1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (C) 2004 IBM Corporation 4 * Copyright (C) 2014 Intel Corporation 5 * 6 * Authors: 7 * Leendert van Doorn <leendert@watson.ibm.com> 8 * Dave Safford <safford@watson.ibm.com> 9 * Reiner Sailer <sailer@watson.ibm.com> 10 * Kylene Hall <kjhall@us.ibm.com> 11 * 12 * Device driver for TCG/TCPA TPM (trusted platform module). 13 * Specifications at www.trustedcomputinggroup.org 14 */ 15 16 #include <linux/poll.h> 17 #include <linux/slab.h> 18 #include <linux/mutex.h> 19 #include <linux/spinlock.h> 20 #include <linux/freezer.h> 21 #include <linux/tpm_eventlog.h> 22 23 #include "tpm.h" 24 25 #define TPM_MAX_ORDINAL 243 26 27 /* 28 * Array with one entry per ordinal defining the maximum amount 29 * of time the chip could take to return the result. The ordinal 30 * designation of short, medium or long is defined in a table in 31 * TCG Specification TPM Main Part 2 TPM Structures Section 17. The 32 * values of the SHORT, MEDIUM, and LONG durations are retrieved 33 * from the chip during initialization with a call to tpm_get_timeouts. 34 */ 35 static const u8 tpm1_ordinal_duration[TPM_MAX_ORDINAL] = { 36 TPM_UNDEFINED, /* 0 */ 37 TPM_UNDEFINED, 38 TPM_UNDEFINED, 39 TPM_UNDEFINED, 40 TPM_UNDEFINED, 41 TPM_UNDEFINED, /* 5 */ 42 TPM_UNDEFINED, 43 TPM_UNDEFINED, 44 TPM_UNDEFINED, 45 TPM_UNDEFINED, 46 TPM_SHORT, /* 10 */ 47 TPM_SHORT, 48 TPM_MEDIUM, 49 TPM_LONG, 50 TPM_LONG, 51 TPM_MEDIUM, /* 15 */ 52 TPM_SHORT, 53 TPM_SHORT, 54 TPM_MEDIUM, 55 TPM_LONG, 56 TPM_SHORT, /* 20 */ 57 TPM_SHORT, 58 TPM_MEDIUM, 59 TPM_MEDIUM, 60 TPM_MEDIUM, 61 TPM_SHORT, /* 25 */ 62 TPM_SHORT, 63 TPM_MEDIUM, 64 TPM_SHORT, 65 TPM_SHORT, 66 TPM_MEDIUM, /* 30 */ 67 TPM_LONG, 68 TPM_MEDIUM, 69 TPM_SHORT, 70 TPM_SHORT, 71 TPM_SHORT, /* 35 */ 72 TPM_MEDIUM, 73 TPM_MEDIUM, 74 TPM_UNDEFINED, 75 TPM_UNDEFINED, 76 TPM_MEDIUM, /* 40 */ 77 TPM_LONG, 78 TPM_MEDIUM, 79 TPM_SHORT, 80 TPM_SHORT, 81 TPM_SHORT, /* 45 */ 82 TPM_SHORT, 83 TPM_SHORT, 84 TPM_SHORT, 85 TPM_LONG, 86 TPM_MEDIUM, /* 50 */ 87 TPM_MEDIUM, 88 TPM_UNDEFINED, 89 TPM_UNDEFINED, 90 TPM_UNDEFINED, 91 TPM_UNDEFINED, /* 55 */ 92 TPM_UNDEFINED, 93 TPM_UNDEFINED, 94 TPM_UNDEFINED, 95 TPM_UNDEFINED, 96 TPM_MEDIUM, /* 60 */ 97 TPM_MEDIUM, 98 TPM_MEDIUM, 99 TPM_SHORT, 100 TPM_SHORT, 101 TPM_MEDIUM, /* 65 */ 102 TPM_UNDEFINED, 103 TPM_UNDEFINED, 104 TPM_UNDEFINED, 105 TPM_UNDEFINED, 106 TPM_SHORT, /* 70 */ 107 TPM_SHORT, 108 TPM_UNDEFINED, 109 TPM_UNDEFINED, 110 TPM_UNDEFINED, 111 TPM_UNDEFINED, /* 75 */ 112 TPM_UNDEFINED, 113 TPM_UNDEFINED, 114 TPM_UNDEFINED, 115 TPM_UNDEFINED, 116 TPM_LONG, /* 80 */ 117 TPM_UNDEFINED, 118 TPM_MEDIUM, 119 TPM_LONG, 120 TPM_SHORT, 121 TPM_UNDEFINED, /* 85 */ 122 TPM_UNDEFINED, 123 TPM_UNDEFINED, 124 TPM_UNDEFINED, 125 TPM_UNDEFINED, 126 TPM_SHORT, /* 90 */ 127 TPM_SHORT, 128 TPM_SHORT, 129 TPM_SHORT, 130 TPM_SHORT, 131 TPM_UNDEFINED, /* 95 */ 132 TPM_UNDEFINED, 133 TPM_UNDEFINED, 134 TPM_UNDEFINED, 135 TPM_UNDEFINED, 136 TPM_MEDIUM, /* 100 */ 137 TPM_SHORT, 138 TPM_SHORT, 139 TPM_UNDEFINED, 140 TPM_UNDEFINED, 141 TPM_UNDEFINED, /* 105 */ 142 TPM_UNDEFINED, 143 TPM_UNDEFINED, 144 TPM_UNDEFINED, 145 TPM_UNDEFINED, 146 TPM_SHORT, /* 110 */ 147 TPM_SHORT, 148 TPM_SHORT, 149 TPM_SHORT, 150 TPM_SHORT, 151 TPM_SHORT, /* 115 */ 152 TPM_SHORT, 153 TPM_SHORT, 154 TPM_UNDEFINED, 155 TPM_UNDEFINED, 156 TPM_LONG, /* 120 */ 157 TPM_LONG, 158 TPM_MEDIUM, 159 TPM_UNDEFINED, 160 TPM_SHORT, 161 TPM_SHORT, /* 125 */ 162 TPM_SHORT, 163 TPM_LONG, 164 TPM_SHORT, 165 TPM_SHORT, 166 TPM_SHORT, /* 130 */ 167 TPM_MEDIUM, 168 TPM_UNDEFINED, 169 TPM_SHORT, 170 TPM_MEDIUM, 171 TPM_UNDEFINED, /* 135 */ 172 TPM_UNDEFINED, 173 TPM_UNDEFINED, 174 TPM_UNDEFINED, 175 TPM_UNDEFINED, 176 TPM_SHORT, /* 140 */ 177 TPM_SHORT, 178 TPM_UNDEFINED, 179 TPM_UNDEFINED, 180 TPM_UNDEFINED, 181 TPM_UNDEFINED, /* 145 */ 182 TPM_UNDEFINED, 183 TPM_UNDEFINED, 184 TPM_UNDEFINED, 185 TPM_UNDEFINED, 186 TPM_SHORT, /* 150 */ 187 TPM_MEDIUM, 188 TPM_MEDIUM, 189 TPM_SHORT, 190 TPM_SHORT, 191 TPM_UNDEFINED, /* 155 */ 192 TPM_UNDEFINED, 193 TPM_UNDEFINED, 194 TPM_UNDEFINED, 195 TPM_UNDEFINED, 196 TPM_SHORT, /* 160 */ 197 TPM_SHORT, 198 TPM_SHORT, 199 TPM_SHORT, 200 TPM_UNDEFINED, 201 TPM_UNDEFINED, /* 165 */ 202 TPM_UNDEFINED, 203 TPM_UNDEFINED, 204 TPM_UNDEFINED, 205 TPM_UNDEFINED, 206 TPM_LONG, /* 170 */ 207 TPM_UNDEFINED, 208 TPM_UNDEFINED, 209 TPM_UNDEFINED, 210 TPM_UNDEFINED, 211 TPM_UNDEFINED, /* 175 */ 212 TPM_UNDEFINED, 213 TPM_UNDEFINED, 214 TPM_UNDEFINED, 215 TPM_UNDEFINED, 216 TPM_MEDIUM, /* 180 */ 217 TPM_SHORT, 218 TPM_MEDIUM, 219 TPM_MEDIUM, 220 TPM_MEDIUM, 221 TPM_MEDIUM, /* 185 */ 222 TPM_SHORT, 223 TPM_UNDEFINED, 224 TPM_UNDEFINED, 225 TPM_UNDEFINED, 226 TPM_UNDEFINED, /* 190 */ 227 TPM_UNDEFINED, 228 TPM_UNDEFINED, 229 TPM_UNDEFINED, 230 TPM_UNDEFINED, 231 TPM_UNDEFINED, /* 195 */ 232 TPM_UNDEFINED, 233 TPM_UNDEFINED, 234 TPM_UNDEFINED, 235 TPM_UNDEFINED, 236 TPM_SHORT, /* 200 */ 237 TPM_UNDEFINED, 238 TPM_UNDEFINED, 239 TPM_UNDEFINED, 240 TPM_SHORT, 241 TPM_SHORT, /* 205 */ 242 TPM_SHORT, 243 TPM_SHORT, 244 TPM_SHORT, 245 TPM_SHORT, 246 TPM_MEDIUM, /* 210 */ 247 TPM_UNDEFINED, 248 TPM_MEDIUM, 249 TPM_MEDIUM, 250 TPM_MEDIUM, 251 TPM_UNDEFINED, /* 215 */ 252 TPM_MEDIUM, 253 TPM_UNDEFINED, 254 TPM_UNDEFINED, 255 TPM_SHORT, 256 TPM_SHORT, /* 220 */ 257 TPM_SHORT, 258 TPM_SHORT, 259 TPM_SHORT, 260 TPM_SHORT, 261 TPM_UNDEFINED, /* 225 */ 262 TPM_UNDEFINED, 263 TPM_UNDEFINED, 264 TPM_UNDEFINED, 265 TPM_UNDEFINED, 266 TPM_SHORT, /* 230 */ 267 TPM_LONG, 268 TPM_MEDIUM, 269 TPM_UNDEFINED, 270 TPM_UNDEFINED, 271 TPM_UNDEFINED, /* 235 */ 272 TPM_UNDEFINED, 273 TPM_UNDEFINED, 274 TPM_UNDEFINED, 275 TPM_UNDEFINED, 276 TPM_SHORT, /* 240 */ 277 TPM_UNDEFINED, 278 TPM_MEDIUM, 279 }; 280 281 /** 282 * tpm1_calc_ordinal_duration() - calculate the maximum command duration 283 * @chip: TPM chip to use. 284 * @ordinal: TPM command ordinal. 285 * 286 * The function returns the maximum amount of time the chip could take 287 * to return the result for a particular ordinal in jiffies. 288 * 289 * Return: A maximal duration time for an ordinal in jiffies. 290 */ 291 unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal) 292 { 293 int duration_idx = TPM_UNDEFINED; 294 int duration = 0; 295 296 /* 297 * We only have a duration table for protected commands, where the upper 298 * 16 bits are 0. For the few other ordinals the fallback will be used. 299 */ 300 if (ordinal < TPM_MAX_ORDINAL) 301 duration_idx = tpm1_ordinal_duration[ordinal]; 302 303 if (duration_idx != TPM_UNDEFINED) 304 duration = chip->duration[duration_idx]; 305 if (duration <= 0) 306 return 2 * 60 * HZ; 307 else 308 return duration; 309 } 310 311 #define TPM_ORD_STARTUP 153 312 #define TPM_ST_CLEAR 1 313 314 /** 315 * tpm_startup() - turn on the TPM 316 * @chip: TPM chip to use 317 * 318 * Normally the firmware should start the TPM. This function is provided as a 319 * workaround if this does not happen. A legal case for this could be for 320 * example when a TPM emulator is used. 321 * 322 * Return: same as tpm_transmit_cmd() 323 */ 324 static int tpm1_startup(struct tpm_chip *chip) 325 { 326 struct tpm_buf buf; 327 int rc; 328 329 dev_info(&chip->dev, "starting up the TPM manually\n"); 330 331 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_STARTUP); 332 if (rc < 0) 333 return rc; 334 335 tpm_buf_append_u16(&buf, TPM_ST_CLEAR); 336 337 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to start the TPM"); 338 tpm_buf_destroy(&buf); 339 return rc; 340 } 341 342 int tpm1_get_timeouts(struct tpm_chip *chip) 343 { 344 cap_t cap; 345 unsigned long timeout_old[4], timeout_chip[4], timeout_eff[4]; 346 ssize_t rc; 347 348 rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL, 349 sizeof(cap.timeout)); 350 if (rc == TPM_ERR_INVALID_POSTINIT) { 351 if (tpm1_startup(chip)) 352 return rc; 353 354 rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, 355 "attempting to determine the timeouts", 356 sizeof(cap.timeout)); 357 } 358 359 if (rc) { 360 dev_err(&chip->dev, "A TPM error (%zd) occurred attempting to determine the timeouts\n", 361 rc); 362 return rc; 363 } 364 365 timeout_old[0] = jiffies_to_usecs(chip->timeout_a); 366 timeout_old[1] = jiffies_to_usecs(chip->timeout_b); 367 timeout_old[2] = jiffies_to_usecs(chip->timeout_c); 368 timeout_old[3] = jiffies_to_usecs(chip->timeout_d); 369 timeout_chip[0] = be32_to_cpu(cap.timeout.a); 370 timeout_chip[1] = be32_to_cpu(cap.timeout.b); 371 timeout_chip[2] = be32_to_cpu(cap.timeout.c); 372 timeout_chip[3] = be32_to_cpu(cap.timeout.d); 373 memcpy(timeout_eff, timeout_chip, sizeof(timeout_eff)); 374 375 /* 376 * Provide ability for vendor overrides of timeout values in case 377 * of misreporting. 378 */ 379 if (chip->ops->update_timeouts) 380 chip->ops->update_timeouts(chip, timeout_eff); 381 382 if (!chip->timeout_adjusted) { 383 /* Restore default if chip reported 0 */ 384 unsigned int i; 385 386 for (i = 0; i < ARRAY_SIZE(timeout_eff); i++) { 387 if (timeout_eff[i]) 388 continue; 389 390 timeout_eff[i] = timeout_old[i]; 391 chip->timeout_adjusted = true; 392 } 393 394 if (timeout_eff[0] != 0 && timeout_eff[0] < 1000) { 395 /* timeouts in msec rather usec */ 396 for (i = 0; i != ARRAY_SIZE(timeout_eff); i++) 397 timeout_eff[i] *= 1000; 398 chip->timeout_adjusted = true; 399 } 400 } 401 402 /* Report adjusted timeouts */ 403 if (chip->timeout_adjusted) { 404 dev_info(&chip->dev, HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n", 405 timeout_chip[0], timeout_eff[0], 406 timeout_chip[1], timeout_eff[1], 407 timeout_chip[2], timeout_eff[2], 408 timeout_chip[3], timeout_eff[3]); 409 } 410 411 chip->timeout_a = usecs_to_jiffies(timeout_eff[0]); 412 chip->timeout_b = usecs_to_jiffies(timeout_eff[1]); 413 chip->timeout_c = usecs_to_jiffies(timeout_eff[2]); 414 chip->timeout_d = usecs_to_jiffies(timeout_eff[3]); 415 416 rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_DURATION, &cap, 417 "attempting to determine the durations", 418 sizeof(cap.duration)); 419 if (rc) 420 return rc; 421 422 chip->duration[TPM_SHORT] = 423 usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_short)); 424 chip->duration[TPM_MEDIUM] = 425 usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_medium)); 426 chip->duration[TPM_LONG] = 427 usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_long)); 428 chip->duration[TPM_LONG_LONG] = 0; /* not used under 1.2 */ 429 430 /* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above 431 * value wrong and apparently reports msecs rather than usecs. So we 432 * fix up the resulting too-small TPM_SHORT value to make things work. 433 * We also scale the TPM_MEDIUM and -_LONG values by 1000. 434 */ 435 if (chip->duration[TPM_SHORT] < (HZ / 100)) { 436 chip->duration[TPM_SHORT] = HZ; 437 chip->duration[TPM_MEDIUM] *= 1000; 438 chip->duration[TPM_LONG] *= 1000; 439 chip->duration_adjusted = true; 440 dev_info(&chip->dev, "Adjusting TPM timeout parameters."); 441 } 442 443 chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS; 444 return 0; 445 } 446 447 #define TPM_ORD_PCR_EXTEND 20 448 int tpm1_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash, 449 const char *log_msg) 450 { 451 struct tpm_buf buf; 452 int rc; 453 454 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCR_EXTEND); 455 if (rc) 456 return rc; 457 458 tpm_buf_append_u32(&buf, pcr_idx); 459 tpm_buf_append(&buf, hash, TPM_DIGEST_SIZE); 460 461 rc = tpm_transmit_cmd(chip, &buf, TPM_DIGEST_SIZE, log_msg); 462 tpm_buf_destroy(&buf); 463 return rc; 464 } 465 466 #define TPM_ORD_GET_CAP 101 467 ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap, 468 const char *desc, size_t min_cap_length) 469 { 470 struct tpm_buf buf; 471 int rc; 472 473 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_CAP); 474 if (rc) 475 return rc; 476 477 if (subcap_id == TPM_CAP_VERSION_1_1 || 478 subcap_id == TPM_CAP_VERSION_1_2) { 479 tpm_buf_append_u32(&buf, subcap_id); 480 tpm_buf_append_u32(&buf, 0); 481 } else { 482 if (subcap_id == TPM_CAP_FLAG_PERM || 483 subcap_id == TPM_CAP_FLAG_VOL) 484 tpm_buf_append_u32(&buf, TPM_CAP_FLAG); 485 else 486 tpm_buf_append_u32(&buf, TPM_CAP_PROP); 487 488 tpm_buf_append_u32(&buf, 4); 489 tpm_buf_append_u32(&buf, subcap_id); 490 } 491 rc = tpm_transmit_cmd(chip, &buf, min_cap_length, desc); 492 if (!rc) 493 *cap = *(cap_t *)&buf.data[TPM_HEADER_SIZE + 4]; 494 tpm_buf_destroy(&buf); 495 return rc; 496 } 497 EXPORT_SYMBOL_GPL(tpm1_getcap); 498 499 #define TPM_ORD_GET_RANDOM 70 500 struct tpm1_get_random_out { 501 __be32 rng_data_len; 502 u8 rng_data[TPM_MAX_RNG_DATA]; 503 } __packed; 504 505 /** 506 * tpm1_get_random() - get random bytes from the TPM's RNG 507 * @chip: a &struct tpm_chip instance 508 * @dest: destination buffer for the random bytes 509 * @max: the maximum number of bytes to write to @dest 510 * 511 * Return: 512 * * number of bytes read 513 * * -errno (positive TPM return codes are masked to -EIO) 514 */ 515 int tpm1_get_random(struct tpm_chip *chip, u8 *dest, size_t max) 516 { 517 struct tpm1_get_random_out *out; 518 u32 num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA); 519 struct tpm_buf buf; 520 u32 total = 0; 521 int retries = 5; 522 u32 recd; 523 int rc; 524 525 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_RANDOM); 526 if (rc) 527 return rc; 528 529 do { 530 tpm_buf_append_u32(&buf, num_bytes); 531 532 rc = tpm_transmit_cmd(chip, &buf, sizeof(out->rng_data_len), 533 "attempting get random"); 534 if (rc) { 535 if (rc > 0) 536 rc = -EIO; 537 goto out; 538 } 539 540 out = (struct tpm1_get_random_out *)&buf.data[TPM_HEADER_SIZE]; 541 542 recd = be32_to_cpu(out->rng_data_len); 543 if (recd > num_bytes) { 544 rc = -EFAULT; 545 goto out; 546 } 547 548 if (tpm_buf_length(&buf) < TPM_HEADER_SIZE + 549 sizeof(out->rng_data_len) + recd) { 550 rc = -EFAULT; 551 goto out; 552 } 553 memcpy(dest, out->rng_data, recd); 554 555 dest += recd; 556 total += recd; 557 num_bytes -= recd; 558 559 tpm_buf_reset(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_RANDOM); 560 } while (retries-- && total < max); 561 562 rc = total ? (int)total : -EIO; 563 out: 564 tpm_buf_destroy(&buf); 565 return rc; 566 } 567 568 #define TPM_ORD_PCRREAD 21 569 int tpm1_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf) 570 { 571 struct tpm_buf buf; 572 int rc; 573 574 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCRREAD); 575 if (rc) 576 return rc; 577 578 tpm_buf_append_u32(&buf, pcr_idx); 579 580 rc = tpm_transmit_cmd(chip, &buf, TPM_DIGEST_SIZE, 581 "attempting to read a pcr value"); 582 if (rc) 583 goto out; 584 585 if (tpm_buf_length(&buf) < TPM_DIGEST_SIZE) { 586 rc = -EFAULT; 587 goto out; 588 } 589 590 memcpy(res_buf, &buf.data[TPM_HEADER_SIZE], TPM_DIGEST_SIZE); 591 592 out: 593 tpm_buf_destroy(&buf); 594 return rc; 595 } 596 597 #define TPM_ORD_CONTINUE_SELFTEST 83 598 /** 599 * tpm_continue_selftest() - run TPM's selftest 600 * @chip: TPM chip to use 601 * 602 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing 603 * a TPM error code. 604 */ 605 static int tpm1_continue_selftest(struct tpm_chip *chip) 606 { 607 struct tpm_buf buf; 608 int rc; 609 610 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_CONTINUE_SELFTEST); 611 if (rc) 612 return rc; 613 614 rc = tpm_transmit_cmd(chip, &buf, 0, "continue selftest"); 615 tpm_buf_destroy(&buf); 616 return rc; 617 } 618 619 /** 620 * tpm1_do_selftest - have the TPM continue its selftest and wait until it 621 * can receive further commands 622 * @chip: TPM chip to use 623 * 624 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing 625 * a TPM error code. 626 */ 627 int tpm1_do_selftest(struct tpm_chip *chip) 628 { 629 int rc; 630 unsigned int loops; 631 unsigned int delay_msec = 100; 632 unsigned long duration; 633 u8 dummy[TPM_DIGEST_SIZE]; 634 635 duration = tpm1_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST); 636 637 loops = jiffies_to_msecs(duration) / delay_msec; 638 639 rc = tpm1_continue_selftest(chip); 640 if (rc == TPM_ERR_INVALID_POSTINIT) { 641 chip->flags |= TPM_CHIP_FLAG_ALWAYS_POWERED; 642 dev_info(&chip->dev, "TPM not ready (%d)\n", rc); 643 } 644 /* This may fail if there was no TPM driver during a suspend/resume 645 * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST) 646 */ 647 if (rc) 648 return rc; 649 650 do { 651 /* Attempt to read a PCR value */ 652 rc = tpm1_pcr_read(chip, 0, dummy); 653 654 /* Some buggy TPMs will not respond to tpm_tis_ready() for 655 * around 300ms while the self test is ongoing, keep trying 656 * until the self test duration expires. 657 */ 658 if (rc == -ETIME) { 659 dev_info(&chip->dev, HW_ERR "TPM command timed out during continue self test"); 660 tpm_msleep(delay_msec); 661 continue; 662 } 663 664 if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) { 665 dev_info(&chip->dev, "TPM is disabled/deactivated (0x%X)\n", 666 rc); 667 /* TPM is disabled and/or deactivated; driver can 668 * proceed and TPM does handle commands for 669 * suspend/resume correctly 670 */ 671 return 0; 672 } 673 if (rc != TPM_WARN_DOING_SELFTEST) 674 return rc; 675 tpm_msleep(delay_msec); 676 } while (--loops > 0); 677 678 return rc; 679 } 680 EXPORT_SYMBOL_GPL(tpm1_do_selftest); 681 682 /** 683 * tpm1_auto_startup - Perform the standard automatic TPM initialization 684 * sequence 685 * @chip: TPM chip to use 686 * 687 * Returns 0 on success, < 0 in case of fatal error. 688 */ 689 int tpm1_auto_startup(struct tpm_chip *chip) 690 { 691 int rc; 692 693 rc = tpm1_get_timeouts(chip); 694 if (rc) 695 goto out; 696 rc = tpm1_do_selftest(chip); 697 if (rc) { 698 dev_err(&chip->dev, "TPM self test failed\n"); 699 goto out; 700 } 701 702 return rc; 703 out: 704 if (rc > 0) 705 rc = -ENODEV; 706 return rc; 707 } 708 709 #define TPM_ORD_SAVESTATE 152 710 711 /** 712 * tpm1_pm_suspend() - pm suspend handler 713 * @chip: TPM chip to use. 714 * @tpm_suspend_pcr: flush pcr for buggy TPM chips. 715 * 716 * The functions saves the TPM state to be restored on resume. 717 * 718 * Return: 719 * * 0 on success, 720 * * < 0 on error. 721 */ 722 int tpm1_pm_suspend(struct tpm_chip *chip, u32 tpm_suspend_pcr) 723 { 724 u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 }; 725 struct tpm_buf buf; 726 unsigned int try; 727 int rc; 728 729 730 /* for buggy tpm, flush pcrs with extend to selected dummy */ 731 if (tpm_suspend_pcr) 732 rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash, 733 "extending dummy pcr before suspend"); 734 735 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_SAVESTATE); 736 if (rc) 737 return rc; 738 /* now do the actual savestate */ 739 for (try = 0; try < TPM_RETRY; try++) { 740 rc = tpm_transmit_cmd(chip, &buf, 0, NULL); 741 /* 742 * If the TPM indicates that it is too busy to respond to 743 * this command then retry before giving up. It can take 744 * several seconds for this TPM to be ready. 745 * 746 * This can happen if the TPM has already been sent the 747 * SaveState command before the driver has loaded. TCG 1.2 748 * specification states that any communication after SaveState 749 * may cause the TPM to invalidate previously saved state. 750 */ 751 if (rc != TPM_WARN_RETRY) 752 break; 753 tpm_msleep(TPM_TIMEOUT_RETRY); 754 755 tpm_buf_reset(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_SAVESTATE); 756 } 757 758 if (rc) 759 dev_err(&chip->dev, "Error (%d) sending savestate before suspend\n", 760 rc); 761 else if (try > 0) 762 dev_warn(&chip->dev, "TPM savestate took %dms\n", 763 try * TPM_TIMEOUT_RETRY); 764 765 tpm_buf_destroy(&buf); 766 767 return rc; 768 } 769 770 /** 771 * tpm1_get_pcr_allocation() - initialize the allocated bank 772 * @chip: TPM chip to use. 773 * 774 * The function initializes the SHA1 allocated bank to extend PCR 775 * 776 * Return: 777 * * 0 on success, 778 * * < 0 on error. 779 */ 780 int tpm1_get_pcr_allocation(struct tpm_chip *chip) 781 { 782 chip->allocated_banks = kcalloc(1, sizeof(*chip->allocated_banks), 783 GFP_KERNEL); 784 if (!chip->allocated_banks) 785 return -ENOMEM; 786 787 chip->allocated_banks[0].alg_id = TPM_ALG_SHA1; 788 chip->allocated_banks[0].digest_size = hash_digest_size[HASH_ALGO_SHA1]; 789 chip->allocated_banks[0].crypto_id = HASH_ALGO_SHA1; 790 chip->nr_allocated_banks = 1; 791 792 return 0; 793 } 794