19deb0eb7SJason Gunthorpe /* 29deb0eb7SJason Gunthorpe * Copyright (C) 2004 IBM Corporation 3afb5abc2SJarkko Sakkinen * Copyright (C) 2014 Intel Corporation 49deb0eb7SJason Gunthorpe * 59deb0eb7SJason Gunthorpe * Authors: 69deb0eb7SJason Gunthorpe * Leendert van Doorn <leendert@watson.ibm.com> 79deb0eb7SJason Gunthorpe * Dave Safford <safford@watson.ibm.com> 89deb0eb7SJason Gunthorpe * Reiner Sailer <sailer@watson.ibm.com> 99deb0eb7SJason Gunthorpe * Kylene Hall <kjhall@us.ibm.com> 109deb0eb7SJason Gunthorpe * 119deb0eb7SJason Gunthorpe * Maintained by: <tpmdd-devel@lists.sourceforge.net> 129deb0eb7SJason Gunthorpe * 139deb0eb7SJason Gunthorpe * Device driver for TCG/TCPA TPM (trusted platform module). 149deb0eb7SJason Gunthorpe * Specifications at www.trustedcomputinggroup.org 159deb0eb7SJason Gunthorpe * 169deb0eb7SJason Gunthorpe * This program is free software; you can redistribute it and/or 179deb0eb7SJason Gunthorpe * modify it under the terms of the GNU General Public License as 189deb0eb7SJason Gunthorpe * published by the Free Software Foundation, version 2 of the 199deb0eb7SJason Gunthorpe * License. 209deb0eb7SJason Gunthorpe * 219deb0eb7SJason Gunthorpe * Note, the TPM chip is not interrupt driven (only polling) 229deb0eb7SJason Gunthorpe * and can have very long timeouts (minutes!). Hence the unusual 239deb0eb7SJason Gunthorpe * calls to msleep. 249deb0eb7SJason Gunthorpe * 259deb0eb7SJason Gunthorpe */ 269deb0eb7SJason Gunthorpe 279deb0eb7SJason Gunthorpe #include <linux/poll.h> 289deb0eb7SJason Gunthorpe #include <linux/slab.h> 299deb0eb7SJason Gunthorpe #include <linux/mutex.h> 309deb0eb7SJason Gunthorpe #include <linux/spinlock.h> 319deb0eb7SJason Gunthorpe #include <linux/freezer.h> 32e74f2f76SWinkler, Tomas #include <linux/pm_runtime.h> 33fd3ec366SThiebaud Weksteen #include <linux/tpm_eventlog.h> 349deb0eb7SJason Gunthorpe 359deb0eb7SJason Gunthorpe #include "tpm.h" 369deb0eb7SJason Gunthorpe 379deb0eb7SJason Gunthorpe #define TPM_MAX_ORDINAL 243 389deb0eb7SJason Gunthorpe #define TSC_MAX_ORDINAL 12 399deb0eb7SJason Gunthorpe #define TPM_PROTECTED_COMMAND 0x00 409deb0eb7SJason Gunthorpe #define TPM_CONNECTION_COMMAND 0x40 419deb0eb7SJason Gunthorpe 429deb0eb7SJason Gunthorpe /* 439deb0eb7SJason Gunthorpe * Bug workaround - some TPM's don't flush the most 449deb0eb7SJason Gunthorpe * recently changed pcr on suspend, so force the flush 459deb0eb7SJason Gunthorpe * with an extend to the selected _unused_ non-volatile pcr. 469deb0eb7SJason Gunthorpe */ 479deb0eb7SJason Gunthorpe static int tpm_suspend_pcr; 489deb0eb7SJason Gunthorpe module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644); 499deb0eb7SJason Gunthorpe MODULE_PARM_DESC(suspend_pcr, 5039f5712bSDmitry Torokhov "PCR to use for dummy writes to facilitate flush on suspend."); 519deb0eb7SJason Gunthorpe 529deb0eb7SJason Gunthorpe /* 539deb0eb7SJason Gunthorpe * Array with one entry per ordinal defining the maximum amount 549deb0eb7SJason Gunthorpe * of time the chip could take to return the result. The ordinal 559deb0eb7SJason Gunthorpe * designation of short, medium or long is defined in a table in 569deb0eb7SJason Gunthorpe * TCG Specification TPM Main Part 2 TPM Structures Section 17. The 579deb0eb7SJason Gunthorpe * values of the SHORT, MEDIUM, and LONG durations are retrieved 589deb0eb7SJason Gunthorpe * from the chip during initialization with a call to tpm_get_timeouts. 599deb0eb7SJason Gunthorpe */ 609deb0eb7SJason Gunthorpe static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = { 619deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 0 */ 629deb0eb7SJason Gunthorpe TPM_UNDEFINED, 639deb0eb7SJason Gunthorpe TPM_UNDEFINED, 649deb0eb7SJason Gunthorpe TPM_UNDEFINED, 659deb0eb7SJason Gunthorpe TPM_UNDEFINED, 669deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 5 */ 679deb0eb7SJason Gunthorpe TPM_UNDEFINED, 689deb0eb7SJason Gunthorpe TPM_UNDEFINED, 699deb0eb7SJason Gunthorpe TPM_UNDEFINED, 709deb0eb7SJason Gunthorpe TPM_UNDEFINED, 719deb0eb7SJason Gunthorpe TPM_SHORT, /* 10 */ 729deb0eb7SJason Gunthorpe TPM_SHORT, 739deb0eb7SJason Gunthorpe TPM_MEDIUM, 749deb0eb7SJason Gunthorpe TPM_LONG, 759deb0eb7SJason Gunthorpe TPM_LONG, 769deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 15 */ 779deb0eb7SJason Gunthorpe TPM_SHORT, 789deb0eb7SJason Gunthorpe TPM_SHORT, 799deb0eb7SJason Gunthorpe TPM_MEDIUM, 809deb0eb7SJason Gunthorpe TPM_LONG, 819deb0eb7SJason Gunthorpe TPM_SHORT, /* 20 */ 829deb0eb7SJason Gunthorpe TPM_SHORT, 839deb0eb7SJason Gunthorpe TPM_MEDIUM, 849deb0eb7SJason Gunthorpe TPM_MEDIUM, 859deb0eb7SJason Gunthorpe TPM_MEDIUM, 869deb0eb7SJason Gunthorpe TPM_SHORT, /* 25 */ 879deb0eb7SJason Gunthorpe TPM_SHORT, 889deb0eb7SJason Gunthorpe TPM_MEDIUM, 899deb0eb7SJason Gunthorpe TPM_SHORT, 909deb0eb7SJason Gunthorpe TPM_SHORT, 919deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 30 */ 929deb0eb7SJason Gunthorpe TPM_LONG, 939deb0eb7SJason Gunthorpe TPM_MEDIUM, 949deb0eb7SJason Gunthorpe TPM_SHORT, 959deb0eb7SJason Gunthorpe TPM_SHORT, 969deb0eb7SJason Gunthorpe TPM_SHORT, /* 35 */ 979deb0eb7SJason Gunthorpe TPM_MEDIUM, 989deb0eb7SJason Gunthorpe TPM_MEDIUM, 999deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1009deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1019deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 40 */ 1029deb0eb7SJason Gunthorpe TPM_LONG, 1039deb0eb7SJason Gunthorpe TPM_MEDIUM, 1049deb0eb7SJason Gunthorpe TPM_SHORT, 1059deb0eb7SJason Gunthorpe TPM_SHORT, 1069deb0eb7SJason Gunthorpe TPM_SHORT, /* 45 */ 1079deb0eb7SJason Gunthorpe TPM_SHORT, 1089deb0eb7SJason Gunthorpe TPM_SHORT, 1099deb0eb7SJason Gunthorpe TPM_SHORT, 1109deb0eb7SJason Gunthorpe TPM_LONG, 1119deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 50 */ 1129deb0eb7SJason Gunthorpe TPM_MEDIUM, 1139deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1149deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1159deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1169deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 55 */ 1179deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1189deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1199deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1209deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1219deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 60 */ 1229deb0eb7SJason Gunthorpe TPM_MEDIUM, 1239deb0eb7SJason Gunthorpe TPM_MEDIUM, 1249deb0eb7SJason Gunthorpe TPM_SHORT, 1259deb0eb7SJason Gunthorpe TPM_SHORT, 1269deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 65 */ 1279deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1289deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1299deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1309deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1319deb0eb7SJason Gunthorpe TPM_SHORT, /* 70 */ 1329deb0eb7SJason Gunthorpe TPM_SHORT, 1339deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1349deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1359deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1369deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 75 */ 1379deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1389deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1399deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1409deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1419deb0eb7SJason Gunthorpe TPM_LONG, /* 80 */ 1429deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1439deb0eb7SJason Gunthorpe TPM_MEDIUM, 1449deb0eb7SJason Gunthorpe TPM_LONG, 1459deb0eb7SJason Gunthorpe TPM_SHORT, 1469deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 85 */ 1479deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1489deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1499deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1509deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1519deb0eb7SJason Gunthorpe TPM_SHORT, /* 90 */ 1529deb0eb7SJason Gunthorpe TPM_SHORT, 1539deb0eb7SJason Gunthorpe TPM_SHORT, 1549deb0eb7SJason Gunthorpe TPM_SHORT, 1559deb0eb7SJason Gunthorpe TPM_SHORT, 1569deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 95 */ 1579deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1589deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1599deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1609deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1619deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 100 */ 1629deb0eb7SJason Gunthorpe TPM_SHORT, 1639deb0eb7SJason Gunthorpe TPM_SHORT, 1649deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1659deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1669deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 105 */ 1679deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1689deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1699deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1709deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1719deb0eb7SJason Gunthorpe TPM_SHORT, /* 110 */ 1729deb0eb7SJason Gunthorpe TPM_SHORT, 1739deb0eb7SJason Gunthorpe TPM_SHORT, 1749deb0eb7SJason Gunthorpe TPM_SHORT, 1759deb0eb7SJason Gunthorpe TPM_SHORT, 1769deb0eb7SJason Gunthorpe TPM_SHORT, /* 115 */ 1779deb0eb7SJason Gunthorpe TPM_SHORT, 1789deb0eb7SJason Gunthorpe TPM_SHORT, 1799deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1809deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1819deb0eb7SJason Gunthorpe TPM_LONG, /* 120 */ 1829deb0eb7SJason Gunthorpe TPM_LONG, 1839deb0eb7SJason Gunthorpe TPM_MEDIUM, 1849deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1859deb0eb7SJason Gunthorpe TPM_SHORT, 1869deb0eb7SJason Gunthorpe TPM_SHORT, /* 125 */ 1879deb0eb7SJason Gunthorpe TPM_SHORT, 1889deb0eb7SJason Gunthorpe TPM_LONG, 1899deb0eb7SJason Gunthorpe TPM_SHORT, 1909deb0eb7SJason Gunthorpe TPM_SHORT, 1919deb0eb7SJason Gunthorpe TPM_SHORT, /* 130 */ 1929deb0eb7SJason Gunthorpe TPM_MEDIUM, 1939deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1949deb0eb7SJason Gunthorpe TPM_SHORT, 1959deb0eb7SJason Gunthorpe TPM_MEDIUM, 1969deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 135 */ 1979deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1989deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1999deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2009deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2019deb0eb7SJason Gunthorpe TPM_SHORT, /* 140 */ 2029deb0eb7SJason Gunthorpe TPM_SHORT, 2039deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2049deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2059deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2069deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 145 */ 2079deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2089deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2099deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2109deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2119deb0eb7SJason Gunthorpe TPM_SHORT, /* 150 */ 2129deb0eb7SJason Gunthorpe TPM_MEDIUM, 2139deb0eb7SJason Gunthorpe TPM_MEDIUM, 2149deb0eb7SJason Gunthorpe TPM_SHORT, 2159deb0eb7SJason Gunthorpe TPM_SHORT, 2169deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 155 */ 2179deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2189deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2199deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2209deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2219deb0eb7SJason Gunthorpe TPM_SHORT, /* 160 */ 2229deb0eb7SJason Gunthorpe TPM_SHORT, 2239deb0eb7SJason Gunthorpe TPM_SHORT, 2249deb0eb7SJason Gunthorpe TPM_SHORT, 2259deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2269deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 165 */ 2279deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2289deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2299deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2309deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2319deb0eb7SJason Gunthorpe TPM_LONG, /* 170 */ 2329deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2339deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2349deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2359deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2369deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 175 */ 2379deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2389deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2399deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2409deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2419deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 180 */ 2429deb0eb7SJason Gunthorpe TPM_SHORT, 2439deb0eb7SJason Gunthorpe TPM_MEDIUM, 2449deb0eb7SJason Gunthorpe TPM_MEDIUM, 2459deb0eb7SJason Gunthorpe TPM_MEDIUM, 2469deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 185 */ 2479deb0eb7SJason Gunthorpe TPM_SHORT, 2489deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2499deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2509deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2519deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 190 */ 2529deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2539deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2549deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2559deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2569deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 195 */ 2579deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2589deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2599deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2609deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2619deb0eb7SJason Gunthorpe TPM_SHORT, /* 200 */ 2629deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2639deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2649deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2659deb0eb7SJason Gunthorpe TPM_SHORT, 2669deb0eb7SJason Gunthorpe TPM_SHORT, /* 205 */ 2679deb0eb7SJason Gunthorpe TPM_SHORT, 2689deb0eb7SJason Gunthorpe TPM_SHORT, 2699deb0eb7SJason Gunthorpe TPM_SHORT, 2709deb0eb7SJason Gunthorpe TPM_SHORT, 2719deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 210 */ 2729deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2739deb0eb7SJason Gunthorpe TPM_MEDIUM, 2749deb0eb7SJason Gunthorpe TPM_MEDIUM, 2759deb0eb7SJason Gunthorpe TPM_MEDIUM, 2769deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 215 */ 2779deb0eb7SJason Gunthorpe TPM_MEDIUM, 2789deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2799deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2809deb0eb7SJason Gunthorpe TPM_SHORT, 2819deb0eb7SJason Gunthorpe TPM_SHORT, /* 220 */ 2829deb0eb7SJason Gunthorpe TPM_SHORT, 2839deb0eb7SJason Gunthorpe TPM_SHORT, 2849deb0eb7SJason Gunthorpe TPM_SHORT, 2859deb0eb7SJason Gunthorpe TPM_SHORT, 2869deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 225 */ 2879deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2889deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2899deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2909deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2919deb0eb7SJason Gunthorpe TPM_SHORT, /* 230 */ 2929deb0eb7SJason Gunthorpe TPM_LONG, 2939deb0eb7SJason Gunthorpe TPM_MEDIUM, 2949deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2959deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2969deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 235 */ 2979deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2989deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2999deb0eb7SJason Gunthorpe TPM_UNDEFINED, 3009deb0eb7SJason Gunthorpe TPM_UNDEFINED, 3019deb0eb7SJason Gunthorpe TPM_SHORT, /* 240 */ 3029deb0eb7SJason Gunthorpe TPM_UNDEFINED, 3039deb0eb7SJason Gunthorpe TPM_MEDIUM, 3049deb0eb7SJason Gunthorpe }; 3059deb0eb7SJason Gunthorpe 3069deb0eb7SJason Gunthorpe /* 3079deb0eb7SJason Gunthorpe * Returns max number of jiffies to wait 3089deb0eb7SJason Gunthorpe */ 3099deb0eb7SJason Gunthorpe unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, 3109deb0eb7SJason Gunthorpe u32 ordinal) 3119deb0eb7SJason Gunthorpe { 3129deb0eb7SJason Gunthorpe int duration_idx = TPM_UNDEFINED; 3139deb0eb7SJason Gunthorpe int duration = 0; 3149deb0eb7SJason Gunthorpe 315f7286430SMartin Wilck /* 316f7286430SMartin Wilck * We only have a duration table for protected commands, where the upper 317f7286430SMartin Wilck * 16 bits are 0. For the few other ordinals the fallback will be used. 318f7286430SMartin Wilck */ 319f7286430SMartin Wilck if (ordinal < TPM_MAX_ORDINAL) 3209deb0eb7SJason Gunthorpe duration_idx = tpm_ordinal_duration[ordinal]; 3219deb0eb7SJason Gunthorpe 3229deb0eb7SJason Gunthorpe if (duration_idx != TPM_UNDEFINED) 323af782f33SChristophe Ricard duration = chip->duration[duration_idx]; 3249deb0eb7SJason Gunthorpe if (duration <= 0) 3259deb0eb7SJason Gunthorpe return 2 * 60 * HZ; 3269deb0eb7SJason Gunthorpe else 3279deb0eb7SJason Gunthorpe return duration; 3289deb0eb7SJason Gunthorpe } 3299deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration); 3309deb0eb7SJason Gunthorpe 331095531f8SJavier Martinez Canillas static int tpm_validate_command(struct tpm_chip *chip, 332745b361eSJarkko Sakkinen struct tpm_space *space, 333745b361eSJarkko Sakkinen const u8 *cmd, 33458472f5cSJarkko Sakkinen size_t len) 33558472f5cSJarkko Sakkinen { 33658472f5cSJarkko Sakkinen const struct tpm_input_header *header = (const void *)cmd; 33758472f5cSJarkko Sakkinen int i; 33858472f5cSJarkko Sakkinen u32 cc; 33958472f5cSJarkko Sakkinen u32 attrs; 34058472f5cSJarkko Sakkinen unsigned int nr_handles; 34158472f5cSJarkko Sakkinen 34258472f5cSJarkko Sakkinen if (len < TPM_HEADER_SIZE) 343095531f8SJavier Martinez Canillas return -EINVAL; 34458472f5cSJarkko Sakkinen 345745b361eSJarkko Sakkinen if (!space) 346095531f8SJavier Martinez Canillas return 0; 347745b361eSJarkko Sakkinen 34858472f5cSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2 && chip->nr_commands) { 34958472f5cSJarkko Sakkinen cc = be32_to_cpu(header->ordinal); 35058472f5cSJarkko Sakkinen 35158472f5cSJarkko Sakkinen i = tpm2_find_cc(chip, cc); 35258472f5cSJarkko Sakkinen if (i < 0) { 35358472f5cSJarkko Sakkinen dev_dbg(&chip->dev, "0x%04X is an invalid command\n", 35458472f5cSJarkko Sakkinen cc); 355095531f8SJavier Martinez Canillas return -EOPNOTSUPP; 35658472f5cSJarkko Sakkinen } 35758472f5cSJarkko Sakkinen 35858472f5cSJarkko Sakkinen attrs = chip->cc_attrs_tbl[i]; 35958472f5cSJarkko Sakkinen nr_handles = 36058472f5cSJarkko Sakkinen 4 * ((attrs >> TPM2_CC_ATTR_CHANDLES) & GENMASK(2, 0)); 36158472f5cSJarkko Sakkinen if (len < TPM_HEADER_SIZE + 4 * nr_handles) 36258472f5cSJarkko Sakkinen goto err_len; 36358472f5cSJarkko Sakkinen } 36458472f5cSJarkko Sakkinen 365095531f8SJavier Martinez Canillas return 0; 36658472f5cSJarkko Sakkinen err_len: 36758472f5cSJarkko Sakkinen dev_dbg(&chip->dev, 36858472f5cSJarkko Sakkinen "%s: insufficient command length %zu", __func__, len); 369095531f8SJavier Martinez Canillas return -EINVAL; 37058472f5cSJarkko Sakkinen } 37158472f5cSJarkko Sakkinen 372888d867dSTomas Winkler static int tpm_request_locality(struct tpm_chip *chip) 373888d867dSTomas Winkler { 374888d867dSTomas Winkler int rc; 375888d867dSTomas Winkler 376888d867dSTomas Winkler if (!chip->ops->request_locality) 377888d867dSTomas Winkler return 0; 378888d867dSTomas Winkler 379888d867dSTomas Winkler rc = chip->ops->request_locality(chip, 0); 380888d867dSTomas Winkler if (rc < 0) 381888d867dSTomas Winkler return rc; 382888d867dSTomas Winkler 383888d867dSTomas Winkler chip->locality = rc; 384888d867dSTomas Winkler 385888d867dSTomas Winkler return 0; 386888d867dSTomas Winkler } 387888d867dSTomas Winkler 388888d867dSTomas Winkler static void tpm_relinquish_locality(struct tpm_chip *chip) 389888d867dSTomas Winkler { 390888d867dSTomas Winkler int rc; 391888d867dSTomas Winkler 392888d867dSTomas Winkler if (!chip->ops->relinquish_locality) 393888d867dSTomas Winkler return; 394888d867dSTomas Winkler 395888d867dSTomas Winkler rc = chip->ops->relinquish_locality(chip, chip->locality); 396888d867dSTomas Winkler if (rc) 397888d867dSTomas Winkler dev_err(&chip->dev, "%s: : error %d\n", __func__, rc); 398888d867dSTomas Winkler 399888d867dSTomas Winkler chip->locality = -1; 400888d867dSTomas Winkler } 401888d867dSTomas Winkler 402e2fb992dSJames Bottomley static ssize_t tpm_try_transmit(struct tpm_chip *chip, 403e2fb992dSJames Bottomley struct tpm_space *space, 404e2fb992dSJames Bottomley u8 *buf, size_t bufsiz, 405e2fb992dSJames Bottomley unsigned int flags) 4069deb0eb7SJason Gunthorpe { 407745b361eSJarkko Sakkinen struct tpm_output_header *header = (void *)buf; 408745b361eSJarkko Sakkinen int rc; 409745b361eSJarkko Sakkinen ssize_t len = 0; 4109deb0eb7SJason Gunthorpe u32 count, ordinal; 4119deb0eb7SJason Gunthorpe unsigned long stop; 412877c57d0SJarkko Sakkinen bool need_locality; 4139deb0eb7SJason Gunthorpe 414095531f8SJavier Martinez Canillas rc = tpm_validate_command(chip, space, buf, bufsiz); 415095531f8SJavier Martinez Canillas if (rc == -EINVAL) 416095531f8SJavier Martinez Canillas return rc; 417095531f8SJavier Martinez Canillas /* 418095531f8SJavier Martinez Canillas * If the command is not implemented by the TPM, synthesize a 419095531f8SJavier Martinez Canillas * response with a TPM2_RC_COMMAND_CODE return for user-space. 420095531f8SJavier Martinez Canillas */ 421095531f8SJavier Martinez Canillas if (rc == -EOPNOTSUPP) { 422095531f8SJavier Martinez Canillas header->length = cpu_to_be32(sizeof(*header)); 423095531f8SJavier Martinez Canillas header->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS); 424095531f8SJavier Martinez Canillas header->return_code = cpu_to_be32(TPM2_RC_COMMAND_CODE | 425095531f8SJavier Martinez Canillas TSS2_RESMGR_TPM_RC_LAYER); 426095531f8SJavier Martinez Canillas return bufsiz; 427095531f8SJavier Martinez Canillas } 428ebfd7532SJarkko Sakkinen 4299deb0eb7SJason Gunthorpe if (bufsiz > TPM_BUFSIZE) 4309deb0eb7SJason Gunthorpe bufsiz = TPM_BUFSIZE; 4319deb0eb7SJason Gunthorpe 4329deb0eb7SJason Gunthorpe count = be32_to_cpu(*((__be32 *) (buf + 2))); 4339deb0eb7SJason Gunthorpe ordinal = be32_to_cpu(*((__be32 *) (buf + 6))); 4349deb0eb7SJason Gunthorpe if (count == 0) 4359deb0eb7SJason Gunthorpe return -ENODATA; 4369deb0eb7SJason Gunthorpe if (count > bufsiz) { 4378cfffc9dSJason Gunthorpe dev_err(&chip->dev, 4389deb0eb7SJason Gunthorpe "invalid count value %x %zx\n", count, bufsiz); 4399deb0eb7SJason Gunthorpe return -E2BIG; 4409deb0eb7SJason Gunthorpe } 4419deb0eb7SJason Gunthorpe 442d4816edfSJarkko Sakkinen if (!(flags & TPM_TRANSMIT_UNLOCKED)) 4439deb0eb7SJason Gunthorpe mutex_lock(&chip->tpm_mutex); 4449deb0eb7SJason Gunthorpe 445e74f2f76SWinkler, Tomas 446b3e958ceSAzhar Shaikh if (chip->ops->clk_enable != NULL) 447b3e958ceSAzhar Shaikh chip->ops->clk_enable(chip, true); 448b3e958ceSAzhar Shaikh 449877c57d0SJarkko Sakkinen /* Store the decision as chip->locality will be changed. */ 450877c57d0SJarkko Sakkinen need_locality = chip->locality == -1; 451877c57d0SJarkko Sakkinen 452888d867dSTomas Winkler if (!(flags & TPM_TRANSMIT_RAW) && need_locality) { 453888d867dSTomas Winkler rc = tpm_request_locality(chip); 454877c57d0SJarkko Sakkinen if (rc < 0) 455877c57d0SJarkko Sakkinen goto out_no_locality; 456877c57d0SJarkko Sakkinen } 457877c57d0SJarkko Sakkinen 458888d867dSTomas Winkler if (chip->dev.parent) 459888d867dSTomas Winkler pm_runtime_get_sync(chip->dev.parent); 460888d867dSTomas Winkler 461745b361eSJarkko Sakkinen rc = tpm2_prepare_space(chip, space, ordinal, buf); 462745b361eSJarkko Sakkinen if (rc) 463745b361eSJarkko Sakkinen goto out; 464745b361eSJarkko Sakkinen 46562c09e12SWinkler, Tomas rc = chip->ops->send(chip, buf, count); 4669deb0eb7SJason Gunthorpe if (rc < 0) { 467402149c6SStefan Berger if (rc != -EPIPE) 4688cfffc9dSJason Gunthorpe dev_err(&chip->dev, 469402149c6SStefan Berger "%s: tpm_send: error %d\n", __func__, rc); 4709deb0eb7SJason Gunthorpe goto out; 4719deb0eb7SJason Gunthorpe } 4729deb0eb7SJason Gunthorpe 473570a3609SChristophe Ricard if (chip->flags & TPM_CHIP_FLAG_IRQ) 4749deb0eb7SJason Gunthorpe goto out_recv; 4759deb0eb7SJason Gunthorpe 4767a1d7e6dSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) 4777a1d7e6dSJarkko Sakkinen stop = jiffies + tpm2_calc_ordinal_duration(chip, ordinal); 4787a1d7e6dSJarkko Sakkinen else 4799deb0eb7SJason Gunthorpe stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal); 4809deb0eb7SJason Gunthorpe do { 4815f82e9f0SJason Gunthorpe u8 status = chip->ops->status(chip); 4825f82e9f0SJason Gunthorpe if ((status & chip->ops->req_complete_mask) == 4835f82e9f0SJason Gunthorpe chip->ops->req_complete_val) 4849deb0eb7SJason Gunthorpe goto out_recv; 4859deb0eb7SJason Gunthorpe 4865f82e9f0SJason Gunthorpe if (chip->ops->req_canceled(chip, status)) { 4878cfffc9dSJason Gunthorpe dev_err(&chip->dev, "Operation Canceled\n"); 4889deb0eb7SJason Gunthorpe rc = -ECANCELED; 4899deb0eb7SJason Gunthorpe goto out; 4909deb0eb7SJason Gunthorpe } 4919deb0eb7SJason Gunthorpe 492*59f5a6b0SNayna Jain tpm_msleep(TPM_TIMEOUT_POLL); 4939deb0eb7SJason Gunthorpe rmb(); 4949deb0eb7SJason Gunthorpe } while (time_before(jiffies, stop)); 4959deb0eb7SJason Gunthorpe 4965f82e9f0SJason Gunthorpe chip->ops->cancel(chip); 4978cfffc9dSJason Gunthorpe dev_err(&chip->dev, "Operation Timed out\n"); 4989deb0eb7SJason Gunthorpe rc = -ETIME; 4999deb0eb7SJason Gunthorpe goto out; 5009deb0eb7SJason Gunthorpe 5019deb0eb7SJason Gunthorpe out_recv: 50262c09e12SWinkler, Tomas len = chip->ops->recv(chip, buf, bufsiz); 503745b361eSJarkko Sakkinen if (len < 0) { 504745b361eSJarkko Sakkinen rc = len; 5058cfffc9dSJason Gunthorpe dev_err(&chip->dev, 506745b361eSJarkko Sakkinen "tpm_transmit: tpm_recv: error %d\n", rc); 507a147918eSJarkko Sakkinen goto out; 508745b361eSJarkko Sakkinen } else if (len < TPM_HEADER_SIZE) { 509a147918eSJarkko Sakkinen rc = -EFAULT; 510a147918eSJarkko Sakkinen goto out; 511a147918eSJarkko Sakkinen } 512a147918eSJarkko Sakkinen 513745b361eSJarkko Sakkinen if (len != be32_to_cpu(header->length)) { 514745b361eSJarkko Sakkinen rc = -EFAULT; 515a147918eSJarkko Sakkinen goto out; 516745b361eSJarkko Sakkinen } 517745b361eSJarkko Sakkinen 518745b361eSJarkko Sakkinen rc = tpm2_commit_space(chip, space, ordinal, buf, &len); 519a147918eSJarkko Sakkinen 5209deb0eb7SJason Gunthorpe out: 521888d867dSTomas Winkler if (chip->dev.parent) 522888d867dSTomas Winkler pm_runtime_put_sync(chip->dev.parent); 523888d867dSTomas Winkler 524888d867dSTomas Winkler if (need_locality) 525888d867dSTomas Winkler tpm_relinquish_locality(chip); 526888d867dSTomas Winkler 527877c57d0SJarkko Sakkinen out_no_locality: 528b3e958ceSAzhar Shaikh if (chip->ops->clk_enable != NULL) 529b3e958ceSAzhar Shaikh chip->ops->clk_enable(chip, false); 530b3e958ceSAzhar Shaikh 531d4816edfSJarkko Sakkinen if (!(flags & TPM_TRANSMIT_UNLOCKED)) 5329deb0eb7SJason Gunthorpe mutex_unlock(&chip->tpm_mutex); 533745b361eSJarkko Sakkinen return rc ? rc : len; 5349deb0eb7SJason Gunthorpe } 5359deb0eb7SJason Gunthorpe 536f865c196SWinkler, Tomas /** 537e2fb992dSJames Bottomley * tpm_transmit - Internal kernel interface to transmit TPM commands. 538e2fb992dSJames Bottomley * 539e2fb992dSJames Bottomley * @chip: TPM chip to use 540e2fb992dSJames Bottomley * @space: tpm space 541e2fb992dSJames Bottomley * @buf: TPM command buffer 542e2fb992dSJames Bottomley * @bufsiz: length of the TPM command buffer 543e2fb992dSJames Bottomley * @flags: tpm transmit flags - bitmap 544e2fb992dSJames Bottomley * 545e2fb992dSJames Bottomley * A wrapper around tpm_try_transmit that handles TPM2_RC_RETRY 546e2fb992dSJames Bottomley * returns from the TPM and retransmits the command after a delay up 547e2fb992dSJames Bottomley * to a maximum wait of TPM2_DURATION_LONG. 548e2fb992dSJames Bottomley * 549e2fb992dSJames Bottomley * Note: TPM1 never returns TPM2_RC_RETRY so the retry logic is TPM2 550e2fb992dSJames Bottomley * only 551e2fb992dSJames Bottomley * 552e2fb992dSJames Bottomley * Return: 553e2fb992dSJames Bottomley * the length of the return when the operation is successful. 554e2fb992dSJames Bottomley * A negative number for system errors (errno). 555e2fb992dSJames Bottomley */ 556e2fb992dSJames Bottomley ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space, 557e2fb992dSJames Bottomley u8 *buf, size_t bufsiz, unsigned int flags) 558e2fb992dSJames Bottomley { 559e2fb992dSJames Bottomley struct tpm_output_header *header = (struct tpm_output_header *)buf; 560e2fb992dSJames Bottomley /* space for header and handles */ 561e2fb992dSJames Bottomley u8 save[TPM_HEADER_SIZE + 3*sizeof(u32)]; 562e2fb992dSJames Bottomley unsigned int delay_msec = TPM2_DURATION_SHORT; 563e2fb992dSJames Bottomley u32 rc = 0; 564e2fb992dSJames Bottomley ssize_t ret; 565e2fb992dSJames Bottomley const size_t save_size = min(space ? sizeof(save) : TPM_HEADER_SIZE, 566e2fb992dSJames Bottomley bufsiz); 5672be8ffedSJames Bottomley /* the command code is where the return code will be */ 5682be8ffedSJames Bottomley u32 cc = be32_to_cpu(header->return_code); 569e2fb992dSJames Bottomley 570e2fb992dSJames Bottomley /* 571e2fb992dSJames Bottomley * Subtlety here: if we have a space, the handles will be 572e2fb992dSJames Bottomley * transformed, so when we restore the header we also have to 573e2fb992dSJames Bottomley * restore the handles. 574e2fb992dSJames Bottomley */ 575e2fb992dSJames Bottomley memcpy(save, buf, save_size); 576e2fb992dSJames Bottomley 577e2fb992dSJames Bottomley for (;;) { 578e2fb992dSJames Bottomley ret = tpm_try_transmit(chip, space, buf, bufsiz, flags); 579e2fb992dSJames Bottomley if (ret < 0) 580e2fb992dSJames Bottomley break; 581e2fb992dSJames Bottomley rc = be32_to_cpu(header->return_code); 5822be8ffedSJames Bottomley if (rc != TPM2_RC_RETRY && rc != TPM2_RC_TESTING) 5832be8ffedSJames Bottomley break; 5842be8ffedSJames Bottomley /* 5852be8ffedSJames Bottomley * return immediately if self test returns test 5862be8ffedSJames Bottomley * still running to shorten boot time. 5872be8ffedSJames Bottomley */ 5882be8ffedSJames Bottomley if (rc == TPM2_RC_TESTING && cc == TPM2_CC_SELF_TEST) 589e2fb992dSJames Bottomley break; 59092980756SNayna Jain 591e2fb992dSJames Bottomley if (delay_msec > TPM2_DURATION_LONG) { 5922be8ffedSJames Bottomley if (rc == TPM2_RC_RETRY) 5932be8ffedSJames Bottomley dev_err(&chip->dev, "in retry loop\n"); 5942be8ffedSJames Bottomley else 5952be8ffedSJames Bottomley dev_err(&chip->dev, 5962be8ffedSJames Bottomley "self test is still running\n"); 597e2fb992dSJames Bottomley break; 598e2fb992dSJames Bottomley } 599e2fb992dSJames Bottomley tpm_msleep(delay_msec); 60092980756SNayna Jain delay_msec *= 2; 601e2fb992dSJames Bottomley memcpy(buf, save, save_size); 602e2fb992dSJames Bottomley } 603e2fb992dSJames Bottomley return ret; 604e2fb992dSJames Bottomley } 605e2fb992dSJames Bottomley /** 60665520d46SWinkler, Tomas * tpm_transmit_cmd - send a tpm command to the device 607f865c196SWinkler, Tomas * The function extracts tpm out header return code 608f865c196SWinkler, Tomas * 609f865c196SWinkler, Tomas * @chip: TPM chip to use 61065520d46SWinkler, Tomas * @space: tpm space 611c659af78SStefan Berger * @buf: TPM command buffer 612c659af78SStefan Berger * @bufsiz: length of the buffer 613c659af78SStefan Berger * @min_rsp_body_length: minimum expected length of response body 614f865c196SWinkler, Tomas * @flags: tpm transmit flags - bitmap 615f865c196SWinkler, Tomas * @desc: command description used in the error message 616f865c196SWinkler, Tomas * 617f865c196SWinkler, Tomas * Return: 618f865c196SWinkler, Tomas * 0 when the operation is successful. 619f865c196SWinkler, Tomas * A negative number for system errors (errno). 620f865c196SWinkler, Tomas * A positive number for a TPM error. 621f865c196SWinkler, Tomas */ 622745b361eSJarkko Sakkinen ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space, 62362c09e12SWinkler, Tomas void *buf, size_t bufsiz, 624745b361eSJarkko Sakkinen size_t min_rsp_body_length, unsigned int flags, 625745b361eSJarkko Sakkinen const char *desc) 6269deb0eb7SJason Gunthorpe { 627a147918eSJarkko Sakkinen const struct tpm_output_header *header = buf; 6289deb0eb7SJason Gunthorpe int err; 629c659af78SStefan Berger ssize_t len; 6309deb0eb7SJason Gunthorpe 63162c09e12SWinkler, Tomas len = tpm_transmit(chip, space, buf, bufsiz, flags); 6329deb0eb7SJason Gunthorpe if (len < 0) 6339deb0eb7SJason Gunthorpe return len; 63487155b73SJarkko Sakkinen 63587155b73SJarkko Sakkinen err = be32_to_cpu(header->return_code); 6369deb0eb7SJason Gunthorpe if (err != 0 && desc) 6378cfffc9dSJason Gunthorpe dev_err(&chip->dev, "A TPM error (%d) occurred %s\n", err, 63871ed848fSJarkko Sakkinen desc); 639c659af78SStefan Berger if (err) 6409deb0eb7SJason Gunthorpe return err; 641c659af78SStefan Berger 642c659af78SStefan Berger if (len < min_rsp_body_length + TPM_HEADER_SIZE) 643c659af78SStefan Berger return -EFAULT; 644c659af78SStefan Berger 645c659af78SStefan Berger return 0; 6469deb0eb7SJason Gunthorpe } 647be4c9acfSStefan Berger EXPORT_SYMBOL_GPL(tpm_transmit_cmd); 6489deb0eb7SJason Gunthorpe 64919cbe4f6SJarkko Sakkinen #define TPM_ORD_STARTUP 153 65019cbe4f6SJarkko Sakkinen #define TPM_ST_CLEAR 1 65119cbe4f6SJarkko Sakkinen 65219cbe4f6SJarkko Sakkinen /** 65319cbe4f6SJarkko Sakkinen * tpm_startup - turn on the TPM 65419cbe4f6SJarkko Sakkinen * @chip: TPM chip to use 65519cbe4f6SJarkko Sakkinen * 65619cbe4f6SJarkko Sakkinen * Normally the firmware should start the TPM. This function is provided as a 65719cbe4f6SJarkko Sakkinen * workaround if this does not happen. A legal case for this could be for 65819cbe4f6SJarkko Sakkinen * example when a TPM emulator is used. 65919cbe4f6SJarkko Sakkinen * 66019cbe4f6SJarkko Sakkinen * Return: same as tpm_transmit_cmd() 66119cbe4f6SJarkko Sakkinen */ 66219cbe4f6SJarkko Sakkinen int tpm_startup(struct tpm_chip *chip) 66319cbe4f6SJarkko Sakkinen { 66419cbe4f6SJarkko Sakkinen struct tpm_buf buf; 66519cbe4f6SJarkko Sakkinen int rc; 66619cbe4f6SJarkko Sakkinen 66719cbe4f6SJarkko Sakkinen dev_info(&chip->dev, "starting up the TPM manually\n"); 66819cbe4f6SJarkko Sakkinen 66919cbe4f6SJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) { 67019cbe4f6SJarkko Sakkinen rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_STARTUP); 67119cbe4f6SJarkko Sakkinen if (rc < 0) 67219cbe4f6SJarkko Sakkinen return rc; 67319cbe4f6SJarkko Sakkinen 67419cbe4f6SJarkko Sakkinen tpm_buf_append_u16(&buf, TPM2_SU_CLEAR); 67519cbe4f6SJarkko Sakkinen } else { 67619cbe4f6SJarkko Sakkinen rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_STARTUP); 67719cbe4f6SJarkko Sakkinen if (rc < 0) 67819cbe4f6SJarkko Sakkinen return rc; 67919cbe4f6SJarkko Sakkinen 68019cbe4f6SJarkko Sakkinen tpm_buf_append_u16(&buf, TPM_ST_CLEAR); 68119cbe4f6SJarkko Sakkinen } 68219cbe4f6SJarkko Sakkinen 68319cbe4f6SJarkko Sakkinen rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0, 68419cbe4f6SJarkko Sakkinen "attempting to start the TPM"); 68519cbe4f6SJarkko Sakkinen 68619cbe4f6SJarkko Sakkinen tpm_buf_destroy(&buf); 68719cbe4f6SJarkko Sakkinen return rc; 68819cbe4f6SJarkko Sakkinen } 68919cbe4f6SJarkko Sakkinen 690f865c196SWinkler, Tomas #define TPM_DIGEST_SIZE 20 691f865c196SWinkler, Tomas #define TPM_RET_CODE_IDX 6 6929deb0eb7SJason Gunthorpe #define TPM_INTERNAL_RESULT_SIZE 200 693a69faebfSRoberto Sassu #define TPM_ORD_GET_CAP 101 694a69faebfSRoberto Sassu #define TPM_ORD_GET_RANDOM 70 6959deb0eb7SJason Gunthorpe 6969deb0eb7SJason Gunthorpe static const struct tpm_input_header tpm_getcap_header = { 69706e93279SRoberto Sassu .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), 6989deb0eb7SJason Gunthorpe .length = cpu_to_be32(22), 699a69faebfSRoberto Sassu .ordinal = cpu_to_be32(TPM_ORD_GET_CAP) 7009deb0eb7SJason Gunthorpe }; 7019deb0eb7SJason Gunthorpe 70284fda152SJarkko Sakkinen ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap, 703c659af78SStefan Berger const char *desc, size_t min_cap_length) 7049deb0eb7SJason Gunthorpe { 705124bdcf4SJarkko Sakkinen struct tpm_buf buf; 7069deb0eb7SJason Gunthorpe int rc; 7079deb0eb7SJason Gunthorpe 708124bdcf4SJarkko Sakkinen rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_CAP); 709124bdcf4SJarkko Sakkinen if (rc) 710124bdcf4SJarkko Sakkinen return rc; 711124bdcf4SJarkko Sakkinen 71284fda152SJarkko Sakkinen if (subcap_id == TPM_CAP_VERSION_1_1 || 71384fda152SJarkko Sakkinen subcap_id == TPM_CAP_VERSION_1_2) { 714124bdcf4SJarkko Sakkinen tpm_buf_append_u32(&buf, subcap_id); 715124bdcf4SJarkko Sakkinen tpm_buf_append_u32(&buf, 0); 7169deb0eb7SJason Gunthorpe } else { 7179deb0eb7SJason Gunthorpe if (subcap_id == TPM_CAP_FLAG_PERM || 7189deb0eb7SJason Gunthorpe subcap_id == TPM_CAP_FLAG_VOL) 719124bdcf4SJarkko Sakkinen tpm_buf_append_u32(&buf, TPM_CAP_FLAG); 7209deb0eb7SJason Gunthorpe else 721124bdcf4SJarkko Sakkinen tpm_buf_append_u32(&buf, TPM_CAP_PROP); 722124bdcf4SJarkko Sakkinen 723124bdcf4SJarkko Sakkinen tpm_buf_append_u32(&buf, 4); 724124bdcf4SJarkko Sakkinen tpm_buf_append_u32(&buf, subcap_id); 7259deb0eb7SJason Gunthorpe } 726124bdcf4SJarkko Sakkinen rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 727c659af78SStefan Berger min_cap_length, 0, desc); 7289deb0eb7SJason Gunthorpe if (!rc) 729124bdcf4SJarkko Sakkinen *cap = *(cap_t *)&buf.data[TPM_HEADER_SIZE + 4]; 730124bdcf4SJarkko Sakkinen 731124bdcf4SJarkko Sakkinen tpm_buf_destroy(&buf); 7329deb0eb7SJason Gunthorpe return rc; 7339deb0eb7SJason Gunthorpe } 734eb5854e7SJarkko Sakkinen EXPORT_SYMBOL_GPL(tpm_getcap); 7359deb0eb7SJason Gunthorpe 7369deb0eb7SJason Gunthorpe int tpm_get_timeouts(struct tpm_chip *chip) 7379deb0eb7SJason Gunthorpe { 738aaa6f7f6SEd Swierk cap_t cap; 7391d70fe9dSMaciej S. Szmigiero unsigned long timeout_old[4], timeout_chip[4], timeout_eff[4]; 7409deb0eb7SJason Gunthorpe ssize_t rc; 7419deb0eb7SJason Gunthorpe 742d1d253cfSJason Gunthorpe if (chip->flags & TPM_CHIP_FLAG_HAVE_TIMEOUTS) 743d1d253cfSJason Gunthorpe return 0; 744d1d253cfSJason Gunthorpe 74525112048SJason Gunthorpe if (chip->flags & TPM_CHIP_FLAG_TPM2) { 74625112048SJason Gunthorpe /* Fixed timeouts for TPM2 */ 747af782f33SChristophe Ricard chip->timeout_a = msecs_to_jiffies(TPM2_TIMEOUT_A); 748af782f33SChristophe Ricard chip->timeout_b = msecs_to_jiffies(TPM2_TIMEOUT_B); 749af782f33SChristophe Ricard chip->timeout_c = msecs_to_jiffies(TPM2_TIMEOUT_C); 750af782f33SChristophe Ricard chip->timeout_d = msecs_to_jiffies(TPM2_TIMEOUT_D); 751af782f33SChristophe Ricard chip->duration[TPM_SHORT] = 75225112048SJason Gunthorpe msecs_to_jiffies(TPM2_DURATION_SHORT); 753af782f33SChristophe Ricard chip->duration[TPM_MEDIUM] = 75425112048SJason Gunthorpe msecs_to_jiffies(TPM2_DURATION_MEDIUM); 755af782f33SChristophe Ricard chip->duration[TPM_LONG] = 75625112048SJason Gunthorpe msecs_to_jiffies(TPM2_DURATION_LONG); 757076d3564STomas Winkler chip->duration[TPM_LONG_LONG] = 758076d3564STomas Winkler msecs_to_jiffies(TPM2_DURATION_LONG_LONG); 759d1d253cfSJason Gunthorpe 760d1d253cfSJason Gunthorpe chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS; 76125112048SJason Gunthorpe return 0; 76225112048SJason Gunthorpe } 76325112048SJason Gunthorpe 764c659af78SStefan Berger rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL, 765c659af78SStefan Berger sizeof(cap.timeout)); 7669deb0eb7SJason Gunthorpe if (rc == TPM_ERR_INVALID_POSTINIT) { 76719cbe4f6SJarkko Sakkinen if (tpm_startup(chip)) 7689deb0eb7SJason Gunthorpe return rc; 7699deb0eb7SJason Gunthorpe 770aaa6f7f6SEd Swierk rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, 771c659af78SStefan Berger "attempting to determine the timeouts", 772c659af78SStefan Berger sizeof(cap.timeout)); 7739deb0eb7SJason Gunthorpe } 774c659af78SStefan Berger 77562bfdacbSJason Gunthorpe if (rc) { 77662bfdacbSJason Gunthorpe dev_err(&chip->dev, 77762bfdacbSJason Gunthorpe "A TPM error (%zd) occurred attempting to determine the timeouts\n", 77862bfdacbSJason Gunthorpe rc); 779aaa6f7f6SEd Swierk return rc; 78062bfdacbSJason Gunthorpe } 7819deb0eb7SJason Gunthorpe 7821d70fe9dSMaciej S. Szmigiero timeout_old[0] = jiffies_to_usecs(chip->timeout_a); 7831d70fe9dSMaciej S. Szmigiero timeout_old[1] = jiffies_to_usecs(chip->timeout_b); 7841d70fe9dSMaciej S. Szmigiero timeout_old[2] = jiffies_to_usecs(chip->timeout_c); 7851d70fe9dSMaciej S. Szmigiero timeout_old[3] = jiffies_to_usecs(chip->timeout_d); 7861d70fe9dSMaciej S. Szmigiero timeout_chip[0] = be32_to_cpu(cap.timeout.a); 7871d70fe9dSMaciej S. Szmigiero timeout_chip[1] = be32_to_cpu(cap.timeout.b); 7881d70fe9dSMaciej S. Szmigiero timeout_chip[2] = be32_to_cpu(cap.timeout.c); 7891d70fe9dSMaciej S. Szmigiero timeout_chip[3] = be32_to_cpu(cap.timeout.d); 7901d70fe9dSMaciej S. Szmigiero memcpy(timeout_eff, timeout_chip, sizeof(timeout_eff)); 7918e54caf4SJason Gunthorpe 7928e54caf4SJason Gunthorpe /* 7938e54caf4SJason Gunthorpe * Provide ability for vendor overrides of timeout values in case 7948e54caf4SJason Gunthorpe * of misreporting. 7958e54caf4SJason Gunthorpe */ 7968e54caf4SJason Gunthorpe if (chip->ops->update_timeouts != NULL) 797af782f33SChristophe Ricard chip->timeout_adjusted = 7981d70fe9dSMaciej S. Szmigiero chip->ops->update_timeouts(chip, timeout_eff); 7998e54caf4SJason Gunthorpe 800af782f33SChristophe Ricard if (!chip->timeout_adjusted) { 8011d70fe9dSMaciej S. Szmigiero /* Restore default if chip reported 0 */ 8028e54caf4SJason Gunthorpe int i; 8038e54caf4SJason Gunthorpe 8041d70fe9dSMaciej S. Szmigiero for (i = 0; i < ARRAY_SIZE(timeout_eff); i++) { 8051d70fe9dSMaciej S. Szmigiero if (timeout_eff[i]) 8061d70fe9dSMaciej S. Szmigiero continue; 8071d70fe9dSMaciej S. Szmigiero 8081d70fe9dSMaciej S. Szmigiero timeout_eff[i] = timeout_old[i]; 8091d70fe9dSMaciej S. Szmigiero chip->timeout_adjusted = true; 8101d70fe9dSMaciej S. Szmigiero } 8111d70fe9dSMaciej S. Szmigiero 8121d70fe9dSMaciej S. Szmigiero if (timeout_eff[0] != 0 && timeout_eff[0] < 1000) { 8139deb0eb7SJason Gunthorpe /* timeouts in msec rather usec */ 8141d70fe9dSMaciej S. Szmigiero for (i = 0; i != ARRAY_SIZE(timeout_eff); i++) 8151d70fe9dSMaciej S. Szmigiero timeout_eff[i] *= 1000; 816af782f33SChristophe Ricard chip->timeout_adjusted = true; 8179deb0eb7SJason Gunthorpe } 8188e54caf4SJason Gunthorpe } 8198e54caf4SJason Gunthorpe 8208e54caf4SJason Gunthorpe /* Report adjusted timeouts */ 821af782f33SChristophe Ricard if (chip->timeout_adjusted) { 8228cfffc9dSJason Gunthorpe dev_info(&chip->dev, 8238e54caf4SJason Gunthorpe HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n", 8241d70fe9dSMaciej S. Szmigiero timeout_chip[0], timeout_eff[0], 8251d70fe9dSMaciej S. Szmigiero timeout_chip[1], timeout_eff[1], 8261d70fe9dSMaciej S. Szmigiero timeout_chip[2], timeout_eff[2], 8271d70fe9dSMaciej S. Szmigiero timeout_chip[3], timeout_eff[3]); 8288e54caf4SJason Gunthorpe } 8298e54caf4SJason Gunthorpe 8301d70fe9dSMaciej S. Szmigiero chip->timeout_a = usecs_to_jiffies(timeout_eff[0]); 8311d70fe9dSMaciej S. Szmigiero chip->timeout_b = usecs_to_jiffies(timeout_eff[1]); 8321d70fe9dSMaciej S. Szmigiero chip->timeout_c = usecs_to_jiffies(timeout_eff[2]); 8331d70fe9dSMaciej S. Szmigiero chip->timeout_d = usecs_to_jiffies(timeout_eff[3]); 8349deb0eb7SJason Gunthorpe 835aaa6f7f6SEd Swierk rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_DURATION, &cap, 836c659af78SStefan Berger "attempting to determine the durations", 837c659af78SStefan Berger sizeof(cap.duration)); 8389deb0eb7SJason Gunthorpe if (rc) 8399deb0eb7SJason Gunthorpe return rc; 8409deb0eb7SJason Gunthorpe 841af782f33SChristophe Ricard chip->duration[TPM_SHORT] = 842aaa6f7f6SEd Swierk usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_short)); 843af782f33SChristophe Ricard chip->duration[TPM_MEDIUM] = 844aaa6f7f6SEd Swierk usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_medium)); 845af782f33SChristophe Ricard chip->duration[TPM_LONG] = 846aaa6f7f6SEd Swierk usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_long)); 847076d3564STomas Winkler chip->duration[TPM_LONG_LONG] = 0; /* not used under 1.2 */ 8489deb0eb7SJason Gunthorpe 8499deb0eb7SJason Gunthorpe /* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above 8509deb0eb7SJason Gunthorpe * value wrong and apparently reports msecs rather than usecs. So we 8519deb0eb7SJason Gunthorpe * fix up the resulting too-small TPM_SHORT value to make things work. 8529deb0eb7SJason Gunthorpe * We also scale the TPM_MEDIUM and -_LONG values by 1000. 8539deb0eb7SJason Gunthorpe */ 854af782f33SChristophe Ricard if (chip->duration[TPM_SHORT] < (HZ / 100)) { 855af782f33SChristophe Ricard chip->duration[TPM_SHORT] = HZ; 856af782f33SChristophe Ricard chip->duration[TPM_MEDIUM] *= 1000; 857af782f33SChristophe Ricard chip->duration[TPM_LONG] *= 1000; 858af782f33SChristophe Ricard chip->duration_adjusted = true; 8598cfffc9dSJason Gunthorpe dev_info(&chip->dev, "Adjusting TPM timeout parameters."); 8609deb0eb7SJason Gunthorpe } 861d1d253cfSJason Gunthorpe 862d1d253cfSJason Gunthorpe chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS; 8639deb0eb7SJason Gunthorpe return 0; 8649deb0eb7SJason Gunthorpe } 8659deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_get_timeouts); 8669deb0eb7SJason Gunthorpe 8679deb0eb7SJason Gunthorpe #define TPM_ORD_CONTINUE_SELFTEST 83 8689deb0eb7SJason Gunthorpe #define CONTINUE_SELFTEST_RESULT_SIZE 10 8699deb0eb7SJason Gunthorpe 8700014777fSJulia Lawall static const struct tpm_input_header continue_selftest_header = { 87106e93279SRoberto Sassu .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), 8729deb0eb7SJason Gunthorpe .length = cpu_to_be32(10), 8739deb0eb7SJason Gunthorpe .ordinal = cpu_to_be32(TPM_ORD_CONTINUE_SELFTEST), 8749deb0eb7SJason Gunthorpe }; 8759deb0eb7SJason Gunthorpe 8769deb0eb7SJason Gunthorpe /** 8779deb0eb7SJason Gunthorpe * tpm_continue_selftest -- run TPM's selftest 8789deb0eb7SJason Gunthorpe * @chip: TPM chip to use 8799deb0eb7SJason Gunthorpe * 8809deb0eb7SJason Gunthorpe * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing 8819deb0eb7SJason Gunthorpe * a TPM error code. 8829deb0eb7SJason Gunthorpe */ 8839deb0eb7SJason Gunthorpe static int tpm_continue_selftest(struct tpm_chip *chip) 8849deb0eb7SJason Gunthorpe { 8859deb0eb7SJason Gunthorpe int rc; 8869deb0eb7SJason Gunthorpe struct tpm_cmd_t cmd; 8879deb0eb7SJason Gunthorpe 8889deb0eb7SJason Gunthorpe cmd.header.in = continue_selftest_header; 889745b361eSJarkko Sakkinen rc = tpm_transmit_cmd(chip, NULL, &cmd, CONTINUE_SELFTEST_RESULT_SIZE, 890745b361eSJarkko Sakkinen 0, 0, "continue selftest"); 8919deb0eb7SJason Gunthorpe return rc; 8929deb0eb7SJason Gunthorpe } 8939deb0eb7SJason Gunthorpe 894a69faebfSRoberto Sassu #define TPM_ORDINAL_PCRREAD 21 8959deb0eb7SJason Gunthorpe #define READ_PCR_RESULT_SIZE 30 896c659af78SStefan Berger #define READ_PCR_RESULT_BODY_SIZE 20 8970014777fSJulia Lawall static const struct tpm_input_header pcrread_header = { 89806e93279SRoberto Sassu .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), 8999deb0eb7SJason Gunthorpe .length = cpu_to_be32(14), 900a69faebfSRoberto Sassu .ordinal = cpu_to_be32(TPM_ORDINAL_PCRREAD) 9019deb0eb7SJason Gunthorpe }; 9029deb0eb7SJason Gunthorpe 903000a07b0SJason Gunthorpe int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) 9049deb0eb7SJason Gunthorpe { 9059deb0eb7SJason Gunthorpe int rc; 9069deb0eb7SJason Gunthorpe struct tpm_cmd_t cmd; 9079deb0eb7SJason Gunthorpe 9089deb0eb7SJason Gunthorpe cmd.header.in = pcrread_header; 9099deb0eb7SJason Gunthorpe cmd.params.pcrread_in.pcr_idx = cpu_to_be32(pcr_idx); 910745b361eSJarkko Sakkinen rc = tpm_transmit_cmd(chip, NULL, &cmd, READ_PCR_RESULT_SIZE, 911c659af78SStefan Berger READ_PCR_RESULT_BODY_SIZE, 0, 9129deb0eb7SJason Gunthorpe "attempting to read a pcr value"); 9139deb0eb7SJason Gunthorpe 9149deb0eb7SJason Gunthorpe if (rc == 0) 9159deb0eb7SJason Gunthorpe memcpy(res_buf, cmd.params.pcrread_out.pcr_result, 9169deb0eb7SJason Gunthorpe TPM_DIGEST_SIZE); 9179deb0eb7SJason Gunthorpe return rc; 9189deb0eb7SJason Gunthorpe } 9199deb0eb7SJason Gunthorpe 9209deb0eb7SJason Gunthorpe /** 921aad887f6SJarkko Sakkinen * tpm_is_tpm2 - do we a have a TPM2 chip? 922aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 923954650efSJarkko Sakkinen * 924aad887f6SJarkko Sakkinen * Return: 925aad887f6SJarkko Sakkinen * 1 if we have a TPM2 chip. 926aad887f6SJarkko Sakkinen * 0 if we don't have a TPM2 chip. 927aad887f6SJarkko Sakkinen * A negative number for system errors (errno). 928954650efSJarkko Sakkinen */ 929aad887f6SJarkko Sakkinen int tpm_is_tpm2(struct tpm_chip *chip) 930954650efSJarkko Sakkinen { 931954650efSJarkko Sakkinen int rc; 932954650efSJarkko Sakkinen 933aad887f6SJarkko Sakkinen chip = tpm_chip_find_get(chip); 934aad887f6SJarkko Sakkinen if (!chip) 935954650efSJarkko Sakkinen return -ENODEV; 936954650efSJarkko Sakkinen 937954650efSJarkko Sakkinen rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0; 938954650efSJarkko Sakkinen 9394e26195fSJason Gunthorpe tpm_put_ops(chip); 940954650efSJarkko Sakkinen 941954650efSJarkko Sakkinen return rc; 942954650efSJarkko Sakkinen } 943954650efSJarkko Sakkinen EXPORT_SYMBOL_GPL(tpm_is_tpm2); 944954650efSJarkko Sakkinen 945954650efSJarkko Sakkinen /** 946aad887f6SJarkko Sakkinen * tpm_pcr_read - read a PCR value from SHA1 bank 947aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 948aad887f6SJarkko Sakkinen * @pcr_idx: the PCR to be retrieved 949aad887f6SJarkko Sakkinen * @res_buf: the value of the PCR 9509deb0eb7SJason Gunthorpe * 951aad887f6SJarkko Sakkinen * Return: same as with tpm_transmit_cmd() 9529deb0eb7SJason Gunthorpe */ 953aad887f6SJarkko Sakkinen int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) 9549deb0eb7SJason Gunthorpe { 9559deb0eb7SJason Gunthorpe int rc; 9569deb0eb7SJason Gunthorpe 957aad887f6SJarkko Sakkinen chip = tpm_chip_find_get(chip); 958aad887f6SJarkko Sakkinen if (!chip) 9599deb0eb7SJason Gunthorpe return -ENODEV; 9607a1d7e6dSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) 9617a1d7e6dSJarkko Sakkinen rc = tpm2_pcr_read(chip, pcr_idx, res_buf); 9627a1d7e6dSJarkko Sakkinen else 963000a07b0SJason Gunthorpe rc = tpm_pcr_read_dev(chip, pcr_idx, res_buf); 9644e26195fSJason Gunthorpe tpm_put_ops(chip); 9659deb0eb7SJason Gunthorpe return rc; 9669deb0eb7SJason Gunthorpe } 9679deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_pcr_read); 9689deb0eb7SJason Gunthorpe 969a69faebfSRoberto Sassu #define TPM_ORD_PCR_EXTEND 20 970ca6d4580SWinkler, Tomas #define EXTEND_PCR_RESULT_SIZE 34 97151b0be64SStefan Berger #define EXTEND_PCR_RESULT_BODY_SIZE 20 972ca6d4580SWinkler, Tomas static const struct tpm_input_header pcrextend_header = { 97306e93279SRoberto Sassu .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), 974ca6d4580SWinkler, Tomas .length = cpu_to_be32(34), 975a69faebfSRoberto Sassu .ordinal = cpu_to_be32(TPM_ORD_PCR_EXTEND) 976ca6d4580SWinkler, Tomas }; 977ca6d4580SWinkler, Tomas 978175d5b2aSRoberto Sassu static int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash, 979175d5b2aSRoberto Sassu char *log_msg) 980175d5b2aSRoberto Sassu { 981175d5b2aSRoberto Sassu struct tpm_buf buf; 982175d5b2aSRoberto Sassu int rc; 983175d5b2aSRoberto Sassu 984175d5b2aSRoberto Sassu rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCR_EXTEND); 985175d5b2aSRoberto Sassu if (rc) 986175d5b2aSRoberto Sassu return rc; 987175d5b2aSRoberto Sassu 988175d5b2aSRoberto Sassu tpm_buf_append_u32(&buf, pcr_idx); 989175d5b2aSRoberto Sassu tpm_buf_append(&buf, hash, TPM_DIGEST_SIZE); 990175d5b2aSRoberto Sassu 991175d5b2aSRoberto Sassu rc = tpm_transmit_cmd(chip, NULL, buf.data, EXTEND_PCR_RESULT_SIZE, 992175d5b2aSRoberto Sassu EXTEND_PCR_RESULT_BODY_SIZE, 0, log_msg); 993175d5b2aSRoberto Sassu tpm_buf_destroy(&buf); 994175d5b2aSRoberto Sassu return rc; 995175d5b2aSRoberto Sassu } 996175d5b2aSRoberto Sassu 9979deb0eb7SJason Gunthorpe /** 998aad887f6SJarkko Sakkinen * tpm_pcr_extend - extend a PCR value in SHA1 bank. 999aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 1000aad887f6SJarkko Sakkinen * @pcr_idx: the PCR to be retrieved 1001aad887f6SJarkko Sakkinen * @hash: the hash value used to extend the PCR value 10029deb0eb7SJason Gunthorpe * 1003aad887f6SJarkko Sakkinen * Note: with TPM 2.0 extends also those banks with a known digest size to the 1004aad887f6SJarkko Sakkinen * cryto subsystem in order to prevent malicious use of those PCR banks. In the 1005aad887f6SJarkko Sakkinen * future we should dynamically determine digest sizes. 1006aad887f6SJarkko Sakkinen * 1007aad887f6SJarkko Sakkinen * Return: same as with tpm_transmit_cmd() 10089deb0eb7SJason Gunthorpe */ 1009aad887f6SJarkko Sakkinen int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash) 10109deb0eb7SJason Gunthorpe { 10119deb0eb7SJason Gunthorpe int rc; 1012c1f92b4bSNayna Jain struct tpm2_digest digest_list[ARRAY_SIZE(chip->active_banks)]; 1013c1f92b4bSNayna Jain u32 count = 0; 1014c1f92b4bSNayna Jain int i; 10159deb0eb7SJason Gunthorpe 1016aad887f6SJarkko Sakkinen chip = tpm_chip_find_get(chip); 1017aad887f6SJarkko Sakkinen if (!chip) 10189deb0eb7SJason Gunthorpe return -ENODEV; 10199deb0eb7SJason Gunthorpe 10207a1d7e6dSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) { 1021c1f92b4bSNayna Jain memset(digest_list, 0, sizeof(digest_list)); 1022c1f92b4bSNayna Jain 102370ea1636SDan Carpenter for (i = 0; i < ARRAY_SIZE(chip->active_banks) && 102470ea1636SDan Carpenter chip->active_banks[i] != TPM2_ALG_ERROR; i++) { 1025c1f92b4bSNayna Jain digest_list[i].alg_id = chip->active_banks[i]; 1026c1f92b4bSNayna Jain memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE); 1027c1f92b4bSNayna Jain count++; 1028c1f92b4bSNayna Jain } 1029c1f92b4bSNayna Jain 1030c1f92b4bSNayna Jain rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list); 10314e26195fSJason Gunthorpe tpm_put_ops(chip); 10327a1d7e6dSJarkko Sakkinen return rc; 10337a1d7e6dSJarkko Sakkinen } 10347a1d7e6dSJarkko Sakkinen 1035175d5b2aSRoberto Sassu rc = tpm1_pcr_extend(chip, pcr_idx, hash, 10369deb0eb7SJason Gunthorpe "attempting extend a PCR value"); 10374e26195fSJason Gunthorpe tpm_put_ops(chip); 10389deb0eb7SJason Gunthorpe return rc; 10399deb0eb7SJason Gunthorpe } 10409deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_pcr_extend); 10419deb0eb7SJason Gunthorpe 10429deb0eb7SJason Gunthorpe /** 10439deb0eb7SJason Gunthorpe * tpm_do_selftest - have the TPM continue its selftest and wait until it 10449deb0eb7SJason Gunthorpe * can receive further commands 10459deb0eb7SJason Gunthorpe * @chip: TPM chip to use 10469deb0eb7SJason Gunthorpe * 10479deb0eb7SJason Gunthorpe * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing 10489deb0eb7SJason Gunthorpe * a TPM error code. 10499deb0eb7SJason Gunthorpe */ 10509deb0eb7SJason Gunthorpe int tpm_do_selftest(struct tpm_chip *chip) 10519deb0eb7SJason Gunthorpe { 10529deb0eb7SJason Gunthorpe int rc; 10539deb0eb7SJason Gunthorpe unsigned int loops; 10549deb0eb7SJason Gunthorpe unsigned int delay_msec = 100; 10559deb0eb7SJason Gunthorpe unsigned long duration; 10560c541332SJarkko Sakkinen u8 dummy[TPM_DIGEST_SIZE]; 10579deb0eb7SJason Gunthorpe 10589deb0eb7SJason Gunthorpe duration = tpm_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST); 10599deb0eb7SJason Gunthorpe 10609deb0eb7SJason Gunthorpe loops = jiffies_to_msecs(duration) / delay_msec; 10619deb0eb7SJason Gunthorpe 10629deb0eb7SJason Gunthorpe rc = tpm_continue_selftest(chip); 10630803d7beSChris Chiu if (rc == TPM_ERR_INVALID_POSTINIT) { 10640803d7beSChris Chiu chip->flags |= TPM_CHIP_FLAG_ALWAYS_POWERED; 10650803d7beSChris Chiu dev_info(&chip->dev, "TPM not ready (%d)\n", rc); 10660803d7beSChris Chiu } 10679deb0eb7SJason Gunthorpe /* This may fail if there was no TPM driver during a suspend/resume 10689deb0eb7SJason Gunthorpe * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST) 10699deb0eb7SJason Gunthorpe */ 10709deb0eb7SJason Gunthorpe if (rc) 10719deb0eb7SJason Gunthorpe return rc; 10729deb0eb7SJason Gunthorpe 10739deb0eb7SJason Gunthorpe do { 10749deb0eb7SJason Gunthorpe /* Attempt to read a PCR value */ 10750c541332SJarkko Sakkinen rc = tpm_pcr_read_dev(chip, 0, dummy); 10760c541332SJarkko Sakkinen 10779deb0eb7SJason Gunthorpe /* Some buggy TPMs will not respond to tpm_tis_ready() for 10789deb0eb7SJason Gunthorpe * around 300ms while the self test is ongoing, keep trying 10799deb0eb7SJason Gunthorpe * until the self test duration expires. */ 10809deb0eb7SJason Gunthorpe if (rc == -ETIME) { 10818cfffc9dSJason Gunthorpe dev_info( 10828cfffc9dSJason Gunthorpe &chip->dev, HW_ERR 10838cfffc9dSJason Gunthorpe "TPM command timed out during continue self test"); 10849f3fc7bcSHamza Attak tpm_msleep(delay_msec); 10859deb0eb7SJason Gunthorpe continue; 10869deb0eb7SJason Gunthorpe } 10879deb0eb7SJason Gunthorpe 10889deb0eb7SJason Gunthorpe if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) { 10898cfffc9dSJason Gunthorpe dev_info(&chip->dev, 10909deb0eb7SJason Gunthorpe "TPM is disabled/deactivated (0x%X)\n", rc); 10919deb0eb7SJason Gunthorpe /* TPM is disabled and/or deactivated; driver can 10929deb0eb7SJason Gunthorpe * proceed and TPM does handle commands for 10939deb0eb7SJason Gunthorpe * suspend/resume correctly 10949deb0eb7SJason Gunthorpe */ 10959deb0eb7SJason Gunthorpe return 0; 10969deb0eb7SJason Gunthorpe } 10979deb0eb7SJason Gunthorpe if (rc != TPM_WARN_DOING_SELFTEST) 10989deb0eb7SJason Gunthorpe return rc; 10999f3fc7bcSHamza Attak tpm_msleep(delay_msec); 11009deb0eb7SJason Gunthorpe } while (--loops > 0); 11019deb0eb7SJason Gunthorpe 11029deb0eb7SJason Gunthorpe return rc; 11039deb0eb7SJason Gunthorpe } 11049deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_do_selftest); 11059deb0eb7SJason Gunthorpe 1106cae8b441SJason Gunthorpe /** 1107cae8b441SJason Gunthorpe * tpm1_auto_startup - Perform the standard automatic TPM initialization 1108cae8b441SJason Gunthorpe * sequence 1109cae8b441SJason Gunthorpe * @chip: TPM chip to use 1110cae8b441SJason Gunthorpe * 1111cae8b441SJason Gunthorpe * Returns 0 on success, < 0 in case of fatal error. 1112cae8b441SJason Gunthorpe */ 1113cae8b441SJason Gunthorpe int tpm1_auto_startup(struct tpm_chip *chip) 1114cae8b441SJason Gunthorpe { 1115cae8b441SJason Gunthorpe int rc; 1116cae8b441SJason Gunthorpe 1117cae8b441SJason Gunthorpe rc = tpm_get_timeouts(chip); 1118cae8b441SJason Gunthorpe if (rc) 1119cae8b441SJason Gunthorpe goto out; 1120cae8b441SJason Gunthorpe rc = tpm_do_selftest(chip); 1121cae8b441SJason Gunthorpe if (rc) { 1122cae8b441SJason Gunthorpe dev_err(&chip->dev, "TPM self test failed\n"); 1123cae8b441SJason Gunthorpe goto out; 1124cae8b441SJason Gunthorpe } 1125cae8b441SJason Gunthorpe 1126cae8b441SJason Gunthorpe return rc; 1127cae8b441SJason Gunthorpe out: 1128cae8b441SJason Gunthorpe if (rc > 0) 1129cae8b441SJason Gunthorpe rc = -ENODEV; 1130cae8b441SJason Gunthorpe return rc; 1131cae8b441SJason Gunthorpe } 1132cae8b441SJason Gunthorpe 1133aad887f6SJarkko Sakkinen /** 1134aad887f6SJarkko Sakkinen * tpm_send - send a TPM command 1135aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 1136aad887f6SJarkko Sakkinen * @cmd: a TPM command buffer 1137aad887f6SJarkko Sakkinen * @buflen: the length of the TPM command buffer 1138aad887f6SJarkko Sakkinen * 1139aad887f6SJarkko Sakkinen * Return: same as with tpm_transmit_cmd() 1140aad887f6SJarkko Sakkinen */ 1141aad887f6SJarkko Sakkinen int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen) 11429deb0eb7SJason Gunthorpe { 11439deb0eb7SJason Gunthorpe int rc; 11449deb0eb7SJason Gunthorpe 1145aad887f6SJarkko Sakkinen chip = tpm_chip_find_get(chip); 1146aad887f6SJarkko Sakkinen if (!chip) 11479deb0eb7SJason Gunthorpe return -ENODEV; 11489deb0eb7SJason Gunthorpe 1149745b361eSJarkko Sakkinen rc = tpm_transmit_cmd(chip, NULL, cmd, buflen, 0, 0, 1150aad887f6SJarkko Sakkinen "attempting to a send a command"); 11514e26195fSJason Gunthorpe tpm_put_ops(chip); 11529deb0eb7SJason Gunthorpe return rc; 11539deb0eb7SJason Gunthorpe } 11549deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_send); 11559deb0eb7SJason Gunthorpe 1156a69faebfSRoberto Sassu #define TPM_ORD_SAVESTATE 152 11579deb0eb7SJason Gunthorpe #define SAVESTATE_RESULT_SIZE 10 11589deb0eb7SJason Gunthorpe 11590014777fSJulia Lawall static const struct tpm_input_header savestate_header = { 116006e93279SRoberto Sassu .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), 11619deb0eb7SJason Gunthorpe .length = cpu_to_be32(10), 1162a69faebfSRoberto Sassu .ordinal = cpu_to_be32(TPM_ORD_SAVESTATE) 11639deb0eb7SJason Gunthorpe }; 11649deb0eb7SJason Gunthorpe 11659deb0eb7SJason Gunthorpe /* 11669deb0eb7SJason Gunthorpe * We are about to suspend. Save the TPM state 11679deb0eb7SJason Gunthorpe * so that it can be restored. 11689deb0eb7SJason Gunthorpe */ 11699deb0eb7SJason Gunthorpe int tpm_pm_suspend(struct device *dev) 11709deb0eb7SJason Gunthorpe { 1171ec03c50bSStefan Berger struct tpm_chip *chip = dev_get_drvdata(dev); 11729deb0eb7SJason Gunthorpe struct tpm_cmd_t cmd; 11739deb0eb7SJason Gunthorpe int rc, try; 11749deb0eb7SJason Gunthorpe 11759deb0eb7SJason Gunthorpe u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 }; 11769deb0eb7SJason Gunthorpe 11779deb0eb7SJason Gunthorpe if (chip == NULL) 11789deb0eb7SJason Gunthorpe return -ENODEV; 11799deb0eb7SJason Gunthorpe 1180b5d0ebc9SEnric Balletbo i Serra if (chip->flags & TPM_CHIP_FLAG_ALWAYS_POWERED) 1181b5d0ebc9SEnric Balletbo i Serra return 0; 1182b5d0ebc9SEnric Balletbo i Serra 118374d6b3ceSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) { 118474d6b3ceSJarkko Sakkinen tpm2_shutdown(chip, TPM2_SU_STATE); 118574d6b3ceSJarkko Sakkinen return 0; 118674d6b3ceSJarkko Sakkinen } 118730fc8d13SJarkko Sakkinen 11889deb0eb7SJason Gunthorpe /* for buggy tpm, flush pcrs with extend to selected dummy */ 1189175d5b2aSRoberto Sassu if (tpm_suspend_pcr) 1190175d5b2aSRoberto Sassu rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash, 11919deb0eb7SJason Gunthorpe "extending dummy pcr before suspend"); 11929deb0eb7SJason Gunthorpe 11939deb0eb7SJason Gunthorpe /* now do the actual savestate */ 11949deb0eb7SJason Gunthorpe for (try = 0; try < TPM_RETRY; try++) { 11959deb0eb7SJason Gunthorpe cmd.header.in = savestate_header; 1196745b361eSJarkko Sakkinen rc = tpm_transmit_cmd(chip, NULL, &cmd, SAVESTATE_RESULT_SIZE, 1197745b361eSJarkko Sakkinen 0, 0, NULL); 11989deb0eb7SJason Gunthorpe 11999deb0eb7SJason Gunthorpe /* 12009deb0eb7SJason Gunthorpe * If the TPM indicates that it is too busy to respond to 12019deb0eb7SJason Gunthorpe * this command then retry before giving up. It can take 12029deb0eb7SJason Gunthorpe * several seconds for this TPM to be ready. 12039deb0eb7SJason Gunthorpe * 12049deb0eb7SJason Gunthorpe * This can happen if the TPM has already been sent the 12059deb0eb7SJason Gunthorpe * SaveState command before the driver has loaded. TCG 1.2 12069deb0eb7SJason Gunthorpe * specification states that any communication after SaveState 12079deb0eb7SJason Gunthorpe * may cause the TPM to invalidate previously saved state. 12089deb0eb7SJason Gunthorpe */ 12099deb0eb7SJason Gunthorpe if (rc != TPM_WARN_RETRY) 12109deb0eb7SJason Gunthorpe break; 12119f3fc7bcSHamza Attak tpm_msleep(TPM_TIMEOUT_RETRY); 12129deb0eb7SJason Gunthorpe } 12139deb0eb7SJason Gunthorpe 12149deb0eb7SJason Gunthorpe if (rc) 12158cfffc9dSJason Gunthorpe dev_err(&chip->dev, 12169deb0eb7SJason Gunthorpe "Error (%d) sending savestate before suspend\n", rc); 12179deb0eb7SJason Gunthorpe else if (try > 0) 12188cfffc9dSJason Gunthorpe dev_warn(&chip->dev, "TPM savestate took %dms\n", 12199deb0eb7SJason Gunthorpe try * TPM_TIMEOUT_RETRY); 12209deb0eb7SJason Gunthorpe 12219deb0eb7SJason Gunthorpe return rc; 12229deb0eb7SJason Gunthorpe } 12239deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_pm_suspend); 12249deb0eb7SJason Gunthorpe 12259deb0eb7SJason Gunthorpe /* 12269deb0eb7SJason Gunthorpe * Resume from a power safe. The BIOS already restored 12279deb0eb7SJason Gunthorpe * the TPM state. 12289deb0eb7SJason Gunthorpe */ 12299deb0eb7SJason Gunthorpe int tpm_pm_resume(struct device *dev) 12309deb0eb7SJason Gunthorpe { 1231ec03c50bSStefan Berger struct tpm_chip *chip = dev_get_drvdata(dev); 12329deb0eb7SJason Gunthorpe 12339deb0eb7SJason Gunthorpe if (chip == NULL) 12349deb0eb7SJason Gunthorpe return -ENODEV; 12359deb0eb7SJason Gunthorpe 12369deb0eb7SJason Gunthorpe return 0; 12379deb0eb7SJason Gunthorpe } 12389deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_pm_resume); 12399deb0eb7SJason Gunthorpe 12409deb0eb7SJason Gunthorpe #define TPM_GETRANDOM_RESULT_SIZE 18 12410014777fSJulia Lawall static const struct tpm_input_header tpm_getrandom_header = { 124206e93279SRoberto Sassu .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), 12439deb0eb7SJason Gunthorpe .length = cpu_to_be32(14), 1244a69faebfSRoberto Sassu .ordinal = cpu_to_be32(TPM_ORD_GET_RANDOM) 12459deb0eb7SJason Gunthorpe }; 12469deb0eb7SJason Gunthorpe 12479deb0eb7SJason Gunthorpe /** 1248aad887f6SJarkko Sakkinen * tpm_get_random() - get random bytes from the TPM's RNG 1249aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 12509deb0eb7SJason Gunthorpe * @out: destination buffer for the random bytes 12519deb0eb7SJason Gunthorpe * @max: the max number of bytes to write to @out 12529deb0eb7SJason Gunthorpe * 1253aad887f6SJarkko Sakkinen * Return: same as with tpm_transmit_cmd() 12549deb0eb7SJason Gunthorpe */ 1255aad887f6SJarkko Sakkinen int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max) 12569deb0eb7SJason Gunthorpe { 12579deb0eb7SJason Gunthorpe struct tpm_cmd_t tpm_cmd; 1258c659af78SStefan Berger u32 recd, num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA), rlength; 12599deb0eb7SJason Gunthorpe int err, total = 0, retries = 5; 12609deb0eb7SJason Gunthorpe u8 *dest = out; 12619deb0eb7SJason Gunthorpe 12623e14d83eSJarkko Sakkinen if (!out || !num_bytes || max > TPM_MAX_RNG_DATA) 12633e14d83eSJarkko Sakkinen return -EINVAL; 12643e14d83eSJarkko Sakkinen 1265aad887f6SJarkko Sakkinen chip = tpm_chip_find_get(chip); 1266aad887f6SJarkko Sakkinen if (!chip) 12679deb0eb7SJason Gunthorpe return -ENODEV; 12689deb0eb7SJason Gunthorpe 12697a1d7e6dSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) { 12707a1d7e6dSJarkko Sakkinen err = tpm2_get_random(chip, out, max); 12714e26195fSJason Gunthorpe tpm_put_ops(chip); 12727a1d7e6dSJarkko Sakkinen return err; 12737a1d7e6dSJarkko Sakkinen } 12747a1d7e6dSJarkko Sakkinen 12759deb0eb7SJason Gunthorpe do { 12769deb0eb7SJason Gunthorpe tpm_cmd.header.in = tpm_getrandom_header; 12779deb0eb7SJason Gunthorpe tpm_cmd.params.getrandom_in.num_bytes = cpu_to_be32(num_bytes); 12789deb0eb7SJason Gunthorpe 1279745b361eSJarkko Sakkinen err = tpm_transmit_cmd(chip, NULL, &tpm_cmd, 12809deb0eb7SJason Gunthorpe TPM_GETRANDOM_RESULT_SIZE + num_bytes, 1281c659af78SStefan Berger offsetof(struct tpm_getrandom_out, 1282c659af78SStefan Berger rng_data), 1283d4816edfSJarkko Sakkinen 0, "attempting get random"); 12849deb0eb7SJason Gunthorpe if (err) 12859deb0eb7SJason Gunthorpe break; 12869deb0eb7SJason Gunthorpe 12879deb0eb7SJason Gunthorpe recd = be32_to_cpu(tpm_cmd.params.getrandom_out.rng_data_len); 12883be23274SJeremy Boone if (recd > num_bytes) { 12893be23274SJeremy Boone total = -EFAULT; 12903be23274SJeremy Boone break; 12913be23274SJeremy Boone } 1292c659af78SStefan Berger 1293c659af78SStefan Berger rlength = be32_to_cpu(tpm_cmd.header.out.length); 1294c659af78SStefan Berger if (rlength < offsetof(struct tpm_getrandom_out, rng_data) + 1295c659af78SStefan Berger recd) { 1296c659af78SStefan Berger total = -EFAULT; 1297c659af78SStefan Berger break; 1298c659af78SStefan Berger } 12999deb0eb7SJason Gunthorpe memcpy(dest, tpm_cmd.params.getrandom_out.rng_data, recd); 13009deb0eb7SJason Gunthorpe 13019deb0eb7SJason Gunthorpe dest += recd; 13029deb0eb7SJason Gunthorpe total += recd; 13039deb0eb7SJason Gunthorpe num_bytes -= recd; 13049deb0eb7SJason Gunthorpe } while (retries-- && total < max); 13059deb0eb7SJason Gunthorpe 13064e26195fSJason Gunthorpe tpm_put_ops(chip); 13079deb0eb7SJason Gunthorpe return total ? total : -EIO; 13089deb0eb7SJason Gunthorpe } 13099deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_get_random); 13109deb0eb7SJason Gunthorpe 1311954650efSJarkko Sakkinen /** 1312aad887f6SJarkko Sakkinen * tpm_seal_trusted() - seal a trusted key payload 1313aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 1314954650efSJarkko Sakkinen * @options: authentication values and other options 1315954650efSJarkko Sakkinen * @payload: the key data in clear and encrypted form 1316954650efSJarkko Sakkinen * 1317aad887f6SJarkko Sakkinen * Note: only TPM 2.0 chip are supported. TPM 1.x implementation is located in 1318aad887f6SJarkko Sakkinen * the keyring subsystem. 1319aad887f6SJarkko Sakkinen * 1320aad887f6SJarkko Sakkinen * Return: same as with tpm_transmit_cmd() 1321954650efSJarkko Sakkinen */ 1322aad887f6SJarkko Sakkinen int tpm_seal_trusted(struct tpm_chip *chip, struct trusted_key_payload *payload, 1323954650efSJarkko Sakkinen struct trusted_key_options *options) 1324954650efSJarkko Sakkinen { 1325954650efSJarkko Sakkinen int rc; 1326954650efSJarkko Sakkinen 1327aad887f6SJarkko Sakkinen chip = tpm_chip_find_get(chip); 1328aad887f6SJarkko Sakkinen if (!chip || !(chip->flags & TPM_CHIP_FLAG_TPM2)) 1329954650efSJarkko Sakkinen return -ENODEV; 1330954650efSJarkko Sakkinen 1331954650efSJarkko Sakkinen rc = tpm2_seal_trusted(chip, payload, options); 1332954650efSJarkko Sakkinen 13334e26195fSJason Gunthorpe tpm_put_ops(chip); 1334954650efSJarkko Sakkinen return rc; 1335954650efSJarkko Sakkinen } 1336954650efSJarkko Sakkinen EXPORT_SYMBOL_GPL(tpm_seal_trusted); 1337954650efSJarkko Sakkinen 1338954650efSJarkko Sakkinen /** 1339954650efSJarkko Sakkinen * tpm_unseal_trusted() - unseal a trusted key 1340aad887f6SJarkko Sakkinen * @chip: a &struct tpm_chip instance, %NULL for the default chip 1341954650efSJarkko Sakkinen * @options: authentication values and other options 1342954650efSJarkko Sakkinen * @payload: the key data in clear and encrypted form 1343954650efSJarkko Sakkinen * 1344aad887f6SJarkko Sakkinen * Note: only TPM 2.0 chip are supported. TPM 1.x implementation is located in 1345aad887f6SJarkko Sakkinen * the keyring subsystem. 1346aad887f6SJarkko Sakkinen * 1347aad887f6SJarkko Sakkinen * Return: same as with tpm_transmit_cmd() 1348954650efSJarkko Sakkinen */ 1349aad887f6SJarkko Sakkinen int tpm_unseal_trusted(struct tpm_chip *chip, 1350aad887f6SJarkko Sakkinen struct trusted_key_payload *payload, 1351954650efSJarkko Sakkinen struct trusted_key_options *options) 1352954650efSJarkko Sakkinen { 1353954650efSJarkko Sakkinen int rc; 1354954650efSJarkko Sakkinen 1355aad887f6SJarkko Sakkinen chip = tpm_chip_find_get(chip); 1356aad887f6SJarkko Sakkinen if (!chip || !(chip->flags & TPM_CHIP_FLAG_TPM2)) 1357954650efSJarkko Sakkinen return -ENODEV; 1358954650efSJarkko Sakkinen 1359954650efSJarkko Sakkinen rc = tpm2_unseal_trusted(chip, payload, options); 1360954650efSJarkko Sakkinen 13614e26195fSJason Gunthorpe tpm_put_ops(chip); 13624e26195fSJason Gunthorpe 1363954650efSJarkko Sakkinen return rc; 1364954650efSJarkko Sakkinen } 1365954650efSJarkko Sakkinen EXPORT_SYMBOL_GPL(tpm_unseal_trusted); 1366954650efSJarkko Sakkinen 1367313d21eeSJarkko Sakkinen static int __init tpm_init(void) 1368313d21eeSJarkko Sakkinen { 1369313d21eeSJarkko Sakkinen int rc; 1370313d21eeSJarkko Sakkinen 1371313d21eeSJarkko Sakkinen tpm_class = class_create(THIS_MODULE, "tpm"); 1372313d21eeSJarkko Sakkinen if (IS_ERR(tpm_class)) { 1373313d21eeSJarkko Sakkinen pr_err("couldn't create tpm class\n"); 1374313d21eeSJarkko Sakkinen return PTR_ERR(tpm_class); 1375313d21eeSJarkko Sakkinen } 1376313d21eeSJarkko Sakkinen 1377fdc915f7SJames Bottomley tpmrm_class = class_create(THIS_MODULE, "tpmrm"); 1378fdc915f7SJames Bottomley if (IS_ERR(tpmrm_class)) { 1379fdc915f7SJames Bottomley pr_err("couldn't create tpmrm class\n"); 1380fdc915f7SJames Bottomley class_destroy(tpm_class); 1381fdc915f7SJames Bottomley return PTR_ERR(tpmrm_class); 1382fdc915f7SJames Bottomley } 1383fdc915f7SJames Bottomley 1384fdc915f7SJames Bottomley rc = alloc_chrdev_region(&tpm_devt, 0, 2*TPM_NUM_DEVICES, "tpm"); 1385313d21eeSJarkko Sakkinen if (rc < 0) { 1386313d21eeSJarkko Sakkinen pr_err("tpm: failed to allocate char dev region\n"); 1387fdc915f7SJames Bottomley class_destroy(tpmrm_class); 1388313d21eeSJarkko Sakkinen class_destroy(tpm_class); 1389313d21eeSJarkko Sakkinen return rc; 1390313d21eeSJarkko Sakkinen } 1391313d21eeSJarkko Sakkinen 1392313d21eeSJarkko Sakkinen return 0; 1393313d21eeSJarkko Sakkinen } 1394313d21eeSJarkko Sakkinen 1395313d21eeSJarkko Sakkinen static void __exit tpm_exit(void) 1396313d21eeSJarkko Sakkinen { 139715516788SStefan Berger idr_destroy(&dev_nums_idr); 1398313d21eeSJarkko Sakkinen class_destroy(tpm_class); 1399fdc915f7SJames Bottomley class_destroy(tpmrm_class); 1400fdc915f7SJames Bottomley unregister_chrdev_region(tpm_devt, 2*TPM_NUM_DEVICES); 1401313d21eeSJarkko Sakkinen } 1402313d21eeSJarkko Sakkinen 1403313d21eeSJarkko Sakkinen subsys_initcall(tpm_init); 1404313d21eeSJarkko Sakkinen module_exit(tpm_exit); 1405313d21eeSJarkko Sakkinen 14069deb0eb7SJason Gunthorpe MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)"); 14079deb0eb7SJason Gunthorpe MODULE_DESCRIPTION("TPM Driver"); 14089deb0eb7SJason Gunthorpe MODULE_VERSION("2.0"); 14099deb0eb7SJason Gunthorpe MODULE_LICENSE("GPL"); 1410