xref: /openbmc/linux/drivers/char/tpm/tpm-interface.c (revision 176f011b)
1 /*
2  * Copyright (C) 2004 IBM Corporation
3  * Copyright (C) 2014 Intel Corporation
4  *
5  * Authors:
6  * Leendert van Doorn <leendert@watson.ibm.com>
7  * Dave Safford <safford@watson.ibm.com>
8  * Reiner Sailer <sailer@watson.ibm.com>
9  * Kylene Hall <kjhall@us.ibm.com>
10  *
11  * Maintained by: <tpmdd-devel@lists.sourceforge.net>
12  *
13  * Device driver for TCG/TCPA TPM (trusted platform module).
14  * Specifications at www.trustedcomputinggroup.org
15  *
16  * This program is free software; you can redistribute it and/or
17  * modify it under the terms of the GNU General Public License as
18  * published by the Free Software Foundation, version 2 of the
19  * License.
20  *
21  * Note, the TPM chip is not interrupt driven (only polling)
22  * and can have very long timeouts (minutes!). Hence the unusual
23  * calls to msleep.
24  *
25  */
26 
27 #include <linux/poll.h>
28 #include <linux/slab.h>
29 #include <linux/mutex.h>
30 #include <linux/spinlock.h>
31 #include <linux/freezer.h>
32 #include <linux/tpm_eventlog.h>
33 
34 #include "tpm.h"
35 
36 /*
37  * Bug workaround - some TPM's don't flush the most
38  * recently changed pcr on suspend, so force the flush
39  * with an extend to the selected _unused_ non-volatile pcr.
40  */
41 static u32 tpm_suspend_pcr;
42 module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644);
43 MODULE_PARM_DESC(suspend_pcr,
44 		 "PCR to use for dummy writes to facilitate flush on suspend.");
45 
46 /**
47  * tpm_calc_ordinal_duration() - calculate the maximum command duration
48  * @chip:    TPM chip to use.
49  * @ordinal: TPM command ordinal.
50  *
51  * The function returns the maximum amount of time the chip could take
52  * to return the result for a particular ordinal in jiffies.
53  *
54  * Return: A maximal duration time for an ordinal in jiffies.
55  */
56 unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
57 {
58 	if (chip->flags & TPM_CHIP_FLAG_TPM2)
59 		return tpm2_calc_ordinal_duration(chip, ordinal);
60 	else
61 		return tpm1_calc_ordinal_duration(chip, ordinal);
62 }
63 EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration);
64 
65 static int tpm_validate_command(struct tpm_chip *chip,
66 				 struct tpm_space *space,
67 				 const u8 *cmd,
68 				 size_t len)
69 {
70 	const struct tpm_input_header *header = (const void *)cmd;
71 	int i;
72 	u32 cc;
73 	u32 attrs;
74 	unsigned int nr_handles;
75 
76 	if (len < TPM_HEADER_SIZE)
77 		return -EINVAL;
78 
79 	if (!space)
80 		return 0;
81 
82 	if (chip->flags & TPM_CHIP_FLAG_TPM2 && chip->nr_commands) {
83 		cc = be32_to_cpu(header->ordinal);
84 
85 		i = tpm2_find_cc(chip, cc);
86 		if (i < 0) {
87 			dev_dbg(&chip->dev, "0x%04X is an invalid command\n",
88 				cc);
89 			return -EOPNOTSUPP;
90 		}
91 
92 		attrs = chip->cc_attrs_tbl[i];
93 		nr_handles =
94 			4 * ((attrs >> TPM2_CC_ATTR_CHANDLES) & GENMASK(2, 0));
95 		if (len < TPM_HEADER_SIZE + 4 * nr_handles)
96 			goto err_len;
97 	}
98 
99 	return 0;
100 err_len:
101 	dev_dbg(&chip->dev,
102 		"%s: insufficient command length %zu", __func__, len);
103 	return -EINVAL;
104 }
105 
106 static int tpm_request_locality(struct tpm_chip *chip, unsigned int flags)
107 {
108 	int rc;
109 
110 	if (flags & TPM_TRANSMIT_NESTED)
111 		return 0;
112 
113 	if (!chip->ops->request_locality)
114 		return 0;
115 
116 	rc = chip->ops->request_locality(chip, 0);
117 	if (rc < 0)
118 		return rc;
119 
120 	chip->locality = rc;
121 
122 	return 0;
123 }
124 
125 static void tpm_relinquish_locality(struct tpm_chip *chip, unsigned int flags)
126 {
127 	int rc;
128 
129 	if (flags & TPM_TRANSMIT_NESTED)
130 		return;
131 
132 	if (!chip->ops->relinquish_locality)
133 		return;
134 
135 	rc = chip->ops->relinquish_locality(chip, chip->locality);
136 	if (rc)
137 		dev_err(&chip->dev, "%s: : error %d\n", __func__, rc);
138 
139 	chip->locality = -1;
140 }
141 
142 static int tpm_cmd_ready(struct tpm_chip *chip, unsigned int flags)
143 {
144 	if (flags & TPM_TRANSMIT_NESTED)
145 		return 0;
146 
147 	if (!chip->ops->cmd_ready)
148 		return 0;
149 
150 	return chip->ops->cmd_ready(chip);
151 }
152 
153 static int tpm_go_idle(struct tpm_chip *chip, unsigned int flags)
154 {
155 	if (flags & TPM_TRANSMIT_NESTED)
156 		return 0;
157 
158 	if (!chip->ops->go_idle)
159 		return 0;
160 
161 	return chip->ops->go_idle(chip);
162 }
163 
164 static ssize_t tpm_try_transmit(struct tpm_chip *chip,
165 				struct tpm_space *space,
166 				u8 *buf, size_t bufsiz,
167 				unsigned int flags)
168 {
169 	struct tpm_output_header *header = (void *)buf;
170 	int rc;
171 	ssize_t len = 0;
172 	u32 count, ordinal;
173 	unsigned long stop;
174 	bool need_locality;
175 
176 	rc = tpm_validate_command(chip, space, buf, bufsiz);
177 	if (rc == -EINVAL)
178 		return rc;
179 	/*
180 	 * If the command is not implemented by the TPM, synthesize a
181 	 * response with a TPM2_RC_COMMAND_CODE return for user-space.
182 	 */
183 	if (rc == -EOPNOTSUPP) {
184 		header->length = cpu_to_be32(sizeof(*header));
185 		header->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS);
186 		header->return_code = cpu_to_be32(TPM2_RC_COMMAND_CODE |
187 						  TSS2_RESMGR_TPM_RC_LAYER);
188 		return sizeof(*header);
189 	}
190 
191 	if (bufsiz > TPM_BUFSIZE)
192 		bufsiz = TPM_BUFSIZE;
193 
194 	count = be32_to_cpu(*((__be32 *) (buf + 2)));
195 	ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
196 	if (count == 0)
197 		return -ENODATA;
198 	if (count > bufsiz) {
199 		dev_err(&chip->dev,
200 			"invalid count value %x %zx\n", count, bufsiz);
201 		return -E2BIG;
202 	}
203 
204 	if (!(flags & TPM_TRANSMIT_UNLOCKED) && !(flags & TPM_TRANSMIT_NESTED))
205 		mutex_lock(&chip->tpm_mutex);
206 
207 	if (chip->ops->clk_enable != NULL)
208 		chip->ops->clk_enable(chip, true);
209 
210 	/* Store the decision as chip->locality will be changed. */
211 	need_locality = chip->locality == -1;
212 
213 	if (need_locality) {
214 		rc = tpm_request_locality(chip, flags);
215 		if (rc < 0) {
216 			need_locality = false;
217 			goto out_locality;
218 		}
219 	}
220 
221 	rc = tpm_cmd_ready(chip, flags);
222 	if (rc)
223 		goto out_locality;
224 
225 	rc = tpm2_prepare_space(chip, space, ordinal, buf);
226 	if (rc)
227 		goto out;
228 
229 	rc = chip->ops->send(chip, buf, count);
230 	if (rc < 0) {
231 		if (rc != -EPIPE)
232 			dev_err(&chip->dev,
233 				"%s: tpm_send: error %d\n", __func__, rc);
234 		goto out;
235 	}
236 
237 	if (chip->flags & TPM_CHIP_FLAG_IRQ)
238 		goto out_recv;
239 
240 	stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal);
241 	do {
242 		u8 status = chip->ops->status(chip);
243 		if ((status & chip->ops->req_complete_mask) ==
244 		    chip->ops->req_complete_val)
245 			goto out_recv;
246 
247 		if (chip->ops->req_canceled(chip, status)) {
248 			dev_err(&chip->dev, "Operation Canceled\n");
249 			rc = -ECANCELED;
250 			goto out;
251 		}
252 
253 		tpm_msleep(TPM_TIMEOUT_POLL);
254 		rmb();
255 	} while (time_before(jiffies, stop));
256 
257 	chip->ops->cancel(chip);
258 	dev_err(&chip->dev, "Operation Timed out\n");
259 	rc = -ETIME;
260 	goto out;
261 
262 out_recv:
263 	len = chip->ops->recv(chip, buf, bufsiz);
264 	if (len < 0) {
265 		rc = len;
266 		dev_err(&chip->dev,
267 			"tpm_transmit: tpm_recv: error %d\n", rc);
268 		goto out;
269 	} else if (len < TPM_HEADER_SIZE) {
270 		rc = -EFAULT;
271 		goto out;
272 	}
273 
274 	if (len != be32_to_cpu(header->length)) {
275 		rc = -EFAULT;
276 		goto out;
277 	}
278 
279 	rc = tpm2_commit_space(chip, space, ordinal, buf, &len);
280 	if (rc)
281 		dev_err(&chip->dev, "tpm2_commit_space: error %d\n", rc);
282 
283 out:
284 	/* may fail but do not override previous error value in rc */
285 	tpm_go_idle(chip, flags);
286 
287 out_locality:
288 	if (need_locality)
289 		tpm_relinquish_locality(chip, flags);
290 
291 	if (chip->ops->clk_enable != NULL)
292 		chip->ops->clk_enable(chip, false);
293 
294 	if (!(flags & TPM_TRANSMIT_UNLOCKED) && !(flags & TPM_TRANSMIT_NESTED))
295 		mutex_unlock(&chip->tpm_mutex);
296 	return rc ? rc : len;
297 }
298 
299 /**
300  * tpm_transmit - Internal kernel interface to transmit TPM commands.
301  *
302  * @chip: TPM chip to use
303  * @space: tpm space
304  * @buf: TPM command buffer
305  * @bufsiz: length of the TPM command buffer
306  * @flags: tpm transmit flags - bitmap
307  *
308  * A wrapper around tpm_try_transmit that handles TPM2_RC_RETRY
309  * returns from the TPM and retransmits the command after a delay up
310  * to a maximum wait of TPM2_DURATION_LONG.
311  *
312  * Note: TPM1 never returns TPM2_RC_RETRY so the retry logic is TPM2
313  * only
314  *
315  * Return:
316  *     the length of the return when the operation is successful.
317  *     A negative number for system errors (errno).
318  */
319 ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space,
320 		     u8 *buf, size_t bufsiz, unsigned int flags)
321 {
322 	struct tpm_output_header *header = (struct tpm_output_header *)buf;
323 	/* space for header and handles */
324 	u8 save[TPM_HEADER_SIZE + 3*sizeof(u32)];
325 	unsigned int delay_msec = TPM2_DURATION_SHORT;
326 	u32 rc = 0;
327 	ssize_t ret;
328 	const size_t save_size = min(space ? sizeof(save) : TPM_HEADER_SIZE,
329 				     bufsiz);
330 	/* the command code is where the return code will be */
331 	u32 cc = be32_to_cpu(header->return_code);
332 
333 	/*
334 	 * Subtlety here: if we have a space, the handles will be
335 	 * transformed, so when we restore the header we also have to
336 	 * restore the handles.
337 	 */
338 	memcpy(save, buf, save_size);
339 
340 	for (;;) {
341 		ret = tpm_try_transmit(chip, space, buf, bufsiz, flags);
342 		if (ret < 0)
343 			break;
344 		rc = be32_to_cpu(header->return_code);
345 		if (rc != TPM2_RC_RETRY && rc != TPM2_RC_TESTING)
346 			break;
347 		/*
348 		 * return immediately if self test returns test
349 		 * still running to shorten boot time.
350 		 */
351 		if (rc == TPM2_RC_TESTING && cc == TPM2_CC_SELF_TEST)
352 			break;
353 
354 		if (delay_msec > TPM2_DURATION_LONG) {
355 			if (rc == TPM2_RC_RETRY)
356 				dev_err(&chip->dev, "in retry loop\n");
357 			else
358 				dev_err(&chip->dev,
359 					"self test is still running\n");
360 			break;
361 		}
362 		tpm_msleep(delay_msec);
363 		delay_msec *= 2;
364 		memcpy(buf, save, save_size);
365 	}
366 	return ret;
367 }
368 /**
369  * tpm_transmit_cmd - send a tpm command to the device
370  *    The function extracts tpm out header return code
371  *
372  * @chip: TPM chip to use
373  * @space: tpm space
374  * @buf: TPM command buffer
375  * @bufsiz: length of the buffer
376  * @min_rsp_body_length: minimum expected length of response body
377  * @flags: tpm transmit flags - bitmap
378  * @desc: command description used in the error message
379  *
380  * Return:
381  *     0 when the operation is successful.
382  *     A negative number for system errors (errno).
383  *     A positive number for a TPM error.
384  */
385 ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space,
386 			 void *buf, size_t bufsiz,
387 			 size_t min_rsp_body_length, unsigned int flags,
388 			 const char *desc)
389 {
390 	const struct tpm_output_header *header = buf;
391 	int err;
392 	ssize_t len;
393 
394 	len = tpm_transmit(chip, space, buf, bufsiz, flags);
395 	if (len <  0)
396 		return len;
397 
398 	err = be32_to_cpu(header->return_code);
399 	if (err != 0 && err != TPM_ERR_DISABLED && err != TPM_ERR_DEACTIVATED
400 	    && desc)
401 		dev_err(&chip->dev, "A TPM error (%d) occurred %s\n", err,
402 			desc);
403 	if (err)
404 		return err;
405 
406 	if (len < min_rsp_body_length + TPM_HEADER_SIZE)
407 		return -EFAULT;
408 
409 	return 0;
410 }
411 EXPORT_SYMBOL_GPL(tpm_transmit_cmd);
412 
413 int tpm_get_timeouts(struct tpm_chip *chip)
414 {
415 	if (chip->flags & TPM_CHIP_FLAG_HAVE_TIMEOUTS)
416 		return 0;
417 
418 	if (chip->flags & TPM_CHIP_FLAG_TPM2)
419 		return tpm2_get_timeouts(chip);
420 	else
421 		return tpm1_get_timeouts(chip);
422 }
423 EXPORT_SYMBOL_GPL(tpm_get_timeouts);
424 
425 /**
426  * tpm_is_tpm2 - do we a have a TPM2 chip?
427  * @chip:	a &struct tpm_chip instance, %NULL for the default chip
428  *
429  * Return:
430  * 1 if we have a TPM2 chip.
431  * 0 if we don't have a TPM2 chip.
432  * A negative number for system errors (errno).
433  */
434 int tpm_is_tpm2(struct tpm_chip *chip)
435 {
436 	int rc;
437 
438 	chip = tpm_find_get_ops(chip);
439 	if (!chip)
440 		return -ENODEV;
441 
442 	rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0;
443 
444 	tpm_put_ops(chip);
445 
446 	return rc;
447 }
448 EXPORT_SYMBOL_GPL(tpm_is_tpm2);
449 
450 /**
451  * tpm_pcr_read - read a PCR value from SHA1 bank
452  * @chip:	a &struct tpm_chip instance, %NULL for the default chip
453  * @pcr_idx:	the PCR to be retrieved
454  * @res_buf:	the value of the PCR
455  *
456  * Return: same as with tpm_transmit_cmd()
457  */
458 int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
459 {
460 	int rc;
461 
462 	chip = tpm_find_get_ops(chip);
463 	if (!chip)
464 		return -ENODEV;
465 
466 	if (chip->flags & TPM_CHIP_FLAG_TPM2)
467 		rc = tpm2_pcr_read(chip, pcr_idx, res_buf);
468 	else
469 		rc = tpm1_pcr_read(chip, pcr_idx, res_buf);
470 
471 	tpm_put_ops(chip);
472 	return rc;
473 }
474 EXPORT_SYMBOL_GPL(tpm_pcr_read);
475 
476 /**
477  * tpm_pcr_extend - extend a PCR value in SHA1 bank.
478  * @chip:	a &struct tpm_chip instance, %NULL for the default chip
479  * @pcr_idx:	the PCR to be retrieved
480  * @hash:	the hash value used to extend the PCR value
481  *
482  * Note: with TPM 2.0 extends also those banks with a known digest size to the
483  * cryto subsystem in order to prevent malicious use of those PCR banks. In the
484  * future we should dynamically determine digest sizes.
485  *
486  * Return: same as with tpm_transmit_cmd()
487  */
488 int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash)
489 {
490 	int rc;
491 	struct tpm2_digest digest_list[ARRAY_SIZE(chip->active_banks)];
492 	u32 count = 0;
493 	int i;
494 
495 	chip = tpm_find_get_ops(chip);
496 	if (!chip)
497 		return -ENODEV;
498 
499 	if (chip->flags & TPM_CHIP_FLAG_TPM2) {
500 		memset(digest_list, 0, sizeof(digest_list));
501 
502 		for (i = 0; i < ARRAY_SIZE(chip->active_banks) &&
503 			    chip->active_banks[i] != TPM2_ALG_ERROR; i++) {
504 			digest_list[i].alg_id = chip->active_banks[i];
505 			memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE);
506 			count++;
507 		}
508 
509 		rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list);
510 		tpm_put_ops(chip);
511 		return rc;
512 	}
513 
514 	rc = tpm1_pcr_extend(chip, pcr_idx, hash,
515 			     "attempting extend a PCR value");
516 	tpm_put_ops(chip);
517 	return rc;
518 }
519 EXPORT_SYMBOL_GPL(tpm_pcr_extend);
520 
521 /**
522  * tpm_send - send a TPM command
523  * @chip:	a &struct tpm_chip instance, %NULL for the default chip
524  * @cmd:	a TPM command buffer
525  * @buflen:	the length of the TPM command buffer
526  *
527  * Return: same as with tpm_transmit_cmd()
528  */
529 int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen)
530 {
531 	int rc;
532 
533 	chip = tpm_find_get_ops(chip);
534 	if (!chip)
535 		return -ENODEV;
536 
537 	rc = tpm_transmit_cmd(chip, NULL, cmd, buflen, 0, 0,
538 			      "attempting to a send a command");
539 	tpm_put_ops(chip);
540 	return rc;
541 }
542 EXPORT_SYMBOL_GPL(tpm_send);
543 
544 int tpm_auto_startup(struct tpm_chip *chip)
545 {
546 	int rc;
547 
548 	if (!(chip->ops->flags & TPM_OPS_AUTO_STARTUP))
549 		return 0;
550 
551 	if (chip->flags & TPM_CHIP_FLAG_TPM2)
552 		rc = tpm2_auto_startup(chip);
553 	else
554 		rc = tpm1_auto_startup(chip);
555 
556 	return rc;
557 }
558 
559 /*
560  * We are about to suspend. Save the TPM state
561  * so that it can be restored.
562  */
563 int tpm_pm_suspend(struct device *dev)
564 {
565 	struct tpm_chip *chip = dev_get_drvdata(dev);
566 	int rc = 0;
567 
568 	if (!chip)
569 		return -ENODEV;
570 
571 	if (chip->flags & TPM_CHIP_FLAG_ALWAYS_POWERED)
572 		return 0;
573 
574 	if (chip->flags & TPM_CHIP_FLAG_TPM2)
575 		tpm2_shutdown(chip, TPM2_SU_STATE);
576 	else
577 		rc = tpm1_pm_suspend(chip, tpm_suspend_pcr);
578 
579 	return rc;
580 }
581 EXPORT_SYMBOL_GPL(tpm_pm_suspend);
582 
583 /*
584  * Resume from a power safe. The BIOS already restored
585  * the TPM state.
586  */
587 int tpm_pm_resume(struct device *dev)
588 {
589 	struct tpm_chip *chip = dev_get_drvdata(dev);
590 
591 	if (chip == NULL)
592 		return -ENODEV;
593 
594 	return 0;
595 }
596 EXPORT_SYMBOL_GPL(tpm_pm_resume);
597 
598 /**
599  * tpm_get_random() - get random bytes from the TPM's RNG
600  * @chip:	a &struct tpm_chip instance, %NULL for the default chip
601  * @out:	destination buffer for the random bytes
602  * @max:	the max number of bytes to write to @out
603  *
604  * Return: number of random bytes read or a negative error value.
605  */
606 int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max)
607 {
608 	int rc;
609 
610 	if (!out || max > TPM_MAX_RNG_DATA)
611 		return -EINVAL;
612 
613 	chip = tpm_find_get_ops(chip);
614 	if (!chip)
615 		return -ENODEV;
616 
617 	if (chip->flags & TPM_CHIP_FLAG_TPM2)
618 		rc = tpm2_get_random(chip, out, max);
619 	else
620 		rc = tpm1_get_random(chip, out, max);
621 
622 	tpm_put_ops(chip);
623 	return rc;
624 }
625 EXPORT_SYMBOL_GPL(tpm_get_random);
626 
627 /**
628  * tpm_seal_trusted() - seal a trusted key payload
629  * @chip:	a &struct tpm_chip instance, %NULL for the default chip
630  * @options:	authentication values and other options
631  * @payload:	the key data in clear and encrypted form
632  *
633  * Note: only TPM 2.0 chip are supported. TPM 1.x implementation is located in
634  * the keyring subsystem.
635  *
636  * Return: same as with tpm_transmit_cmd()
637  */
638 int tpm_seal_trusted(struct tpm_chip *chip, struct trusted_key_payload *payload,
639 		     struct trusted_key_options *options)
640 {
641 	int rc;
642 
643 	chip = tpm_find_get_ops(chip);
644 	if (!chip || !(chip->flags & TPM_CHIP_FLAG_TPM2))
645 		return -ENODEV;
646 
647 	rc = tpm2_seal_trusted(chip, payload, options);
648 
649 	tpm_put_ops(chip);
650 	return rc;
651 }
652 EXPORT_SYMBOL_GPL(tpm_seal_trusted);
653 
654 /**
655  * tpm_unseal_trusted() - unseal a trusted key
656  * @chip:	a &struct tpm_chip instance, %NULL for the default chip
657  * @options:	authentication values and other options
658  * @payload:	the key data in clear and encrypted form
659  *
660  * Note: only TPM 2.0 chip are supported. TPM 1.x implementation is located in
661  * the keyring subsystem.
662  *
663  * Return: same as with tpm_transmit_cmd()
664  */
665 int tpm_unseal_trusted(struct tpm_chip *chip,
666 		       struct trusted_key_payload *payload,
667 		       struct trusted_key_options *options)
668 {
669 	int rc;
670 
671 	chip = tpm_find_get_ops(chip);
672 	if (!chip || !(chip->flags & TPM_CHIP_FLAG_TPM2))
673 		return -ENODEV;
674 
675 	rc = tpm2_unseal_trusted(chip, payload, options);
676 
677 	tpm_put_ops(chip);
678 
679 	return rc;
680 }
681 EXPORT_SYMBOL_GPL(tpm_unseal_trusted);
682 
683 static int __init tpm_init(void)
684 {
685 	int rc;
686 
687 	tpm_class = class_create(THIS_MODULE, "tpm");
688 	if (IS_ERR(tpm_class)) {
689 		pr_err("couldn't create tpm class\n");
690 		return PTR_ERR(tpm_class);
691 	}
692 
693 	tpmrm_class = class_create(THIS_MODULE, "tpmrm");
694 	if (IS_ERR(tpmrm_class)) {
695 		pr_err("couldn't create tpmrm class\n");
696 		rc = PTR_ERR(tpmrm_class);
697 		goto out_destroy_tpm_class;
698 	}
699 
700 	rc = alloc_chrdev_region(&tpm_devt, 0, 2*TPM_NUM_DEVICES, "tpm");
701 	if (rc < 0) {
702 		pr_err("tpm: failed to allocate char dev region\n");
703 		goto out_destroy_tpmrm_class;
704 	}
705 
706 	rc = tpm_dev_common_init();
707 	if (rc) {
708 		pr_err("tpm: failed to allocate char dev region\n");
709 		goto out_unreg_chrdev;
710 	}
711 
712 	return 0;
713 
714 out_unreg_chrdev:
715 	unregister_chrdev_region(tpm_devt, 2 * TPM_NUM_DEVICES);
716 out_destroy_tpmrm_class:
717 	class_destroy(tpmrm_class);
718 out_destroy_tpm_class:
719 	class_destroy(tpm_class);
720 
721 	return rc;
722 }
723 
724 static void __exit tpm_exit(void)
725 {
726 	idr_destroy(&dev_nums_idr);
727 	class_destroy(tpm_class);
728 	class_destroy(tpmrm_class);
729 	unregister_chrdev_region(tpm_devt, 2*TPM_NUM_DEVICES);
730 	tpm_dev_common_exit();
731 }
732 
733 subsys_initcall(tpm_init);
734 module_exit(tpm_exit);
735 
736 MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)");
737 MODULE_DESCRIPTION("TPM Driver");
738 MODULE_VERSION("2.0");
739 MODULE_LICENSE("GPL");
740