1 /* 2 * Copyright (C) 2004 IBM Corporation 3 * Copyright (C) 2014 Intel Corporation 4 * 5 * Authors: 6 * Leendert van Doorn <leendert@watson.ibm.com> 7 * Dave Safford <safford@watson.ibm.com> 8 * Reiner Sailer <sailer@watson.ibm.com> 9 * Kylene Hall <kjhall@us.ibm.com> 10 * 11 * Maintained by: <tpmdd-devel@lists.sourceforge.net> 12 * 13 * Device driver for TCG/TCPA TPM (trusted platform module). 14 * Specifications at www.trustedcomputinggroup.org 15 * 16 * This program is free software; you can redistribute it and/or 17 * modify it under the terms of the GNU General Public License as 18 * published by the Free Software Foundation, version 2 of the 19 * License. 20 * 21 * Note, the TPM chip is not interrupt driven (only polling) 22 * and can have very long timeouts (minutes!). Hence the unusual 23 * calls to msleep. 24 * 25 */ 26 27 #include <linux/poll.h> 28 #include <linux/slab.h> 29 #include <linux/mutex.h> 30 #include <linux/spinlock.h> 31 #include <linux/freezer.h> 32 #include <linux/pm_runtime.h> 33 34 #include "tpm.h" 35 #include "tpm_eventlog.h" 36 37 #define TPM_MAX_ORDINAL 243 38 #define TSC_MAX_ORDINAL 12 39 #define TPM_PROTECTED_COMMAND 0x00 40 #define TPM_CONNECTION_COMMAND 0x40 41 42 /* 43 * Bug workaround - some TPM's don't flush the most 44 * recently changed pcr on suspend, so force the flush 45 * with an extend to the selected _unused_ non-volatile pcr. 46 */ 47 static int tpm_suspend_pcr; 48 module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644); 49 MODULE_PARM_DESC(suspend_pcr, 50 "PCR to use for dummy writes to facilitate flush on suspend."); 51 52 /* 53 * Array with one entry per ordinal defining the maximum amount 54 * of time the chip could take to return the result. The ordinal 55 * designation of short, medium or long is defined in a table in 56 * TCG Specification TPM Main Part 2 TPM Structures Section 17. The 57 * values of the SHORT, MEDIUM, and LONG durations are retrieved 58 * from the chip during initialization with a call to tpm_get_timeouts. 59 */ 60 static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = { 61 TPM_UNDEFINED, /* 0 */ 62 TPM_UNDEFINED, 63 TPM_UNDEFINED, 64 TPM_UNDEFINED, 65 TPM_UNDEFINED, 66 TPM_UNDEFINED, /* 5 */ 67 TPM_UNDEFINED, 68 TPM_UNDEFINED, 69 TPM_UNDEFINED, 70 TPM_UNDEFINED, 71 TPM_SHORT, /* 10 */ 72 TPM_SHORT, 73 TPM_MEDIUM, 74 TPM_LONG, 75 TPM_LONG, 76 TPM_MEDIUM, /* 15 */ 77 TPM_SHORT, 78 TPM_SHORT, 79 TPM_MEDIUM, 80 TPM_LONG, 81 TPM_SHORT, /* 20 */ 82 TPM_SHORT, 83 TPM_MEDIUM, 84 TPM_MEDIUM, 85 TPM_MEDIUM, 86 TPM_SHORT, /* 25 */ 87 TPM_SHORT, 88 TPM_MEDIUM, 89 TPM_SHORT, 90 TPM_SHORT, 91 TPM_MEDIUM, /* 30 */ 92 TPM_LONG, 93 TPM_MEDIUM, 94 TPM_SHORT, 95 TPM_SHORT, 96 TPM_SHORT, /* 35 */ 97 TPM_MEDIUM, 98 TPM_MEDIUM, 99 TPM_UNDEFINED, 100 TPM_UNDEFINED, 101 TPM_MEDIUM, /* 40 */ 102 TPM_LONG, 103 TPM_MEDIUM, 104 TPM_SHORT, 105 TPM_SHORT, 106 TPM_SHORT, /* 45 */ 107 TPM_SHORT, 108 TPM_SHORT, 109 TPM_SHORT, 110 TPM_LONG, 111 TPM_MEDIUM, /* 50 */ 112 TPM_MEDIUM, 113 TPM_UNDEFINED, 114 TPM_UNDEFINED, 115 TPM_UNDEFINED, 116 TPM_UNDEFINED, /* 55 */ 117 TPM_UNDEFINED, 118 TPM_UNDEFINED, 119 TPM_UNDEFINED, 120 TPM_UNDEFINED, 121 TPM_MEDIUM, /* 60 */ 122 TPM_MEDIUM, 123 TPM_MEDIUM, 124 TPM_SHORT, 125 TPM_SHORT, 126 TPM_MEDIUM, /* 65 */ 127 TPM_UNDEFINED, 128 TPM_UNDEFINED, 129 TPM_UNDEFINED, 130 TPM_UNDEFINED, 131 TPM_SHORT, /* 70 */ 132 TPM_SHORT, 133 TPM_UNDEFINED, 134 TPM_UNDEFINED, 135 TPM_UNDEFINED, 136 TPM_UNDEFINED, /* 75 */ 137 TPM_UNDEFINED, 138 TPM_UNDEFINED, 139 TPM_UNDEFINED, 140 TPM_UNDEFINED, 141 TPM_LONG, /* 80 */ 142 TPM_UNDEFINED, 143 TPM_MEDIUM, 144 TPM_LONG, 145 TPM_SHORT, 146 TPM_UNDEFINED, /* 85 */ 147 TPM_UNDEFINED, 148 TPM_UNDEFINED, 149 TPM_UNDEFINED, 150 TPM_UNDEFINED, 151 TPM_SHORT, /* 90 */ 152 TPM_SHORT, 153 TPM_SHORT, 154 TPM_SHORT, 155 TPM_SHORT, 156 TPM_UNDEFINED, /* 95 */ 157 TPM_UNDEFINED, 158 TPM_UNDEFINED, 159 TPM_UNDEFINED, 160 TPM_UNDEFINED, 161 TPM_MEDIUM, /* 100 */ 162 TPM_SHORT, 163 TPM_SHORT, 164 TPM_UNDEFINED, 165 TPM_UNDEFINED, 166 TPM_UNDEFINED, /* 105 */ 167 TPM_UNDEFINED, 168 TPM_UNDEFINED, 169 TPM_UNDEFINED, 170 TPM_UNDEFINED, 171 TPM_SHORT, /* 110 */ 172 TPM_SHORT, 173 TPM_SHORT, 174 TPM_SHORT, 175 TPM_SHORT, 176 TPM_SHORT, /* 115 */ 177 TPM_SHORT, 178 TPM_SHORT, 179 TPM_UNDEFINED, 180 TPM_UNDEFINED, 181 TPM_LONG, /* 120 */ 182 TPM_LONG, 183 TPM_MEDIUM, 184 TPM_UNDEFINED, 185 TPM_SHORT, 186 TPM_SHORT, /* 125 */ 187 TPM_SHORT, 188 TPM_LONG, 189 TPM_SHORT, 190 TPM_SHORT, 191 TPM_SHORT, /* 130 */ 192 TPM_MEDIUM, 193 TPM_UNDEFINED, 194 TPM_SHORT, 195 TPM_MEDIUM, 196 TPM_UNDEFINED, /* 135 */ 197 TPM_UNDEFINED, 198 TPM_UNDEFINED, 199 TPM_UNDEFINED, 200 TPM_UNDEFINED, 201 TPM_SHORT, /* 140 */ 202 TPM_SHORT, 203 TPM_UNDEFINED, 204 TPM_UNDEFINED, 205 TPM_UNDEFINED, 206 TPM_UNDEFINED, /* 145 */ 207 TPM_UNDEFINED, 208 TPM_UNDEFINED, 209 TPM_UNDEFINED, 210 TPM_UNDEFINED, 211 TPM_SHORT, /* 150 */ 212 TPM_MEDIUM, 213 TPM_MEDIUM, 214 TPM_SHORT, 215 TPM_SHORT, 216 TPM_UNDEFINED, /* 155 */ 217 TPM_UNDEFINED, 218 TPM_UNDEFINED, 219 TPM_UNDEFINED, 220 TPM_UNDEFINED, 221 TPM_SHORT, /* 160 */ 222 TPM_SHORT, 223 TPM_SHORT, 224 TPM_SHORT, 225 TPM_UNDEFINED, 226 TPM_UNDEFINED, /* 165 */ 227 TPM_UNDEFINED, 228 TPM_UNDEFINED, 229 TPM_UNDEFINED, 230 TPM_UNDEFINED, 231 TPM_LONG, /* 170 */ 232 TPM_UNDEFINED, 233 TPM_UNDEFINED, 234 TPM_UNDEFINED, 235 TPM_UNDEFINED, 236 TPM_UNDEFINED, /* 175 */ 237 TPM_UNDEFINED, 238 TPM_UNDEFINED, 239 TPM_UNDEFINED, 240 TPM_UNDEFINED, 241 TPM_MEDIUM, /* 180 */ 242 TPM_SHORT, 243 TPM_MEDIUM, 244 TPM_MEDIUM, 245 TPM_MEDIUM, 246 TPM_MEDIUM, /* 185 */ 247 TPM_SHORT, 248 TPM_UNDEFINED, 249 TPM_UNDEFINED, 250 TPM_UNDEFINED, 251 TPM_UNDEFINED, /* 190 */ 252 TPM_UNDEFINED, 253 TPM_UNDEFINED, 254 TPM_UNDEFINED, 255 TPM_UNDEFINED, 256 TPM_UNDEFINED, /* 195 */ 257 TPM_UNDEFINED, 258 TPM_UNDEFINED, 259 TPM_UNDEFINED, 260 TPM_UNDEFINED, 261 TPM_SHORT, /* 200 */ 262 TPM_UNDEFINED, 263 TPM_UNDEFINED, 264 TPM_UNDEFINED, 265 TPM_SHORT, 266 TPM_SHORT, /* 205 */ 267 TPM_SHORT, 268 TPM_SHORT, 269 TPM_SHORT, 270 TPM_SHORT, 271 TPM_MEDIUM, /* 210 */ 272 TPM_UNDEFINED, 273 TPM_MEDIUM, 274 TPM_MEDIUM, 275 TPM_MEDIUM, 276 TPM_UNDEFINED, /* 215 */ 277 TPM_MEDIUM, 278 TPM_UNDEFINED, 279 TPM_UNDEFINED, 280 TPM_SHORT, 281 TPM_SHORT, /* 220 */ 282 TPM_SHORT, 283 TPM_SHORT, 284 TPM_SHORT, 285 TPM_SHORT, 286 TPM_UNDEFINED, /* 225 */ 287 TPM_UNDEFINED, 288 TPM_UNDEFINED, 289 TPM_UNDEFINED, 290 TPM_UNDEFINED, 291 TPM_SHORT, /* 230 */ 292 TPM_LONG, 293 TPM_MEDIUM, 294 TPM_UNDEFINED, 295 TPM_UNDEFINED, 296 TPM_UNDEFINED, /* 235 */ 297 TPM_UNDEFINED, 298 TPM_UNDEFINED, 299 TPM_UNDEFINED, 300 TPM_UNDEFINED, 301 TPM_SHORT, /* 240 */ 302 TPM_UNDEFINED, 303 TPM_MEDIUM, 304 }; 305 306 /* 307 * Returns max number of jiffies to wait 308 */ 309 unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, 310 u32 ordinal) 311 { 312 int duration_idx = TPM_UNDEFINED; 313 int duration = 0; 314 315 /* 316 * We only have a duration table for protected commands, where the upper 317 * 16 bits are 0. For the few other ordinals the fallback will be used. 318 */ 319 if (ordinal < TPM_MAX_ORDINAL) 320 duration_idx = tpm_ordinal_duration[ordinal]; 321 322 if (duration_idx != TPM_UNDEFINED) 323 duration = chip->duration[duration_idx]; 324 if (duration <= 0) 325 return 2 * 60 * HZ; 326 else 327 return duration; 328 } 329 EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration); 330 331 static bool tpm_validate_command(struct tpm_chip *chip, 332 struct tpm_space *space, 333 const u8 *cmd, 334 size_t len) 335 { 336 const struct tpm_input_header *header = (const void *)cmd; 337 int i; 338 u32 cc; 339 u32 attrs; 340 unsigned int nr_handles; 341 342 if (len < TPM_HEADER_SIZE) 343 return false; 344 345 if (!space) 346 return true; 347 348 if (chip->flags & TPM_CHIP_FLAG_TPM2 && chip->nr_commands) { 349 cc = be32_to_cpu(header->ordinal); 350 351 i = tpm2_find_cc(chip, cc); 352 if (i < 0) { 353 dev_dbg(&chip->dev, "0x%04X is an invalid command\n", 354 cc); 355 return false; 356 } 357 358 attrs = chip->cc_attrs_tbl[i]; 359 nr_handles = 360 4 * ((attrs >> TPM2_CC_ATTR_CHANDLES) & GENMASK(2, 0)); 361 if (len < TPM_HEADER_SIZE + 4 * nr_handles) 362 goto err_len; 363 } 364 365 return true; 366 err_len: 367 dev_dbg(&chip->dev, 368 "%s: insufficient command length %zu", __func__, len); 369 return false; 370 } 371 372 /** 373 * tmp_transmit - Internal kernel interface to transmit TPM commands. 374 * 375 * @chip: TPM chip to use 376 * @buf: TPM command buffer 377 * @bufsiz: length of the TPM command buffer 378 * @flags: tpm transmit flags - bitmap 379 * 380 * Return: 381 * 0 when the operation is successful. 382 * A negative number for system errors (errno). 383 */ 384 ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space, 385 u8 *buf, size_t bufsiz, unsigned int flags) 386 { 387 struct tpm_output_header *header = (void *)buf; 388 int rc; 389 ssize_t len = 0; 390 u32 count, ordinal; 391 unsigned long stop; 392 393 if (!tpm_validate_command(chip, space, buf, bufsiz)) 394 return -EINVAL; 395 396 if (bufsiz > TPM_BUFSIZE) 397 bufsiz = TPM_BUFSIZE; 398 399 count = be32_to_cpu(*((__be32 *) (buf + 2))); 400 ordinal = be32_to_cpu(*((__be32 *) (buf + 6))); 401 if (count == 0) 402 return -ENODATA; 403 if (count > bufsiz) { 404 dev_err(&chip->dev, 405 "invalid count value %x %zx\n", count, bufsiz); 406 return -E2BIG; 407 } 408 409 if (!(flags & TPM_TRANSMIT_UNLOCKED)) 410 mutex_lock(&chip->tpm_mutex); 411 412 if (chip->dev.parent) 413 pm_runtime_get_sync(chip->dev.parent); 414 415 rc = tpm2_prepare_space(chip, space, ordinal, buf); 416 if (rc) 417 goto out; 418 419 rc = chip->ops->send(chip, (u8 *) buf, count); 420 if (rc < 0) { 421 dev_err(&chip->dev, 422 "tpm_transmit: tpm_send: error %d\n", rc); 423 goto out; 424 } 425 426 if (chip->flags & TPM_CHIP_FLAG_IRQ) 427 goto out_recv; 428 429 if (chip->flags & TPM_CHIP_FLAG_TPM2) 430 stop = jiffies + tpm2_calc_ordinal_duration(chip, ordinal); 431 else 432 stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal); 433 do { 434 u8 status = chip->ops->status(chip); 435 if ((status & chip->ops->req_complete_mask) == 436 chip->ops->req_complete_val) 437 goto out_recv; 438 439 if (chip->ops->req_canceled(chip, status)) { 440 dev_err(&chip->dev, "Operation Canceled\n"); 441 rc = -ECANCELED; 442 goto out; 443 } 444 445 msleep(TPM_TIMEOUT); /* CHECK */ 446 rmb(); 447 } while (time_before(jiffies, stop)); 448 449 chip->ops->cancel(chip); 450 dev_err(&chip->dev, "Operation Timed out\n"); 451 rc = -ETIME; 452 goto out; 453 454 out_recv: 455 len = chip->ops->recv(chip, (u8 *) buf, bufsiz); 456 if (len < 0) { 457 rc = len; 458 dev_err(&chip->dev, 459 "tpm_transmit: tpm_recv: error %d\n", rc); 460 goto out; 461 } else if (len < TPM_HEADER_SIZE) { 462 rc = -EFAULT; 463 goto out; 464 } 465 466 if (len != be32_to_cpu(header->length)) { 467 rc = -EFAULT; 468 goto out; 469 } 470 471 rc = tpm2_commit_space(chip, space, ordinal, buf, &len); 472 473 out: 474 if (chip->dev.parent) 475 pm_runtime_put_sync(chip->dev.parent); 476 477 if (!(flags & TPM_TRANSMIT_UNLOCKED)) 478 mutex_unlock(&chip->tpm_mutex); 479 return rc ? rc : len; 480 } 481 482 /** 483 * tmp_transmit_cmd - send a tpm command to the device 484 * The function extracts tpm out header return code 485 * 486 * @chip: TPM chip to use 487 * @buf: TPM command buffer 488 * @bufsiz: length of the buffer 489 * @min_rsp_body_length: minimum expected length of response body 490 * @flags: tpm transmit flags - bitmap 491 * @desc: command description used in the error message 492 * 493 * Return: 494 * 0 when the operation is successful. 495 * A negative number for system errors (errno). 496 * A positive number for a TPM error. 497 */ 498 ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space, 499 const void *buf, size_t bufsiz, 500 size_t min_rsp_body_length, unsigned int flags, 501 const char *desc) 502 { 503 const struct tpm_output_header *header = buf; 504 int err; 505 ssize_t len; 506 507 len = tpm_transmit(chip, space, (u8 *)buf, bufsiz, flags); 508 if (len < 0) 509 return len; 510 511 err = be32_to_cpu(header->return_code); 512 if (err != 0 && desc) 513 dev_err(&chip->dev, "A TPM error (%d) occurred %s\n", err, 514 desc); 515 if (err) 516 return err; 517 518 if (len < min_rsp_body_length + TPM_HEADER_SIZE) 519 return -EFAULT; 520 521 return 0; 522 } 523 524 #define TPM_DIGEST_SIZE 20 525 #define TPM_RET_CODE_IDX 6 526 #define TPM_INTERNAL_RESULT_SIZE 200 527 #define TPM_ORD_GET_CAP cpu_to_be32(101) 528 #define TPM_ORD_GET_RANDOM cpu_to_be32(70) 529 530 static const struct tpm_input_header tpm_getcap_header = { 531 .tag = TPM_TAG_RQU_COMMAND, 532 .length = cpu_to_be32(22), 533 .ordinal = TPM_ORD_GET_CAP 534 }; 535 536 ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap, 537 const char *desc, size_t min_cap_length) 538 { 539 struct tpm_cmd_t tpm_cmd; 540 int rc; 541 542 tpm_cmd.header.in = tpm_getcap_header; 543 if (subcap_id == TPM_CAP_VERSION_1_1 || 544 subcap_id == TPM_CAP_VERSION_1_2) { 545 tpm_cmd.params.getcap_in.cap = cpu_to_be32(subcap_id); 546 /*subcap field not necessary */ 547 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(0); 548 tpm_cmd.header.in.length -= cpu_to_be32(sizeof(__be32)); 549 } else { 550 if (subcap_id == TPM_CAP_FLAG_PERM || 551 subcap_id == TPM_CAP_FLAG_VOL) 552 tpm_cmd.params.getcap_in.cap = 553 cpu_to_be32(TPM_CAP_FLAG); 554 else 555 tpm_cmd.params.getcap_in.cap = 556 cpu_to_be32(TPM_CAP_PROP); 557 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4); 558 tpm_cmd.params.getcap_in.subcap = cpu_to_be32(subcap_id); 559 } 560 rc = tpm_transmit_cmd(chip, NULL, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, 561 min_cap_length, 0, desc); 562 if (!rc) 563 *cap = tpm_cmd.params.getcap_out.cap; 564 return rc; 565 } 566 EXPORT_SYMBOL_GPL(tpm_getcap); 567 568 #define TPM_ORD_STARTUP cpu_to_be32(153) 569 #define TPM_ST_CLEAR cpu_to_be16(1) 570 #define TPM_ST_STATE cpu_to_be16(2) 571 #define TPM_ST_DEACTIVATED cpu_to_be16(3) 572 static const struct tpm_input_header tpm_startup_header = { 573 .tag = TPM_TAG_RQU_COMMAND, 574 .length = cpu_to_be32(12), 575 .ordinal = TPM_ORD_STARTUP 576 }; 577 578 static int tpm_startup(struct tpm_chip *chip, __be16 startup_type) 579 { 580 struct tpm_cmd_t start_cmd; 581 start_cmd.header.in = tpm_startup_header; 582 583 start_cmd.params.startup_in.startup_type = startup_type; 584 return tpm_transmit_cmd(chip, NULL, &start_cmd, 585 TPM_INTERNAL_RESULT_SIZE, 0, 586 0, "attempting to start the TPM"); 587 } 588 589 int tpm_get_timeouts(struct tpm_chip *chip) 590 { 591 cap_t cap; 592 unsigned long timeout_old[4], timeout_chip[4], timeout_eff[4]; 593 ssize_t rc; 594 595 if (chip->flags & TPM_CHIP_FLAG_HAVE_TIMEOUTS) 596 return 0; 597 598 if (chip->flags & TPM_CHIP_FLAG_TPM2) { 599 /* Fixed timeouts for TPM2 */ 600 chip->timeout_a = msecs_to_jiffies(TPM2_TIMEOUT_A); 601 chip->timeout_b = msecs_to_jiffies(TPM2_TIMEOUT_B); 602 chip->timeout_c = msecs_to_jiffies(TPM2_TIMEOUT_C); 603 chip->timeout_d = msecs_to_jiffies(TPM2_TIMEOUT_D); 604 chip->duration[TPM_SHORT] = 605 msecs_to_jiffies(TPM2_DURATION_SHORT); 606 chip->duration[TPM_MEDIUM] = 607 msecs_to_jiffies(TPM2_DURATION_MEDIUM); 608 chip->duration[TPM_LONG] = 609 msecs_to_jiffies(TPM2_DURATION_LONG); 610 611 chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS; 612 return 0; 613 } 614 615 rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL, 616 sizeof(cap.timeout)); 617 if (rc == TPM_ERR_INVALID_POSTINIT) { 618 /* The TPM is not started, we are the first to talk to it. 619 Execute a startup command. */ 620 dev_info(&chip->dev, "Issuing TPM_STARTUP\n"); 621 if (tpm_startup(chip, TPM_ST_CLEAR)) 622 return rc; 623 624 rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, 625 "attempting to determine the timeouts", 626 sizeof(cap.timeout)); 627 } 628 629 if (rc) { 630 dev_err(&chip->dev, 631 "A TPM error (%zd) occurred attempting to determine the timeouts\n", 632 rc); 633 return rc; 634 } 635 636 timeout_old[0] = jiffies_to_usecs(chip->timeout_a); 637 timeout_old[1] = jiffies_to_usecs(chip->timeout_b); 638 timeout_old[2] = jiffies_to_usecs(chip->timeout_c); 639 timeout_old[3] = jiffies_to_usecs(chip->timeout_d); 640 timeout_chip[0] = be32_to_cpu(cap.timeout.a); 641 timeout_chip[1] = be32_to_cpu(cap.timeout.b); 642 timeout_chip[2] = be32_to_cpu(cap.timeout.c); 643 timeout_chip[3] = be32_to_cpu(cap.timeout.d); 644 memcpy(timeout_eff, timeout_chip, sizeof(timeout_eff)); 645 646 /* 647 * Provide ability for vendor overrides of timeout values in case 648 * of misreporting. 649 */ 650 if (chip->ops->update_timeouts != NULL) 651 chip->timeout_adjusted = 652 chip->ops->update_timeouts(chip, timeout_eff); 653 654 if (!chip->timeout_adjusted) { 655 /* Restore default if chip reported 0 */ 656 int i; 657 658 for (i = 0; i < ARRAY_SIZE(timeout_eff); i++) { 659 if (timeout_eff[i]) 660 continue; 661 662 timeout_eff[i] = timeout_old[i]; 663 chip->timeout_adjusted = true; 664 } 665 666 if (timeout_eff[0] != 0 && timeout_eff[0] < 1000) { 667 /* timeouts in msec rather usec */ 668 for (i = 0; i != ARRAY_SIZE(timeout_eff); i++) 669 timeout_eff[i] *= 1000; 670 chip->timeout_adjusted = true; 671 } 672 } 673 674 /* Report adjusted timeouts */ 675 if (chip->timeout_adjusted) { 676 dev_info(&chip->dev, 677 HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n", 678 timeout_chip[0], timeout_eff[0], 679 timeout_chip[1], timeout_eff[1], 680 timeout_chip[2], timeout_eff[2], 681 timeout_chip[3], timeout_eff[3]); 682 } 683 684 chip->timeout_a = usecs_to_jiffies(timeout_eff[0]); 685 chip->timeout_b = usecs_to_jiffies(timeout_eff[1]); 686 chip->timeout_c = usecs_to_jiffies(timeout_eff[2]); 687 chip->timeout_d = usecs_to_jiffies(timeout_eff[3]); 688 689 rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_DURATION, &cap, 690 "attempting to determine the durations", 691 sizeof(cap.duration)); 692 if (rc) 693 return rc; 694 695 chip->duration[TPM_SHORT] = 696 usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_short)); 697 chip->duration[TPM_MEDIUM] = 698 usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_medium)); 699 chip->duration[TPM_LONG] = 700 usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_long)); 701 702 /* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above 703 * value wrong and apparently reports msecs rather than usecs. So we 704 * fix up the resulting too-small TPM_SHORT value to make things work. 705 * We also scale the TPM_MEDIUM and -_LONG values by 1000. 706 */ 707 if (chip->duration[TPM_SHORT] < (HZ / 100)) { 708 chip->duration[TPM_SHORT] = HZ; 709 chip->duration[TPM_MEDIUM] *= 1000; 710 chip->duration[TPM_LONG] *= 1000; 711 chip->duration_adjusted = true; 712 dev_info(&chip->dev, "Adjusting TPM timeout parameters."); 713 } 714 715 chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS; 716 return 0; 717 } 718 EXPORT_SYMBOL_GPL(tpm_get_timeouts); 719 720 #define TPM_ORD_CONTINUE_SELFTEST 83 721 #define CONTINUE_SELFTEST_RESULT_SIZE 10 722 723 static const struct tpm_input_header continue_selftest_header = { 724 .tag = TPM_TAG_RQU_COMMAND, 725 .length = cpu_to_be32(10), 726 .ordinal = cpu_to_be32(TPM_ORD_CONTINUE_SELFTEST), 727 }; 728 729 /** 730 * tpm_continue_selftest -- run TPM's selftest 731 * @chip: TPM chip to use 732 * 733 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing 734 * a TPM error code. 735 */ 736 static int tpm_continue_selftest(struct tpm_chip *chip) 737 { 738 int rc; 739 struct tpm_cmd_t cmd; 740 741 cmd.header.in = continue_selftest_header; 742 rc = tpm_transmit_cmd(chip, NULL, &cmd, CONTINUE_SELFTEST_RESULT_SIZE, 743 0, 0, "continue selftest"); 744 return rc; 745 } 746 747 #define TPM_ORDINAL_PCRREAD cpu_to_be32(21) 748 #define READ_PCR_RESULT_SIZE 30 749 #define READ_PCR_RESULT_BODY_SIZE 20 750 static const struct tpm_input_header pcrread_header = { 751 .tag = TPM_TAG_RQU_COMMAND, 752 .length = cpu_to_be32(14), 753 .ordinal = TPM_ORDINAL_PCRREAD 754 }; 755 756 int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) 757 { 758 int rc; 759 struct tpm_cmd_t cmd; 760 761 cmd.header.in = pcrread_header; 762 cmd.params.pcrread_in.pcr_idx = cpu_to_be32(pcr_idx); 763 rc = tpm_transmit_cmd(chip, NULL, &cmd, READ_PCR_RESULT_SIZE, 764 READ_PCR_RESULT_BODY_SIZE, 0, 765 "attempting to read a pcr value"); 766 767 if (rc == 0) 768 memcpy(res_buf, cmd.params.pcrread_out.pcr_result, 769 TPM_DIGEST_SIZE); 770 return rc; 771 } 772 773 /** 774 * tpm_is_tpm2 - is the chip a TPM2 chip? 775 * @chip_num: tpm idx # or ANY 776 * 777 * Returns < 0 on error, and 1 or 0 on success depending whether the chip 778 * is a TPM2 chip. 779 */ 780 int tpm_is_tpm2(u32 chip_num) 781 { 782 struct tpm_chip *chip; 783 int rc; 784 785 chip = tpm_chip_find_get(chip_num); 786 if (chip == NULL) 787 return -ENODEV; 788 789 rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0; 790 791 tpm_put_ops(chip); 792 793 return rc; 794 } 795 EXPORT_SYMBOL_GPL(tpm_is_tpm2); 796 797 /** 798 * tpm_pcr_read - read a pcr value 799 * @chip_num: tpm idx # or ANY 800 * @pcr_idx: pcr idx to retrieve 801 * @res_buf: TPM_PCR value 802 * size of res_buf is 20 bytes (or NULL if you don't care) 803 * 804 * The TPM driver should be built-in, but for whatever reason it 805 * isn't, protect against the chip disappearing, by incrementing 806 * the module usage count. 807 */ 808 int tpm_pcr_read(u32 chip_num, int pcr_idx, u8 *res_buf) 809 { 810 struct tpm_chip *chip; 811 int rc; 812 813 chip = tpm_chip_find_get(chip_num); 814 if (chip == NULL) 815 return -ENODEV; 816 if (chip->flags & TPM_CHIP_FLAG_TPM2) 817 rc = tpm2_pcr_read(chip, pcr_idx, res_buf); 818 else 819 rc = tpm_pcr_read_dev(chip, pcr_idx, res_buf); 820 tpm_put_ops(chip); 821 return rc; 822 } 823 EXPORT_SYMBOL_GPL(tpm_pcr_read); 824 825 #define TPM_ORD_PCR_EXTEND cpu_to_be32(20) 826 #define EXTEND_PCR_RESULT_SIZE 34 827 #define EXTEND_PCR_RESULT_BODY_SIZE 20 828 static const struct tpm_input_header pcrextend_header = { 829 .tag = TPM_TAG_RQU_COMMAND, 830 .length = cpu_to_be32(34), 831 .ordinal = TPM_ORD_PCR_EXTEND 832 }; 833 834 /** 835 * tpm_pcr_extend - extend pcr value with hash 836 * @chip_num: tpm idx # or AN& 837 * @pcr_idx: pcr idx to extend 838 * @hash: hash value used to extend pcr value 839 * 840 * The TPM driver should be built-in, but for whatever reason it 841 * isn't, protect against the chip disappearing, by incrementing 842 * the module usage count. 843 */ 844 int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash) 845 { 846 struct tpm_cmd_t cmd; 847 int rc; 848 struct tpm_chip *chip; 849 struct tpm2_digest digest_list[ARRAY_SIZE(chip->active_banks)]; 850 u32 count = 0; 851 int i; 852 853 chip = tpm_chip_find_get(chip_num); 854 if (chip == NULL) 855 return -ENODEV; 856 857 if (chip->flags & TPM_CHIP_FLAG_TPM2) { 858 memset(digest_list, 0, sizeof(digest_list)); 859 860 for (i = 0; i < ARRAY_SIZE(chip->active_banks) && 861 chip->active_banks[i] != TPM2_ALG_ERROR; i++) { 862 digest_list[i].alg_id = chip->active_banks[i]; 863 memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE); 864 count++; 865 } 866 867 rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list); 868 tpm_put_ops(chip); 869 return rc; 870 } 871 872 cmd.header.in = pcrextend_header; 873 cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx); 874 memcpy(cmd.params.pcrextend_in.hash, hash, TPM_DIGEST_SIZE); 875 rc = tpm_transmit_cmd(chip, NULL, &cmd, EXTEND_PCR_RESULT_SIZE, 876 EXTEND_PCR_RESULT_BODY_SIZE, 0, 877 "attempting extend a PCR value"); 878 879 tpm_put_ops(chip); 880 return rc; 881 } 882 EXPORT_SYMBOL_GPL(tpm_pcr_extend); 883 884 /** 885 * tpm_do_selftest - have the TPM continue its selftest and wait until it 886 * can receive further commands 887 * @chip: TPM chip to use 888 * 889 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing 890 * a TPM error code. 891 */ 892 int tpm_do_selftest(struct tpm_chip *chip) 893 { 894 int rc; 895 unsigned int loops; 896 unsigned int delay_msec = 100; 897 unsigned long duration; 898 u8 dummy[TPM_DIGEST_SIZE]; 899 900 duration = tpm_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST); 901 902 loops = jiffies_to_msecs(duration) / delay_msec; 903 904 rc = tpm_continue_selftest(chip); 905 /* This may fail if there was no TPM driver during a suspend/resume 906 * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST) 907 */ 908 if (rc) 909 return rc; 910 911 do { 912 /* Attempt to read a PCR value */ 913 rc = tpm_pcr_read_dev(chip, 0, dummy); 914 915 /* Some buggy TPMs will not respond to tpm_tis_ready() for 916 * around 300ms while the self test is ongoing, keep trying 917 * until the self test duration expires. */ 918 if (rc == -ETIME) { 919 dev_info( 920 &chip->dev, HW_ERR 921 "TPM command timed out during continue self test"); 922 msleep(delay_msec); 923 continue; 924 } 925 926 if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) { 927 dev_info(&chip->dev, 928 "TPM is disabled/deactivated (0x%X)\n", rc); 929 /* TPM is disabled and/or deactivated; driver can 930 * proceed and TPM does handle commands for 931 * suspend/resume correctly 932 */ 933 return 0; 934 } 935 if (rc != TPM_WARN_DOING_SELFTEST) 936 return rc; 937 msleep(delay_msec); 938 } while (--loops > 0); 939 940 return rc; 941 } 942 EXPORT_SYMBOL_GPL(tpm_do_selftest); 943 944 /** 945 * tpm1_auto_startup - Perform the standard automatic TPM initialization 946 * sequence 947 * @chip: TPM chip to use 948 * 949 * Returns 0 on success, < 0 in case of fatal error. 950 */ 951 int tpm1_auto_startup(struct tpm_chip *chip) 952 { 953 int rc; 954 955 rc = tpm_get_timeouts(chip); 956 if (rc) 957 goto out; 958 rc = tpm_do_selftest(chip); 959 if (rc) { 960 dev_err(&chip->dev, "TPM self test failed\n"); 961 goto out; 962 } 963 964 return rc; 965 out: 966 if (rc > 0) 967 rc = -ENODEV; 968 return rc; 969 } 970 971 int tpm_send(u32 chip_num, void *cmd, size_t buflen) 972 { 973 struct tpm_chip *chip; 974 int rc; 975 976 chip = tpm_chip_find_get(chip_num); 977 if (chip == NULL) 978 return -ENODEV; 979 980 rc = tpm_transmit_cmd(chip, NULL, cmd, buflen, 0, 0, 981 "attempting tpm_cmd"); 982 tpm_put_ops(chip); 983 return rc; 984 } 985 EXPORT_SYMBOL_GPL(tpm_send); 986 987 static bool wait_for_tpm_stat_cond(struct tpm_chip *chip, u8 mask, 988 bool check_cancel, bool *canceled) 989 { 990 u8 status = chip->ops->status(chip); 991 992 *canceled = false; 993 if ((status & mask) == mask) 994 return true; 995 if (check_cancel && chip->ops->req_canceled(chip, status)) { 996 *canceled = true; 997 return true; 998 } 999 return false; 1000 } 1001 1002 int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout, 1003 wait_queue_head_t *queue, bool check_cancel) 1004 { 1005 unsigned long stop; 1006 long rc; 1007 u8 status; 1008 bool canceled = false; 1009 1010 /* check current status */ 1011 status = chip->ops->status(chip); 1012 if ((status & mask) == mask) 1013 return 0; 1014 1015 stop = jiffies + timeout; 1016 1017 if (chip->flags & TPM_CHIP_FLAG_IRQ) { 1018 again: 1019 timeout = stop - jiffies; 1020 if ((long)timeout <= 0) 1021 return -ETIME; 1022 rc = wait_event_interruptible_timeout(*queue, 1023 wait_for_tpm_stat_cond(chip, mask, check_cancel, 1024 &canceled), 1025 timeout); 1026 if (rc > 0) { 1027 if (canceled) 1028 return -ECANCELED; 1029 return 0; 1030 } 1031 if (rc == -ERESTARTSYS && freezing(current)) { 1032 clear_thread_flag(TIF_SIGPENDING); 1033 goto again; 1034 } 1035 } else { 1036 do { 1037 msleep(TPM_TIMEOUT); 1038 status = chip->ops->status(chip); 1039 if ((status & mask) == mask) 1040 return 0; 1041 } while (time_before(jiffies, stop)); 1042 } 1043 return -ETIME; 1044 } 1045 EXPORT_SYMBOL_GPL(wait_for_tpm_stat); 1046 1047 #define TPM_ORD_SAVESTATE cpu_to_be32(152) 1048 #define SAVESTATE_RESULT_SIZE 10 1049 1050 static const struct tpm_input_header savestate_header = { 1051 .tag = TPM_TAG_RQU_COMMAND, 1052 .length = cpu_to_be32(10), 1053 .ordinal = TPM_ORD_SAVESTATE 1054 }; 1055 1056 /* 1057 * We are about to suspend. Save the TPM state 1058 * so that it can be restored. 1059 */ 1060 int tpm_pm_suspend(struct device *dev) 1061 { 1062 struct tpm_chip *chip = dev_get_drvdata(dev); 1063 struct tpm_cmd_t cmd; 1064 int rc, try; 1065 1066 u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 }; 1067 1068 if (chip == NULL) 1069 return -ENODEV; 1070 1071 if (chip->flags & TPM_CHIP_FLAG_TPM2) { 1072 tpm2_shutdown(chip, TPM2_SU_STATE); 1073 return 0; 1074 } 1075 1076 /* for buggy tpm, flush pcrs with extend to selected dummy */ 1077 if (tpm_suspend_pcr) { 1078 cmd.header.in = pcrextend_header; 1079 cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(tpm_suspend_pcr); 1080 memcpy(cmd.params.pcrextend_in.hash, dummy_hash, 1081 TPM_DIGEST_SIZE); 1082 rc = tpm_transmit_cmd(chip, NULL, &cmd, EXTEND_PCR_RESULT_SIZE, 1083 EXTEND_PCR_RESULT_BODY_SIZE, 0, 1084 "extending dummy pcr before suspend"); 1085 } 1086 1087 /* now do the actual savestate */ 1088 for (try = 0; try < TPM_RETRY; try++) { 1089 cmd.header.in = savestate_header; 1090 rc = tpm_transmit_cmd(chip, NULL, &cmd, SAVESTATE_RESULT_SIZE, 1091 0, 0, NULL); 1092 1093 /* 1094 * If the TPM indicates that it is too busy to respond to 1095 * this command then retry before giving up. It can take 1096 * several seconds for this TPM to be ready. 1097 * 1098 * This can happen if the TPM has already been sent the 1099 * SaveState command before the driver has loaded. TCG 1.2 1100 * specification states that any communication after SaveState 1101 * may cause the TPM to invalidate previously saved state. 1102 */ 1103 if (rc != TPM_WARN_RETRY) 1104 break; 1105 msleep(TPM_TIMEOUT_RETRY); 1106 } 1107 1108 if (rc) 1109 dev_err(&chip->dev, 1110 "Error (%d) sending savestate before suspend\n", rc); 1111 else if (try > 0) 1112 dev_warn(&chip->dev, "TPM savestate took %dms\n", 1113 try * TPM_TIMEOUT_RETRY); 1114 1115 return rc; 1116 } 1117 EXPORT_SYMBOL_GPL(tpm_pm_suspend); 1118 1119 /* 1120 * Resume from a power safe. The BIOS already restored 1121 * the TPM state. 1122 */ 1123 int tpm_pm_resume(struct device *dev) 1124 { 1125 struct tpm_chip *chip = dev_get_drvdata(dev); 1126 1127 if (chip == NULL) 1128 return -ENODEV; 1129 1130 return 0; 1131 } 1132 EXPORT_SYMBOL_GPL(tpm_pm_resume); 1133 1134 #define TPM_GETRANDOM_RESULT_SIZE 18 1135 static const struct tpm_input_header tpm_getrandom_header = { 1136 .tag = TPM_TAG_RQU_COMMAND, 1137 .length = cpu_to_be32(14), 1138 .ordinal = TPM_ORD_GET_RANDOM 1139 }; 1140 1141 /** 1142 * tpm_get_random() - Get random bytes from the tpm's RNG 1143 * @chip_num: A specific chip number for the request or TPM_ANY_NUM 1144 * @out: destination buffer for the random bytes 1145 * @max: the max number of bytes to write to @out 1146 * 1147 * Returns < 0 on error and the number of bytes read on success 1148 */ 1149 int tpm_get_random(u32 chip_num, u8 *out, size_t max) 1150 { 1151 struct tpm_chip *chip; 1152 struct tpm_cmd_t tpm_cmd; 1153 u32 recd, num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA), rlength; 1154 int err, total = 0, retries = 5; 1155 u8 *dest = out; 1156 1157 if (!out || !num_bytes || max > TPM_MAX_RNG_DATA) 1158 return -EINVAL; 1159 1160 chip = tpm_chip_find_get(chip_num); 1161 if (chip == NULL) 1162 return -ENODEV; 1163 1164 if (chip->flags & TPM_CHIP_FLAG_TPM2) { 1165 err = tpm2_get_random(chip, out, max); 1166 tpm_put_ops(chip); 1167 return err; 1168 } 1169 1170 do { 1171 tpm_cmd.header.in = tpm_getrandom_header; 1172 tpm_cmd.params.getrandom_in.num_bytes = cpu_to_be32(num_bytes); 1173 1174 err = tpm_transmit_cmd(chip, NULL, &tpm_cmd, 1175 TPM_GETRANDOM_RESULT_SIZE + num_bytes, 1176 offsetof(struct tpm_getrandom_out, 1177 rng_data), 1178 0, "attempting get random"); 1179 if (err) 1180 break; 1181 1182 recd = be32_to_cpu(tpm_cmd.params.getrandom_out.rng_data_len); 1183 1184 rlength = be32_to_cpu(tpm_cmd.header.out.length); 1185 if (rlength < offsetof(struct tpm_getrandom_out, rng_data) + 1186 recd) { 1187 total = -EFAULT; 1188 break; 1189 } 1190 memcpy(dest, tpm_cmd.params.getrandom_out.rng_data, recd); 1191 1192 dest += recd; 1193 total += recd; 1194 num_bytes -= recd; 1195 } while (retries-- && total < max); 1196 1197 tpm_put_ops(chip); 1198 return total ? total : -EIO; 1199 } 1200 EXPORT_SYMBOL_GPL(tpm_get_random); 1201 1202 /** 1203 * tpm_seal_trusted() - seal a trusted key 1204 * @chip_num: A specific chip number for the request or TPM_ANY_NUM 1205 * @options: authentication values and other options 1206 * @payload: the key data in clear and encrypted form 1207 * 1208 * Returns < 0 on error and 0 on success. At the moment, only TPM 2.0 chips 1209 * are supported. 1210 */ 1211 int tpm_seal_trusted(u32 chip_num, struct trusted_key_payload *payload, 1212 struct trusted_key_options *options) 1213 { 1214 struct tpm_chip *chip; 1215 int rc; 1216 1217 chip = tpm_chip_find_get(chip_num); 1218 if (chip == NULL || !(chip->flags & TPM_CHIP_FLAG_TPM2)) 1219 return -ENODEV; 1220 1221 rc = tpm2_seal_trusted(chip, payload, options); 1222 1223 tpm_put_ops(chip); 1224 return rc; 1225 } 1226 EXPORT_SYMBOL_GPL(tpm_seal_trusted); 1227 1228 /** 1229 * tpm_unseal_trusted() - unseal a trusted key 1230 * @chip_num: A specific chip number for the request or TPM_ANY_NUM 1231 * @options: authentication values and other options 1232 * @payload: the key data in clear and encrypted form 1233 * 1234 * Returns < 0 on error and 0 on success. At the moment, only TPM 2.0 chips 1235 * are supported. 1236 */ 1237 int tpm_unseal_trusted(u32 chip_num, struct trusted_key_payload *payload, 1238 struct trusted_key_options *options) 1239 { 1240 struct tpm_chip *chip; 1241 int rc; 1242 1243 chip = tpm_chip_find_get(chip_num); 1244 if (chip == NULL || !(chip->flags & TPM_CHIP_FLAG_TPM2)) 1245 return -ENODEV; 1246 1247 rc = tpm2_unseal_trusted(chip, payload, options); 1248 1249 tpm_put_ops(chip); 1250 1251 return rc; 1252 } 1253 EXPORT_SYMBOL_GPL(tpm_unseal_trusted); 1254 1255 static int __init tpm_init(void) 1256 { 1257 int rc; 1258 1259 tpm_class = class_create(THIS_MODULE, "tpm"); 1260 if (IS_ERR(tpm_class)) { 1261 pr_err("couldn't create tpm class\n"); 1262 return PTR_ERR(tpm_class); 1263 } 1264 1265 tpmrm_class = class_create(THIS_MODULE, "tpmrm"); 1266 if (IS_ERR(tpmrm_class)) { 1267 pr_err("couldn't create tpmrm class\n"); 1268 class_destroy(tpm_class); 1269 return PTR_ERR(tpmrm_class); 1270 } 1271 1272 rc = alloc_chrdev_region(&tpm_devt, 0, 2*TPM_NUM_DEVICES, "tpm"); 1273 if (rc < 0) { 1274 pr_err("tpm: failed to allocate char dev region\n"); 1275 class_destroy(tpmrm_class); 1276 class_destroy(tpm_class); 1277 return rc; 1278 } 1279 1280 return 0; 1281 } 1282 1283 static void __exit tpm_exit(void) 1284 { 1285 idr_destroy(&dev_nums_idr); 1286 class_destroy(tpm_class); 1287 class_destroy(tpmrm_class); 1288 unregister_chrdev_region(tpm_devt, 2*TPM_NUM_DEVICES); 1289 } 1290 1291 subsys_initcall(tpm_init); 1292 module_exit(tpm_exit); 1293 1294 MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)"); 1295 MODULE_DESCRIPTION("TPM Driver"); 1296 MODULE_VERSION("2.0"); 1297 MODULE_LICENSE("GPL"); 1298