7SJason Gunthorpe goto out_recv; 5129deb0eb7SJason Gunthorpe 5135f82e9f0SJason Gunthorpe if (chip->ops->req_canceled(chip, status)) { 5148cfffc9dSJason Gunthorpe dev_err(&chip->dev, "Operation Canceled\n"); 5159deb0eb7SJason Gunthorpe rc = -ECANCELED; 5169deb0eb7SJason Gunthorpe goto out; 5179deb0eb7SJason Gunthorpe } 5189deb0eb7SJason Gunthorpe 51959f5a6b0SNayna Jain tpm_msleep(TPM_TIMEOUT_POLL); 5209deb0eb7SJason Gunthorpe rmb(); 5219deb0eb7SJason Gunthorpe } while (time_before(jiffies, stop)); 5229deb0eb7SJason Gunthorpe 5235f82e9f0SJason Gunthorpe chip->ops->cancel(chip); 5248cfffc9dSJason Gunthorpe dev_err(&chip->dev, "Operation Timed out\n"); 5259deb0eb7SJason Gunthorpe rc = -ETIME; 5269deb0eb7SJason Gunthorpe goto out; 5279deb0eb7SJason Gunthorpe 5289deb0eb7SJason Gunthorpe out_recv: 52962c09e12SWinkler, Tomas len = chip->ops->recv(chip, buf, bufsiz); 530745b361eSJarkko Sakkinen if (len < 0) { 531745b361eSJarkko Sakkinen rc = len; 5328cfffc9dSJason Gunthorpe dev_err(&chip->dev, 533745b361eSJarkko Sakkinen "tpm_transmit: tpm_recv: error %d\n", rc); 534a147918eSJarkko Sakkinen goto out; 535745b361eSJarkko Sakkinen } else if (len < TPM_HEADER_SIZE) { 536a147918eSJarkko Sakkinen rc = -EFAULT; 537a147918eSJarkko Sakkinen goto out; 538a147918eSJarkko Sakkinen } 539a147918eSJarkko Sakkinen 540745b361eSJarkko Sakkinen if (len != be32_to_cpu(header->length)) { 541745b361eSJarkko Sakkinen rc = -EFAULT; 542a147918eSJarkko Sakkinen goto out; 543745b361eSJarkko Sakkinen } 544745b361eSJarkko Sakkinen 545745b361eSJarkko Sakkinen rc = tpm2_commit_space(chip, space, ordinal, buf, &len); 546627448e8STomas Winkler if (rc) 547627448e8STomas Winkler dev_err(&chip->dev, "tpm2_commit_space: error %d\n", rc); 548a147918eSJarkko Sakkinen 5499deb0eb7SJason Gunthorpe out: 550627448e8STomas Winkler rc = tpm_go_idle(chip, flags); 551627448e8STomas Winkler if (rc) 552627448e8STomas Winkler goto out; 553888d867dSTomas Winkler 554888d867dSTomas Winkler if (need_locality) 555627448e8STomas Winkler tpm_relinquish_locality(chip, flags); 556888d867dSTomas Winkler 557877c57d0SJarkko Sakkinen out_no_locality: 558b3e958ceSAzhar Shaikh if (chip->ops->clk_enable != NULL) 559b3e958ceSAzhar Shaikh chip->ops->clk_enable(chip, false); 560b3e958ceSAzhar Shaikh 561*58bac8ccSJarkko Sakkinen if (!(flags & TPM_TRANSMIT_UNLOCKED) && !(flags & TPM_TRANSMIT_NESTED)) 5629deb0eb7SJason Gunthorpe mutex_unlock(&chip->tpm_mutex); 563745b361eSJarkko Sakkinen return rc ? rc : len; 5649deb0eb7SJason Gunthorpe } 5659deb0eb7SJason Gunthorpe 566f865c196SWinkler, Tomas /** 567e2fb992dSJames Bottomley * tpm_transmit - Internal kernel interface to transmit TPM commands. 568e2fb992dSJames Bottomley * 569e2fb992dSJames Bottomley * @chip: TPM chip to use 570e2fb992dSJames Bottomley * @space: tpm space 571e2fb992dSJames Bottomley * @buf: TPM command buffer 572e2fb992dSJames Bottomley * @bufsiz: length of the TPM command buffer 573e2fb992dSJames Bottomley * @flags: tpm transmit flags - bitmap 574e2fb992dSJames Bottomley * 575e2fb992dSJames Bottomley * A wrapper around tpm_try_transmit that handles TPM2_RC_RETRY 576e2fb992dSJames Bottomley * returns from the TPM and retransmits the command after a delay up 577e2fb992dSJames Bottomley * to a maximum wait of TPM2_DURATION_LONG. 578e2fb992dSJames Bottomley * 579e2fb992dSJames Bottomley * Note: TPM1 never returns TPM2_RC_RETRY so the retry logic is TPM2 580e2fb992dSJames Bottomley * only 581e2fb992dSJames Bottomley * 582e2fb992dSJames Bottomley * Return: 583e2fb992dSJames Bottomley * the length of the return when the operation is successful. 584e2fb992dSJames Bottomley * A negative number for system errors (errno). 585e2fb992dSJames Bottomley */ 586e2fb992dSJames Bottomley ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space, 587e2fb992dSJames Bottomley u8 *buf, size_t bufsiz, unsigned int flags) 588e2fb992dSJames Bottomley { 589e2fb992dSJames Bottomley struct tpm_output_header *header = (struct tpm_output_header *)buf; 590e2fb992dSJames Bottomley /* space for header and handles */ 591e2fb992dSJames Bottomley u8 save[TPM_HEADER_SIZE + 3*sizeof(u32)]; 592e2fb992dSJames Bottomley unsigned int delay_msec = TPM2_DURATION_SHORT; 593e2fb992dSJames Bottomley u32 rc = 0; 594e2fb992dSJames Bottomley ssize_t ret; 595e2fb992dSJames Bottomley const size_t save_size = min(space ? sizeof(save) : TPM_HEADER_SIZE, 596e2fb992dSJames Bottomley bufsiz); 5972be8ffedSJames Bottomley /* the command code is where the return code will be */ 5982be8ffedSJames Bottomley u32 cc = be32_to_cpu(header->return_code); 599e2fb992dSJames Bottomley 600e2fb992dSJames Bottomley /* 601e2fb992dSJames Bottomley * Subtlety here: if we have a space, the handles will be 602e2fb992dSJames Bottomley * transformed, so when we restore the header we also have to 603e2fb992dSJames Bottomley * restore the handles. 604e2fb992dSJames Bottomley */ 605e2fb992dSJames Bottomley memcpy(save, buf, save_size); 606e2fb992dSJames Bottomley 607e2fb992dSJames Bottomley for (;;) { 608e2fb992dSJames Bottomley ret = tpm_try_transmit(chip, space, buf, bufsiz, flags); 609e2fb992dSJames Bottomley if (ret < 0) 610e2fb992dSJames Bottomley break; 611e2fb992dSJames Bottomley rc = be32_to_cpu(header->return_code); 6122be8ffedSJames Bottomley if (rc != TPM2_RC_RETRY && rc != TPM2_RC_TESTING) 6132be8ffedSJames Bottomley break; 6142be8ffedSJames Bottomley /* 6152be8ffedSJames Bottomley * return immediately if self test returns test 6162be8ffedSJames Bottomley * still running to shorten boot time. 6172be8ffedSJames Bottomley */ 6182be8ffedSJames Bottomley if (rc == TPM2_RC_TESTING && cc == TPM2_CC_SELF_TEST) 619e2fb992dSJames Bottomley break; 62092980756SNayna Jain 621e2fb992dSJames Bottomley if (delay_msec > TPM2_DURATION_LONG) { 6222be8ffedSJames Bottomley if (rc == TPM2_RC_RETRY) 6232be8ffedSJames Bottomley dev_err(&chip->dev, "in retry loop\n"); 6242be8ffedSJames Bottomley else 6252be8ffedSJames Bottomley dev_err(&chip->dev, 6262be8ffedSJames Bottomley "self test is still running\n"); 627e2fb992dSJames Bottomley break; 628e2fb992dSJames Bottomley } 629e2fb992dSJames Bottomley tpm_msleep(delay_msec); 63092980756SNayna Jain delay_msec *= 2; 631e2fb992dSJames Bottomley memcpy(buf, save, save_size); 632e2fb992dSJames Bottomley } 633e2fb992dSJames Bottomley return ret; 634e2fb992dSJames Bottomley } 635e2fb992dSJames Bottomley /** 63665520d46SWinkler, Tomas * tpm_transmit_cmd - send a tpm command to the device 637f865c196SWinkler, Tomas * The function extracts tpm out header return code 638f865c196SWinkler, Tomas * 639f865c196SWinkler, Tomas * @chip: TPM chip to use 64065520d46SWinkler, Tomas * @space: tpm space 641c659af78SStefan Berger * @buf: TPM command buffer 642c659af78SStefan Berger * @bufsiz: length of the buffer 643c659af78SStefan Berger * @min_rsp_body_length: minimum expected length of response body 644f865c196SWinkler, Tomas * @flags: tpm transmit flags - bitmap 645f865c196SWinkler, Tomas * @desc: command description used in the error message 646f865c196SWinkler, Tomas * 647f865c196SWinkler, Tomas * Return: 648f865c196SWinkler, Tomas * 0 when the operation is successful. 649f865c196SWinkler, Tomas * A negative number for system errors (errno). 650f865c196SWinkler, Tomas * A positive number for a TPM error. 651f865c196SWinkler, Tomas */ 652745b361eSJarkko Sakkinen ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space, 65362c09e12SWinkler, Tomas void *buf, size_t bufsiz, 654745b361eSJarkko Sakkinen size_t min_rsp_body_length, unsigned int flags, 655745b361eSJarkko Sakkinen const char *desc) 6569deb0eb7SJason Gunthorpe { 657a147918eSJarkko Sakkinen const struct tpm_output_header *header = buf; 6589deb0eb7SJason Gunthorpe int err; 659c659af78SStefan Berger ssize_t len; 6609deb0eb7SJason Gunthorpe 66162c09e12SWinkler, Tomas len = tpm_transmit(chip, space, buf, bufsiz, flags); 6629deb0eb7SJason Gunthorpe if (len < 0) 6639deb0eb7SJason Gunthorpe return len; 66487155b73SJarkko Sakkinen 66587155b73SJarkko Sakkinen err = be32_to_cpu(header->return_code); 6669deb0eb7SJason Gunthorpe if (err != 0 && desc) 6678cfffc9dSJason Gunthorpe dev_err(&chip->dev, "A TPM error (%d) occurred %s\n", err, 66871ed848fSJarkko Sakkinen desc); 669c659af78SStefan Berger if (err) 6709deb0eb7SJason Gunthorpe return err; 671c659af78SStefan Berger 672c659af78SStefan Berger if (len < min_rsp_body_length + TPM_HEADER_SIZE) 673c659af78SStefan Berger return -EFAULT; 674c659af78SStefan Berger 675c659af78SStefan Berger return 0; 6769deb0eb7SJason Gunthorpe } 677be4c9acfSStefan Berger EXPORT_SYMBOL_GPL(tpm_transmit_cmd); 6789deb0eb7SJason Gunthorpe 67919cbe4f6SJarkko Sakkinen #define TPM_ORD_STARTUP 153 68019cbe4f6SJarkko Sakkinen #define TPM_ST_CLEAR 1 68119cbe4f6SJarkko Sakkinen 68219cbe4f6SJarkko Sakkinen /** 68319cbe4f6SJarkko Sakkinen * tpm_startup - turn on the TPM 68419cbe4f6SJarkko Sakkinen * @chip: TPM chip to use 68519cbe4f6SJarkko Sakkinen * 68619cbe4f6SJarkko Sakkinen * Normally the firmware should start the TPM. This function is provided as a 68719cbe4f6SJarkko Sakkinen * workaround if this does not happen. A legal case for this could be for 68819cbe4f6SJarkko Sakkinen * example when a TPM emulator is used. 68919cbe4f6SJarkko Sakkinen * 69019cbe4f6SJarkko Sakkinen * Return: same as tpm_transmit_cmd() 69119cbe4f6SJarkko Sakkinen */ 69219cbe4f6SJarkko Sakkinen int tpm_startup(struct tpm_chip *chip) 69319cbe4f6SJarkko Sakkinen { 69419cbe4f6SJarkko Sakkinen struct tpm_buf buf; 69519cbe4f6SJarkko Sakkinen int rc; 69619cbe4f6SJarkko Sakkinen 69719cbe4f6SJarkko Sakkinen dev_info(&chip->dev, "starting up the TPM manually\n"); 69819cbe4f6SJarkko Sakkinen 69919cbe4f6SJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) { 70019cbe4f6SJarkko Sakkinen rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_STARTUP); 70119cbe4f6SJarkko Sakkinen if (rc < 0) 70219cbe4f6SJarkko Sakkinen return rc; 70319cbe4f6SJarkko Sakkinen 70419cbe4f6SJarkko Sakkinen tpm_buf_append_u16(&buf, TPM2_SU_CLEAR); 70519cbe4f6SJarkko Sakkinen } else { 70619cbe4f6SJarkko Sakkinen rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_STARTUP); 70719cbe4f6SJarkko Sakkinen if (rc < 0) 70819cbe4f6SJarkko Sakkinen return rc; 70919cbe4f6SJarkko Sakkinen 71019cbe4f6SJarkko Sakkinen tpm_buf_append_u16(&buf, TPM_ST_CLEAR); 71119cbe4f6SJarkko Sakkinen } 71219cbe4f6SJarkko Sakkinen 71319cbe4f6SJarkko Sakkinen rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0, 71419cbe4f6SJarkko Sakkinen "attempting to start the TPM"); 71519cbe4f6SJarkko Sakkinen 71619cbe4f6SJarkko Sakkinen tpm_buf_destroy(&buf); 71719cbe4f6SJarkko Sakkinen return rc; 71819cbe4f6SJarkko Sakkinen } 71919cbe4f6SJarkko Sakkinen 720f865c196SWinkler, Tomas #define TPM_DIGEST_SIZE 20 721f865c196SWinkler, Tomas #define TPM_RET_CODE_IDX 6 7229deb0eb7SJason Gunthorpe #define TPM_INTERNAL_RESULT_SIZE 200 723a69faebfSRoberto Sassu #define TPM_ORD_GET_CAP 101 724a69faebfSRoberto Sassu #define TPM_ORD_GET_RANDOM 70 7259deb0eb7SJason Gunthorpe 7269deb0eb7SJason Gunthorpe static const struct tpm_input_header tpm_getcap_header = { 72706e93279SRoberto Sassu .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), 7289deb0eb7SJason Gunthorpe .length = cpu_to_be32(22), 729a69faebfSRoberto Sassu .ordinal = cpu_to_be32(TPM_ORD_GET_CAP) 7309deb0eb7SJason Gunthorpe }; 7319deb0eb7SJason Gunthorpe 73284fda152SJarkko Sakkinen ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap, 733c659af78SStefan Berger const char *desc, size_t min_cap_length) 7349deb0eb7SJason Gunthorpe { 735124bdcf4SJarkko Sakkinen struct tpm_buf buf; 7369deb0eb7SJason Gunthorpe int rc; 7379deb0eb7SJason Gunthorpe 738124bdcf4SJarkko Sakkinen rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_CAP); 739124bdcf4SJarkko Sakkinen if (rc) 740124bdcf4SJarkko Sakkinen return rc; 741124bdcf4SJarkko Sakkinen 74284fda152SJarkko Sakkinen if (subcap_id == TPM_CAP_VERSION_1_1 || 74384fda152SJarkko Sakkinen subcap_id == TPM_CAP_VERSION_1_2) { 744124bdcf4SJarkko Sakkinen tpm_buf_append_u32(&buf, subcap_id); 745124bdcf4SJarkko Sakkinen tpm_buf_append_u32(&buf, 0); 7469deb0eb7SJason Gunthorpe } else { 7479deb0eb7SJason Gunthorpe if (subcap_id == TPM_CAP_FLAG_PERM || 7489deb0eb7SJason Gunthorpe subcap_id == TPM_CAP_FLAG_VOL) 749124bdcf4SJarkko Sakkinen tpm_buf_append_u32(&buf, TPM_CAP_FLAG); 7509deb0eb7SJason Gunthorpe else 751124bdcf4SJarkko Sakkinen tpm_buf_append_u32(&buf, TPM_CAP_PROP); 752124bdcf4SJarkko Sakkinen 753124bdcf4SJarkko Sakkinen tpm_buf_append_u32(&buf, 4); 754124bdcf4SJarkko Sakkinen tpm_buf_append_u32(&buf, subcap_id); 7559deb0eb7SJason Gunthorpe } 756124bdcf4SJarkko Sakkinen rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 757c659af78SStefan Berger min_cap_length, 0, desc); 7589deb0eb7SJason Gunthorpe if (!rc) 759124bdcf4SJarkko Sakkinen *cap = *(cap_t *)&buf.data[TPM_HEADER_SIZE + 4]; 760124bdcf4SJarkko Sakkinen 761124bdcf4SJarkko Sakkinen tpm_buf_destroy(&buf); 7629deb0eb7SJason Gunthorpe return rc; 7639deb0eb7SJason Gunthorpe } 764eb5854e7SJarkko Sakkinen EXPORT_SYMBOL_GPL(tpm_getcap); 7659deb0eb7SJason Gunthorpe 7669deb0eb7SJason Gunthorpe int tpm_get_timeouts(struct tpm_chip *chip) 7679deb0eb7SJason Gunthorpe { 768aaa6f7f6SEd Swierk cap_t cap; 7691d70fe9dSMaciej S. Szmigiero unsigned long timeout_old[4], timeout_chip[4], timeout_eff[4]; 7709deb0eb7SJason Gunthorpe ssize_t rc; 7719deb0eb7SJason Gunthorpe 772d1d253cfSJason Gunthorpe if (chip->flags & TPM_CHIP_FLAG_HAVE_TIMEOUTS) 773d1d253cfSJason Gunthorpe return 0; 774d1d253cfSJason Gunthorpe 77525112048SJason Gunthorpe if (chip->flags & TPM_CHIP_FLAG_TPM2) { 77625112048SJason Gunthorpe /* Fixed timeouts for TPM2 */ 777af782f33SChristophe Ricard chip->timeout_a = msecs_to_jiffies(TPM2_TIMEOUT_A); 778af782f33SChristophe Ricard chip->timeout_b = msecs_to_jiffies(TPM2_TIMEOUT_B); 779af782f33SChristophe Ricard chip->timeout_c = msecs_to_jiffies(TPM2_TIMEOUT_C); 780af782f33SChristophe Ricard chip->timeout_d = msecs_to_jiffies(TPM2_TIMEOUT_D); 781af782f33SChristophe Ricard chip->duration[TPM_SHORT] = 78225112048SJason Gunthorpe msecs_to_jiffies(TPM2_DURATION_SHORT); 783af782f33SChristophe Ricard chip->duration[TPM_MEDIUM] = 78425112048SJason Gunthorpe msecs_to_jiffies(TPM2_DURATION_MEDIUM); 785af782f33SChristophe Ricard chip->duration[TPM_LONG] = 78625112048SJason Gunthorpe msecs_to_jiffies(TPM2_DURATION_LONG); 787076d3564STomas Winkler chip->duration[TPM_LONG_LONG] = 788076d3564STomas Winkler msecs_to_jiffies(TPM2_DURATION_LONG_LONG); 789d1d253cfSJason Gunthorpe 790d1d253cfSJason Gunthorpe chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS; 79125112048SJason Gunthorpe return 0; 79225112048SJason Gunthorpe } 79325112048SJason Gunthorpe 794c659af78SStefan Berger rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL, 795c659af78SStefan Berger sizeof(cap.timeout)); 7969deb0eb7SJason Gunthorpe if (rc == TPM_ERR_INVALID_POSTINIT) { 79719cbe4f6SJarkko Sakkinen if (tpm_startup(chip)) 7989deb0eb7SJason Gunthorpe return rc; 7999deb0eb7SJason Gunthorpe 800aaa6f7f6SEd Swierk rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, 801c659af78SStefan Berger "attempting to determine the timeouts", 802c659af78SStefan Berger sizeof(cap.timeout)); 8039deb0eb7SJason Gunthorpe } 804c659af78SStefan Berger 80562bfdacbSJason Gunthorpe if (rc) { 80662bfdacbSJason Gunthorpe dev_err(&chip->dev, 80762bfdacbSJason Gunthorpe "A TPM error (%zd) occurred attempting to determine the timeouts\n", 80862bfdacbSJason Gunthorpe rc); 809aaa6f7f6SEd Swierk return rc; 81062bfdacbSJason Gunthorpe } 8119deb0eb7SJason Gunthorpe 8121d70fe9dSMaciej S. Szmigiero timeout_old[0] = jiffies_to_usecs(chip->timeout_a); 8131d70fe9dSMaciej S. Szmigiero timeout_old[1] = jiffies_to_usecs(chip->timeout_b); 8141d70fe9dSMaciej S. Szmigiero timeout_old[2] = jiffies_to_usecs(chip->timeout_c); 8151d70fe9dSMaciej S. Szmigiero timeout_old[3] = jiffies_to_usecs(chip->timeout_d); 8161d70fe9dSMaciej S. Szmigiero timeout_chip[0] = be32_to_cpu(cap.timeout.a); 8171d70fe9dSMaciej S. Szmigiero timeout_chip[1] = be32_to_cpu(cap.timeout.b); 8181d70fe9dSMaciej S. Szmigiero timeout_chip[2] = be32_to_cpu(cap.timeout.c); 8191d70fe9dSMaciej S. Szmigiero timeout_chip[3] = be32_to_cpu(cap.timeout.d); 8201d70fe9dSMaciej S. Szmigiero memcpy(timeout_eff, timeout_chip, sizeof(timeout_eff)); 8218e54caf4SJason Gunthorpe 8228e54caf4SJason Gunthorpe /* 8238e54caf4SJason Gunthorpe * Provide ability for vendor overrides of timeout values in case 8248e54caf4SJason Gunthorpe * of misreporting. 8258e54caf4SJason Gunthorpe */ 8268e54caf4SJason Gunthorpe if (chip->ops->update_timeouts != NULL) 827af782f33SChristophe Ricard chip->timeout_adjusted = 8281d70fe9dSMaciej S. Szmigiero chip->ops->update_timeouts(chip, timeout_eff); 8298e54caf4SJason Gunthorpe 830af782f33SChristophe Ricard if (!chip->timeout_adjusted) { 8311d70fe9dSMaciej S. Szmigiero /* Restore default if chip reported 0 */ 8328e54caf4SJason Gunthorpe int i; 8338e54caf4SJason Gunthorpe 8341d70fe9dSMaciej S. Szmigiero for (i = 0; i < ARRAY_SIZE(timeout_eff); i++) { 8351d70fe9dSMaciej S. Szmigiero if (timeout_eff[i]) 8361d70fe9dSMaciej S. Szmigiero continue; 8371d70fe9dSMaciej S. Szmigiero 8381d70fe9dSMaciej S. Szmigiero timeout_eff[i] = timeout_old[i]; 8391d70fe9dSMaciej S. Szmigiero chip->timeout_adjusted = true; 8401d70fe9dSMaciej S. Szmigiero } 8411d70fe9dSMaciej S. Szmigiero 8421d70fe9dSMaciej S. Szmigiero if (timeout_eff[0] != 0 && timeout_eff[0] < 1000) { 8439deb0eb7SJason Gunthorpe /* timeouts in msec rather usec */ 8441d70fe9dSMaciej S. Szmigiero for (i = 0; i != ARRAY_SIZE(timeout_eff); i++) 8451d70fe9dSMaciej S. Szmigiero timeout_eff[i] *= 1000; 846af782f33SChristophe Ricard chip->timeout_adjusted = true; 8479deb0eb7SJason Gunthorpe } 8488e54caf4SJason Gunthorpe } 8498e54caf4SJason Gunthorpe 8508e54caf4SJason Gunthorpe /* Report adjusted timeouts */ 851af782f33SChristophe Ricard if (chip->timeout_adjusted) { 8528cfffc9dSJason Gunthorpe dev_info(&chip->dev, 8538e54caf4SJason Gunthorpe HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n", 8541d70fe9dSMaciej S. Szmigiero timeout_chip[0], timeout_eff[0], 8551d70fe9dSMaciej S. Szmigiero timeout_chip[1], timeout_eff[1], 8561d70fe9dSMaciej S. Szmigiero timeout_chip[2], timeout_eff[2], 8571d70fe9dSMaciej S. Szmigiero timeout_chip[3], timeout_eff[3]); 8588e54caf4SJason Gunthorpe } 8598e54caf4SJason Gunthorpe 8601d70fe9dSMaciej S. Szmigiero chip->timeout_a = usecs_to_jiffies(timeout_eff[0]); 8611d70fe9dSMaciej S. Szmigiero chip->timeout_b = usecs_to_jiffies(timeout_eff[1]); 8621d70fe9dSMaciej S. Szmigiero chip->timeout_c = usecs_to_jiffies(timeout_eff[2]); 8631d70fe9dSMaciej S. Szmigiero chip->timeout_d = usecs_to_jiffies(timeout_eff[3]); 8649deb0eb7SJason Gunthorpe 865aaa6f7f6SEd Swierk rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_DURATION, &cap, 866c659af78SStefan Berger "attempting to determine the durations", 867c659af78SStefan Berger sizeof(cap.duration)); 8689deb0eb7SJason Gunthorpe if (rc) 8699deb0eb7SJason Gunthorpe return rc; 8709deb0eb7SJason Gunthorpe 871af782f33SChristophe Ricard chip->duration[TPM_SHORT] = 872aaa6f7f6SEd Swierk usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_short)); 873af782f33SChristophe Ricard chip->duration[TPM_MEDIUM] = 874aaa6f7f6SEd Swierk usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_medium)); 875af782f33SChristophe Ricard chip->duration[TPM_LONG] = 876aaa6f7f6SEd Swierk usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_long)); 877076d3564STomas Winkler chip->duration[TPM_LONG_LONG] = 0; /* not used under 1.2 */ 8789deb0eb7SJason Gunthorpe 8799deb0eb7SJason Gunthorpe /* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above 8809deb0eb7SJason Gunthorpe * value wrong and apparently reports msecs rather than usecs. So we 8819deb0eb7SJason Gunthorpe * fix up the resulting too-small TPM_SHORT value to make things work. 8829deb0eb7SJason Gunthorpe * We also scale the TPM_MEDIUM and -_LONG values by 1000. 8839deb0eb7SJason Gunthorpe */ 884af782f33SChristophe Ricard if (chip->duration[TPM_SHORT] < (HZ / 100)) { 885af782f33SChristophe Ricard chip->duration[TPM_SHORT] = HZ; 886af782f33SChristophe Ricard chip->duration[TPM_MEDIUM] *= 1000; 887af782f33SChristophe Ricard chip->duration[TPM_LONG] *= 1000; 888af782f33SChristophe Ricard chip->duration_adjusted = true; 8898cfffc9dSJason Gunthorpe dev_info(&chip->dev, "Adjusting TPM timeout parameters."); 8909deb0eb7SJason Gunthorpe } 891d1d253cfSJason Gunthorpe 892d1d253cfSJason Gunthorpe chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS; 8939deb0eb7SJason Gunthorpe return 0; 8949deb0eb7SJason Gunthorpe } 8959deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_get_timeouts); 8969deb0eb7SJason Gunthorpe 8979deb0eb7SJason Gunthorpe #define TPM_ORD_CONTINUE_SELFTEST 83 8989deb0eb7SJason Gunthorpe #define CONTINUE_SELFTEST_RESULT_SIZE 10 8999deb0eb7SJason Gunthorpe 9000014777fSJulia Lawall static const struct tpm_input_header continue_selftest_header = { 90106e93279SRoberto Sassu .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), 9029deb0eb7SJason Gunthorpe .length = cpu_to_be32(10), 9039deb0eb7SJason Gunthorpe .ordinal = cpu_to_be32(TPM_ORD_CONTINUE_SELFTEST), 9049deb0eb7SJason Gunthorpe }; 9059deb0eb7SJason Gunthorpe 9069deb0eb7SJason Gunthorpe /** 9079deb0eb7SJason Gunthorpe * tpm_continue_selftest -- run TPM's selftest 9089deb0eb7SJason Gunthorpe * @chip: TPM chip to use 9099deb0eb7SJason Gunthorpe * 9109deb0eb7SJason Gunthorpe * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing 9119deb0eb7SJason Gunthorpe * a TPM error code. 9129deb0eb7SJason Gunthorpe */ 9139deb0eb7SJason Gunthorpe static int tpm_continue_selftest(struct tpm_chip *chip) 9149deb0eb7SJason Gunthorpe { 9159deb0eb7SJason Gunthorpe int rc; 9169deb0eb7SJason Gunthorpe struct tpm_cmd_t cmd; 9179deb0eb7SJason Gunthorpe 9189deb0eb7SJason Gunthorpe cmd.header.in = continue_selftest_header; 919745b361eSJarkko Sakkinen rc = tpm_transmit_cmd(chip, NULL, &cmd, CONTINUE_SELFTEST_RESULT_SIZE, 920745b361eSJarkko Sakkinen 0, 0, "continue selftest"); 9219deb0eb7SJason Gunthorpe return rc; 9229deb0eb7SJason Gunthorpe } 9239deb0eb7SJason Gunthorpe 924a69faebfSRoberto Sassu #define TPM_ORDINAL_PCRREAD 21 9259deb0eb7SJason Gunthorpe #define READ_PCR_RESULT_SIZE 30 926c659af78SStefan Berger #define READ_PCR_RESULT_BODY_SIZE 20 9270014777fSJulia Lawall static const struct tpm_input_header pcrread_header = { 92806e93279SRoberto Sassu .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), 9299deb0eb7SJason Gunthorpe .length = cpu_to_be32(14), 930a69faebfSRoberto Sassu .ordinal = cpu_to_be32(TPM_ORDINAL_PCRREAD) 9319deb0eb7SJason Gunthorpe }; 9329deb0eb7SJason Gunthorpe 933000a07b0SJason Gunthorpe int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) 9349deb0eb7SJason Gunthorpe { 9359deb0eb7SJason Gunthorpe int rc; 9369deb0eb7SJason Gunthorpe struct tpm_cmd_t cmd; 9379deb0eb7SJason Gunthorpe 9389deb0eb7SJason Gunthorpe cmd.header.in = pcrread_header; 9399deb0eb7SJason Gunthorpe cmd.params.pcrread_in.pcr_idx = cpu_to_be32(pcr_idx); 940745b361eSJarkko Sakkinen rc = tpm_transmit_cmd(chip, NULL, &cmd, READ_PCR_RESULT_SIZE, 941c659af78SStefan Berger READ_PCR_RESULT_BODY_SIZE, 0, 9429deb0eb7SJason Gunthorpe "attempting to read a pcr value"); 9439deb0eb7SJason Gunthorpe 9449deb0eb7SJason Gunthorpe if (rc == 0) 9459deb0eb7SJason Gunthorpe memcpy(res_buf, cmd.params.pcrread_out.pcr_result, 9469deb0eb7SJason Gunthorpe TPM_DIGEST_SIZE); 9479deb0eb7SJason Gunthorpe return rc; 9489deb0eb7SJason Gunthorpe } 9499deb0eb7SJason Gunthorpe 9509deb0eb7SJason Gunthorpe /** 951aad887f6SJarkko Sakkinen * tpm_is_tpm2 - do we a have a TPM2 chip? 952aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 953954650efSJarkko Sakkinen * 954aad887f6SJarkko Sakkinen * Return: 955aad887f6SJarkko Sakkinen * 1 if we have a TPM2 chip. 956aad887f6SJarkko Sakkinen * 0 if we don't have a TPM2 chip. 957aad887f6SJarkko Sakkinen * A negative number for system errors (errno). 958954650efSJarkko Sakkinen */ 959aad887f6SJarkko Sakkinen int tpm_is_tpm2(struct tpm_chip *chip) 960954650efSJarkko Sakkinen { 961954650efSJarkko Sakkinen int rc; 962954650efSJarkko Sakkinen 963fc1d52b7SStefan Berger chip = tpm_find_get_ops(chip); 964aad887f6SJarkko Sakkinen if (!chip) 965954650efSJarkko Sakkinen return -ENODEV; 966954650efSJarkko Sakkinen 967954650efSJarkko Sakkinen rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0; 968954650efSJarkko Sakkinen 9694e26195fSJason Gunthorpe tpm_put_ops(chip); 970954650efSJarkko Sakkinen 971954650efSJarkko Sakkinen return rc; 972954650efSJarkko Sakkinen } 973954650efSJarkko Sakkinen EXPORT_SYMBOL_GPL(tpm_is_tpm2); 974954650efSJarkko Sakkinen 975954650efSJarkko Sakkinen /** 976aad887f6SJarkko Sakkinen * tpm_pcr_read - read a PCR value from SHA1 bank 977aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 978aad887f6SJarkko Sakkinen * @pcr_idx: the PCR to be retrieved 979aad887f6SJarkko Sakkinen * @res_buf: the value of the PCR 9809deb0eb7SJason Gunthorpe * 981aad887f6SJarkko Sakkinen * Return: same as with tpm_transmit_cmd() 9829deb0eb7SJason Gunthorpe */ 983aad887f6SJarkko Sakkinen int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) 9849deb0eb7SJason Gunthorpe { 9859deb0eb7SJason Gunthorpe int rc; 9869deb0eb7SJason Gunthorpe 987fc1d52b7SStefan Berger chip = tpm_find_get_ops(chip); 988aad887f6SJarkko Sakkinen if (!chip) 9899deb0eb7SJason Gunthorpe return -ENODEV; 9907a1d7e6dSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) 9917a1d7e6dSJarkko Sakkinen rc = tpm2_pcr_read(chip, pcr_idx, res_buf); 9927a1d7e6dSJarkko Sakkinen else 993000a07b0SJason Gunthorpe rc = tpm_pcr_read_dev(chip, pcr_idx, res_buf); 9944e26195fSJason Gunthorpe tpm_put_ops(chip); 9959deb0eb7SJason Gunthorpe return rc; 9969deb0eb7SJason Gunthorpe } 9979deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_pcr_read); 9989deb0eb7SJason Gunthorpe 999a69faebfSRoberto Sassu #define TPM_ORD_PCR_EXTEND 20 1000ca6d4580SWinkler, Tomas #define EXTEND_PCR_RESULT_SIZE 34 100151b0be64SStefan Berger #define EXTEND_PCR_RESULT_BODY_SIZE 20 1002ca6d4580SWinkler, Tomas static const struct tpm_input_header pcrextend_header = { 100306e93279SRoberto Sassu .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), 1004ca6d4580SWinkler, Tomas .length = cpu_to_be32(34), 1005a69faebfSRoberto Sassu .ordinal = cpu_to_be32(TPM_ORD_PCR_EXTEND) 1006ca6d4580SWinkler, Tomas }; 1007ca6d4580SWinkler, Tomas 1008175d5b2aSRoberto Sassu static int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash, 1009175d5b2aSRoberto Sassu char *log_msg) 1010175d5b2aSRoberto Sassu { 1011175d5b2aSRoberto Sassu struct tpm_buf buf; 1012175d5b2aSRoberto Sassu int rc; 1013175d5b2aSRoberto Sassu 1014175d5b2aSRoberto Sassu rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCR_EXTEND); 1015175d5b2aSRoberto Sassu if (rc) 1016175d5b2aSRoberto Sassu return rc; 1017175d5b2aSRoberto Sassu 1018175d5b2aSRoberto Sassu tpm_buf_append_u32(&buf, pcr_idx); 1019175d5b2aSRoberto Sassu tpm_buf_append(&buf, hash, TPM_DIGEST_SIZE); 1020175d5b2aSRoberto Sassu 1021175d5b2aSRoberto Sassu rc = tpm_transmit_cmd(chip, NULL, buf.data, EXTEND_PCR_RESULT_SIZE, 1022175d5b2aSRoberto Sassu EXTEND_PCR_RESULT_BODY_SIZE, 0, log_msg); 1023175d5b2aSRoberto Sassu tpm_buf_destroy(&buf); 1024175d5b2aSRoberto Sassu return rc; 1025175d5b2aSRoberto Sassu } 1026175d5b2aSRoberto Sassu 10279deb0eb7SJason Gunthorpe /** 1028aad887f6SJarkko Sakkinen * tpm_pcr_extend - extend a PCR value in SHA1 bank. 1029aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 1030aad887f6SJarkko Sakkinen * @pcr_idx: the PCR to be retrieved 1031aad887f6SJarkko Sakkinen * @hash: the hash value used to extend the PCR value 10329deb0eb7SJason Gunthorpe * 1033aad887f6SJarkko Sakkinen * Note: with TPM 2.0 extends also those banks with a known digest size to the 1034aad887f6SJarkko Sakkinen * cryto subsystem in order to prevent malicious use of those PCR banks. In the 1035aad887f6SJarkko Sakkinen * future we should dynamically determine digest sizes. 1036aad887f6SJarkko Sakkinen * 1037aad887f6SJarkko Sakkinen * Return: same as with tpm_transmit_cmd() 10389deb0eb7SJason Gunthorpe */ 1039aad887f6SJarkko Sakkinen int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash) 10409deb0eb7SJason Gunthorpe { 10419deb0eb7SJason Gunthorpe int rc; 1042c1f92b4bSNayna Jain struct tpm2_digest digest_list[ARRAY_SIZE(chip->active_banks)]; 1043c1f92b4bSNayna Jain u32 count = 0; 1044c1f92b4bSNayna Jain int i; 10459deb0eb7SJason Gunthorpe 1046fc1d52b7SStefan Berger chip = tpm_find_get_ops(chip); 1047aad887f6SJarkko Sakkinen if (!chip) 10489deb0eb7SJason Gunthorpe return -ENODEV; 10499deb0eb7SJason Gunthorpe 10507a1d7e6dSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) { 1051c1f92b4bSNayna Jain memset(digest_list, 0, sizeof(digest_list)); 1052c1f92b4bSNayna Jain 105370ea1636SDan Carpenter for (i = 0; i < ARRAY_SIZE(chip->active_banks) && 105470ea1636SDan Carpenter chip->active_banks[i] != TPM2_ALG_ERROR; i++) { 1055c1f92b4bSNayna Jain digest_list[i].alg_id = chip->active_banks[i]; 1056c1f92b4bSNayna Jain memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE); 1057c1f92b4bSNayna Jain count++; 1058c1f92b4bSNayna Jain } 1059c1f92b4bSNayna Jain 1060c1f92b4bSNayna Jain rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list); 10614e26195fSJason Gunthorpe tpm_put_ops(chip); 10627a1d7e6dSJarkko Sakkinen return rc; 10637a1d7e6dSJarkko Sakkinen } 10647a1d7e6dSJarkko Sakkinen 1065175d5b2aSRoberto Sassu rc = tpm1_pcr_extend(chip, pcr_idx, hash, 10669deb0eb7SJason Gunthorpe "attempting extend a PCR value"); 10674e26195fSJason Gunthorpe tpm_put_ops(chip); 10689deb0eb7SJason Gunthorpe return rc; 10699deb0eb7SJason Gunthorpe } 10709deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_pcr_extend); 10719deb0eb7SJason Gunthorpe 10729deb0eb7SJason Gunthorpe /** 10739deb0eb7SJason Gunthorpe * tpm_do_selftest - have the TPM continue its selftest and wait until it 10749deb0eb7SJason Gunthorpe * can receive further commands 10759deb0eb7SJason Gunthorpe * @chip: TPM chip to use 10769deb0eb7SJason Gunthorpe * 10779deb0eb7SJason Gunthorpe * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing 10789deb0eb7SJason Gunthorpe * a TPM error code. 10799deb0eb7SJason Gunthorpe */ 10809deb0eb7SJason Gunthorpe int tpm_do_selftest(struct tpm_chip *chip) 10819deb0eb7SJason Gunthorpe { 10829deb0eb7SJason Gunthorpe int rc; 10839deb0eb7SJason Gunthorpe unsigned int loops; 10849deb0eb7SJason Gunthorpe unsigned int delay_msec = 100; 10859deb0eb7SJason Gunthorpe unsigned long duration; 10860c541332SJarkko Sakkinen u8 dummy[TPM_DIGEST_SIZE]; 10879deb0eb7SJason Gunthorpe 10889deb0eb7SJason Gunthorpe duration = tpm_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST); 10899deb0eb7SJason Gunthorpe 10909deb0eb7SJason Gunthorpe loops = jiffies_to_msecs(duration) / delay_msec; 10919deb0eb7SJason Gunthorpe 10929deb0eb7SJason Gunthorpe rc = tpm_continue_selftest(chip); 10930803d7beSChris Chiu if (rc == TPM_ERR_INVALID_POSTINIT) { 10940803d7beSChris Chiu chip->flags |= TPM_CHIP_FLAG_ALWAYS_POWERED; 10950803d7beSChris Chiu dev_info(&chip->dev, "TPM not ready (%d)\n", rc); 10960803d7beSChris Chiu } 10979deb0eb7SJason Gunthorpe /* This may fail if there was no TPM driver during a suspend/resume 10989deb0eb7SJason Gunthorpe * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST) 10999deb0eb7SJason Gunthorpe */ 11009deb0eb7SJason Gunthorpe if (rc) 11019deb0eb7SJason Gunthorpe return rc; 11029deb0eb7SJason Gunthorpe 11039deb0eb7SJason Gunthorpe do { 11049deb0eb7SJason Gunthorpe /* Attempt to read a PCR value */ 11050c541332SJarkko Sakkinen rc = tpm_pcr_read_dev(chip, 0, dummy); 11060c541332SJarkko Sakkinen 11079deb0eb7SJason Gunthorpe /* Some buggy TPMs will not respond to tpm_tis_ready() for 11089deb0eb7SJason Gunthorpe * around 300ms while the self test is ongoing, keep trying 11099deb0eb7SJason Gunthorpe * until the self test duration expires. */ 11109deb0eb7SJason Gunthorpe if (rc == -ETIME) { 11118cfffc9dSJason Gunthorpe dev_info( 11128cfffc9dSJason Gunthorpe &chip->dev, HW_ERR 11138cfffc9dSJason Gunthorpe "TPM command timed out during continue self test"); 11149f3fc7bcSHamza Attak tpm_msleep(delay_msec); 11159deb0eb7SJason Gunthorpe continue; 11169deb0eb7SJason Gunthorpe } 11179deb0eb7SJason Gunthorpe 11189deb0eb7SJason Gunthorpe if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) { 11198cfffc9dSJason Gunthorpe dev_info(&chip->dev, 11209deb0eb7SJason Gunthorpe "TPM is disabled/deactivated (0x%X)\n", rc); 11219deb0eb7SJason Gunthorpe /* TPM is disabled and/or deactivated; driver can 11229deb0eb7SJason Gunthorpe * proceed and TPM does handle commands for 11239deb0eb7SJason Gunthorpe * suspend/resume correctly 11249deb0eb7SJason Gunthorpe */ 11259deb0eb7SJason Gunthorpe return 0; 11269deb0eb7SJason Gunthorpe } 11279deb0eb7SJason Gunthorpe if (rc != TPM_WARN_DOING_SELFTEST) 11289deb0eb7SJason Gunthorpe return rc; 11299f3fc7bcSHamza Attak tpm_msleep(delay_msec); 11309deb0eb7SJason Gunthorpe } while (--loops > 0); 11319deb0eb7SJason Gunthorpe 11329deb0eb7SJason Gunthorpe return rc; 11339deb0eb7SJason Gunthorpe } 11349deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_do_selftest); 11359deb0eb7SJason Gunthorpe 1136cae8b441SJason Gunthorpe /** 1137cae8b441SJason Gunthorpe * tpm1_auto_startup - Perform the standard automatic TPM initialization 1138cae8b441SJason Gunthorpe * sequence 1139cae8b441SJason Gunthorpe * @chip: TPM chip to use 1140cae8b441SJason Gunthorpe * 1141cae8b441SJason Gunthorpe * Returns 0 on success, < 0 in case of fatal error. 1142cae8b441SJason Gunthorpe */ 1143cae8b441SJason Gunthorpe int tpm1_auto_startup(struct tpm_chip *chip) 1144cae8b441SJason Gunthorpe { 1145cae8b441SJason Gunthorpe int rc; 1146cae8b441SJason Gunthorpe 1147cae8b441SJason Gunthorpe rc = tpm_get_timeouts(chip); 1148cae8b441SJason Gunthorpe if (rc) 1149cae8b441SJason Gunthorpe goto out; 1150cae8b441SJason Gunthorpe rc = tpm_do_selftest(chip); 1151cae8b441SJason Gunthorpe if (rc) { 1152cae8b441SJason Gunthorpe dev_err(&chip->dev, "TPM self test failed\n"); 1153cae8b441SJason Gunthorpe goto out; 1154cae8b441SJason Gunthorpe } 1155cae8b441SJason Gunthorpe 1156cae8b441SJason Gunthorpe return rc; 1157cae8b441SJason Gunthorpe out: 1158cae8b441SJason Gunthorpe if (rc > 0) 1159cae8b441SJason Gunthorpe rc = -ENODEV; 1160cae8b441SJason Gunthorpe return rc; 1161cae8b441SJason Gunthorpe } 1162cae8b441SJason Gunthorpe 1163aad887f6SJarkko Sakkinen /** 1164aad887f6SJarkko Sakkinen * tpm_send - send a TPM command 1165aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 1166aad887f6SJarkko Sakkinen * @cmd: a TPM command buffer 1167aad887f6SJarkko Sakkinen * @buflen: the length of the TPM command buffer 1168aad887f6SJarkko Sakkinen * 1169aad887f6SJarkko Sakkinen * Return: same as with tpm_transmit_cmd() 1170aad887f6SJarkko Sakkinen */ 1171aad887f6SJarkko Sakkinen int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen) 11729deb0eb7SJason Gunthorpe { 11739deb0eb7SJason Gunthorpe int rc; 11749deb0eb7SJason Gunthorpe 1175fc1d52b7SStefan Berger chip = tpm_find_get_ops(chip); 1176aad887f6SJarkko Sakkinen if (!chip) 11779deb0eb7SJason Gunthorpe return -ENODEV; 11789deb0eb7SJason Gunthorpe 1179745b361eSJarkko Sakkinen rc = tpm_transmit_cmd(chip, NULL, cmd, buflen, 0, 0, 1180aad887f6SJarkko Sakkinen "attempting to a send a command"); 11814e26195fSJason Gunthorpe tpm_put_ops(chip); 11829deb0eb7SJason Gunthorpe return rc; 11839deb0eb7SJason Gunthorpe } 11849deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_send); 11859deb0eb7SJason Gunthorpe 1186a69faebfSRoberto Sassu #define TPM_ORD_SAVESTATE 152 11879deb0eb7SJason Gunthorpe #define SAVESTATE_RESULT_SIZE 10 11889deb0eb7SJason Gunthorpe 11890014777fSJulia Lawall static const struct tpm_input_header savestate_header = { 119006e93279SRoberto Sassu .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), 11919deb0eb7SJason Gunthorpe .length = cpu_to_be32(10), 1192a69faebfSRoberto Sassu .ordinal = cpu_to_be32(TPM_ORD_SAVESTATE) 11939deb0eb7SJason Gunthorpe }; 11949deb0eb7SJason Gunthorpe 11959deb0eb7SJason Gunthorpe /* 11969deb0eb7SJason Gunthorpe * We are about to suspend. Save the TPM state 11979deb0eb7SJason Gunthorpe * so that it can be restored. 11989deb0eb7SJason Gunthorpe */ 11999deb0eb7SJason Gunthorpe int tpm_pm_suspend(struct device *dev) 12009deb0eb7SJason Gunthorpe { 1201ec03c50bSStefan Berger struct tpm_chip *chip = dev_get_drvdata(dev); 12029deb0eb7SJason Gunthorpe struct tpm_cmd_t cmd; 12039deb0eb7SJason Gunthorpe int rc, try; 12049deb0eb7SJason Gunthorpe 12059deb0eb7SJason Gunthorpe u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 }; 12069deb0eb7SJason Gunthorpe 12079deb0eb7SJason Gunthorpe if (chip == NULL) 12089deb0eb7SJason Gunthorpe return -ENODEV; 12099deb0eb7SJason Gunthorpe 1210b5d0ebc9SEnric Balletbo i Serra if (chip->flags & TPM_CHIP_FLAG_ALWAYS_POWERED) 1211b5d0ebc9SEnric Balletbo i Serra return 0; 1212b5d0ebc9SEnric Balletbo i Serra 121374d6b3ceSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) { 121474d6b3ceSJarkko Sakkinen tpm2_shutdown(chip, TPM2_SU_STATE); 121574d6b3ceSJarkko Sakkinen return 0; 121674d6b3ceSJarkko Sakkinen } 121730fc8d13SJarkko Sakkinen 12189deb0eb7SJason Gunthorpe /* for buggy tpm, flush pcrs with extend to selected dummy */ 1219175d5b2aSRoberto Sassu if (tpm_suspend_pcr) 1220175d5b2aSRoberto Sassu rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash, 12219deb0eb7SJason Gunthorpe "extending dummy pcr before suspend"); 12229deb0eb7SJason Gunthorpe 12239deb0eb7SJason Gunthorpe /* now do the actual savestate */ 12249deb0eb7SJason Gunthorpe for (try = 0; try < TPM_RETRY; try++) { 12259deb0eb7SJason Gunthorpe cmd.header.in = savestate_header; 1226745b361eSJarkko Sakkinen rc = tpm_transmit_cmd(chip, NULL, &cmd, SAVESTATE_RESULT_SIZE, 1227745b361eSJarkko Sakkinen 0, 0, NULL); 12289deb0eb7SJason Gunthorpe 12299deb0eb7SJason Gunthorpe /* 12309deb0eb7SJason Gunthorpe * If the TPM indicates that it is too busy to respond to 12319deb0eb7SJason Gunthorpe * this command then retry before giving up. It can take 12329deb0eb7SJason Gunthorpe * several seconds for this TPM to be ready. 12339deb0eb7SJason Gunthorpe * 12349deb0eb7SJason Gunthorpe * This can happen if the TPM has already been sent the 12359deb0eb7SJason Gunthorpe * SaveState command before the driver has loaded. TCG 1.2 12369deb0eb7SJason Gunthorpe * specification states that any communication after SaveState 12379deb0eb7SJason Gunthorpe * may cause the TPM to invalidate previously saved state. 12389deb0eb7SJason Gunthorpe */ 12399deb0eb7SJason Gunthorpe if (rc != TPM_WARN_RETRY) 12409deb0eb7SJason Gunthorpe break; 12419f3fc7bcSHamza Attak tpm_msleep(TPM_TIMEOUT_RETRY); 12429deb0eb7SJason Gunthorpe } 12439deb0eb7SJason Gunthorpe 12449deb0eb7SJason Gunthorpe if (rc) 12458cfffc9dSJason Gunthorpe dev_err(&chip->dev, 12469deb0eb7SJason Gunthorpe "Error (%d) sending savestate before suspend\n", rc); 12479deb0eb7SJason Gunthorpe else if (try > 0) 12488cfffc9dSJason Gunthorpe dev_warn(&chip->dev, "TPM savestate took %dms\n", 12499deb0eb7SJason Gunthorpe try * TPM_TIMEOUT_RETRY); 12509deb0eb7SJason Gunthorpe 12519deb0eb7SJason Gunthorpe return rc; 12529deb0eb7SJason Gunthorpe } 12539deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_pm_suspend); 12549deb0eb7SJason Gunthorpe 12559deb0eb7SJason Gunthorpe /* 12569deb0eb7SJason Gunthorpe * Resume from a power safe. The BIOS already restored 12579deb0eb7SJason Gunthorpe * the TPM state. 12589deb0eb7SJason Gunthorpe */ 12599deb0eb7SJason Gunthorpe int tpm_pm_resume(struct device *dev) 12609deb0eb7SJason Gunthorpe { 1261ec03c50bSStefan Berger struct tpm_chip *chip = dev_get_drvdata(dev); 12629deb0eb7SJason Gunthorpe 12639deb0eb7SJason Gunthorpe if (chip == NULL) 12649deb0eb7SJason Gunthorpe return -ENODEV; 12659deb0eb7SJason Gunthorpe 12669deb0eb7SJason Gunthorpe return 0; 12679deb0eb7SJason Gunthorpe } 12689deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_pm_resume); 12699deb0eb7SJason Gunthorpe 12709deb0eb7SJason Gunthorpe #define TPM_GETRANDOM_RESULT_SIZE 18 12710014777fSJulia Lawall static const struct tpm_input_header tpm_getrandom_header = { 127206e93279SRoberto Sassu .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), 12739deb0eb7SJason Gunthorpe .length = cpu_to_be32(14), 1274a69faebfSRoberto Sassu .ordinal = cpu_to_be32(TPM_ORD_GET_RANDOM) 12759deb0eb7SJason Gunthorpe }; 12769deb0eb7SJason Gunthorpe 12779deb0eb7SJason Gunthorpe /** 1278aad887f6SJarkko Sakkinen * tpm_get_random() - get random bytes from the TPM's RNG 1279aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 12809deb0eb7SJason Gunthorpe * @out: destination buffer for the random bytes 12819deb0eb7SJason Gunthorpe * @max: the max number of bytes to write to @out 12829deb0eb7SJason Gunthorpe * 1283aad887f6SJarkko Sakkinen * Return: same as with tpm_transmit_cmd() 12849deb0eb7SJason Gunthorpe */ 1285aad887f6SJarkko Sakkinen int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max) 12869deb0eb7SJason Gunthorpe { 12879deb0eb7SJason Gunthorpe struct tpm_cmd_t tpm_cmd; 1288c659af78SStefan Berger u32 recd, num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA), rlength; 12899deb0eb7SJason Gunthorpe int err, total = 0, retries = 5; 12909deb0eb7SJason Gunthorpe u8 *dest = out; 12919deb0eb7SJason Gunthorpe 12923e14d83eSJarkko Sakkinen if (!out || !num_bytes || max > TPM_MAX_RNG_DATA) 12933e14d83eSJarkko Sakkinen return -EINVAL; 12943e14d83eSJarkko Sakkinen 1295fc1d52b7SStefan Berger chip = tpm_find_get_ops(chip); 1296aad887f6SJarkko Sakkinen if (!chip) 12979deb0eb7SJason Gunthorpe return -ENODEV; 12989deb0eb7SJason Gunthorpe 12997a1d7e6dSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) { 13007a1d7e6dSJarkko Sakkinen err = tpm2_get_random(chip, out, max); 13014e26195fSJason Gunthorpe tpm_put_ops(chip); 13027a1d7e6dSJarkko Sakkinen return err; 13037a1d7e6dSJarkko Sakkinen } 13047a1d7e6dSJarkko Sakkinen 13059deb0eb7SJason Gunthorpe do { 13069deb0eb7SJason Gunthorpe tpm_cmd.header.in = tpm_getrandom_header; 13079deb0eb7SJason Gunthorpe tpm_cmd.params.getrandom_in.num_bytes = cpu_to_be32(num_bytes); 13089deb0eb7SJason Gunthorpe 1309745b361eSJarkko Sakkinen err = tpm_transmit_cmd(chip, NULL, &tpm_cmd, 13109deb0eb7SJason Gunthorpe TPM_GETRANDOM_RESULT_SIZE + num_bytes, 1311c659af78SStefan Berger offsetof(struct tpm_getrandom_out, 1312c659af78SStefan Berger rng_data), 1313d4816edfSJarkko Sakkinen 0, "attempting get random"); 13149deb0eb7SJason Gunthorpe if (err) 13159deb0eb7SJason Gunthorpe break; 13169deb0eb7SJason Gunthorpe 13179deb0eb7SJason Gunthorpe recd = be32_to_cpu(tpm_cmd.params.getrandom_out.rng_data_len); 13183be23274SJeremy Boone if (recd > num_bytes) { 13193be23274SJeremy Boone total = -EFAULT; 13203be23274SJeremy Boone break; 13213be23274SJeremy Boone } 1322c659af78SStefan Berger 1323c659af78SStefan Berger rlength = be32_to_cpu(tpm_cmd.header.out.length); 1324c659af78SStefan Berger if (rlength < offsetof(struct tpm_getrandom_out, rng_data) + 1325c659af78SStefan Berger recd) { 1326c659af78SStefan Berger total = -EFAULT; 1327c659af78SStefan Berger break; 1328c659af78SStefan Berger } 13299deb0eb7SJason Gunthorpe memcpy(dest, tpm_cmd.params.getrandom_out.rng_data, recd); 13309deb0eb7SJason Gunthorpe 13319deb0eb7SJason Gunthorpe dest += recd; 13329deb0eb7SJason Gunthorpe total += recd; 13339deb0eb7SJason Gunthorpe num_bytes -= recd; 13349deb0eb7SJason Gunthorpe } while (retries-- && total < max); 13359deb0eb7SJason Gunthorpe 13364e26195fSJason Gunthorpe tpm_put_ops(chip); 13379deb0eb7SJason Gunthorpe return total ? total : -EIO; 13389deb0eb7SJason Gunthorpe } 13399deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_get_random); 13409deb0eb7SJason Gunthorpe 1341954650efSJarkko Sakkinen /** 1342aad887f6SJarkko Sakkinen * tpm_seal_trusted() - seal a trusted key payload 1343aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 1344954650efSJarkko Sakkinen * @options: authentication values and other options 1345954650efSJarkko Sakkinen * @payload: the key data in clear and encrypted form 1346954650efSJarkko Sakkinen * 1347aad887f6SJarkko Sakkinen * Note: only TPM 2.0 chip are supported. TPM 1.x implementation is located in 1348aad887f6SJarkko Sakkinen * the keyring subsystem. 1349aad887f6SJarkko Sakkinen * 1350aad887f6SJarkko Sakkinen * Return: same as with tpm_transmit_cmd() 1351954650efSJarkko Sakkinen */ 1352aad887f6SJarkko Sakkinen int tpm_seal_trusted(struct tpm_chip *chip, struct trusted_key_payload *payload, 1353954650efSJarkko Sakkinen struct trusted_key_options *options) 1354954650efSJarkko Sakkinen { 1355954650efSJarkko Sakkinen int rc; 1356954650efSJarkko Sakkinen 1357fc1d52b7SStefan Berger chip = tpm_find_get_ops(chip); 1358aad887f6SJarkko Sakkinen if (!chip || !(chip->flags & TPM_CHIP_FLAG_TPM2)) 1359954650efSJarkko Sakkinen return -ENODEV; 1360954650efSJarkko Sakkinen 1361954650efSJarkko Sakkinen rc = tpm2_seal_trusted(chip, payload, options); 1362954650efSJarkko Sakkinen 13634e26195fSJason Gunthorpe tpm_put_ops(chip); 1364954650efSJarkko Sakkinen return rc; 1365954650efSJarkko Sakkinen } 1366954650efSJarkko Sakkinen EXPORT_SYMBOL_GPL(tpm_seal_trusted); 1367954650efSJarkko Sakkinen 1368954650efSJarkko Sakkinen /** 1369954650efSJarkko Sakkinen * tpm_unseal_trusted() - unseal a trusted key 1370aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 1371954650efSJarkko Sakkinen * @options: authentication values and other options 1372954650efSJarkko Sakkinen * @payload: the key data in clear and encrypted form 1373954650efSJarkko Sakkinen * 1374aad887f6SJarkko Sakkinen * Note: only TPM 2.0 chip are supported. TPM 1.x implementation is located in 1375aad887f6SJarkko Sakkinen * the keyring subsystem. 1376aad887f6SJarkko Sakkinen * 1377aad887f6SJarkko Sakkinen * Return: same as with tpm_transmit_cmd() 1378954650efSJarkko Sakkinen */ 1379aad887f6SJarkko Sakkinen int tpm_unseal_trusted(struct tpm_chip *chip, 1380aad887f6SJarkko Sakkinen struct trusted_key_payload *payload, 1381954650efSJarkko Sakkinen struct trusted_key_options *options) 1382954650efSJarkko Sakkinen { 1383954650efSJarkko Sakkinen int rc; 1384954650efSJarkko Sakkinen 1385fc1d52b7SStefan Berger chip = tpm_find_get_ops(chip); 1386aad887f6SJarkko Sakkinen if (!chip || !(chip->flags & TPM_CHIP_FLAG_TPM2)) 1387954650efSJarkko Sakkinen return -ENODEV; 1388954650efSJarkko Sakkinen 1389954650efSJarkko Sakkinen rc = tpm2_unseal_trusted(chip, payload, options); 1390954650efSJarkko Sakkinen 13914e26195fSJason Gunthorpe tpm_put_ops(chip); 13924e26195fSJason Gunthorpe 1393954650efSJarkko Sakkinen return rc; 1394954650efSJarkko Sakkinen } 1395954650efSJarkko Sakkinen EXPORT_SYMBOL_GPL(tpm_unseal_trusted); 1396954650efSJarkko Sakkinen 1397313d21eeSJarkko Sakkinen static int __init tpm_init(void) 1398313d21eeSJarkko Sakkinen { 1399313d21eeSJarkko Sakkinen int rc; 1400313d21eeSJarkko Sakkinen 1401313d21eeSJarkko Sakkinen tpm_class = class_create(THIS_MODULE, "tpm"); 1402313d21eeSJarkko Sakkinen if (IS_ERR(tpm_class)) { 1403313d21eeSJarkko Sakkinen pr_err("couldn't create tpm class\n"); 1404313d21eeSJarkko Sakkinen return PTR_ERR(tpm_class); 1405313d21eeSJarkko Sakkinen } 1406313d21eeSJarkko Sakkinen 1407fdc915f7SJames Bottomley tpmrm_class = class_create(THIS_MODULE, "tpmrm"); 1408fdc915f7SJames Bottomley if (IS_ERR(tpmrm_class)) { 1409fdc915f7SJames Bottomley pr_err("couldn't create tpmrm class\n"); 1410fdc915f7SJames Bottomley class_destroy(tpm_class); 1411fdc915f7SJames Bottomley return PTR_ERR(tpmrm_class); 1412fdc915f7SJames Bottomley } 1413fdc915f7SJames Bottomley 1414fdc915f7SJames Bottomley rc = alloc_chrdev_region(&tpm_devt, 0, 2*TPM_NUM_DEVICES, "tpm"); 1415313d21eeSJarkko Sakkinen if (rc < 0) { 1416313d21eeSJarkko Sakkinen pr_err("tpm: failed to allocate char dev region\n"); 1417fdc915f7SJames Bottomley class_destroy(tpmrm_class); 1418313d21eeSJarkko Sakkinen class_destroy(tpm_class); 1419313d21eeSJarkko Sakkinen return rc; 1420313d21eeSJarkko Sakkinen } 1421313d21eeSJarkko Sakkinen 1422313d21eeSJarkko Sakkinen return 0; 1423313d21eeSJarkko Sakkinen } 1424313d21eeSJarkko Sakkinen 1425313d21eeSJarkko Sakkinen static void __exit tpm_exit(void) 1426313d21eeSJarkko Sakkinen { 142715516788SStefan Berger idr_destroy(&dev_nums_idr); 1428313d21eeSJarkko Sakkinen class_destroy(tpm_class); 1429fdc915f7SJames Bottomley class_destroy(tpmrm_class); 1430fdc915f7SJames Bottomley unregister_chrdev_region(tpm_devt, 2*TPM_NUM_DEVICES); 1431313d21eeSJarkko Sakkinen } 1432313d21eeSJarkko Sakkinen 1433313d21eeSJarkko Sakkinen subsys_initcall(tpm_init); 1434313d21eeSJarkko Sakkinen module_exit(tpm_exit); 1435313d21eeSJarkko Sakkinen 14369deb0eb7SJason Gunthorpe MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)"); 14379deb0eb7SJason Gunthorpe MODULE_DESCRIPTION("TPM Driver"); 14389deb0eb7SJason Gunthorpe MODULE_VERSION("2.0"); 14399deb0eb7SJason Gunthorpe MODULE_LICENSE("GPL"); 1440