1 /* 2 * Copyright (C) 2004 IBM Corporation 3 * Copyright (C) 2014 Intel Corporation 4 * 5 * Authors: 6 * Leendert van Doorn <leendert@watson.ibm.com> 7 * Dave Safford <safford@watson.ibm.com> 8 * Reiner Sailer <sailer@watson.ibm.com> 9 * Kylene Hall <kjhall@us.ibm.com> 10 * 11 * Maintained by: <tpmdd-devel@lists.sourceforge.net> 12 * 13 * Device driver for TCG/TCPA TPM (trusted platform module). 14 * Specifications at www.trustedcomputinggroup.org 15 * 16 * This program is free software; you can redistribute it and/or 17 * modify it under the terms of the GNU General Public License as 18 * published by the Free Software Foundation, version 2 of the 19 * License. 20 * 21 * Note, the TPM chip is not interrupt driven (only polling) 22 * and can have very long timeouts (minutes!). Hence the unusual 23 * calls to msleep. 24 * 25 */ 26 27 #include <linux/poll.h> 28 #include <linux/slab.h> 29 #include <linux/mutex.h> 30 #include <linux/spinlock.h> 31 #include <linux/freezer.h> 32 33 #include "tpm.h" 34 #include "tpm_eventlog.h" 35 36 #define TPM_MAX_ORDINAL 243 37 #define TSC_MAX_ORDINAL 12 38 #define TPM_PROTECTED_COMMAND 0x00 39 #define TPM_CONNECTION_COMMAND 0x40 40 41 /* 42 * Bug workaround - some TPM's don't flush the most 43 * recently changed pcr on suspend, so force the flush 44 * with an extend to the selected _unused_ non-volatile pcr. 45 */ 46 static int tpm_suspend_pcr; 47 module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644); 48 MODULE_PARM_DESC(suspend_pcr, 49 "PCR to use for dummy writes to faciltate flush on suspend."); 50 51 /* 52 * Array with one entry per ordinal defining the maximum amount 53 * of time the chip could take to return the result. The ordinal 54 * designation of short, medium or long is defined in a table in 55 * TCG Specification TPM Main Part 2 TPM Structures Section 17. The 56 * values of the SHORT, MEDIUM, and LONG durations are retrieved 57 * from the chip during initialization with a call to tpm_get_timeouts. 58 */ 59 static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = { 60 TPM_UNDEFINED, /* 0 */ 61 TPM_UNDEFINED, 62 TPM_UNDEFINED, 63 TPM_UNDEFINED, 64 TPM_UNDEFINED, 65 TPM_UNDEFINED, /* 5 */ 66 TPM_UNDEFINED, 67 TPM_UNDEFINED, 68 TPM_UNDEFINED, 69 TPM_UNDEFINED, 70 TPM_SHORT, /* 10 */ 71 TPM_SHORT, 72 TPM_MEDIUM, 73 TPM_LONG, 74 TPM_LONG, 75 TPM_MEDIUM, /* 15 */ 76 TPM_SHORT, 77 TPM_SHORT, 78 TPM_MEDIUM, 79 TPM_LONG, 80 TPM_SHORT, /* 20 */ 81 TPM_SHORT, 82 TPM_MEDIUM, 83 TPM_MEDIUM, 84 TPM_MEDIUM, 85 TPM_SHORT, /* 25 */ 86 TPM_SHORT, 87 TPM_MEDIUM, 88 TPM_SHORT, 89 TPM_SHORT, 90 TPM_MEDIUM, /* 30 */ 91 TPM_LONG, 92 TPM_MEDIUM, 93 TPM_SHORT, 94 TPM_SHORT, 95 TPM_SHORT, /* 35 */ 96 TPM_MEDIUM, 97 TPM_MEDIUM, 98 TPM_UNDEFINED, 99 TPM_UNDEFINED, 100 TPM_MEDIUM, /* 40 */ 101 TPM_LONG, 102 TPM_MEDIUM, 103 TPM_SHORT, 104 TPM_SHORT, 105 TPM_SHORT, /* 45 */ 106 TPM_SHORT, 107 TPM_SHORT, 108 TPM_SHORT, 109 TPM_LONG, 110 TPM_MEDIUM, /* 50 */ 111 TPM_MEDIUM, 112 TPM_UNDEFINED, 113 TPM_UNDEFINED, 114 TPM_UNDEFINED, 115 TPM_UNDEFINED, /* 55 */ 116 TPM_UNDEFINED, 117 TPM_UNDEFINED, 118 TPM_UNDEFINED, 119 TPM_UNDEFINED, 120 TPM_MEDIUM, /* 60 */ 121 TPM_MEDIUM, 122 TPM_MEDIUM, 123 TPM_SHORT, 124 TPM_SHORT, 125 TPM_MEDIUM, /* 65 */ 126 TPM_UNDEFINED, 127 TPM_UNDEFINED, 128 TPM_UNDEFINED, 129 TPM_UNDEFINED, 130 TPM_SHORT, /* 70 */ 131 TPM_SHORT, 132 TPM_UNDEFINED, 133 TPM_UNDEFINED, 134 TPM_UNDEFINED, 135 TPM_UNDEFINED, /* 75 */ 136 TPM_UNDEFINED, 137 TPM_UNDEFINED, 138 TPM_UNDEFINED, 139 TPM_UNDEFINED, 140 TPM_LONG, /* 80 */ 141 TPM_UNDEFINED, 142 TPM_MEDIUM, 143 TPM_LONG, 144 TPM_SHORT, 145 TPM_UNDEFINED, /* 85 */ 146 TPM_UNDEFINED, 147 TPM_UNDEFINED, 148 TPM_UNDEFINED, 149 TPM_UNDEFINED, 150 TPM_SHORT, /* 90 */ 151 TPM_SHORT, 152 TPM_SHORT, 153 TPM_SHORT, 154 TPM_SHORT, 155 TPM_UNDEFINED, /* 95 */ 156 TPM_UNDEFINED, 157 TPM_UNDEFINED, 158 TPM_UNDEFINED, 159 TPM_UNDEFINED, 160 TPM_MEDIUM, /* 100 */ 161 TPM_SHORT, 162 TPM_SHORT, 163 TPM_UNDEFINED, 164 TPM_UNDEFINED, 165 TPM_UNDEFINED, /* 105 */ 166 TPM_UNDEFINED, 167 TPM_UNDEFINED, 168 TPM_UNDEFINED, 169 TPM_UNDEFINED, 170 TPM_SHORT, /* 110 */ 171 TPM_SHORT, 172 TPM_SHORT, 173 TPM_SHORT, 174 TPM_SHORT, 175 TPM_SHORT, /* 115 */ 176 TPM_SHORT, 177 TPM_SHORT, 178 TPM_UNDEFINED, 179 TPM_UNDEFINED, 180 TPM_LONG, /* 120 */ 181 TPM_LONG, 182 TPM_MEDIUM, 183 TPM_UNDEFINED, 184 TPM_SHORT, 185 TPM_SHORT, /* 125 */ 186 TPM_SHORT, 187 TPM_LONG, 188 TPM_SHORT, 189 TPM_SHORT, 190 TPM_SHORT, /* 130 */ 191 TPM_MEDIUM, 192 TPM_UNDEFINED, 193 TPM_SHORT, 194 TPM_MEDIUM, 195 TPM_UNDEFINED, /* 135 */ 196 TPM_UNDEFINED, 197 TPM_UNDEFINED, 198 TPM_UNDEFINED, 199 TPM_UNDEFINED, 200 TPM_SHORT, /* 140 */ 201 TPM_SHORT, 202 TPM_UNDEFINED, 203 TPM_UNDEFINED, 204 TPM_UNDEFINED, 205 TPM_UNDEFINED, /* 145 */ 206 TPM_UNDEFINED, 207 TPM_UNDEFINED, 208 TPM_UNDEFINED, 209 TPM_UNDEFINED, 210 TPM_SHORT, /* 150 */ 211 TPM_MEDIUM, 212 TPM_MEDIUM, 213 TPM_SHORT, 214 TPM_SHORT, 215 TPM_UNDEFINED, /* 155 */ 216 TPM_UNDEFINED, 217 TPM_UNDEFINED, 218 TPM_UNDEFINED, 219 TPM_UNDEFINED, 220 TPM_SHORT, /* 160 */ 221 TPM_SHORT, 222 TPM_SHORT, 223 TPM_SHORT, 224 TPM_UNDEFINED, 225 TPM_UNDEFINED, /* 165 */ 226 TPM_UNDEFINED, 227 TPM_UNDEFINED, 228 TPM_UNDEFINED, 229 TPM_UNDEFINED, 230 TPM_LONG, /* 170 */ 231 TPM_UNDEFINED, 232 TPM_UNDEFINED, 233 TPM_UNDEFINED, 234 TPM_UNDEFINED, 235 TPM_UNDEFINED, /* 175 */ 236 TPM_UNDEFINED, 237 TPM_UNDEFINED, 238 TPM_UNDEFINED, 239 TPM_UNDEFINED, 240 TPM_MEDIUM, /* 180 */ 241 TPM_SHORT, 242 TPM_MEDIUM, 243 TPM_MEDIUM, 244 TPM_MEDIUM, 245 TPM_MEDIUM, /* 185 */ 246 TPM_SHORT, 247 TPM_UNDEFINED, 248 TPM_UNDEFINED, 249 TPM_UNDEFINED, 250 TPM_UNDEFINED, /* 190 */ 251 TPM_UNDEFINED, 252 TPM_UNDEFINED, 253 TPM_UNDEFINED, 254 TPM_UNDEFINED, 255 TPM_UNDEFINED, /* 195 */ 256 TPM_UNDEFINED, 257 TPM_UNDEFINED, 258 TPM_UNDEFINED, 259 TPM_UNDEFINED, 260 TPM_SHORT, /* 200 */ 261 TPM_UNDEFINED, 262 TPM_UNDEFINED, 263 TPM_UNDEFINED, 264 TPM_SHORT, 265 TPM_SHORT, /* 205 */ 266 TPM_SHORT, 267 TPM_SHORT, 268 TPM_SHORT, 269 TPM_SHORT, 270 TPM_MEDIUM, /* 210 */ 271 TPM_UNDEFINED, 272 TPM_MEDIUM, 273 TPM_MEDIUM, 274 TPM_MEDIUM, 275 TPM_UNDEFINED, /* 215 */ 276 TPM_MEDIUM, 277 TPM_UNDEFINED, 278 TPM_UNDEFINED, 279 TPM_SHORT, 280 TPM_SHORT, /* 220 */ 281 TPM_SHORT, 282 TPM_SHORT, 283 TPM_SHORT, 284 TPM_SHORT, 285 TPM_UNDEFINED, /* 225 */ 286 TPM_UNDEFINED, 287 TPM_UNDEFINED, 288 TPM_UNDEFINED, 289 TPM_UNDEFINED, 290 TPM_SHORT, /* 230 */ 291 TPM_LONG, 292 TPM_MEDIUM, 293 TPM_UNDEFINED, 294 TPM_UNDEFINED, 295 TPM_UNDEFINED, /* 235 */ 296 TPM_UNDEFINED, 297 TPM_UNDEFINED, 298 TPM_UNDEFINED, 299 TPM_UNDEFINED, 300 TPM_SHORT, /* 240 */ 301 TPM_UNDEFINED, 302 TPM_MEDIUM, 303 }; 304 305 /* 306 * Returns max number of jiffies to wait 307 */ 308 unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, 309 u32 ordinal) 310 { 311 int duration_idx = TPM_UNDEFINED; 312 int duration = 0; 313 314 /* 315 * We only have a duration table for protected commands, where the upper 316 * 16 bits are 0. For the few other ordinals the fallback will be used. 317 */ 318 if (ordinal < TPM_MAX_ORDINAL) 319 duration_idx = tpm_ordinal_duration[ordinal]; 320 321 if (duration_idx != TPM_UNDEFINED) 322 duration = chip->duration[duration_idx]; 323 if (duration <= 0) 324 return 2 * 60 * HZ; 325 else 326 return duration; 327 } 328 EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration); 329 330 /* 331 * Internal kernel interface to transmit TPM commands 332 */ 333 ssize_t tpm_transmit(struct tpm_chip *chip, const u8 *buf, size_t bufsiz, 334 unsigned int flags) 335 { 336 ssize_t rc; 337 u32 count, ordinal; 338 unsigned long stop; 339 340 if (bufsiz < TPM_HEADER_SIZE) 341 return -EINVAL; 342 343 if (bufsiz > TPM_BUFSIZE) 344 bufsiz = TPM_BUFSIZE; 345 346 count = be32_to_cpu(*((__be32 *) (buf + 2))); 347 ordinal = be32_to_cpu(*((__be32 *) (buf + 6))); 348 if (count == 0) 349 return -ENODATA; 350 if (count > bufsiz) { 351 dev_err(&chip->dev, 352 "invalid count value %x %zx\n", count, bufsiz); 353 return -E2BIG; 354 } 355 356 if (!(flags & TPM_TRANSMIT_UNLOCKED)) 357 mutex_lock(&chip->tpm_mutex); 358 359 rc = chip->ops->send(chip, (u8 *) buf, count); 360 if (rc < 0) { 361 dev_err(&chip->dev, 362 "tpm_transmit: tpm_send: error %zd\n", rc); 363 goto out; 364 } 365 366 if (chip->flags & TPM_CHIP_FLAG_IRQ) 367 goto out_recv; 368 369 if (chip->flags & TPM_CHIP_FLAG_TPM2) 370 stop = jiffies + tpm2_calc_ordinal_duration(chip, ordinal); 371 else 372 stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal); 373 do { 374 u8 status = chip->ops->status(chip); 375 if ((status & chip->ops->req_complete_mask) == 376 chip->ops->req_complete_val) 377 goto out_recv; 378 379 if (chip->ops->req_canceled(chip, status)) { 380 dev_err(&chip->dev, "Operation Canceled\n"); 381 rc = -ECANCELED; 382 goto out; 383 } 384 385 msleep(TPM_TIMEOUT); /* CHECK */ 386 rmb(); 387 } while (time_before(jiffies, stop)); 388 389 chip->ops->cancel(chip); 390 dev_err(&chip->dev, "Operation Timed out\n"); 391 rc = -ETIME; 392 goto out; 393 394 out_recv: 395 rc = chip->ops->recv(chip, (u8 *) buf, bufsiz); 396 if (rc < 0) 397 dev_err(&chip->dev, 398 "tpm_transmit: tpm_recv: error %zd\n", rc); 399 out: 400 if (!(flags & TPM_TRANSMIT_UNLOCKED)) 401 mutex_unlock(&chip->tpm_mutex); 402 return rc; 403 } 404 405 #define TPM_DIGEST_SIZE 20 406 #define TPM_RET_CODE_IDX 6 407 408 ssize_t tpm_transmit_cmd(struct tpm_chip *chip, const void *cmd, 409 int len, unsigned int flags, const char *desc) 410 { 411 const struct tpm_output_header *header; 412 int err; 413 414 len = tpm_transmit(chip, (const u8 *)cmd, len, flags); 415 if (len < 0) 416 return len; 417 else if (len < TPM_HEADER_SIZE) 418 return -EFAULT; 419 420 header = cmd; 421 422 err = be32_to_cpu(header->return_code); 423 if (err != 0 && desc) 424 dev_err(&chip->dev, "A TPM error (%d) occurred %s\n", err, 425 desc); 426 427 return err; 428 } 429 430 #define TPM_INTERNAL_RESULT_SIZE 200 431 #define TPM_ORD_GET_CAP cpu_to_be32(101) 432 #define TPM_ORD_GET_RANDOM cpu_to_be32(70) 433 434 static const struct tpm_input_header tpm_getcap_header = { 435 .tag = TPM_TAG_RQU_COMMAND, 436 .length = cpu_to_be32(22), 437 .ordinal = TPM_ORD_GET_CAP 438 }; 439 440 ssize_t tpm_getcap(struct tpm_chip *chip, __be32 subcap_id, cap_t *cap, 441 const char *desc) 442 { 443 struct tpm_cmd_t tpm_cmd; 444 int rc; 445 446 tpm_cmd.header.in = tpm_getcap_header; 447 if (subcap_id == CAP_VERSION_1_1 || subcap_id == CAP_VERSION_1_2) { 448 tpm_cmd.params.getcap_in.cap = subcap_id; 449 /*subcap field not necessary */ 450 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(0); 451 tpm_cmd.header.in.length -= cpu_to_be32(sizeof(__be32)); 452 } else { 453 if (subcap_id == TPM_CAP_FLAG_PERM || 454 subcap_id == TPM_CAP_FLAG_VOL) 455 tpm_cmd.params.getcap_in.cap = TPM_CAP_FLAG; 456 else 457 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP; 458 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4); 459 tpm_cmd.params.getcap_in.subcap = subcap_id; 460 } 461 rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, 0, 462 desc); 463 if (!rc) 464 *cap = tpm_cmd.params.getcap_out.cap; 465 return rc; 466 } 467 EXPORT_SYMBOL_GPL(tpm_getcap); 468 469 #define TPM_ORD_STARTUP cpu_to_be32(153) 470 #define TPM_ST_CLEAR cpu_to_be16(1) 471 #define TPM_ST_STATE cpu_to_be16(2) 472 #define TPM_ST_DEACTIVATED cpu_to_be16(3) 473 static const struct tpm_input_header tpm_startup_header = { 474 .tag = TPM_TAG_RQU_COMMAND, 475 .length = cpu_to_be32(12), 476 .ordinal = TPM_ORD_STARTUP 477 }; 478 479 static int tpm_startup(struct tpm_chip *chip, __be16 startup_type) 480 { 481 struct tpm_cmd_t start_cmd; 482 start_cmd.header.in = tpm_startup_header; 483 484 start_cmd.params.startup_in.startup_type = startup_type; 485 return tpm_transmit_cmd(chip, &start_cmd, TPM_INTERNAL_RESULT_SIZE, 0, 486 "attempting to start the TPM"); 487 } 488 489 int tpm_get_timeouts(struct tpm_chip *chip) 490 { 491 struct tpm_cmd_t tpm_cmd; 492 unsigned long new_timeout[4]; 493 unsigned long old_timeout[4]; 494 struct duration_t *duration_cap; 495 ssize_t rc; 496 497 if (chip->flags & TPM_CHIP_FLAG_TPM2) { 498 /* Fixed timeouts for TPM2 */ 499 chip->timeout_a = msecs_to_jiffies(TPM2_TIMEOUT_A); 500 chip->timeout_b = msecs_to_jiffies(TPM2_TIMEOUT_B); 501 chip->timeout_c = msecs_to_jiffies(TPM2_TIMEOUT_C); 502 chip->timeout_d = msecs_to_jiffies(TPM2_TIMEOUT_D); 503 chip->duration[TPM_SHORT] = 504 msecs_to_jiffies(TPM2_DURATION_SHORT); 505 chip->duration[TPM_MEDIUM] = 506 msecs_to_jiffies(TPM2_DURATION_MEDIUM); 507 chip->duration[TPM_LONG] = 508 msecs_to_jiffies(TPM2_DURATION_LONG); 509 return 0; 510 } 511 512 tpm_cmd.header.in = tpm_getcap_header; 513 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP; 514 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4); 515 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT; 516 rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, 0, 517 NULL); 518 519 if (rc == TPM_ERR_INVALID_POSTINIT) { 520 /* The TPM is not started, we are the first to talk to it. 521 Execute a startup command. */ 522 dev_info(&chip->dev, "Issuing TPM_STARTUP"); 523 if (tpm_startup(chip, TPM_ST_CLEAR)) 524 return rc; 525 526 tpm_cmd.header.in = tpm_getcap_header; 527 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP; 528 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4); 529 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT; 530 rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, 531 0, NULL); 532 } 533 if (rc) { 534 dev_err(&chip->dev, 535 "A TPM error (%zd) occurred attempting to determine the timeouts\n", 536 rc); 537 goto duration; 538 } 539 540 if (be32_to_cpu(tpm_cmd.header.out.return_code) != 0 || 541 be32_to_cpu(tpm_cmd.header.out.length) 542 != sizeof(tpm_cmd.header.out) + sizeof(u32) + 4 * sizeof(u32)) 543 return -EINVAL; 544 545 old_timeout[0] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.a); 546 old_timeout[1] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.b); 547 old_timeout[2] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.c); 548 old_timeout[3] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.d); 549 memcpy(new_timeout, old_timeout, sizeof(new_timeout)); 550 551 /* 552 * Provide ability for vendor overrides of timeout values in case 553 * of misreporting. 554 */ 555 if (chip->ops->update_timeouts != NULL) 556 chip->timeout_adjusted = 557 chip->ops->update_timeouts(chip, new_timeout); 558 559 if (!chip->timeout_adjusted) { 560 /* Don't overwrite default if value is 0 */ 561 if (new_timeout[0] != 0 && new_timeout[0] < 1000) { 562 int i; 563 564 /* timeouts in msec rather usec */ 565 for (i = 0; i != ARRAY_SIZE(new_timeout); i++) 566 new_timeout[i] *= 1000; 567 chip->timeout_adjusted = true; 568 } 569 } 570 571 /* Report adjusted timeouts */ 572 if (chip->timeout_adjusted) { 573 dev_info(&chip->dev, 574 HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n", 575 old_timeout[0], new_timeout[0], 576 old_timeout[1], new_timeout[1], 577 old_timeout[2], new_timeout[2], 578 old_timeout[3], new_timeout[3]); 579 } 580 581 chip->timeout_a = usecs_to_jiffies(new_timeout[0]); 582 chip->timeout_b = usecs_to_jiffies(new_timeout[1]); 583 chip->timeout_c = usecs_to_jiffies(new_timeout[2]); 584 chip->timeout_d = usecs_to_jiffies(new_timeout[3]); 585 586 duration: 587 tpm_cmd.header.in = tpm_getcap_header; 588 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP; 589 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4); 590 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_DURATION; 591 592 rc = tpm_transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, 0, 593 "attempting to determine the durations"); 594 if (rc) 595 return rc; 596 597 if (be32_to_cpu(tpm_cmd.header.out.return_code) != 0 || 598 be32_to_cpu(tpm_cmd.header.out.length) 599 != sizeof(tpm_cmd.header.out) + sizeof(u32) + 3 * sizeof(u32)) 600 return -EINVAL; 601 602 duration_cap = &tpm_cmd.params.getcap_out.cap.duration; 603 chip->duration[TPM_SHORT] = 604 usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_short)); 605 chip->duration[TPM_MEDIUM] = 606 usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_medium)); 607 chip->duration[TPM_LONG] = 608 usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_long)); 609 610 /* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above 611 * value wrong and apparently reports msecs rather than usecs. So we 612 * fix up the resulting too-small TPM_SHORT value to make things work. 613 * We also scale the TPM_MEDIUM and -_LONG values by 1000. 614 */ 615 if (chip->duration[TPM_SHORT] < (HZ / 100)) { 616 chip->duration[TPM_SHORT] = HZ; 617 chip->duration[TPM_MEDIUM] *= 1000; 618 chip->duration[TPM_LONG] *= 1000; 619 chip->duration_adjusted = true; 620 dev_info(&chip->dev, "Adjusting TPM timeout parameters."); 621 } 622 return 0; 623 } 624 EXPORT_SYMBOL_GPL(tpm_get_timeouts); 625 626 #define TPM_ORD_CONTINUE_SELFTEST 83 627 #define CONTINUE_SELFTEST_RESULT_SIZE 10 628 629 static const struct tpm_input_header continue_selftest_header = { 630 .tag = TPM_TAG_RQU_COMMAND, 631 .length = cpu_to_be32(10), 632 .ordinal = cpu_to_be32(TPM_ORD_CONTINUE_SELFTEST), 633 }; 634 635 /** 636 * tpm_continue_selftest -- run TPM's selftest 637 * @chip: TPM chip to use 638 * 639 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing 640 * a TPM error code. 641 */ 642 static int tpm_continue_selftest(struct tpm_chip *chip) 643 { 644 int rc; 645 struct tpm_cmd_t cmd; 646 647 cmd.header.in = continue_selftest_header; 648 rc = tpm_transmit_cmd(chip, &cmd, CONTINUE_SELFTEST_RESULT_SIZE, 0, 649 "continue selftest"); 650 return rc; 651 } 652 653 #define TPM_ORDINAL_PCRREAD cpu_to_be32(21) 654 #define READ_PCR_RESULT_SIZE 30 655 static const struct tpm_input_header pcrread_header = { 656 .tag = TPM_TAG_RQU_COMMAND, 657 .length = cpu_to_be32(14), 658 .ordinal = TPM_ORDINAL_PCRREAD 659 }; 660 661 int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) 662 { 663 int rc; 664 struct tpm_cmd_t cmd; 665 666 cmd.header.in = pcrread_header; 667 cmd.params.pcrread_in.pcr_idx = cpu_to_be32(pcr_idx); 668 rc = tpm_transmit_cmd(chip, &cmd, READ_PCR_RESULT_SIZE, 0, 669 "attempting to read a pcr value"); 670 671 if (rc == 0) 672 memcpy(res_buf, cmd.params.pcrread_out.pcr_result, 673 TPM_DIGEST_SIZE); 674 return rc; 675 } 676 677 /** 678 * tpm_is_tpm2 - is the chip a TPM2 chip? 679 * @chip_num: tpm idx # or ANY 680 * 681 * Returns < 0 on error, and 1 or 0 on success depending whether the chip 682 * is a TPM2 chip. 683 */ 684 int tpm_is_tpm2(u32 chip_num) 685 { 686 struct tpm_chip *chip; 687 int rc; 688 689 chip = tpm_chip_find_get(chip_num); 690 if (chip == NULL) 691 return -ENODEV; 692 693 rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0; 694 695 tpm_put_ops(chip); 696 697 return rc; 698 } 699 EXPORT_SYMBOL_GPL(tpm_is_tpm2); 700 701 /** 702 * tpm_pcr_read - read a pcr value 703 * @chip_num: tpm idx # or ANY 704 * @pcr_idx: pcr idx to retrieve 705 * @res_buf: TPM_PCR value 706 * size of res_buf is 20 bytes (or NULL if you don't care) 707 * 708 * The TPM driver should be built-in, but for whatever reason it 709 * isn't, protect against the chip disappearing, by incrementing 710 * the module usage count. 711 */ 712 int tpm_pcr_read(u32 chip_num, int pcr_idx, u8 *res_buf) 713 { 714 struct tpm_chip *chip; 715 int rc; 716 717 chip = tpm_chip_find_get(chip_num); 718 if (chip == NULL) 719 return -ENODEV; 720 if (chip->flags & TPM_CHIP_FLAG_TPM2) 721 rc = tpm2_pcr_read(chip, pcr_idx, res_buf); 722 else 723 rc = tpm_pcr_read_dev(chip, pcr_idx, res_buf); 724 tpm_put_ops(chip); 725 return rc; 726 } 727 EXPORT_SYMBOL_GPL(tpm_pcr_read); 728 729 /** 730 * tpm_pcr_extend - extend pcr value with hash 731 * @chip_num: tpm idx # or AN& 732 * @pcr_idx: pcr idx to extend 733 * @hash: hash value used to extend pcr value 734 * 735 * The TPM driver should be built-in, but for whatever reason it 736 * isn't, protect against the chip disappearing, by incrementing 737 * the module usage count. 738 */ 739 #define TPM_ORD_PCR_EXTEND cpu_to_be32(20) 740 #define EXTEND_PCR_RESULT_SIZE 34 741 static const struct tpm_input_header pcrextend_header = { 742 .tag = TPM_TAG_RQU_COMMAND, 743 .length = cpu_to_be32(34), 744 .ordinal = TPM_ORD_PCR_EXTEND 745 }; 746 747 int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash) 748 { 749 struct tpm_cmd_t cmd; 750 int rc; 751 struct tpm_chip *chip; 752 753 chip = tpm_chip_find_get(chip_num); 754 if (chip == NULL) 755 return -ENODEV; 756 757 if (chip->flags & TPM_CHIP_FLAG_TPM2) { 758 rc = tpm2_pcr_extend(chip, pcr_idx, hash); 759 tpm_put_ops(chip); 760 return rc; 761 } 762 763 cmd.header.in = pcrextend_header; 764 cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx); 765 memcpy(cmd.params.pcrextend_in.hash, hash, TPM_DIGEST_SIZE); 766 rc = tpm_transmit_cmd(chip, &cmd, EXTEND_PCR_RESULT_SIZE, 0, 767 "attempting extend a PCR value"); 768 769 tpm_put_ops(chip); 770 return rc; 771 } 772 EXPORT_SYMBOL_GPL(tpm_pcr_extend); 773 774 /** 775 * tpm_do_selftest - have the TPM continue its selftest and wait until it 776 * can receive further commands 777 * @chip: TPM chip to use 778 * 779 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing 780 * a TPM error code. 781 */ 782 int tpm_do_selftest(struct tpm_chip *chip) 783 { 784 int rc; 785 unsigned int loops; 786 unsigned int delay_msec = 100; 787 unsigned long duration; 788 u8 dummy[TPM_DIGEST_SIZE]; 789 790 duration = tpm_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST); 791 792 loops = jiffies_to_msecs(duration) / delay_msec; 793 794 rc = tpm_continue_selftest(chip); 795 /* This may fail if there was no TPM driver during a suspend/resume 796 * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST) 797 */ 798 if (rc) 799 return rc; 800 801 do { 802 /* Attempt to read a PCR value */ 803 rc = tpm_pcr_read_dev(chip, 0, dummy); 804 805 /* Some buggy TPMs will not respond to tpm_tis_ready() for 806 * around 300ms while the self test is ongoing, keep trying 807 * until the self test duration expires. */ 808 if (rc == -ETIME) { 809 dev_info( 810 &chip->dev, HW_ERR 811 "TPM command timed out during continue self test"); 812 msleep(delay_msec); 813 continue; 814 } 815 816 if (rc < TPM_HEADER_SIZE) 817 return -EFAULT; 818 819 if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) { 820 dev_info(&chip->dev, 821 "TPM is disabled/deactivated (0x%X)\n", rc); 822 /* TPM is disabled and/or deactivated; driver can 823 * proceed and TPM does handle commands for 824 * suspend/resume correctly 825 */ 826 return 0; 827 } 828 if (rc != TPM_WARN_DOING_SELFTEST) 829 return rc; 830 msleep(delay_msec); 831 } while (--loops > 0); 832 833 return rc; 834 } 835 EXPORT_SYMBOL_GPL(tpm_do_selftest); 836 837 /** 838 * tpm1_auto_startup - Perform the standard automatic TPM initialization 839 * sequence 840 * @chip: TPM chip to use 841 * 842 * Returns 0 on success, < 0 in case of fatal error. 843 */ 844 int tpm1_auto_startup(struct tpm_chip *chip) 845 { 846 int rc; 847 848 rc = tpm_get_timeouts(chip); 849 if (rc) 850 goto out; 851 rc = tpm_do_selftest(chip); 852 if (rc) { 853 dev_err(&chip->dev, "TPM self test failed\n"); 854 goto out; 855 } 856 857 return rc; 858 out: 859 if (rc > 0) 860 rc = -ENODEV; 861 return rc; 862 } 863 864 int tpm_send(u32 chip_num, void *cmd, size_t buflen) 865 { 866 struct tpm_chip *chip; 867 int rc; 868 869 chip = tpm_chip_find_get(chip_num); 870 if (chip == NULL) 871 return -ENODEV; 872 873 rc = tpm_transmit_cmd(chip, cmd, buflen, 0, "attempting tpm_cmd"); 874 875 tpm_put_ops(chip); 876 return rc; 877 } 878 EXPORT_SYMBOL_GPL(tpm_send); 879 880 static bool wait_for_tpm_stat_cond(struct tpm_chip *chip, u8 mask, 881 bool check_cancel, bool *canceled) 882 { 883 u8 status = chip->ops->status(chip); 884 885 *canceled = false; 886 if ((status & mask) == mask) 887 return true; 888 if (check_cancel && chip->ops->req_canceled(chip, status)) { 889 *canceled = true; 890 return true; 891 } 892 return false; 893 } 894 895 int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout, 896 wait_queue_head_t *queue, bool check_cancel) 897 { 898 unsigned long stop; 899 long rc; 900 u8 status; 901 bool canceled = false; 902 903 /* check current status */ 904 status = chip->ops->status(chip); 905 if ((status & mask) == mask) 906 return 0; 907 908 stop = jiffies + timeout; 909 910 if (chip->flags & TPM_CHIP_FLAG_IRQ) { 911 again: 912 timeout = stop - jiffies; 913 if ((long)timeout <= 0) 914 return -ETIME; 915 rc = wait_event_interruptible_timeout(*queue, 916 wait_for_tpm_stat_cond(chip, mask, check_cancel, 917 &canceled), 918 timeout); 919 if (rc > 0) { 920 if (canceled) 921 return -ECANCELED; 922 return 0; 923 } 924 if (rc == -ERESTARTSYS && freezing(current)) { 925 clear_thread_flag(TIF_SIGPENDING); 926 goto again; 927 } 928 } else { 929 do { 930 msleep(TPM_TIMEOUT); 931 status = chip->ops->status(chip); 932 if ((status & mask) == mask) 933 return 0; 934 } while (time_before(jiffies, stop)); 935 } 936 return -ETIME; 937 } 938 EXPORT_SYMBOL_GPL(wait_for_tpm_stat); 939 940 #define TPM_ORD_SAVESTATE cpu_to_be32(152) 941 #define SAVESTATE_RESULT_SIZE 10 942 943 static const struct tpm_input_header savestate_header = { 944 .tag = TPM_TAG_RQU_COMMAND, 945 .length = cpu_to_be32(10), 946 .ordinal = TPM_ORD_SAVESTATE 947 }; 948 949 /* 950 * We are about to suspend. Save the TPM state 951 * so that it can be restored. 952 */ 953 int tpm_pm_suspend(struct device *dev) 954 { 955 struct tpm_chip *chip = dev_get_drvdata(dev); 956 struct tpm_cmd_t cmd; 957 int rc, try; 958 959 u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 }; 960 961 if (chip == NULL) 962 return -ENODEV; 963 964 if (chip->flags & TPM_CHIP_FLAG_TPM2) { 965 tpm2_shutdown(chip, TPM2_SU_STATE); 966 return 0; 967 } 968 969 /* for buggy tpm, flush pcrs with extend to selected dummy */ 970 if (tpm_suspend_pcr) { 971 cmd.header.in = pcrextend_header; 972 cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(tpm_suspend_pcr); 973 memcpy(cmd.params.pcrextend_in.hash, dummy_hash, 974 TPM_DIGEST_SIZE); 975 rc = tpm_transmit_cmd(chip, &cmd, EXTEND_PCR_RESULT_SIZE, 0, 976 "extending dummy pcr before suspend"); 977 } 978 979 /* now do the actual savestate */ 980 for (try = 0; try < TPM_RETRY; try++) { 981 cmd.header.in = savestate_header; 982 rc = tpm_transmit_cmd(chip, &cmd, SAVESTATE_RESULT_SIZE, 0, 983 NULL); 984 985 /* 986 * If the TPM indicates that it is too busy to respond to 987 * this command then retry before giving up. It can take 988 * several seconds for this TPM to be ready. 989 * 990 * This can happen if the TPM has already been sent the 991 * SaveState command before the driver has loaded. TCG 1.2 992 * specification states that any communication after SaveState 993 * may cause the TPM to invalidate previously saved state. 994 */ 995 if (rc != TPM_WARN_RETRY) 996 break; 997 msleep(TPM_TIMEOUT_RETRY); 998 } 999 1000 if (rc) 1001 dev_err(&chip->dev, 1002 "Error (%d) sending savestate before suspend\n", rc); 1003 else if (try > 0) 1004 dev_warn(&chip->dev, "TPM savestate took %dms\n", 1005 try * TPM_TIMEOUT_RETRY); 1006 1007 return rc; 1008 } 1009 EXPORT_SYMBOL_GPL(tpm_pm_suspend); 1010 1011 /* 1012 * Resume from a power safe. The BIOS already restored 1013 * the TPM state. 1014 */ 1015 int tpm_pm_resume(struct device *dev) 1016 { 1017 struct tpm_chip *chip = dev_get_drvdata(dev); 1018 1019 if (chip == NULL) 1020 return -ENODEV; 1021 1022 return 0; 1023 } 1024 EXPORT_SYMBOL_GPL(tpm_pm_resume); 1025 1026 #define TPM_GETRANDOM_RESULT_SIZE 18 1027 static const struct tpm_input_header tpm_getrandom_header = { 1028 .tag = TPM_TAG_RQU_COMMAND, 1029 .length = cpu_to_be32(14), 1030 .ordinal = TPM_ORD_GET_RANDOM 1031 }; 1032 1033 /** 1034 * tpm_get_random() - Get random bytes from the tpm's RNG 1035 * @chip_num: A specific chip number for the request or TPM_ANY_NUM 1036 * @out: destination buffer for the random bytes 1037 * @max: the max number of bytes to write to @out 1038 * 1039 * Returns < 0 on error and the number of bytes read on success 1040 */ 1041 int tpm_get_random(u32 chip_num, u8 *out, size_t max) 1042 { 1043 struct tpm_chip *chip; 1044 struct tpm_cmd_t tpm_cmd; 1045 u32 recd, num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA); 1046 int err, total = 0, retries = 5; 1047 u8 *dest = out; 1048 1049 if (!out || !num_bytes || max > TPM_MAX_RNG_DATA) 1050 return -EINVAL; 1051 1052 chip = tpm_chip_find_get(chip_num); 1053 if (chip == NULL) 1054 return -ENODEV; 1055 1056 if (chip->flags & TPM_CHIP_FLAG_TPM2) { 1057 err = tpm2_get_random(chip, out, max); 1058 tpm_put_ops(chip); 1059 return err; 1060 } 1061 1062 do { 1063 tpm_cmd.header.in = tpm_getrandom_header; 1064 tpm_cmd.params.getrandom_in.num_bytes = cpu_to_be32(num_bytes); 1065 1066 err = tpm_transmit_cmd(chip, &tpm_cmd, 1067 TPM_GETRANDOM_RESULT_SIZE + num_bytes, 1068 0, "attempting get random"); 1069 if (err) 1070 break; 1071 1072 recd = be32_to_cpu(tpm_cmd.params.getrandom_out.rng_data_len); 1073 memcpy(dest, tpm_cmd.params.getrandom_out.rng_data, recd); 1074 1075 dest += recd; 1076 total += recd; 1077 num_bytes -= recd; 1078 } while (retries-- && total < max); 1079 1080 tpm_put_ops(chip); 1081 return total ? total : -EIO; 1082 } 1083 EXPORT_SYMBOL_GPL(tpm_get_random); 1084 1085 /** 1086 * tpm_seal_trusted() - seal a trusted key 1087 * @chip_num: A specific chip number for the request or TPM_ANY_NUM 1088 * @options: authentication values and other options 1089 * @payload: the key data in clear and encrypted form 1090 * 1091 * Returns < 0 on error and 0 on success. At the moment, only TPM 2.0 chips 1092 * are supported. 1093 */ 1094 int tpm_seal_trusted(u32 chip_num, struct trusted_key_payload *payload, 1095 struct trusted_key_options *options) 1096 { 1097 struct tpm_chip *chip; 1098 int rc; 1099 1100 chip = tpm_chip_find_get(chip_num); 1101 if (chip == NULL || !(chip->flags & TPM_CHIP_FLAG_TPM2)) 1102 return -ENODEV; 1103 1104 rc = tpm2_seal_trusted(chip, payload, options); 1105 1106 tpm_put_ops(chip); 1107 return rc; 1108 } 1109 EXPORT_SYMBOL_GPL(tpm_seal_trusted); 1110 1111 /** 1112 * tpm_unseal_trusted() - unseal a trusted key 1113 * @chip_num: A specific chip number for the request or TPM_ANY_NUM 1114 * @options: authentication values and other options 1115 * @payload: the key data in clear and encrypted form 1116 * 1117 * Returns < 0 on error and 0 on success. At the moment, only TPM 2.0 chips 1118 * are supported. 1119 */ 1120 int tpm_unseal_trusted(u32 chip_num, struct trusted_key_payload *payload, 1121 struct trusted_key_options *options) 1122 { 1123 struct tpm_chip *chip; 1124 int rc; 1125 1126 chip = tpm_chip_find_get(chip_num); 1127 if (chip == NULL || !(chip->flags & TPM_CHIP_FLAG_TPM2)) 1128 return -ENODEV; 1129 1130 rc = tpm2_unseal_trusted(chip, payload, options); 1131 1132 tpm_put_ops(chip); 1133 1134 return rc; 1135 } 1136 EXPORT_SYMBOL_GPL(tpm_unseal_trusted); 1137 1138 static int __init tpm_init(void) 1139 { 1140 int rc; 1141 1142 tpm_class = class_create(THIS_MODULE, "tpm"); 1143 if (IS_ERR(tpm_class)) { 1144 pr_err("couldn't create tpm class\n"); 1145 return PTR_ERR(tpm_class); 1146 } 1147 1148 rc = alloc_chrdev_region(&tpm_devt, 0, TPM_NUM_DEVICES, "tpm"); 1149 if (rc < 0) { 1150 pr_err("tpm: failed to allocate char dev region\n"); 1151 class_destroy(tpm_class); 1152 return rc; 1153 } 1154 1155 return 0; 1156 } 1157 1158 static void __exit tpm_exit(void) 1159 { 1160 idr_destroy(&dev_nums_idr); 1161 class_destroy(tpm_class); 1162 unregister_chrdev_region(tpm_devt, TPM_NUM_DEVICES); 1163 } 1164 1165 subsys_initcall(tpm_init); 1166 module_exit(tpm_exit); 1167 1168 MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)"); 1169 MODULE_DESCRIPTION("TPM Driver"); 1170 MODULE_VERSION("2.0"); 1171 MODULE_LICENSE("GPL"); 1172