19deb0eb7SJason Gunthorpe /* 29deb0eb7SJason Gunthorpe * Copyright (C) 2004 IBM Corporation 3afb5abc2SJarkko Sakkinen * Copyright (C) 2014 Intel Corporation 49deb0eb7SJason Gunthorpe * 59deb0eb7SJason Gunthorpe * Authors: 69deb0eb7SJason Gunthorpe * Leendert van Doorn <leendert@watson.ibm.com> 79deb0eb7SJason Gunthorpe * Dave Safford <safford@watson.ibm.com> 89deb0eb7SJason Gunthorpe * Reiner Sailer <sailer@watson.ibm.com> 99deb0eb7SJason Gunthorpe * Kylene Hall <kjhall@us.ibm.com> 109deb0eb7SJason Gunthorpe * 119deb0eb7SJason Gunthorpe * Maintained by: <tpmdd-devel@lists.sourceforge.net> 129deb0eb7SJason Gunthorpe * 139deb0eb7SJason Gunthorpe * Device driver for TCG/TCPA TPM (trusted platform module). 149deb0eb7SJason Gunthorpe * Specifications at www.trustedcomputinggroup.org 159deb0eb7SJason Gunthorpe * 169deb0eb7SJason Gunthorpe * This program is free software; you can redistribute it and/or 179deb0eb7SJason Gunthorpe * modify it under the terms of the GNU General Public License as 189deb0eb7SJason Gunthorpe * published by the Free Software Foundation, version 2 of the 199deb0eb7SJason Gunthorpe * License. 209deb0eb7SJason Gunthorpe * 219deb0eb7SJason Gunthorpe * Note, the TPM chip is not interrupt driven (only polling) 229deb0eb7SJason Gunthorpe * and can have very long timeouts (minutes!). Hence the unusual 239deb0eb7SJason Gunthorpe * calls to msleep. 249deb0eb7SJason Gunthorpe * 259deb0eb7SJason Gunthorpe */ 269deb0eb7SJason Gunthorpe 279deb0eb7SJason Gunthorpe #include <linux/poll.h> 289deb0eb7SJason Gunthorpe #include <linux/slab.h> 299deb0eb7SJason Gunthorpe #include <linux/mutex.h> 309deb0eb7SJason Gunthorpe #include <linux/spinlock.h> 319deb0eb7SJason Gunthorpe #include <linux/freezer.h> 329deb0eb7SJason Gunthorpe 339deb0eb7SJason Gunthorpe #include "tpm.h" 349deb0eb7SJason Gunthorpe #include "tpm_eventlog.h" 359deb0eb7SJason Gunthorpe 369deb0eb7SJason Gunthorpe #define TPM_MAX_ORDINAL 243 379deb0eb7SJason Gunthorpe #define TSC_MAX_ORDINAL 12 389deb0eb7SJason Gunthorpe #define TPM_PROTECTED_COMMAND 0x00 399deb0eb7SJason Gunthorpe #define TPM_CONNECTION_COMMAND 0x40 409deb0eb7SJason Gunthorpe 419deb0eb7SJason Gunthorpe /* 429deb0eb7SJason Gunthorpe * Bug workaround - some TPM's don't flush the most 439deb0eb7SJason Gunthorpe * recently changed pcr on suspend, so force the flush 449deb0eb7SJason Gunthorpe * with an extend to the selected _unused_ non-volatile pcr. 459deb0eb7SJason Gunthorpe */ 469deb0eb7SJason Gunthorpe static int tpm_suspend_pcr; 479deb0eb7SJason Gunthorpe module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644); 489deb0eb7SJason Gunthorpe MODULE_PARM_DESC(suspend_pcr, 499deb0eb7SJason Gunthorpe "PCR to use for dummy writes to faciltate flush on suspend."); 509deb0eb7SJason Gunthorpe 519deb0eb7SJason Gunthorpe /* 529deb0eb7SJason Gunthorpe * Array with one entry per ordinal defining the maximum amount 539deb0eb7SJason Gunthorpe * of time the chip could take to return the result. The ordinal 549deb0eb7SJason Gunthorpe * designation of short, medium or long is defined in a table in 559deb0eb7SJason Gunthorpe * TCG Specification TPM Main Part 2 TPM Structures Section 17. The 569deb0eb7SJason Gunthorpe * values of the SHORT, MEDIUM, and LONG durations are retrieved 579deb0eb7SJason Gunthorpe * from the chip during initialization with a call to tpm_get_timeouts. 589deb0eb7SJason Gunthorpe */ 599deb0eb7SJason Gunthorpe static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = { 609deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 0 */ 619deb0eb7SJason Gunthorpe TPM_UNDEFINED, 629deb0eb7SJason Gunthorpe TPM_UNDEFINED, 639deb0eb7SJason Gunthorpe TPM_UNDEFINED, 649deb0eb7SJason Gunthorpe TPM_UNDEFINED, 659deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 5 */ 669deb0eb7SJason Gunthorpe TPM_UNDEFINED, 679deb0eb7SJason Gunthorpe TPM_UNDEFINED, 689deb0eb7SJason Gunthorpe TPM_UNDEFINED, 699deb0eb7SJason Gunthorpe TPM_UNDEFINED, 709deb0eb7SJason Gunthorpe TPM_SHORT, /* 10 */ 719deb0eb7SJason Gunthorpe TPM_SHORT, 729deb0eb7SJason Gunthorpe TPM_MEDIUM, 739deb0eb7SJason Gunthorpe TPM_LONG, 749deb0eb7SJason Gunthorpe TPM_LONG, 759deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 15 */ 769deb0eb7SJason Gunthorpe TPM_SHORT, 779deb0eb7SJason Gunthorpe TPM_SHORT, 789deb0eb7SJason Gunthorpe TPM_MEDIUM, 799deb0eb7SJason Gunthorpe TPM_LONG, 809deb0eb7SJason Gunthorpe TPM_SHORT, /* 20 */ 819deb0eb7SJason Gunthorpe TPM_SHORT, 829deb0eb7SJason Gunthorpe TPM_MEDIUM, 839deb0eb7SJason Gunthorpe TPM_MEDIUM, 849deb0eb7SJason Gunthorpe TPM_MEDIUM, 859deb0eb7SJason Gunthorpe TPM_SHORT, /* 25 */ 869deb0eb7SJason Gunthorpe TPM_SHORT, 879deb0eb7SJason Gunthorpe TPM_MEDIUM, 889deb0eb7SJason Gunthorpe TPM_SHORT, 899deb0eb7SJason Gunthorpe TPM_SHORT, 909deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 30 */ 919deb0eb7SJason Gunthorpe TPM_LONG, 929deb0eb7SJason Gunthorpe TPM_MEDIUM, 939deb0eb7SJason Gunthorpe TPM_SHORT, 949deb0eb7SJason Gunthorpe TPM_SHORT, 959deb0eb7SJason Gunthorpe TPM_SHORT, /* 35 */ 969deb0eb7SJason Gunthorpe TPM_MEDIUM, 979deb0eb7SJason Gunthorpe TPM_MEDIUM, 989deb0eb7SJason Gunthorpe TPM_UNDEFINED, 999deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1009deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 40 */ 1019deb0eb7SJason Gunthorpe TPM_LONG, 1029deb0eb7SJason Gunthorpe TPM_MEDIUM, 1039deb0eb7SJason Gunthorpe TPM_SHORT, 1049deb0eb7SJason Gunthorpe TPM_SHORT, 1059deb0eb7SJason Gunthorpe TPM_SHORT, /* 45 */ 1069deb0eb7SJason Gunthorpe TPM_SHORT, 1079deb0eb7SJason Gunthorpe TPM_SHORT, 1089deb0eb7SJason Gunthorpe TPM_SHORT, 1099deb0eb7SJason Gunthorpe TPM_LONG, 1109deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 50 */ 1119deb0eb7SJason Gunthorpe TPM_MEDIUM, 1129deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1139deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1149deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1159deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 55 */ 1169deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1179deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1189deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1199deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1209deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 60 */ 1219deb0eb7SJason Gunthorpe TPM_MEDIUM, 1229deb0eb7SJason Gunthorpe TPM_MEDIUM, 1239deb0eb7SJason Gunthorpe TPM_SHORT, 1249deb0eb7SJason Gunthorpe TPM_SHORT, 1259deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 65 */ 1269deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1279deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1289deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1299deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1309deb0eb7SJason Gunthorpe TPM_SHORT, /* 70 */ 1319deb0eb7SJason Gunthorpe TPM_SHORT, 1329deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1339deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1349deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1359deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 75 */ 1369deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1379deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1389deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1399deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1409deb0eb7SJason Gunthorpe TPM_LONG, /* 80 */ 1419deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1429deb0eb7SJason Gunthorpe TPM_MEDIUM, 1439deb0eb7SJason Gunthorpe TPM_LONG, 1449deb0eb7SJason Gunthorpe TPM_SHORT, 1459deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 85 */ 1469deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1479deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1489deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1499deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1509deb0eb7SJason Gunthorpe TPM_SHORT, /* 90 */ 1519deb0eb7SJason Gunthorpe TPM_SHORT, 1529deb0eb7SJason Gunthorpe TPM_SHORT, 1539deb0eb7SJason Gunthorpe TPM_SHORT, 1549deb0eb7SJason Gunthorpe TPM_SHORT, 1559deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 95 */ 1569deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1579deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1589deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1599deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1609deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 100 */ 1619deb0eb7SJason Gunthorpe TPM_SHORT, 1629deb0eb7SJason Gunthorpe TPM_SHORT, 1639deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1649deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1659deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 105 */ 1669deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1679deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1689deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1699deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1709deb0eb7SJason Gunthorpe TPM_SHORT, /* 110 */ 1719deb0eb7SJason Gunthorpe TPM_SHORT, 1729deb0eb7SJason Gunthorpe TPM_SHORT, 1739deb0eb7SJason Gunthorpe TPM_SHORT, 1749deb0eb7SJason Gunthorpe TPM_SHORT, 1759deb0eb7SJason Gunthorpe TPM_SHORT, /* 115 */ 1769deb0eb7SJason Gunthorpe TPM_SHORT, 1779deb0eb7SJason Gunthorpe TPM_SHORT, 1789deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1799deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1809deb0eb7SJason Gunthorpe TPM_LONG, /* 120 */ 1819deb0eb7SJason Gunthorpe TPM_LONG, 1829deb0eb7SJason Gunthorpe TPM_MEDIUM, 1839deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1849deb0eb7SJason Gunthorpe TPM_SHORT, 1859deb0eb7SJason Gunthorpe TPM_SHORT, /* 125 */ 1869deb0eb7SJason Gunthorpe TPM_SHORT, 1879deb0eb7SJason Gunthorpe TPM_LONG, 1889deb0eb7SJason Gunthorpe TPM_SHORT, 1899deb0eb7SJason Gunthorpe TPM_SHORT, 1909deb0eb7SJason Gunthorpe TPM_SHORT, /* 130 */ 1919deb0eb7SJason Gunthorpe TPM_MEDIUM, 1929deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1939deb0eb7SJason Gunthorpe TPM_SHORT, 1949deb0eb7SJason Gunthorpe TPM_MEDIUM, 1959deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 135 */ 1969deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1979deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1989deb0eb7SJason Gunthorpe TPM_UNDEFINED, 1999deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2009deb0eb7SJason Gunthorpe TPM_SHORT, /* 140 */ 2019deb0eb7SJason Gunthorpe TPM_SHORT, 2029deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2039deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2049deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2059deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 145 */ 2069deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2079deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2089deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2099deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2109deb0eb7SJason Gunthorpe TPM_SHORT, /* 150 */ 2119deb0eb7SJason Gunthorpe TPM_MEDIUM, 2129deb0eb7SJason Gunthorpe TPM_MEDIUM, 2139deb0eb7SJason Gunthorpe TPM_SHORT, 2149deb0eb7SJason Gunthorpe TPM_SHORT, 2159deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 155 */ 2169deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2179deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2189deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2199deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2209deb0eb7SJason Gunthorpe TPM_SHORT, /* 160 */ 2219deb0eb7SJason Gunthorpe TPM_SHORT, 2229deb0eb7SJason Gunthorpe TPM_SHORT, 2239deb0eb7SJason Gunthorpe TPM_SHORT, 2249deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2259deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 165 */ 2269deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2279deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2289deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2299deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2309deb0eb7SJason Gunthorpe TPM_LONG, /* 170 */ 2319deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2329deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2339deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2349deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2359deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 175 */ 2369deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2379deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2389deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2399deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2409deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 180 */ 2419deb0eb7SJason Gunthorpe TPM_SHORT, 2429deb0eb7SJason Gunthorpe TPM_MEDIUM, 2439deb0eb7SJason Gunthorpe TPM_MEDIUM, 2449deb0eb7SJason Gunthorpe TPM_MEDIUM, 2459deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 185 */ 2469deb0eb7SJason Gunthorpe TPM_SHORT, 2479deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2489deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2499deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2509deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 190 */ 2519deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2529deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2539deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2549deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2559deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 195 */ 2569deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2579deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2589deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2599deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2609deb0eb7SJason Gunthorpe TPM_SHORT, /* 200 */ 2619deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2629deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2639deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2649deb0eb7SJason Gunthorpe TPM_SHORT, 2659deb0eb7SJason Gunthorpe TPM_SHORT, /* 205 */ 2669deb0eb7SJason Gunthorpe TPM_SHORT, 2679deb0eb7SJason Gunthorpe TPM_SHORT, 2689deb0eb7SJason Gunthorpe TPM_SHORT, 2699deb0eb7SJason Gunthorpe TPM_SHORT, 2709deb0eb7SJason Gunthorpe TPM_MEDIUM, /* 210 */ 2719deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2729deb0eb7SJason Gunthorpe TPM_MEDIUM, 2739deb0eb7SJason Gunthorpe TPM_MEDIUM, 2749deb0eb7SJason Gunthorpe TPM_MEDIUM, 2759deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 215 */ 2769deb0eb7SJason Gunthorpe TPM_MEDIUM, 2779deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2789deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2799deb0eb7SJason Gunthorpe TPM_SHORT, 2809deb0eb7SJason Gunthorpe TPM_SHORT, /* 220 */ 2819deb0eb7SJason Gunthorpe TPM_SHORT, 2829deb0eb7SJason Gunthorpe TPM_SHORT, 2839deb0eb7SJason Gunthorpe TPM_SHORT, 2849deb0eb7SJason Gunthorpe TPM_SHORT, 2859deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 225 */ 2869deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2879deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2889deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2899deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2909deb0eb7SJason Gunthorpe TPM_SHORT, /* 230 */ 2919deb0eb7SJason Gunthorpe TPM_LONG, 2929deb0eb7SJason Gunthorpe TPM_MEDIUM, 2939deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2949deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2959deb0eb7SJason Gunthorpe TPM_UNDEFINED, /* 235 */ 2969deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2979deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2989deb0eb7SJason Gunthorpe TPM_UNDEFINED, 2999deb0eb7SJason Gunthorpe TPM_UNDEFINED, 3009deb0eb7SJason Gunthorpe TPM_SHORT, /* 240 */ 3019deb0eb7SJason Gunthorpe TPM_UNDEFINED, 3029deb0eb7SJason Gunthorpe TPM_MEDIUM, 3039deb0eb7SJason Gunthorpe }; 3049deb0eb7SJason Gunthorpe 3059deb0eb7SJason Gunthorpe /* 3069deb0eb7SJason Gunthorpe * Returns max number of jiffies to wait 3079deb0eb7SJason Gunthorpe */ 3089deb0eb7SJason Gunthorpe unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, 3099deb0eb7SJason Gunthorpe u32 ordinal) 3109deb0eb7SJason Gunthorpe { 3119deb0eb7SJason Gunthorpe int duration_idx = TPM_UNDEFINED; 3129deb0eb7SJason Gunthorpe int duration = 0; 3139deb0eb7SJason Gunthorpe 314*f7286430SMartin Wilck /* 315*f7286430SMartin Wilck * We only have a duration table for protected commands, where the upper 316*f7286430SMartin Wilck * 16 bits are 0. For the few other ordinals the fallback will be used. 317*f7286430SMartin Wilck */ 318*f7286430SMartin Wilck if (ordinal < TPM_MAX_ORDINAL) 3199deb0eb7SJason Gunthorpe duration_idx = tpm_ordinal_duration[ordinal]; 3209deb0eb7SJason Gunthorpe 3219deb0eb7SJason Gunthorpe if (duration_idx != TPM_UNDEFINED) 3229deb0eb7SJason Gunthorpe duration = chip->vendor.duration[duration_idx]; 3239deb0eb7SJason Gunthorpe if (duration <= 0) 3249deb0eb7SJason Gunthorpe return 2 * 60 * HZ; 3259deb0eb7SJason Gunthorpe else 3269deb0eb7SJason Gunthorpe return duration; 3279deb0eb7SJason Gunthorpe } 3289deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration); 3299deb0eb7SJason Gunthorpe 3309deb0eb7SJason Gunthorpe /* 3319deb0eb7SJason Gunthorpe * Internal kernel interface to transmit TPM commands 3329deb0eb7SJason Gunthorpe */ 333afdba32eSJason Gunthorpe ssize_t tpm_transmit(struct tpm_chip *chip, const char *buf, 3349deb0eb7SJason Gunthorpe size_t bufsiz) 3359deb0eb7SJason Gunthorpe { 3369deb0eb7SJason Gunthorpe ssize_t rc; 3379deb0eb7SJason Gunthorpe u32 count, ordinal; 3389deb0eb7SJason Gunthorpe unsigned long stop; 3399deb0eb7SJason Gunthorpe 3409deb0eb7SJason Gunthorpe if (bufsiz > TPM_BUFSIZE) 3419deb0eb7SJason Gunthorpe bufsiz = TPM_BUFSIZE; 3429deb0eb7SJason Gunthorpe 3439deb0eb7SJason Gunthorpe count = be32_to_cpu(*((__be32 *) (buf + 2))); 3449deb0eb7SJason Gunthorpe ordinal = be32_to_cpu(*((__be32 *) (buf + 6))); 3459deb0eb7SJason Gunthorpe if (count == 0) 3469deb0eb7SJason Gunthorpe return -ENODATA; 3479deb0eb7SJason Gunthorpe if (count > bufsiz) { 34871ed848fSJarkko Sakkinen dev_err(chip->pdev, 3499deb0eb7SJason Gunthorpe "invalid count value %x %zx\n", count, bufsiz); 3509deb0eb7SJason Gunthorpe return -E2BIG; 3519deb0eb7SJason Gunthorpe } 3529deb0eb7SJason Gunthorpe 3539deb0eb7SJason Gunthorpe mutex_lock(&chip->tpm_mutex); 3549deb0eb7SJason Gunthorpe 3555f82e9f0SJason Gunthorpe rc = chip->ops->send(chip, (u8 *) buf, count); 3569deb0eb7SJason Gunthorpe if (rc < 0) { 35771ed848fSJarkko Sakkinen dev_err(chip->pdev, 3589deb0eb7SJason Gunthorpe "tpm_transmit: tpm_send: error %zd\n", rc); 3599deb0eb7SJason Gunthorpe goto out; 3609deb0eb7SJason Gunthorpe } 3619deb0eb7SJason Gunthorpe 3629deb0eb7SJason Gunthorpe if (chip->vendor.irq) 3639deb0eb7SJason Gunthorpe goto out_recv; 3649deb0eb7SJason Gunthorpe 3657a1d7e6dSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) 3667a1d7e6dSJarkko Sakkinen stop = jiffies + tpm2_calc_ordinal_duration(chip, ordinal); 3677a1d7e6dSJarkko Sakkinen else 3689deb0eb7SJason Gunthorpe stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal); 3699deb0eb7SJason Gunthorpe do { 3705f82e9f0SJason Gunthorpe u8 status = chip->ops->status(chip); 3715f82e9f0SJason Gunthorpe if ((status & chip->ops->req_complete_mask) == 3725f82e9f0SJason Gunthorpe chip->ops->req_complete_val) 3739deb0eb7SJason Gunthorpe goto out_recv; 3749deb0eb7SJason Gunthorpe 3755f82e9f0SJason Gunthorpe if (chip->ops->req_canceled(chip, status)) { 37671ed848fSJarkko Sakkinen dev_err(chip->pdev, "Operation Canceled\n"); 3779deb0eb7SJason Gunthorpe rc = -ECANCELED; 3789deb0eb7SJason Gunthorpe goto out; 3799deb0eb7SJason Gunthorpe } 3809deb0eb7SJason Gunthorpe 3819deb0eb7SJason Gunthorpe msleep(TPM_TIMEOUT); /* CHECK */ 3829deb0eb7SJason Gunthorpe rmb(); 3839deb0eb7SJason Gunthorpe } while (time_before(jiffies, stop)); 3849deb0eb7SJason Gunthorpe 3855f82e9f0SJason Gunthorpe chip->ops->cancel(chip); 38671ed848fSJarkko Sakkinen dev_err(chip->pdev, "Operation Timed out\n"); 3879deb0eb7SJason Gunthorpe rc = -ETIME; 3889deb0eb7SJason Gunthorpe goto out; 3899deb0eb7SJason Gunthorpe 3909deb0eb7SJason Gunthorpe out_recv: 3915f82e9f0SJason Gunthorpe rc = chip->ops->recv(chip, (u8 *) buf, bufsiz); 3929deb0eb7SJason Gunthorpe if (rc < 0) 39371ed848fSJarkko Sakkinen dev_err(chip->pdev, 3949deb0eb7SJason Gunthorpe "tpm_transmit: tpm_recv: error %zd\n", rc); 3959deb0eb7SJason Gunthorpe out: 3969deb0eb7SJason Gunthorpe mutex_unlock(&chip->tpm_mutex); 3979deb0eb7SJason Gunthorpe return rc; 3989deb0eb7SJason Gunthorpe } 3999deb0eb7SJason Gunthorpe 4009deb0eb7SJason Gunthorpe #define TPM_DIGEST_SIZE 20 4019deb0eb7SJason Gunthorpe #define TPM_RET_CODE_IDX 6 4029deb0eb7SJason Gunthorpe 40387155b73SJarkko Sakkinen ssize_t tpm_transmit_cmd(struct tpm_chip *chip, void *cmd, 4049deb0eb7SJason Gunthorpe int len, const char *desc) 4059deb0eb7SJason Gunthorpe { 40687155b73SJarkko Sakkinen struct tpm_output_header *header; 4079deb0eb7SJason Gunthorpe int err; 4089deb0eb7SJason Gunthorpe 4099deb0eb7SJason Gunthorpe len = tpm_transmit(chip, (u8 *) cmd, len); 4109deb0eb7SJason Gunthorpe if (len < 0) 4119deb0eb7SJason Gunthorpe return len; 4129deb0eb7SJason Gunthorpe else if (len < TPM_HEADER_SIZE) 4139deb0eb7SJason Gunthorpe return -EFAULT; 4149deb0eb7SJason Gunthorpe 41587155b73SJarkko Sakkinen header = cmd; 41687155b73SJarkko Sakkinen 41787155b73SJarkko Sakkinen err = be32_to_cpu(header->return_code); 4189deb0eb7SJason Gunthorpe if (err != 0 && desc) 41971ed848fSJarkko Sakkinen dev_err(chip->pdev, "A TPM error (%d) occurred %s\n", err, 42071ed848fSJarkko Sakkinen desc); 4219deb0eb7SJason Gunthorpe 4229deb0eb7SJason Gunthorpe return err; 4239deb0eb7SJason Gunthorpe } 4249deb0eb7SJason Gunthorpe 4259deb0eb7SJason Gunthorpe #define TPM_INTERNAL_RESULT_SIZE 200 4269deb0eb7SJason Gunthorpe #define TPM_ORD_GET_CAP cpu_to_be32(101) 4279deb0eb7SJason Gunthorpe #define TPM_ORD_GET_RANDOM cpu_to_be32(70) 4289deb0eb7SJason Gunthorpe 4299deb0eb7SJason Gunthorpe static const struct tpm_input_header tpm_getcap_header = { 4309deb0eb7SJason Gunthorpe .tag = TPM_TAG_RQU_COMMAND, 4319deb0eb7SJason Gunthorpe .length = cpu_to_be32(22), 4329deb0eb7SJason Gunthorpe .ordinal = TPM_ORD_GET_CAP 4339deb0eb7SJason Gunthorpe }; 4349deb0eb7SJason Gunthorpe 4359deb0eb7SJason Gunthorpe ssize_t tpm_getcap(struct device *dev, __be32 subcap_id, cap_t *cap, 4369deb0eb7SJason Gunthorpe const char *desc) 4379deb0eb7SJason Gunthorpe { 4389deb0eb7SJason Gunthorpe struct tpm_cmd_t tpm_cmd; 4399deb0eb7SJason Gunthorpe int rc; 4409deb0eb7SJason Gunthorpe struct tpm_chip *chip = dev_get_drvdata(dev); 4419deb0eb7SJason Gunthorpe 4429deb0eb7SJason Gunthorpe tpm_cmd.header.in = tpm_getcap_header; 4439deb0eb7SJason Gunthorpe if (subcap_id == CAP_VERSION_1_1 || subcap_id == CAP_VERSION_1_2) { 4449deb0eb7SJason Gunthorpe tpm_cmd.params.getcap_in.cap = subcap_id; 4459deb0eb7SJason Gunthorpe /*subcap field not necessary */ 4469deb0eb7SJason Gunthorpe tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(0); 4479deb0eb7SJason Gunthorpe tpm_cmd.header.in.length -= cpu_to_be32(sizeof(__be32)); 4489deb0eb7SJason Gunthorpe } else { 4499deb0eb7SJason Gunthorpe if (subcap_id == TPM_CAP_FLAG_PERM || 4509deb0eb7SJason Gunthorpe subcap_id == TPM_CAP_FLAG_VOL) 4519deb0eb7SJason Gunthorpe tpm_cmd.params.getcap_in.cap = TPM_CAP_FLAG; 4529deb0eb7SJason Gunthorpe else 4539deb0eb7SJason Gunthorpe tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP; 4549deb0eb7SJason Gunthorpe tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4); 4559deb0eb7SJason Gunthorpe tpm_cmd.params.getcap_in.subcap = subcap_id; 4569deb0eb7SJason Gunthorpe } 45787155b73SJarkko Sakkinen rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, desc); 4589deb0eb7SJason Gunthorpe if (!rc) 4599deb0eb7SJason Gunthorpe *cap = tpm_cmd.params.getcap_out.cap; 4609deb0eb7SJason Gunthorpe return rc; 4619deb0eb7SJason Gunthorpe } 4629deb0eb7SJason Gunthorpe 4639deb0eb7SJason Gunthorpe void tpm_gen_interrupt(struct tpm_chip *chip) 4649deb0eb7SJason Gunthorpe { 4659deb0eb7SJason Gunthorpe struct tpm_cmd_t tpm_cmd; 4669deb0eb7SJason Gunthorpe ssize_t rc; 4679deb0eb7SJason Gunthorpe 4689deb0eb7SJason Gunthorpe tpm_cmd.header.in = tpm_getcap_header; 4699deb0eb7SJason Gunthorpe tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP; 4709deb0eb7SJason Gunthorpe tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4); 4719deb0eb7SJason Gunthorpe tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT; 4729deb0eb7SJason Gunthorpe 47387155b73SJarkko Sakkinen rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, 4749deb0eb7SJason Gunthorpe "attempting to determine the timeouts"); 4759deb0eb7SJason Gunthorpe } 4769deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_gen_interrupt); 4779deb0eb7SJason Gunthorpe 4789deb0eb7SJason Gunthorpe #define TPM_ORD_STARTUP cpu_to_be32(153) 4799deb0eb7SJason Gunthorpe #define TPM_ST_CLEAR cpu_to_be16(1) 4809deb0eb7SJason Gunthorpe #define TPM_ST_STATE cpu_to_be16(2) 4819deb0eb7SJason Gunthorpe #define TPM_ST_DEACTIVATED cpu_to_be16(3) 4829deb0eb7SJason Gunthorpe static const struct tpm_input_header tpm_startup_header = { 4839deb0eb7SJason Gunthorpe .tag = TPM_TAG_RQU_COMMAND, 4849deb0eb7SJason Gunthorpe .length = cpu_to_be32(12), 4859deb0eb7SJason Gunthorpe .ordinal = TPM_ORD_STARTUP 4869deb0eb7SJason Gunthorpe }; 4879deb0eb7SJason Gunthorpe 4889deb0eb7SJason Gunthorpe static int tpm_startup(struct tpm_chip *chip, __be16 startup_type) 4899deb0eb7SJason Gunthorpe { 4909deb0eb7SJason Gunthorpe struct tpm_cmd_t start_cmd; 4919deb0eb7SJason Gunthorpe start_cmd.header.in = tpm_startup_header; 4927a1d7e6dSJarkko Sakkinen 4939deb0eb7SJason Gunthorpe start_cmd.params.startup_in.startup_type = startup_type; 49487155b73SJarkko Sakkinen return tpm_transmit_cmd(chip, &start_cmd, TPM_INTERNAL_RESULT_SIZE, 4959deb0eb7SJason Gunthorpe "attempting to start the TPM"); 4969deb0eb7SJason Gunthorpe } 4979deb0eb7SJason Gunthorpe 4989deb0eb7SJason Gunthorpe int tpm_get_timeouts(struct tpm_chip *chip) 4999deb0eb7SJason Gunthorpe { 5009deb0eb7SJason Gunthorpe struct tpm_cmd_t tpm_cmd; 5018e54caf4SJason Gunthorpe unsigned long new_timeout[4]; 5028e54caf4SJason Gunthorpe unsigned long old_timeout[4]; 5039deb0eb7SJason Gunthorpe struct duration_t *duration_cap; 5049deb0eb7SJason Gunthorpe ssize_t rc; 5059deb0eb7SJason Gunthorpe 5069deb0eb7SJason Gunthorpe tpm_cmd.header.in = tpm_getcap_header; 5079deb0eb7SJason Gunthorpe tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP; 5089deb0eb7SJason Gunthorpe tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4); 5099deb0eb7SJason Gunthorpe tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT; 51087155b73SJarkko Sakkinen rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, NULL); 5119deb0eb7SJason Gunthorpe 5129deb0eb7SJason Gunthorpe if (rc == TPM_ERR_INVALID_POSTINIT) { 5139deb0eb7SJason Gunthorpe /* The TPM is not started, we are the first to talk to it. 5149deb0eb7SJason Gunthorpe Execute a startup command. */ 51571ed848fSJarkko Sakkinen dev_info(chip->pdev, "Issuing TPM_STARTUP"); 5169deb0eb7SJason Gunthorpe if (tpm_startup(chip, TPM_ST_CLEAR)) 5179deb0eb7SJason Gunthorpe return rc; 5189deb0eb7SJason Gunthorpe 5199deb0eb7SJason Gunthorpe tpm_cmd.header.in = tpm_getcap_header; 5209deb0eb7SJason Gunthorpe tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP; 5219deb0eb7SJason Gunthorpe tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4); 5229deb0eb7SJason Gunthorpe tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT; 52387155b73SJarkko Sakkinen rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, 5249deb0eb7SJason Gunthorpe NULL); 5259deb0eb7SJason Gunthorpe } 5269deb0eb7SJason Gunthorpe if (rc) { 52771ed848fSJarkko Sakkinen dev_err(chip->pdev, 5289deb0eb7SJason Gunthorpe "A TPM error (%zd) occurred attempting to determine the timeouts\n", 5299deb0eb7SJason Gunthorpe rc); 5309deb0eb7SJason Gunthorpe goto duration; 5319deb0eb7SJason Gunthorpe } 5329deb0eb7SJason Gunthorpe 5339deb0eb7SJason Gunthorpe if (be32_to_cpu(tpm_cmd.header.out.return_code) != 0 || 5349deb0eb7SJason Gunthorpe be32_to_cpu(tpm_cmd.header.out.length) 5359deb0eb7SJason Gunthorpe != sizeof(tpm_cmd.header.out) + sizeof(u32) + 4 * sizeof(u32)) 5369deb0eb7SJason Gunthorpe return -EINVAL; 5379deb0eb7SJason Gunthorpe 5388e54caf4SJason Gunthorpe old_timeout[0] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.a); 5398e54caf4SJason Gunthorpe old_timeout[1] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.b); 5408e54caf4SJason Gunthorpe old_timeout[2] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.c); 5418e54caf4SJason Gunthorpe old_timeout[3] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.d); 5428e54caf4SJason Gunthorpe memcpy(new_timeout, old_timeout, sizeof(new_timeout)); 5438e54caf4SJason Gunthorpe 5448e54caf4SJason Gunthorpe /* 5458e54caf4SJason Gunthorpe * Provide ability for vendor overrides of timeout values in case 5468e54caf4SJason Gunthorpe * of misreporting. 5478e54caf4SJason Gunthorpe */ 5488e54caf4SJason Gunthorpe if (chip->ops->update_timeouts != NULL) 5498e54caf4SJason Gunthorpe chip->vendor.timeout_adjusted = 5508e54caf4SJason Gunthorpe chip->ops->update_timeouts(chip, new_timeout); 5518e54caf4SJason Gunthorpe 5528e54caf4SJason Gunthorpe if (!chip->vendor.timeout_adjusted) { 5539deb0eb7SJason Gunthorpe /* Don't overwrite default if value is 0 */ 5548e54caf4SJason Gunthorpe if (new_timeout[0] != 0 && new_timeout[0] < 1000) { 5558e54caf4SJason Gunthorpe int i; 5568e54caf4SJason Gunthorpe 5579deb0eb7SJason Gunthorpe /* timeouts in msec rather usec */ 5588e54caf4SJason Gunthorpe for (i = 0; i != ARRAY_SIZE(new_timeout); i++) 5598e54caf4SJason Gunthorpe new_timeout[i] *= 1000; 5609deb0eb7SJason Gunthorpe chip->vendor.timeout_adjusted = true; 5619deb0eb7SJason Gunthorpe } 5628e54caf4SJason Gunthorpe } 5638e54caf4SJason Gunthorpe 5648e54caf4SJason Gunthorpe /* Report adjusted timeouts */ 5658e54caf4SJason Gunthorpe if (chip->vendor.timeout_adjusted) { 56671ed848fSJarkko Sakkinen dev_info(chip->pdev, 5678e54caf4SJason Gunthorpe HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n", 5688e54caf4SJason Gunthorpe old_timeout[0], new_timeout[0], 5698e54caf4SJason Gunthorpe old_timeout[1], new_timeout[1], 5708e54caf4SJason Gunthorpe old_timeout[2], new_timeout[2], 5718e54caf4SJason Gunthorpe old_timeout[3], new_timeout[3]); 5728e54caf4SJason Gunthorpe } 5738e54caf4SJason Gunthorpe 5748e54caf4SJason Gunthorpe chip->vendor.timeout_a = usecs_to_jiffies(new_timeout[0]); 5758e54caf4SJason Gunthorpe chip->vendor.timeout_b = usecs_to_jiffies(new_timeout[1]); 5768e54caf4SJason Gunthorpe chip->vendor.timeout_c = usecs_to_jiffies(new_timeout[2]); 5778e54caf4SJason Gunthorpe chip->vendor.timeout_d = usecs_to_jiffies(new_timeout[3]); 5789deb0eb7SJason Gunthorpe 5799deb0eb7SJason Gunthorpe duration: 5809deb0eb7SJason Gunthorpe tpm_cmd.header.in = tpm_getcap_header; 5819deb0eb7SJason Gunthorpe tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP; 5829deb0eb7SJason Gunthorpe tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4); 5839deb0eb7SJason Gunthorpe tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_DURATION; 5849deb0eb7SJason Gunthorpe 58587155b73SJarkko Sakkinen rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, 5869deb0eb7SJason Gunthorpe "attempting to determine the durations"); 5879deb0eb7SJason Gunthorpe if (rc) 5889deb0eb7SJason Gunthorpe return rc; 5899deb0eb7SJason Gunthorpe 5909deb0eb7SJason Gunthorpe if (be32_to_cpu(tpm_cmd.header.out.return_code) != 0 || 5919deb0eb7SJason Gunthorpe be32_to_cpu(tpm_cmd.header.out.length) 5929deb0eb7SJason Gunthorpe != sizeof(tpm_cmd.header.out) + sizeof(u32) + 3 * sizeof(u32)) 5939deb0eb7SJason Gunthorpe return -EINVAL; 5949deb0eb7SJason Gunthorpe 5959deb0eb7SJason Gunthorpe duration_cap = &tpm_cmd.params.getcap_out.cap.duration; 5969deb0eb7SJason Gunthorpe chip->vendor.duration[TPM_SHORT] = 5979deb0eb7SJason Gunthorpe usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_short)); 5989deb0eb7SJason Gunthorpe chip->vendor.duration[TPM_MEDIUM] = 5999deb0eb7SJason Gunthorpe usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_medium)); 6009deb0eb7SJason Gunthorpe chip->vendor.duration[TPM_LONG] = 6019deb0eb7SJason Gunthorpe usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_long)); 6029deb0eb7SJason Gunthorpe 6039deb0eb7SJason Gunthorpe /* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above 6049deb0eb7SJason Gunthorpe * value wrong and apparently reports msecs rather than usecs. So we 6059deb0eb7SJason Gunthorpe * fix up the resulting too-small TPM_SHORT value to make things work. 6069deb0eb7SJason Gunthorpe * We also scale the TPM_MEDIUM and -_LONG values by 1000. 6079deb0eb7SJason Gunthorpe */ 6089deb0eb7SJason Gunthorpe if (chip->vendor.duration[TPM_SHORT] < (HZ / 100)) { 6099deb0eb7SJason Gunthorpe chip->vendor.duration[TPM_SHORT] = HZ; 6109deb0eb7SJason Gunthorpe chip->vendor.duration[TPM_MEDIUM] *= 1000; 6119deb0eb7SJason Gunthorpe chip->vendor.duration[TPM_LONG] *= 1000; 6129deb0eb7SJason Gunthorpe chip->vendor.duration_adjusted = true; 61371ed848fSJarkko Sakkinen dev_info(chip->pdev, "Adjusting TPM timeout parameters."); 6149deb0eb7SJason Gunthorpe } 6159deb0eb7SJason Gunthorpe return 0; 6169deb0eb7SJason Gunthorpe } 6179deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_get_timeouts); 6189deb0eb7SJason Gunthorpe 6199deb0eb7SJason Gunthorpe #define TPM_ORD_CONTINUE_SELFTEST 83 6209deb0eb7SJason Gunthorpe #define CONTINUE_SELFTEST_RESULT_SIZE 10 6219deb0eb7SJason Gunthorpe 6229deb0eb7SJason Gunthorpe static struct tpm_input_header continue_selftest_header = { 6239deb0eb7SJason Gunthorpe .tag = TPM_TAG_RQU_COMMAND, 6249deb0eb7SJason Gunthorpe .length = cpu_to_be32(10), 6259deb0eb7SJason Gunthorpe .ordinal = cpu_to_be32(TPM_ORD_CONTINUE_SELFTEST), 6269deb0eb7SJason Gunthorpe }; 6279deb0eb7SJason Gunthorpe 6289deb0eb7SJason Gunthorpe /** 6299deb0eb7SJason Gunthorpe * tpm_continue_selftest -- run TPM's selftest 6309deb0eb7SJason Gunthorpe * @chip: TPM chip to use 6319deb0eb7SJason Gunthorpe * 6329deb0eb7SJason Gunthorpe * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing 6339deb0eb7SJason Gunthorpe * a TPM error code. 6349deb0eb7SJason Gunthorpe */ 6359deb0eb7SJason Gunthorpe static int tpm_continue_selftest(struct tpm_chip *chip) 6369deb0eb7SJason Gunthorpe { 6379deb0eb7SJason Gunthorpe int rc; 6389deb0eb7SJason Gunthorpe struct tpm_cmd_t cmd; 6399deb0eb7SJason Gunthorpe 6409deb0eb7SJason Gunthorpe cmd.header.in = continue_selftest_header; 64187155b73SJarkko Sakkinen rc = tpm_transmit_cmd(chip, &cmd, CONTINUE_SELFTEST_RESULT_SIZE, 6429deb0eb7SJason Gunthorpe "continue selftest"); 6439deb0eb7SJason Gunthorpe return rc; 6449deb0eb7SJason Gunthorpe } 6459deb0eb7SJason Gunthorpe 6469deb0eb7SJason Gunthorpe #define TPM_ORDINAL_PCRREAD cpu_to_be32(21) 6479deb0eb7SJason Gunthorpe #define READ_PCR_RESULT_SIZE 30 6489deb0eb7SJason Gunthorpe static struct tpm_input_header pcrread_header = { 6499deb0eb7SJason Gunthorpe .tag = TPM_TAG_RQU_COMMAND, 6509deb0eb7SJason Gunthorpe .length = cpu_to_be32(14), 6519deb0eb7SJason Gunthorpe .ordinal = TPM_ORDINAL_PCRREAD 6529deb0eb7SJason Gunthorpe }; 6539deb0eb7SJason Gunthorpe 654000a07b0SJason Gunthorpe int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) 6559deb0eb7SJason Gunthorpe { 6569deb0eb7SJason Gunthorpe int rc; 6579deb0eb7SJason Gunthorpe struct tpm_cmd_t cmd; 6589deb0eb7SJason Gunthorpe 6599deb0eb7SJason Gunthorpe cmd.header.in = pcrread_header; 6609deb0eb7SJason Gunthorpe cmd.params.pcrread_in.pcr_idx = cpu_to_be32(pcr_idx); 66187155b73SJarkko Sakkinen rc = tpm_transmit_cmd(chip, &cmd, READ_PCR_RESULT_SIZE, 6629deb0eb7SJason Gunthorpe "attempting to read a pcr value"); 6639deb0eb7SJason Gunthorpe 6649deb0eb7SJason Gunthorpe if (rc == 0) 6659deb0eb7SJason Gunthorpe memcpy(res_buf, cmd.params.pcrread_out.pcr_result, 6669deb0eb7SJason Gunthorpe TPM_DIGEST_SIZE); 6679deb0eb7SJason Gunthorpe return rc; 6689deb0eb7SJason Gunthorpe } 6699deb0eb7SJason Gunthorpe 6709deb0eb7SJason Gunthorpe /** 671954650efSJarkko Sakkinen * tpm_is_tpm2 - is the chip a TPM2 chip? 672954650efSJarkko Sakkinen * @chip_num: tpm idx # or ANY 673954650efSJarkko Sakkinen * 674954650efSJarkko Sakkinen * Returns < 0 on error, and 1 or 0 on success depending whether the chip 675954650efSJarkko Sakkinen * is a TPM2 chip. 676954650efSJarkko Sakkinen */ 677954650efSJarkko Sakkinen int tpm_is_tpm2(u32 chip_num) 678954650efSJarkko Sakkinen { 679954650efSJarkko Sakkinen struct tpm_chip *chip; 680954650efSJarkko Sakkinen int rc; 681954650efSJarkko Sakkinen 682954650efSJarkko Sakkinen chip = tpm_chip_find_get(chip_num); 683954650efSJarkko Sakkinen if (chip == NULL) 684954650efSJarkko Sakkinen return -ENODEV; 685954650efSJarkko Sakkinen 686954650efSJarkko Sakkinen rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0; 687954650efSJarkko Sakkinen 688954650efSJarkko Sakkinen tpm_chip_put(chip); 689954650efSJarkko Sakkinen 690954650efSJarkko Sakkinen return rc; 691954650efSJarkko Sakkinen } 692954650efSJarkko Sakkinen EXPORT_SYMBOL_GPL(tpm_is_tpm2); 693954650efSJarkko Sakkinen 694954650efSJarkko Sakkinen /** 6959deb0eb7SJason Gunthorpe * tpm_pcr_read - read a pcr value 6969deb0eb7SJason Gunthorpe * @chip_num: tpm idx # or ANY 6979deb0eb7SJason Gunthorpe * @pcr_idx: pcr idx to retrieve 6989deb0eb7SJason Gunthorpe * @res_buf: TPM_PCR value 6999deb0eb7SJason Gunthorpe * size of res_buf is 20 bytes (or NULL if you don't care) 7009deb0eb7SJason Gunthorpe * 7019deb0eb7SJason Gunthorpe * The TPM driver should be built-in, but for whatever reason it 7029deb0eb7SJason Gunthorpe * isn't, protect against the chip disappearing, by incrementing 7039deb0eb7SJason Gunthorpe * the module usage count. 7049deb0eb7SJason Gunthorpe */ 7059deb0eb7SJason Gunthorpe int tpm_pcr_read(u32 chip_num, int pcr_idx, u8 *res_buf) 7069deb0eb7SJason Gunthorpe { 7079deb0eb7SJason Gunthorpe struct tpm_chip *chip; 7089deb0eb7SJason Gunthorpe int rc; 7099deb0eb7SJason Gunthorpe 7109deb0eb7SJason Gunthorpe chip = tpm_chip_find_get(chip_num); 7119deb0eb7SJason Gunthorpe if (chip == NULL) 7129deb0eb7SJason Gunthorpe return -ENODEV; 7137a1d7e6dSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) 7147a1d7e6dSJarkko Sakkinen rc = tpm2_pcr_read(chip, pcr_idx, res_buf); 7157a1d7e6dSJarkko Sakkinen else 716000a07b0SJason Gunthorpe rc = tpm_pcr_read_dev(chip, pcr_idx, res_buf); 7179deb0eb7SJason Gunthorpe tpm_chip_put(chip); 7189deb0eb7SJason Gunthorpe return rc; 7199deb0eb7SJason Gunthorpe } 7209deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_pcr_read); 7219deb0eb7SJason Gunthorpe 7229deb0eb7SJason Gunthorpe /** 7239deb0eb7SJason Gunthorpe * tpm_pcr_extend - extend pcr value with hash 7249deb0eb7SJason Gunthorpe * @chip_num: tpm idx # or AN& 7259deb0eb7SJason Gunthorpe * @pcr_idx: pcr idx to extend 7269deb0eb7SJason Gunthorpe * @hash: hash value used to extend pcr value 7279deb0eb7SJason Gunthorpe * 7289deb0eb7SJason Gunthorpe * The TPM driver should be built-in, but for whatever reason it 7299deb0eb7SJason Gunthorpe * isn't, protect against the chip disappearing, by incrementing 7309deb0eb7SJason Gunthorpe * the module usage count. 7319deb0eb7SJason Gunthorpe */ 7329deb0eb7SJason Gunthorpe #define TPM_ORD_PCR_EXTEND cpu_to_be32(20) 7339deb0eb7SJason Gunthorpe #define EXTEND_PCR_RESULT_SIZE 34 7349deb0eb7SJason Gunthorpe static struct tpm_input_header pcrextend_header = { 7359deb0eb7SJason Gunthorpe .tag = TPM_TAG_RQU_COMMAND, 7369deb0eb7SJason Gunthorpe .length = cpu_to_be32(34), 7379deb0eb7SJason Gunthorpe .ordinal = TPM_ORD_PCR_EXTEND 7389deb0eb7SJason Gunthorpe }; 7399deb0eb7SJason Gunthorpe 7409deb0eb7SJason Gunthorpe int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash) 7419deb0eb7SJason Gunthorpe { 7429deb0eb7SJason Gunthorpe struct tpm_cmd_t cmd; 7439deb0eb7SJason Gunthorpe int rc; 7449deb0eb7SJason Gunthorpe struct tpm_chip *chip; 7459deb0eb7SJason Gunthorpe 7469deb0eb7SJason Gunthorpe chip = tpm_chip_find_get(chip_num); 7479deb0eb7SJason Gunthorpe if (chip == NULL) 7489deb0eb7SJason Gunthorpe return -ENODEV; 7499deb0eb7SJason Gunthorpe 7507a1d7e6dSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) { 7517a1d7e6dSJarkko Sakkinen rc = tpm2_pcr_extend(chip, pcr_idx, hash); 7527a1d7e6dSJarkko Sakkinen tpm_chip_put(chip); 7537a1d7e6dSJarkko Sakkinen return rc; 7547a1d7e6dSJarkko Sakkinen } 7557a1d7e6dSJarkko Sakkinen 7569deb0eb7SJason Gunthorpe cmd.header.in = pcrextend_header; 7579deb0eb7SJason Gunthorpe cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx); 7589deb0eb7SJason Gunthorpe memcpy(cmd.params.pcrextend_in.hash, hash, TPM_DIGEST_SIZE); 75987155b73SJarkko Sakkinen rc = tpm_transmit_cmd(chip, &cmd, EXTEND_PCR_RESULT_SIZE, 7609deb0eb7SJason Gunthorpe "attempting extend a PCR value"); 7619deb0eb7SJason Gunthorpe 7629deb0eb7SJason Gunthorpe tpm_chip_put(chip); 7639deb0eb7SJason Gunthorpe return rc; 7649deb0eb7SJason Gunthorpe } 7659deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_pcr_extend); 7669deb0eb7SJason Gunthorpe 7679deb0eb7SJason Gunthorpe /** 7689deb0eb7SJason Gunthorpe * tpm_do_selftest - have the TPM continue its selftest and wait until it 7699deb0eb7SJason Gunthorpe * can receive further commands 7709deb0eb7SJason Gunthorpe * @chip: TPM chip to use 7719deb0eb7SJason Gunthorpe * 7729deb0eb7SJason Gunthorpe * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing 7739deb0eb7SJason Gunthorpe * a TPM error code. 7749deb0eb7SJason Gunthorpe */ 7759deb0eb7SJason Gunthorpe int tpm_do_selftest(struct tpm_chip *chip) 7769deb0eb7SJason Gunthorpe { 7779deb0eb7SJason Gunthorpe int rc; 7789deb0eb7SJason Gunthorpe unsigned int loops; 7799deb0eb7SJason Gunthorpe unsigned int delay_msec = 100; 7809deb0eb7SJason Gunthorpe unsigned long duration; 7819deb0eb7SJason Gunthorpe struct tpm_cmd_t cmd; 7829deb0eb7SJason Gunthorpe 7839deb0eb7SJason Gunthorpe duration = tpm_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST); 7849deb0eb7SJason Gunthorpe 7859deb0eb7SJason Gunthorpe loops = jiffies_to_msecs(duration) / delay_msec; 7869deb0eb7SJason Gunthorpe 7879deb0eb7SJason Gunthorpe rc = tpm_continue_selftest(chip); 7889deb0eb7SJason Gunthorpe /* This may fail if there was no TPM driver during a suspend/resume 7899deb0eb7SJason Gunthorpe * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST) 7909deb0eb7SJason Gunthorpe */ 7919deb0eb7SJason Gunthorpe if (rc) 7929deb0eb7SJason Gunthorpe return rc; 7939deb0eb7SJason Gunthorpe 7949deb0eb7SJason Gunthorpe do { 7959deb0eb7SJason Gunthorpe /* Attempt to read a PCR value */ 7969deb0eb7SJason Gunthorpe cmd.header.in = pcrread_header; 7979deb0eb7SJason Gunthorpe cmd.params.pcrread_in.pcr_idx = cpu_to_be32(0); 7989deb0eb7SJason Gunthorpe rc = tpm_transmit(chip, (u8 *) &cmd, READ_PCR_RESULT_SIZE); 7999deb0eb7SJason Gunthorpe /* Some buggy TPMs will not respond to tpm_tis_ready() for 8009deb0eb7SJason Gunthorpe * around 300ms while the self test is ongoing, keep trying 8019deb0eb7SJason Gunthorpe * until the self test duration expires. */ 8029deb0eb7SJason Gunthorpe if (rc == -ETIME) { 80371ed848fSJarkko Sakkinen dev_info(chip->pdev, HW_ERR "TPM command timed out during continue self test"); 8049deb0eb7SJason Gunthorpe msleep(delay_msec); 8059deb0eb7SJason Gunthorpe continue; 8069deb0eb7SJason Gunthorpe } 8079deb0eb7SJason Gunthorpe 8089deb0eb7SJason Gunthorpe if (rc < TPM_HEADER_SIZE) 8099deb0eb7SJason Gunthorpe return -EFAULT; 8109deb0eb7SJason Gunthorpe 8119deb0eb7SJason Gunthorpe rc = be32_to_cpu(cmd.header.out.return_code); 8129deb0eb7SJason Gunthorpe if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) { 81371ed848fSJarkko Sakkinen dev_info(chip->pdev, 8149deb0eb7SJason Gunthorpe "TPM is disabled/deactivated (0x%X)\n", rc); 8159deb0eb7SJason Gunthorpe /* TPM is disabled and/or deactivated; driver can 8169deb0eb7SJason Gunthorpe * proceed and TPM does handle commands for 8179deb0eb7SJason Gunthorpe * suspend/resume correctly 8189deb0eb7SJason Gunthorpe */ 8199deb0eb7SJason Gunthorpe return 0; 8209deb0eb7SJason Gunthorpe } 8219deb0eb7SJason Gunthorpe if (rc != TPM_WARN_DOING_SELFTEST) 8229deb0eb7SJason Gunthorpe return rc; 8239deb0eb7SJason Gunthorpe msleep(delay_msec); 8249deb0eb7SJason Gunthorpe } while (--loops > 0); 8259deb0eb7SJason Gunthorpe 8269deb0eb7SJason Gunthorpe return rc; 8279deb0eb7SJason Gunthorpe } 8289deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_do_selftest); 8299deb0eb7SJason Gunthorpe 8309deb0eb7SJason Gunthorpe int tpm_send(u32 chip_num, void *cmd, size_t buflen) 8319deb0eb7SJason Gunthorpe { 8329deb0eb7SJason Gunthorpe struct tpm_chip *chip; 8339deb0eb7SJason Gunthorpe int rc; 8349deb0eb7SJason Gunthorpe 8359deb0eb7SJason Gunthorpe chip = tpm_chip_find_get(chip_num); 8369deb0eb7SJason Gunthorpe if (chip == NULL) 8379deb0eb7SJason Gunthorpe return -ENODEV; 8389deb0eb7SJason Gunthorpe 83987155b73SJarkko Sakkinen rc = tpm_transmit_cmd(chip, cmd, buflen, "attempting tpm_cmd"); 8409deb0eb7SJason Gunthorpe 8419deb0eb7SJason Gunthorpe tpm_chip_put(chip); 8429deb0eb7SJason Gunthorpe return rc; 8439deb0eb7SJason Gunthorpe } 8449deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_send); 8459deb0eb7SJason Gunthorpe 8469deb0eb7SJason Gunthorpe static bool wait_for_tpm_stat_cond(struct tpm_chip *chip, u8 mask, 8479deb0eb7SJason Gunthorpe bool check_cancel, bool *canceled) 8489deb0eb7SJason Gunthorpe { 8495f82e9f0SJason Gunthorpe u8 status = chip->ops->status(chip); 8509deb0eb7SJason Gunthorpe 8519deb0eb7SJason Gunthorpe *canceled = false; 8529deb0eb7SJason Gunthorpe if ((status & mask) == mask) 8539deb0eb7SJason Gunthorpe return true; 8545f82e9f0SJason Gunthorpe if (check_cancel && chip->ops->req_canceled(chip, status)) { 8559deb0eb7SJason Gunthorpe *canceled = true; 8569deb0eb7SJason Gunthorpe return true; 8579deb0eb7SJason Gunthorpe } 8589deb0eb7SJason Gunthorpe return false; 8599deb0eb7SJason Gunthorpe } 8609deb0eb7SJason Gunthorpe 8619deb0eb7SJason Gunthorpe int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout, 8629deb0eb7SJason Gunthorpe wait_queue_head_t *queue, bool check_cancel) 8639deb0eb7SJason Gunthorpe { 8649deb0eb7SJason Gunthorpe unsigned long stop; 8659deb0eb7SJason Gunthorpe long rc; 8669deb0eb7SJason Gunthorpe u8 status; 8679deb0eb7SJason Gunthorpe bool canceled = false; 8689deb0eb7SJason Gunthorpe 8699deb0eb7SJason Gunthorpe /* check current status */ 8705f82e9f0SJason Gunthorpe status = chip->ops->status(chip); 8719deb0eb7SJason Gunthorpe if ((status & mask) == mask) 8729deb0eb7SJason Gunthorpe return 0; 8739deb0eb7SJason Gunthorpe 8749deb0eb7SJason Gunthorpe stop = jiffies + timeout; 8759deb0eb7SJason Gunthorpe 8769deb0eb7SJason Gunthorpe if (chip->vendor.irq) { 8779deb0eb7SJason Gunthorpe again: 8789deb0eb7SJason Gunthorpe timeout = stop - jiffies; 8799deb0eb7SJason Gunthorpe if ((long)timeout <= 0) 8809deb0eb7SJason Gunthorpe return -ETIME; 8819deb0eb7SJason Gunthorpe rc = wait_event_interruptible_timeout(*queue, 8829deb0eb7SJason Gunthorpe wait_for_tpm_stat_cond(chip, mask, check_cancel, 8839deb0eb7SJason Gunthorpe &canceled), 8849deb0eb7SJason Gunthorpe timeout); 8859deb0eb7SJason Gunthorpe if (rc > 0) { 8869deb0eb7SJason Gunthorpe if (canceled) 8879deb0eb7SJason Gunthorpe return -ECANCELED; 8889deb0eb7SJason Gunthorpe return 0; 8899deb0eb7SJason Gunthorpe } 8909deb0eb7SJason Gunthorpe if (rc == -ERESTARTSYS && freezing(current)) { 8919deb0eb7SJason Gunthorpe clear_thread_flag(TIF_SIGPENDING); 8929deb0eb7SJason Gunthorpe goto again; 8939deb0eb7SJason Gunthorpe } 8949deb0eb7SJason Gunthorpe } else { 8959deb0eb7SJason Gunthorpe do { 8969deb0eb7SJason Gunthorpe msleep(TPM_TIMEOUT); 8975f82e9f0SJason Gunthorpe status = chip->ops->status(chip); 8989deb0eb7SJason Gunthorpe if ((status & mask) == mask) 8999deb0eb7SJason Gunthorpe return 0; 9009deb0eb7SJason Gunthorpe } while (time_before(jiffies, stop)); 9019deb0eb7SJason Gunthorpe } 9029deb0eb7SJason Gunthorpe return -ETIME; 9039deb0eb7SJason Gunthorpe } 9049deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(wait_for_tpm_stat); 9059deb0eb7SJason Gunthorpe 9069deb0eb7SJason Gunthorpe #define TPM_ORD_SAVESTATE cpu_to_be32(152) 9079deb0eb7SJason Gunthorpe #define SAVESTATE_RESULT_SIZE 10 9089deb0eb7SJason Gunthorpe 9099deb0eb7SJason Gunthorpe static struct tpm_input_header savestate_header = { 9109deb0eb7SJason Gunthorpe .tag = TPM_TAG_RQU_COMMAND, 9119deb0eb7SJason Gunthorpe .length = cpu_to_be32(10), 9129deb0eb7SJason Gunthorpe .ordinal = TPM_ORD_SAVESTATE 9139deb0eb7SJason Gunthorpe }; 9149deb0eb7SJason Gunthorpe 9159deb0eb7SJason Gunthorpe /* 9169deb0eb7SJason Gunthorpe * We are about to suspend. Save the TPM state 9179deb0eb7SJason Gunthorpe * so that it can be restored. 9189deb0eb7SJason Gunthorpe */ 9199deb0eb7SJason Gunthorpe int tpm_pm_suspend(struct device *dev) 9209deb0eb7SJason Gunthorpe { 9219deb0eb7SJason Gunthorpe struct tpm_chip *chip = dev_get_drvdata(dev); 9229deb0eb7SJason Gunthorpe struct tpm_cmd_t cmd; 9239deb0eb7SJason Gunthorpe int rc, try; 9249deb0eb7SJason Gunthorpe 9259deb0eb7SJason Gunthorpe u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 }; 9269deb0eb7SJason Gunthorpe 9279deb0eb7SJason Gunthorpe if (chip == NULL) 9289deb0eb7SJason Gunthorpe return -ENODEV; 9299deb0eb7SJason Gunthorpe 93074d6b3ceSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) { 93174d6b3ceSJarkko Sakkinen tpm2_shutdown(chip, TPM2_SU_STATE); 93274d6b3ceSJarkko Sakkinen return 0; 93374d6b3ceSJarkko Sakkinen } 93430fc8d13SJarkko Sakkinen 9359deb0eb7SJason Gunthorpe /* for buggy tpm, flush pcrs with extend to selected dummy */ 9369deb0eb7SJason Gunthorpe if (tpm_suspend_pcr) { 9379deb0eb7SJason Gunthorpe cmd.header.in = pcrextend_header; 9389deb0eb7SJason Gunthorpe cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(tpm_suspend_pcr); 9399deb0eb7SJason Gunthorpe memcpy(cmd.params.pcrextend_in.hash, dummy_hash, 9409deb0eb7SJason Gunthorpe TPM_DIGEST_SIZE); 94187155b73SJarkko Sakkinen rc = tpm_transmit_cmd(chip, &cmd, EXTEND_PCR_RESULT_SIZE, 9429deb0eb7SJason Gunthorpe "extending dummy pcr before suspend"); 9439deb0eb7SJason Gunthorpe } 9449deb0eb7SJason Gunthorpe 9459deb0eb7SJason Gunthorpe /* now do the actual savestate */ 9469deb0eb7SJason Gunthorpe for (try = 0; try < TPM_RETRY; try++) { 9479deb0eb7SJason Gunthorpe cmd.header.in = savestate_header; 94887155b73SJarkko Sakkinen rc = tpm_transmit_cmd(chip, &cmd, SAVESTATE_RESULT_SIZE, NULL); 9499deb0eb7SJason Gunthorpe 9509deb0eb7SJason Gunthorpe /* 9519deb0eb7SJason Gunthorpe * If the TPM indicates that it is too busy to respond to 9529deb0eb7SJason Gunthorpe * this command then retry before giving up. It can take 9539deb0eb7SJason Gunthorpe * several seconds for this TPM to be ready. 9549deb0eb7SJason Gunthorpe * 9559deb0eb7SJason Gunthorpe * This can happen if the TPM has already been sent the 9569deb0eb7SJason Gunthorpe * SaveState command before the driver has loaded. TCG 1.2 9579deb0eb7SJason Gunthorpe * specification states that any communication after SaveState 9589deb0eb7SJason Gunthorpe * may cause the TPM to invalidate previously saved state. 9599deb0eb7SJason Gunthorpe */ 9609deb0eb7SJason Gunthorpe if (rc != TPM_WARN_RETRY) 9619deb0eb7SJason Gunthorpe break; 9629deb0eb7SJason Gunthorpe msleep(TPM_TIMEOUT_RETRY); 9639deb0eb7SJason Gunthorpe } 9649deb0eb7SJason Gunthorpe 9659deb0eb7SJason Gunthorpe if (rc) 96671ed848fSJarkko Sakkinen dev_err(chip->pdev, 9679deb0eb7SJason Gunthorpe "Error (%d) sending savestate before suspend\n", rc); 9689deb0eb7SJason Gunthorpe else if (try > 0) 96971ed848fSJarkko Sakkinen dev_warn(chip->pdev, "TPM savestate took %dms\n", 9709deb0eb7SJason Gunthorpe try * TPM_TIMEOUT_RETRY); 9719deb0eb7SJason Gunthorpe 9729deb0eb7SJason Gunthorpe return rc; 9739deb0eb7SJason Gunthorpe } 9749deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_pm_suspend); 9759deb0eb7SJason Gunthorpe 9769deb0eb7SJason Gunthorpe /* 9779deb0eb7SJason Gunthorpe * Resume from a power safe. The BIOS already restored 9789deb0eb7SJason Gunthorpe * the TPM state. 9799deb0eb7SJason Gunthorpe */ 9809deb0eb7SJason Gunthorpe int tpm_pm_resume(struct device *dev) 9819deb0eb7SJason Gunthorpe { 9829deb0eb7SJason Gunthorpe struct tpm_chip *chip = dev_get_drvdata(dev); 9839deb0eb7SJason Gunthorpe 9849deb0eb7SJason Gunthorpe if (chip == NULL) 9859deb0eb7SJason Gunthorpe return -ENODEV; 9869deb0eb7SJason Gunthorpe 9879deb0eb7SJason Gunthorpe return 0; 9889deb0eb7SJason Gunthorpe } 9899deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_pm_resume); 9909deb0eb7SJason Gunthorpe 9919deb0eb7SJason Gunthorpe #define TPM_GETRANDOM_RESULT_SIZE 18 9929deb0eb7SJason Gunthorpe static struct tpm_input_header tpm_getrandom_header = { 9939deb0eb7SJason Gunthorpe .tag = TPM_TAG_RQU_COMMAND, 9949deb0eb7SJason Gunthorpe .length = cpu_to_be32(14), 9959deb0eb7SJason Gunthorpe .ordinal = TPM_ORD_GET_RANDOM 9969deb0eb7SJason Gunthorpe }; 9979deb0eb7SJason Gunthorpe 9989deb0eb7SJason Gunthorpe /** 9999deb0eb7SJason Gunthorpe * tpm_get_random() - Get random bytes from the tpm's RNG 10009deb0eb7SJason Gunthorpe * @chip_num: A specific chip number for the request or TPM_ANY_NUM 10019deb0eb7SJason Gunthorpe * @out: destination buffer for the random bytes 10029deb0eb7SJason Gunthorpe * @max: the max number of bytes to write to @out 10039deb0eb7SJason Gunthorpe * 10049deb0eb7SJason Gunthorpe * Returns < 0 on error and the number of bytes read on success 10059deb0eb7SJason Gunthorpe */ 10069deb0eb7SJason Gunthorpe int tpm_get_random(u32 chip_num, u8 *out, size_t max) 10079deb0eb7SJason Gunthorpe { 10089deb0eb7SJason Gunthorpe struct tpm_chip *chip; 10099deb0eb7SJason Gunthorpe struct tpm_cmd_t tpm_cmd; 10109deb0eb7SJason Gunthorpe u32 recd, num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA); 10119deb0eb7SJason Gunthorpe int err, total = 0, retries = 5; 10129deb0eb7SJason Gunthorpe u8 *dest = out; 10139deb0eb7SJason Gunthorpe 10143e14d83eSJarkko Sakkinen if (!out || !num_bytes || max > TPM_MAX_RNG_DATA) 10153e14d83eSJarkko Sakkinen return -EINVAL; 10163e14d83eSJarkko Sakkinen 10179deb0eb7SJason Gunthorpe chip = tpm_chip_find_get(chip_num); 10189deb0eb7SJason Gunthorpe if (chip == NULL) 10199deb0eb7SJason Gunthorpe return -ENODEV; 10209deb0eb7SJason Gunthorpe 10217a1d7e6dSJarkko Sakkinen if (chip->flags & TPM_CHIP_FLAG_TPM2) { 10227a1d7e6dSJarkko Sakkinen err = tpm2_get_random(chip, out, max); 10237a1d7e6dSJarkko Sakkinen tpm_chip_put(chip); 10247a1d7e6dSJarkko Sakkinen return err; 10257a1d7e6dSJarkko Sakkinen } 10267a1d7e6dSJarkko Sakkinen 10279deb0eb7SJason Gunthorpe do { 10289deb0eb7SJason Gunthorpe tpm_cmd.header.in = tpm_getrandom_header; 10299deb0eb7SJason Gunthorpe tpm_cmd.params.getrandom_in.num_bytes = cpu_to_be32(num_bytes); 10309deb0eb7SJason Gunthorpe 103187155b73SJarkko Sakkinen err = tpm_transmit_cmd(chip, &tpm_cmd, 10329deb0eb7SJason Gunthorpe TPM_GETRANDOM_RESULT_SIZE + num_bytes, 10339deb0eb7SJason Gunthorpe "attempting get random"); 10349deb0eb7SJason Gunthorpe if (err) 10359deb0eb7SJason Gunthorpe break; 10369deb0eb7SJason Gunthorpe 10379deb0eb7SJason Gunthorpe recd = be32_to_cpu(tpm_cmd.params.getrandom_out.rng_data_len); 10389deb0eb7SJason Gunthorpe memcpy(dest, tpm_cmd.params.getrandom_out.rng_data, recd); 10399deb0eb7SJason Gunthorpe 10409deb0eb7SJason Gunthorpe dest += recd; 10419deb0eb7SJason Gunthorpe total += recd; 10429deb0eb7SJason Gunthorpe num_bytes -= recd; 10439deb0eb7SJason Gunthorpe } while (retries-- && total < max); 10449deb0eb7SJason Gunthorpe 10453e14d83eSJarkko Sakkinen tpm_chip_put(chip); 10469deb0eb7SJason Gunthorpe return total ? total : -EIO; 10479deb0eb7SJason Gunthorpe } 10489deb0eb7SJason Gunthorpe EXPORT_SYMBOL_GPL(tpm_get_random); 10499deb0eb7SJason Gunthorpe 1050954650efSJarkko Sakkinen /** 1051954650efSJarkko Sakkinen * tpm_seal_trusted() - seal a trusted key 1052954650efSJarkko Sakkinen * @chip_num: A specific chip number for the request or TPM_ANY_NUM 1053954650efSJarkko Sakkinen * @options: authentication values and other options 1054954650efSJarkko Sakkinen * @payload: the key data in clear and encrypted form 1055954650efSJarkko Sakkinen * 1056954650efSJarkko Sakkinen * Returns < 0 on error and 0 on success. At the moment, only TPM 2.0 chips 1057954650efSJarkko Sakkinen * are supported. 1058954650efSJarkko Sakkinen */ 1059954650efSJarkko Sakkinen int tpm_seal_trusted(u32 chip_num, struct trusted_key_payload *payload, 1060954650efSJarkko Sakkinen struct trusted_key_options *options) 1061954650efSJarkko Sakkinen { 1062954650efSJarkko Sakkinen struct tpm_chip *chip; 1063954650efSJarkko Sakkinen int rc; 1064954650efSJarkko Sakkinen 1065954650efSJarkko Sakkinen chip = tpm_chip_find_get(chip_num); 1066954650efSJarkko Sakkinen if (chip == NULL || !(chip->flags & TPM_CHIP_FLAG_TPM2)) 1067954650efSJarkko Sakkinen return -ENODEV; 1068954650efSJarkko Sakkinen 1069954650efSJarkko Sakkinen rc = tpm2_seal_trusted(chip, payload, options); 1070954650efSJarkko Sakkinen 1071954650efSJarkko Sakkinen tpm_chip_put(chip); 1072954650efSJarkko Sakkinen return rc; 1073954650efSJarkko Sakkinen } 1074954650efSJarkko Sakkinen EXPORT_SYMBOL_GPL(tpm_seal_trusted); 1075954650efSJarkko Sakkinen 1076954650efSJarkko Sakkinen /** 1077954650efSJarkko Sakkinen * tpm_unseal_trusted() - unseal a trusted key 1078954650efSJarkko Sakkinen * @chip_num: A specific chip number for the request or TPM_ANY_NUM 1079954650efSJarkko Sakkinen * @options: authentication values and other options 1080954650efSJarkko Sakkinen * @payload: the key data in clear and encrypted form 1081954650efSJarkko Sakkinen * 1082954650efSJarkko Sakkinen * Returns < 0 on error and 0 on success. At the moment, only TPM 2.0 chips 1083954650efSJarkko Sakkinen * are supported. 1084954650efSJarkko Sakkinen */ 1085954650efSJarkko Sakkinen int tpm_unseal_trusted(u32 chip_num, struct trusted_key_payload *payload, 1086954650efSJarkko Sakkinen struct trusted_key_options *options) 1087954650efSJarkko Sakkinen { 1088954650efSJarkko Sakkinen struct tpm_chip *chip; 1089954650efSJarkko Sakkinen int rc; 1090954650efSJarkko Sakkinen 1091954650efSJarkko Sakkinen chip = tpm_chip_find_get(chip_num); 1092954650efSJarkko Sakkinen if (chip == NULL || !(chip->flags & TPM_CHIP_FLAG_TPM2)) 1093954650efSJarkko Sakkinen return -ENODEV; 1094954650efSJarkko Sakkinen 1095954650efSJarkko Sakkinen rc = tpm2_unseal_trusted(chip, payload, options); 1096954650efSJarkko Sakkinen 1097954650efSJarkko Sakkinen tpm_chip_put(chip); 1098954650efSJarkko Sakkinen return rc; 1099954650efSJarkko Sakkinen } 1100954650efSJarkko Sakkinen EXPORT_SYMBOL_GPL(tpm_unseal_trusted); 1101954650efSJarkko Sakkinen 1102313d21eeSJarkko Sakkinen static int __init tpm_init(void) 1103313d21eeSJarkko Sakkinen { 1104313d21eeSJarkko Sakkinen int rc; 1105313d21eeSJarkko Sakkinen 1106313d21eeSJarkko Sakkinen tpm_class = class_create(THIS_MODULE, "tpm"); 1107313d21eeSJarkko Sakkinen if (IS_ERR(tpm_class)) { 1108313d21eeSJarkko Sakkinen pr_err("couldn't create tpm class\n"); 1109313d21eeSJarkko Sakkinen return PTR_ERR(tpm_class); 1110313d21eeSJarkko Sakkinen } 1111313d21eeSJarkko Sakkinen 1112313d21eeSJarkko Sakkinen rc = alloc_chrdev_region(&tpm_devt, 0, TPM_NUM_DEVICES, "tpm"); 1113313d21eeSJarkko Sakkinen if (rc < 0) { 1114313d21eeSJarkko Sakkinen pr_err("tpm: failed to allocate char dev region\n"); 1115313d21eeSJarkko Sakkinen class_destroy(tpm_class); 1116313d21eeSJarkko Sakkinen return rc; 1117313d21eeSJarkko Sakkinen } 1118313d21eeSJarkko Sakkinen 1119313d21eeSJarkko Sakkinen return 0; 1120313d21eeSJarkko Sakkinen } 1121313d21eeSJarkko Sakkinen 1122313d21eeSJarkko Sakkinen static void __exit tpm_exit(void) 1123313d21eeSJarkko Sakkinen { 1124313d21eeSJarkko Sakkinen class_destroy(tpm_class); 1125313d21eeSJarkko Sakkinen unregister_chrdev_region(tpm_devt, TPM_NUM_DEVICES); 1126313d21eeSJarkko Sakkinen } 1127313d21eeSJarkko Sakkinen 1128313d21eeSJarkko Sakkinen subsys_initcall(tpm_init); 1129313d21eeSJarkko Sakkinen module_exit(tpm_exit); 1130313d21eeSJarkko Sakkinen 11319deb0eb7SJason Gunthorpe MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)"); 11329deb0eb7SJason Gunthorpe MODULE_DESCRIPTION("TPM Driver"); 11339deb0eb7SJason Gunthorpe MODULE_VERSION("2.0"); 11349deb0eb7SJason Gunthorpe MODULE_LICENSE("GPL"); 1135