2 * Copyright (C) 2004 IBM Corporation
3 * Copyright (C) 2014 Intel Corporation
6 * Leendert van Doorn <leendert@watson.ibm.com>
7 * Dave Safford <safford@watson.ibm.com>
8 * Reiner Sailer <sailer@watson.ibm.com>
9 * Kylene Hall <kjhall@us.ibm.com>
11 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
13 * Device driver for TCG/TCPA TPM (trusted platform module).
14 * Specifications at www.trustedcomputinggroup.org
16 * This program is free software; you can redistribute it and/or
17 * modify it under the terms of the GNU General Public License as
18 * published by the Free Software Foundation, version 2 of the
21 * Note, the TPM chip is not interrupt driven (only polling)
22 * and can have very long timeouts (minutes!). Hence the unusual
27 #include <linux/poll.h>
28 #include <linux/slab.h>
29 #include <linux/mutex.h>
30 #include <linux/spinlock.h>
31 #include <linux/freezer.h>
32 #include <linux/tpm_eventlog.h>
36 #define TPM_MAX_ORDINAL 243
37 #define TSC_MAX_ORDINAL 12
38 #define TPM_PROTECTED_COMMAND 0x00
39 #define TPM_CONNECTION_COMMAND 0x40
42 * Bug workaround - some TPM's don't flush the most
43 * recently changed pcr on suspend, so force the flush
44 * with an extend to the selected _unused_ non-volatile pcr.
46 static int tpm_suspend_pcr;
47 module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644);
48 MODULE_PARM_DESC(suspend_pcr,
49 "PCR to use for dummy writes to facilitate flush on suspend.");
52 * Array with one entry per ordinal defining the maximum amount
53 * of time the chip could take to return the result. The ordinal
54 * designation of short, medium or long is defined in a table in
55 * TCG Specification TPM Main Part 2 TPM Structures Section 17. The
56 * values of the SHORT, MEDIUM, and LONG durations are retrieved
57 * from the chip during initialization with a call to tpm_get_timeouts.
59 static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = {
60 TPM_UNDEFINED, /* 0 */
65 TPM_UNDEFINED, /* 5 */
115 TPM_UNDEFINED, /* 55 */
135 TPM_UNDEFINED, /* 75 */
145 TPM_UNDEFINED, /* 85 */
155 TPM_UNDEFINED, /* 95 */
160 TPM_MEDIUM, /* 100 */
165 TPM_UNDEFINED, /* 105 */
195 TPM_UNDEFINED, /* 135 */
205 TPM_UNDEFINED, /* 145 */
215 TPM_UNDEFINED, /* 155 */
225 TPM_UNDEFINED, /* 165 */
235 TPM_UNDEFINED, /* 175 */
240 TPM_MEDIUM, /* 180 */
245 TPM_MEDIUM, /* 185 */
250 TPM_UNDEFINED, /* 190 */
255 TPM_UNDEFINED, /* 195 */
270 TPM_MEDIUM, /* 210 */
275 TPM_UNDEFINED, /* 215 */
285 TPM_UNDEFINED, /* 225 */
295 TPM_UNDEFINED, /* 235 */
306 * Returns max number of jiffies to wait
308 unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip,
311 int duration_idx = TPM_UNDEFINED;
315 * We only have a duration table for protected commands, where the upper
316 * 16 bits are 0. For the few other ordinals the fallback will be used.
318 if (ordinal < TPM_MAX_ORDINAL)
319 duration_idx = tpm_ordinal_duration[ordinal];
321 if (duration_idx != TPM_UNDEFINED)
322 duration = chip->duration[duration_idx];
328 EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration);
330 static int tpm_validate_command(struct tpm_chip *chip,
331 struct tpm_space *space,
335 const struct tpm_input_header *header = (const void *)cmd;
339 unsigned int nr_handles;
341 if (len < TPM_HEADER_SIZE)
347 if (chip->flags & TPM_CHIP_FLAG_TPM2 && chip->nr_commands) {
348 cc = be32_to_cpu(header->ordinal);
350 i = tpm2_find_cc(chip, cc);
352 dev_dbg(&chip->dev, "0x%04X is an invalid command\n",
357 attrs = chip->cc_attrs_tbl[i];
359 4 * ((attrs >> TPM2_CC_ATTR_CHANDLES) & GENMASK(2, 0));
360 if (len < TPM_HEADER_SIZE + 4 * nr_handles)
367 "%s: insufficient command length %zu", __func__, len);
371 static int tpm_request_locality(struct tpm_chip *chip, unsigned int flags)
375 if (flags & TPM_TRANSMIT_NESTED)
378 if (!chip->ops->request_locality)
381 rc = chip->ops->request_locality(chip, 0);
390 static void tpm_relinquish_locality(struct tpm_chip *chip, unsigned int flags)
394 if (flags & TPM_TRANSMIT_NESTED)
397 if (!chip->ops->relinquish_locality)
400 rc = chip->ops->relinquish_locality(chip, chip->locality);
402 dev_err(&chip->dev, "%s: : error %d\n", __func__, rc);
407 static int tpm_cmd_ready(struct tpm_chip *chip, unsigned int flags)
409 if (flags & TPM_TRANSMIT_NESTED)
412 if (!chip->ops->cmd_ready)
415 return chip->ops->cmd_ready(chip);
418 static int tpm_go_idle(struct tpm_chip *chip, unsigned int flags)
420 if (flags & TPM_TRANSMIT_NESTED)
423 if (!chip->ops->go_idle)
426 return chip->ops->go_idle(chip);
429 static ssize_t tpm_try_transmit(struct tpm_chip *chip,
430 struct tpm_space *space,
431 u8 *buf, size_t bufsiz,
434 struct tpm_output_header *header = (void *)buf;
441 rc = tpm_validate_command(chip, space, buf, bufsiz);
445 * If the command is not implemented by the TPM, synthesize a
446 * response with a TPM2_RC_COMMAND_CODE return for user-space.
448 if (rc == -EOPNOTSUPP) {
449 header->length = cpu_to_be32(sizeof(*header));
450 header->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS);
451 header->return_code = cpu_to_be32(TPM2_RC_COMMAND_CODE |
452 TSS2_RESMGR_TPM_RC_LAYER);
453 return sizeof(*header);
456 if (bufsiz > TPM_BUFSIZE)
457 bufsiz = TPM_BUFSIZE;
459 count = be32_to_cpu(*((__be32 *) (buf + 2)));
460 ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
463 if (count > bufsiz) {
465 "invalid count value %x %zx\n", count, bufsiz);
469 if (!(flags & TPM_TRANSMIT_UNLOCKED) && !(flags & TPM_TRANSMIT_NESTED))
470 mutex_lock(&chip->tpm_mutex);
472 if (chip->ops->clk_enable != NULL)
473 chip->ops->clk_enable(chip, true);
475 /* Store the decision as chip->locality will be changed. */
476 need_locality = chip->locality == -1;
479 rc = tpm_request_locality(chip, flags);
481 goto out_no_locality;
484 rc = tpm_cmd_ready(chip, flags);
488 rc = tpm2_prepare_space(chip, space, ordinal, buf);
492 rc = chip->ops->send(chip, buf, count);
496 "%s: tpm_send: error %d\n", __func__, rc);
500 if (chip->flags & TPM_CHIP_FLAG_IRQ)
503 if (chip->flags & TPM_CHIP_FLAG_TPM2)
504 stop = jiffies + tpm2_calc_ordinal_duration(chip, ordinal);
506 stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal);
508 u8 status = chip->ops->status(chip);
509 if ((status & chip->ops->req_complete_mask) ==
510 chip->ops->req_complete_val)
513 if (chip->ops->req_canceled(chip, status)) {
514 dev_err(&chip->dev, "Operation Canceled\n");
519 tpm_msleep(TPM_TIMEOUT_POLL);
521 } while (time_before(jiffies, stop));
523 chip->ops->cancel(chip);
524 dev_err(&chip->dev, "Operation Timed out\n");
529 len = chip->ops->recv(chip, buf, bufsiz);
533 "tpm_transmit: tpm_recv: error %d\n", rc);
535 } else if (len < TPM_HEADER_SIZE) {
540 if (len != be32_to_cpu(header->length)) {
545 rc = tpm2_commit_space(chip, space, ordinal, buf, &len);
547 dev_err(&chip->dev, "tpm2_commit_space: error %d\n", rc);
550 rc = tpm_go_idle(chip, flags);
555 tpm_relinquish_locality(chip, flags);
558 if (chip->ops->clk_enable != NULL)
559 chip->ops->clk_enable(chip, false);
561 if (!(flags & TPM_TRANSMIT_UNLOCKED) && !(flags & TPM_TRANSMIT_NESTED))
562 mutex_unlock(&chip->tpm_mutex);
563 return rc ? rc : len;
567 * tpm_transmit - Internal kernel interface to transmit TPM commands.
569 * @chip: TPM chip to use
571 * @buf: TPM command buffer
572 * @bufsiz: length of the TPM command buffer
573 * @flags: tpm transmit flags - bitmap
575 * A wrapper around tpm_try_transmit that handles TPM2_RC_RETRY
576 * returns from the TPM and retransmits the command after a delay up
577 * to a maximum wait of TPM2_DURATION_LONG.
579 * Note: TPM1 never returns TPM2_RC_RETRY so the retry logic is TPM2
583 * the length of the return when the operation is successful.
584 * A negative number for system errors (errno).
586 ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space,
587 u8 *buf, size_t bufsiz, unsigned int flags)
589 struct tpm_output_header *header = (struct tpm_output_header *)buf;
590 /* space for header and handles */
591 u8 save[TPM_HEADER_SIZE + 3*sizeof(u32)];
592 unsigned int delay_msec = TPM2_DURATION_SHORT;
595 const size_t save_size = min(space ? sizeof(save) : TPM_HEADER_SIZE,
597 /* the command code is where the return code will be */
598 u32 cc = be32_to_cpu(header->return_code);
601 * Subtlety here: if we have a space, the handles will be
602 * transformed, so when we restore the header we also have to
603 * restore the handles.
605 memcpy(save, buf, save_size);
608 ret = tpm_try_transmit(chip, space, buf, bufsiz, flags);
611 rc = be32_to_cpu(header->return_code);
612 if (rc != TPM2_RC_RETRY && rc != TPM2_RC_TESTING)
615 * return immediately if self test returns test
616 * still running to shorten boot time.
618 if (rc == TPM2_RC_TESTING && cc == TPM2_CC_SELF_TEST)
621 if (delay_msec > TPM2_DURATION_LONG) {
622 if (rc == TPM2_RC_RETRY)
623 dev_err(&chip->dev, "in retry loop\n");
626 "self test is still running\n");
629 tpm_msleep(delay_msec);
631 memcpy(buf, save, save_size);
636 * tpm_transmit_cmd - send a tpm command to the device
637 * The function extracts tpm out header return code
639 * @chip: TPM chip to use
641 * @buf: TPM command buffer
642 * @bufsiz: length of the buffer
643 * @min_rsp_body_length: minimum expected length of response body
644 * @flags: tpm transmit flags - bitmap
645 * @desc: command description used in the error message
648 * 0 when the operation is successful.
649 * A negative number for system errors (errno).
650 * A positive number for a TPM error.
652 ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space,
653 void *buf, size_t bufsiz,
654 size_t min_rsp_body_length, unsigned int flags,
657 const struct tpm_output_header *header = buf;
661 len = tpm_transmit(chip, space, buf, bufsiz, flags);
665 err = be32_to_cpu(header->return_code);
666 if (err != 0 && err != TPM_ERR_DISABLED && err != TPM_ERR_DEACTIVATED
668 dev_err(&chip->dev, "A TPM error (%d) occurred %s\n", err,
673 if (len < min_rsp_body_length + TPM_HEADER_SIZE)
678 EXPORT_SYMBOL_GPL(tpm_transmit_cmd);
680 #define TPM_ORD_STARTUP 153
681 #define TPM_ST_CLEAR 1
684 * tpm_startup - turn on the TPM
685 * @chip: TPM chip to use
687 * Normally the firmware should start the TPM. This function is provided as a
688 * workaround if this does not happen. A legal case for this could be for
689 * example when a TPM emulator is used.
691 * Return: same as tpm_transmit_cmd()
693 int tpm_startup(struct tpm_chip *chip)
698 dev_info(&chip->dev, "starting up the TPM manually\n");
700 if (chip->flags & TPM_CHIP_FLAG_TPM2) {
701 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_STARTUP);
705 tpm_buf_append_u16(&buf, TPM2_SU_CLEAR);
707 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_STARTUP);
711 tpm_buf_append_u16(&buf, TPM_ST_CLEAR);
714 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0,
715 "attempting to start the TPM");
717 tpm_buf_destroy(&buf);
721 #define TPM_DIGEST_SIZE 20
722 #define TPM_RET_CODE_IDX 6
723 #define TPM_INTERNAL_RESULT_SIZE 200
724 #define TPM_ORD_GET_CAP 101
725 #define TPM_ORD_GET_RANDOM 70
727 static const struct tpm_input_header tpm_getcap_header = {
728 .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
729 .length = cpu_to_be32(22),
730 .ordinal = cpu_to_be32(TPM_ORD_GET_CAP)
733 ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
734 const char *desc, size_t min_cap_length)
739 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_CAP);
743 if (subcap_id == TPM_CAP_VERSION_1_1 ||
744 subcap_id == TPM_CAP_VERSION_1_2) {
745 tpm_buf_append_u32(&buf, subcap_id);
746 tpm_buf_append_u32(&buf, 0);
748 if (subcap_id == TPM_CAP_FLAG_PERM ||
749 subcap_id == TPM_CAP_FLAG_VOL)
750 tpm_buf_append_u32(&buf, TPM_CAP_FLAG);
752 tpm_buf_append_u32(&buf, TPM_CAP_PROP);
754 tpm_buf_append_u32(&buf, 4);
755 tpm_buf_append_u32(&buf, subcap_id);
757 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE,
758 min_cap_length, 0, desc);
760 *cap = *(cap_t *)&buf.data[TPM_HEADER_SIZE + 4];
762 tpm_buf_destroy(&buf);
765 EXPORT_SYMBOL_GPL(tpm_getcap);
767 int tpm_get_timeouts(struct tpm_chip *chip)
770 unsigned long timeout_old[4], timeout_chip[4], timeout_eff[4];
773 if (chip->flags & TPM_CHIP_FLAG_HAVE_TIMEOUTS)
776 if (chip->flags & TPM_CHIP_FLAG_TPM2) {
777 /* Fixed timeouts for TPM2 */
778 chip->timeout_a = msecs_to_jiffies(TPM2_TIMEOUT_A);
779 chip->timeout_b = msecs_to_jiffies(TPM2_TIMEOUT_B);
780 chip->timeout_c = msecs_to_jiffies(TPM2_TIMEOUT_C);
781 chip->timeout_d = msecs_to_jiffies(TPM2_TIMEOUT_D);
782 chip->duration[TPM_SHORT] =
783 msecs_to_jiffies(TPM2_DURATION_SHORT);
784 chip->duration[TPM_MEDIUM] =
785 msecs_to_jiffies(TPM2_DURATION_MEDIUM);
786 chip->duration[TPM_LONG] =
787 msecs_to_jiffies(TPM2_DURATION_LONG);
788 chip->duration[TPM_LONG_LONG] =
789 msecs_to_jiffies(TPM2_DURATION_LONG_LONG);
791 chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS;
795 rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL,
796 sizeof(cap.timeout));
797 if (rc == TPM_ERR_INVALID_POSTINIT) {
798 if (tpm_startup(chip))
801 rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap,
802 "attempting to determine the timeouts",
803 sizeof(cap.timeout));
808 "A TPM error (%zd) occurred attempting to determine the timeouts\n",
813 timeout_old[0] = jiffies_to_usecs(chip->timeout_a);
814 timeout_old[1] = jiffies_to_usecs(chip->timeout_b);
815 timeout_old[2] = jiffies_to_usecs(chip->timeout_c);
816 timeout_old[3] = jiffies_to_usecs(chip->timeout_d);
817 timeout_chip[0] = be32_to_cpu(cap.timeout.a);
818 timeout_chip[1] = be32_to_cpu(cap.timeout.b);
819 timeout_chip[2] = be32_to_cpu(cap.timeout.c);
820 timeout_chip[3] = be32_to_cpu(cap.timeout.d);
821 memcpy(timeout_eff, timeout_chip, sizeof(timeout_eff));
824 * Provide ability for vendor overrides of timeout values in case
827 if (chip->ops->update_timeouts != NULL)
828 chip->timeout_adjusted =
829 chip->ops->update_timeouts(chip, timeout_eff);
831 if (!chip->timeout_adjusted) {
832 /* Restore default if chip reported 0 */
835 for (i = 0; i < ARRAY_SIZE(timeout_eff); i++) {
839 timeout_eff[i] = timeout_old[i];
840 chip->timeout_adjusted = true;
843 if (timeout_eff[0] != 0 && timeout_eff[0] < 1000) {
844 /* timeouts in msec rather usec */
845 for (i = 0; i != ARRAY_SIZE(timeout_eff); i++)
846 timeout_eff[i] *= 1000;
847 chip->timeout_adjusted = true;
851 /* Report adjusted timeouts */
852 if (chip->timeout_adjusted) {
854 HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n",
855 timeout_chip[0], timeout_eff[0],
856 timeout_chip[1], timeout_eff[1],
857 timeout_chip[2], timeout_eff[2],
858 timeout_chip[3], timeout_eff[3]);
861 chip->timeout_a = usecs_to_jiffies(timeout_eff[0]);
862 chip->timeout_b = usecs_to_jiffies(timeout_eff[1]);
863 chip->timeout_c = usecs_to_jiffies(timeout_eff[2]);
864 chip->timeout_d = usecs_to_jiffies(timeout_eff[3]);
866 rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_DURATION, &cap,
867 "attempting to determine the durations",
868 sizeof(cap.duration));
872 chip->duration[TPM_SHORT] =
873 usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_short));
874 chip->duration[TPM_MEDIUM] =
875 usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_medium));
876 chip->duration[TPM_LONG] =
877 usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_long));
878 chip->duration[TPM_LONG_LONG] = 0; /* not used under 1.2 */
880 /* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above
881 * value wrong and apparently reports msecs rather than usecs. So we
882 * fix up the resulting too-small TPM_SHORT value to make things work.
883 * We also scale the TPM_MEDIUM and -_LONG values by 1000.
885 if (chip->duration[TPM_SHORT] < (HZ / 100)) {
886 chip->duration[TPM_SHORT] = HZ;
887 chip->duration[TPM_MEDIUM] *= 1000;
888 chip->duration[TPM_LONG] *= 1000;
889 chip->duration_adjusted = true;
890 dev_info(&chip->dev, "Adjusting TPM timeout parameters.");
893 chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS;
896 EXPORT_SYMBOL_GPL(tpm_get_timeouts);
898 #define TPM_ORD_CONTINUE_SELFTEST 83
899 #define CONTINUE_SELFTEST_RESULT_SIZE 10
901 static const struct tpm_input_header continue_selftest_header = {
902 .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
903 .length = cpu_to_be32(10),
904 .ordinal = cpu_to_be32(TPM_ORD_CONTINUE_SELFTEST),
908 * tpm_continue_selftest -- run TPM's selftest
909 * @chip: TPM chip to use
911 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
914 static int tpm_continue_selftest(struct tpm_chip *chip)
917 struct tpm_cmd_t cmd;
919 cmd.header.in = continue_selftest_header;
920 rc = tpm_transmit_cmd(chip, NULL, &cmd, CONTINUE_SELFTEST_RESULT_SIZE,
921 0, 0, "continue selftest");
925 #define TPM_ORDINAL_PCRREAD 21
926 #define READ_PCR_RESULT_SIZE 30
927 #define READ_PCR_RESULT_BODY_SIZE 20
928 static const struct tpm_input_header pcrread_header = {
929 .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
930 .length = cpu_to_be32(14),
931 .ordinal = cpu_to_be32(TPM_ORDINAL_PCRREAD)
934 int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
937 struct tpm_cmd_t cmd;
939 cmd.header.in = pcrread_header;
940 cmd.params.pcrread_in.pcr_idx = cpu_to_be32(pcr_idx);
941 rc = tpm_transmit_cmd(chip, NULL, &cmd, READ_PCR_RESULT_SIZE,
942 READ_PCR_RESULT_BODY_SIZE, 0,
943 "attempting to read a pcr value");
946 memcpy(res_buf, cmd.params.pcrread_out.pcr_result,
952 * tpm_is_tpm2 - do we a have a TPM2 chip?
953 * @chip: a &struct tpm_chip instance, %NULL for the default chip
956 * 1 if we have a TPM2 chip.
957 * 0 if we don't have a TPM2 chip.
958 * A negative number for system errors (errno).
960 int tpm_is_tpm2(struct tpm_chip *chip)
964 chip = tpm_find_get_ops(chip);
968 rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0;
974 EXPORT_SYMBOL_GPL(tpm_is_tpm2);
977 * tpm_pcr_read - read a PCR value from SHA1 bank
978 * @chip: a &struct tpm_chip instance, %NULL for the default chip
979 * @pcr_idx: the PCR to be retrieved
980 * @res_buf: the value of the PCR
982 * Return: same as with tpm_transmit_cmd()
984 int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
988 chip = tpm_find_get_ops(chip);
991 if (chip->flags & TPM_CHIP_FLAG_TPM2)
992 rc = tpm2_pcr_read(chip, pcr_idx, res_buf);
994 rc = tpm_pcr_read_dev(chip, pcr_idx, res_buf);
998 EXPORT_SYMBOL_GPL(tpm_pcr_read);
1000 #define TPM_ORD_PCR_EXTEND 20
1001 #define EXTEND_PCR_RESULT_SIZE 34
1002 #define EXTEND_PCR_RESULT_BODY_SIZE 20
1003 static const struct tpm_input_header pcrextend_header = {
1004 .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
1005 .length = cpu_to_be32(34),
1006 .ordinal = cpu_to_be32(TPM_ORD_PCR_EXTEND)
1009 static int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
1015 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCR_EXTEND);
1019 tpm_buf_append_u32(&buf, pcr_idx);
1020 tpm_buf_append(&buf, hash, TPM_DIGEST_SIZE);
1022 rc = tpm_transmit_cmd(chip, NULL, buf.data, EXTEND_PCR_RESULT_SIZE,
1023 EXTEND_PCR_RESULT_BODY_SIZE, 0, log_msg);
1024 tpm_buf_destroy(&buf);
1029 * tpm_pcr_extend - extend a PCR value in SHA1 bank.
1030 * @chip: a &struct tpm_chip instance, %NULL for the default chip
1031 * @pcr_idx: the PCR to be retrieved
1032 * @hash: the hash value used to extend the PCR value
1034 * Note: with TPM 2.0 extends also those banks with a known digest size to the
1035 * cryto subsystem in order to prevent malicious use of those PCR banks. In the
1036 * future we should dynamically determine digest sizes.
1038 * Return: same as with tpm_transmit_cmd()
1040 int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
1043 struct tpm2_digest digest_list[ARRAY_SIZE(chip->active_banks)];
1047 chip = tpm_find_get_ops(chip);
1051 if (chip->flags & TPM_CHIP_FLAG_TPM2) {
1052 memset(digest_list, 0, sizeof(digest_list));
1054 for (i = 0; i < ARRAY_SIZE(chip->active_banks) &&
1055 chip->active_banks[i] != TPM2_ALG_ERROR; i++) {
1056 digest_list[i].alg_id = chip->active_banks[i];
1057 memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE);
1061 rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list);
1066 rc = tpm1_pcr_extend(chip, pcr_idx, hash,
1067 "attempting extend a PCR value");
1071 EXPORT_SYMBOL_GPL(tpm_pcr_extend);
1074 * tpm_do_selftest - have the TPM continue its selftest and wait until it
1075 * can receive further commands
1076 * @chip: TPM chip to use
1078 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
1081 int tpm_do_selftest(struct tpm_chip *chip)
1085 unsigned int delay_msec = 100;
1086 unsigned long duration;
1087 u8 dummy[TPM_DIGEST_SIZE];
1089 duration = tpm_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST);
1091 loops = jiffies_to_msecs(duration) / delay_msec;
1093 rc = tpm_continue_selftest(chip);
1094 if (rc == TPM_ERR_INVALID_POSTINIT) {
1095 chip->flags |= TPM_CHIP_FLAG_ALWAYS_POWERED;
1096 dev_info(&chip->dev, "TPM not ready (%d)\n", rc);
1098 /* This may fail if there was no TPM driver during a suspend/resume
1099 * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST)
1105 /* Attempt to read a PCR value */
1106 rc = tpm_pcr_read_dev(chip, 0, dummy);
1108 /* Some buggy TPMs will not respond to tpm_tis_ready() for
1109 * around 300ms while the self test is ongoing, keep trying
1110 * until the self test duration expires. */
1114 "TPM command timed out during continue self test");
1115 tpm_msleep(delay_msec);
1119 if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) {
1120 dev_info(&chip->dev,
1121 "TPM is disabled/deactivated (0x%X)\n", rc);
1122 /* TPM is disabled and/or deactivated; driver can
1123 * proceed and TPM does handle commands for
1124 * suspend/resume correctly
1128 if (rc != TPM_WARN_DOING_SELFTEST)
1130 tpm_msleep(delay_msec);
1131 } while (--loops > 0);
1135 EXPORT_SYMBOL_GPL(tpm_do_selftest);
1138 * tpm1_auto_startup - Perform the standard automatic TPM initialization
1140 * @chip: TPM chip to use
1142 * Returns 0 on success, < 0 in case of fatal error.
1144 int tpm1_auto_startup(struct tpm_chip *chip)
1148 rc = tpm_get_timeouts(chip);
1151 rc = tpm_do_selftest(chip);
1153 dev_err(&chip->dev, "TPM self test failed\n");
1165 * tpm_send - send a TPM command
1166 * @chip: a &struct tpm_chip instance, %NULL for the default chip
1167 * @cmd: a TPM command buffer
1168 * @buflen: the length of the TPM command buffer
1170 * Return: same as with tpm_transmit_cmd()
1172 int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen)
1176 chip = tpm_find_get_ops(chip);
1180 rc = tpm_transmit_cmd(chip, NULL, cmd, buflen, 0, 0,
1181 "attempting to a send a command");
1185 EXPORT_SYMBOL_GPL(tpm_send);
1187 #define TPM_ORD_SAVESTATE 152
1188 #define SAVESTATE_RESULT_SIZE 10
1190 static const struct tpm_input_header savestate_header = {
1191 .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
1192 .length = cpu_to_be32(10),
1193 .ordinal = cpu_to_be32(TPM_ORD_SAVESTATE)
1197 * We are about to suspend. Save the TPM state
1198 * so that it can be restored.
1200 int tpm_pm_suspend(struct device *dev)
1202 struct tpm_chip *chip = dev_get_drvdata(dev);
1203 struct tpm_cmd_t cmd;
1206 u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 };
1211 if (chip->flags & TPM_CHIP_FLAG_ALWAYS_POWERED)
1214 if (chip->flags & TPM_CHIP_FLAG_TPM2) {
1215 tpm2_shutdown(chip, TPM2_SU_STATE);
1219 /* for buggy tpm, flush pcrs with extend to selected dummy */
1220 if (tpm_suspend_pcr)
1221 rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash,
1222 "extending dummy pcr before suspend");
1224 /* now do the actual savestate */
1225 for (try = 0; try < TPM_RETRY; try++) {
1226 cmd.header.in = savestate_header;
1227 rc = tpm_transmit_cmd(chip, NULL, &cmd, SAVESTATE_RESULT_SIZE,
1231 * If the TPM indicates that it is too busy to respond to
1232 * this command then retry before giving up. It can take
1233 * several seconds for this TPM to be ready.
1235 * This can happen if the TPM has already been sent the
1236 * SaveState command before the driver has loaded. TCG 1.2
1237 * specification states that any communication after SaveState
1238 * may cause the TPM to invalidate previously saved state.
1240 if (rc != TPM_WARN_RETRY)
1242 tpm_msleep(TPM_TIMEOUT_RETRY);
1247 "Error (%d) sending savestate before suspend\n", rc);
1249 dev_warn(&chip->dev, "TPM savestate took %dms\n",
1250 try * TPM_TIMEOUT_RETRY);
1254 EXPORT_SYMBOL_GPL(tpm_pm_suspend);
1257 * Resume from a power safe. The BIOS already restored
1260 int tpm_pm_resume(struct device *dev)
1262 struct tpm_chip *chip = dev_get_drvdata(dev);
1269 EXPORT_SYMBOL_GPL(tpm_pm_resume);
1271 #define TPM_GETRANDOM_RESULT_SIZE 18
1272 static const struct tpm_input_header tpm_getrandom_header = {
1273 .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
1274 .length = cpu_to_be32(14),
1275 .ordinal = cpu_to_be32(TPM_ORD_GET_RANDOM)
1279 * tpm_get_random() - get random bytes from the TPM's RNG
1280 * @chip: a &struct tpm_chip instance, %NULL for the default chip
1281 * @out: destination buffer for the random bytes
1282 * @max: the max number of bytes to write to @out
1284 * Return: same as with tpm_transmit_cmd()
1286 int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max)
1288 struct tpm_cmd_t tpm_cmd;
1289 u32 recd, num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA), rlength;
1290 int err, total = 0, retries = 5;
1293 if (!out || !num_bytes || max > TPM_MAX_RNG_DATA)
1296 chip = tpm_find_get_ops(chip);
1300 if (chip->flags & TPM_CHIP_FLAG_TPM2) {
1301 err = tpm2_get_random(chip, out, max);
1307 tpm_cmd.header.in = tpm_getrandom_header;
1308 tpm_cmd.params.getrandom_in.num_bytes = cpu_to_be32(num_bytes);
1310 err = tpm_transmit_cmd(chip, NULL, &tpm_cmd,
1311 TPM_GETRANDOM_RESULT_SIZE + num_bytes,
1312 offsetof(struct tpm_getrandom_out,
1314 0, "attempting get random");
1318 recd = be32_to_cpu(tpm_cmd.params.getrandom_out.rng_data_len);
1319 if (recd > num_bytes) {
1324 rlength = be32_to_cpu(tpm_cmd.header.out.length);
1325 if (rlength < TPM_HEADER_SIZE +
1326 offsetof(struct tpm_getrandom_out, rng_data) +
1331 memcpy(dest, tpm_cmd.params.getrandom_out.rng_data, recd);
1336 } while (retries-- && total < max);
1339 return total ? total : -EIO;
1341 EXPORT_SYMBOL_GPL(tpm_get_random);
1344 * tpm_seal_trusted() - seal a trusted key payload
1345 * @chip: a &struct tpm_chip instance, %NULL for the default chip
1346 * @options: authentication values and other options
1347 * @payload: the key data in clear and encrypted form
1349 * Note: only TPM 2.0 chip are supported. TPM 1.x implementation is located in
1350 * the keyring subsystem.
1352 * Return: same as with tpm_transmit_cmd()
1354 int tpm_seal_trusted(struct tpm_chip *chip, struct trusted_key_payload *payload,
1355 struct trusted_key_options *options)
1359 chip = tpm_find_get_ops(chip);
1360 if (!chip || !(chip->flags & TPM_CHIP_FLAG_TPM2))
1363 rc = tpm2_seal_trusted(chip, payload, options);
1368 EXPORT_SYMBOL_GPL(tpm_seal_trusted);
1371 * tpm_unseal_trusted() - unseal a trusted key
1372 * @chip: a &struct tpm_chip instance, %NULL for the default chip
1373 * @options: authentication values and other options
1374 * @payload: the key data in clear and encrypted form
1376 * Note: only TPM 2.0 chip are supported. TPM 1.x implementation is located in
1377 * the keyring subsystem.
1379 * Return: same as with tpm_transmit_cmd()
1381 int tpm_unseal_trusted(struct tpm_chip *chip,
1382 struct trusted_key_payload *payload,
1383 struct trusted_key_options *options)
1387 chip = tpm_find_get_ops(chip);
1388 if (!chip || !(chip->flags & TPM_CHIP_FLAG_TPM2))
1391 rc = tpm2_unseal_trusted(chip, payload, options);
1397 EXPORT_SYMBOL_GPL(tpm_unseal_trusted);
1399 static int __init tpm_init(void)
1403 tpm_class = class_create(THIS_MODULE, "tpm");
1404 if (IS_ERR(tpm_class)) {
1405 pr_err("couldn't create tpm class\n");
1406 return PTR_ERR(tpm_class);
1409 tpmrm_class = class_create(THIS_MODULE, "tpmrm");
1410 if (IS_ERR(tpmrm_class)) {
1411 pr_err("couldn't create tpmrm class\n");
1412 rc = PTR_ERR(tpmrm_class);
1413 goto out_destroy_tpm_class;
1416 rc = alloc_chrdev_region(&tpm_devt, 0, 2*TPM_NUM_DEVICES, "tpm");
1418 pr_err("tpm: failed to allocate char dev region\n");
1419 goto out_destroy_tpmrm_class;
1422 rc = tpm_dev_common_init();
1424 pr_err("tpm: failed to allocate char dev region\n");
1425 goto out_unreg_chrdev;
1431 unregister_chrdev_region(tpm_devt, 2 * TPM_NUM_DEVICES);
1432 out_destroy_tpmrm_class:
1433 class_destroy(tpmrm_class);
1434 out_destroy_tpm_class:
1435 class_destroy(tpm_class);
1440 static void __exit tpm_exit(void)
1442 idr_destroy(&dev_nums_idr);
1443 class_destroy(tpm_class);
1444 class_destroy(tpmrm_class);
1445 unregister_chrdev_region(tpm_devt, 2*TPM_NUM_DEVICES);
1446 tpm_dev_common_exit();
1449 subsys_initcall(tpm_init);
1450 module_exit(tpm_exit);
1452 MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)");
1453 MODULE_DESCRIPTION("TPM Driver");
1454 MODULE_VERSION("2.0");
1455 MODULE_LICENSE("GPL");
projects / linux.git / blob