linux/drivers/char/tpm/tpm1-cmd.c
<<
>>
Prefs
   1// SPDX-License-Identifier: GPL-2.0
   2/*
   3 * Copyright (C) 2004 IBM Corporation
   4 * Copyright (C) 2014 Intel Corporation
   5 *
   6 * Authors:
   7 * Leendert van Doorn <leendert@watson.ibm.com>
   8 * Dave Safford <safford@watson.ibm.com>
   9 * Reiner Sailer <sailer@watson.ibm.com>
  10 * Kylene Hall <kjhall@us.ibm.com>
  11 *
  12 * Device driver for TCG/TCPA TPM (trusted platform module).
  13 * Specifications at www.trustedcomputinggroup.org
  14 */
  15
  16#include <linux/poll.h>
  17#include <linux/slab.h>
  18#include <linux/mutex.h>
  19#include <linux/spinlock.h>
  20#include <linux/freezer.h>
  21#include <linux/tpm_eventlog.h>
  22
  23#include "tpm.h"
  24
  25#define TPM_MAX_ORDINAL 243
  26
  27/*
  28 * Array with one entry per ordinal defining the maximum amount
  29 * of time the chip could take to return the result.  The ordinal
  30 * designation of short, medium or long is defined in a table in
  31 * TCG Specification TPM Main Part 2 TPM Structures Section 17. The
  32 * values of the SHORT, MEDIUM, and LONG durations are retrieved
  33 * from the chip during initialization with a call to tpm_get_timeouts.
  34 */
  35static const u8 tpm1_ordinal_duration[TPM_MAX_ORDINAL] = {
  36        TPM_UNDEFINED,          /* 0 */
  37        TPM_UNDEFINED,
  38        TPM_UNDEFINED,
  39        TPM_UNDEFINED,
  40        TPM_UNDEFINED,
  41        TPM_UNDEFINED,          /* 5 */
  42        TPM_UNDEFINED,
  43        TPM_UNDEFINED,
  44        TPM_UNDEFINED,
  45        TPM_UNDEFINED,
  46        TPM_SHORT,              /* 10 */
  47        TPM_SHORT,
  48        TPM_MEDIUM,
  49        TPM_LONG,
  50        TPM_LONG,
  51        TPM_MEDIUM,             /* 15 */
  52        TPM_SHORT,
  53        TPM_SHORT,
  54        TPM_MEDIUM,
  55        TPM_LONG,
  56        TPM_SHORT,              /* 20 */
  57        TPM_SHORT,
  58        TPM_MEDIUM,
  59        TPM_MEDIUM,
  60        TPM_MEDIUM,
  61        TPM_SHORT,              /* 25 */
  62        TPM_SHORT,
  63        TPM_MEDIUM,
  64        TPM_SHORT,
  65        TPM_SHORT,
  66        TPM_MEDIUM,             /* 30 */
  67        TPM_LONG,
  68        TPM_MEDIUM,
  69        TPM_SHORT,
  70        TPM_SHORT,
  71        TPM_SHORT,              /* 35 */
  72        TPM_MEDIUM,
  73        TPM_MEDIUM,
  74        TPM_UNDEFINED,
  75        TPM_UNDEFINED,
  76        TPM_MEDIUM,             /* 40 */
  77        TPM_LONG,
  78        TPM_MEDIUM,
  79        TPM_SHORT,
  80        TPM_SHORT,
  81        TPM_SHORT,              /* 45 */
  82        TPM_SHORT,
  83        TPM_SHORT,
  84        TPM_SHORT,
  85        TPM_LONG,
  86        TPM_MEDIUM,             /* 50 */
  87        TPM_MEDIUM,
  88        TPM_UNDEFINED,
  89        TPM_UNDEFINED,
  90        TPM_UNDEFINED,
  91        TPM_UNDEFINED,          /* 55 */
  92        TPM_UNDEFINED,
  93        TPM_UNDEFINED,
  94        TPM_UNDEFINED,
  95        TPM_UNDEFINED,
  96        TPM_MEDIUM,             /* 60 */
  97        TPM_MEDIUM,
  98        TPM_MEDIUM,
  99        TPM_SHORT,
 100        TPM_SHORT,
 101        TPM_MEDIUM,             /* 65 */
 102        TPM_UNDEFINED,
 103        TPM_UNDEFINED,
 104        TPM_UNDEFINED,
 105        TPM_UNDEFINED,
 106        TPM_SHORT,              /* 70 */
 107        TPM_SHORT,
 108        TPM_UNDEFINED,
 109        TPM_UNDEFINED,
 110        TPM_UNDEFINED,
 111        TPM_UNDEFINED,          /* 75 */
 112        TPM_UNDEFINED,
 113        TPM_UNDEFINED,
 114        TPM_UNDEFINED,
 115        TPM_UNDEFINED,
 116        TPM_LONG,               /* 80 */
 117        TPM_UNDEFINED,
 118        TPM_MEDIUM,
 119        TPM_LONG,
 120        TPM_SHORT,
 121        TPM_UNDEFINED,          /* 85 */
 122        TPM_UNDEFINED,
 123        TPM_UNDEFINED,
 124        TPM_UNDEFINED,
 125        TPM_UNDEFINED,
 126        TPM_SHORT,              /* 90 */
 127        TPM_SHORT,
 128        TPM_SHORT,
 129        TPM_SHORT,
 130        TPM_SHORT,
 131        TPM_UNDEFINED,          /* 95 */
 132        TPM_UNDEFINED,
 133        TPM_UNDEFINED,
 134        TPM_UNDEFINED,
 135        TPM_UNDEFINED,
 136        TPM_MEDIUM,             /* 100 */
 137        TPM_SHORT,
 138        TPM_SHORT,
 139        TPM_UNDEFINED,
 140        TPM_UNDEFINED,
 141        TPM_UNDEFINED,          /* 105 */
 142        TPM_UNDEFINED,
 143        TPM_UNDEFINED,
 144        TPM_UNDEFINED,
 145        TPM_UNDEFINED,
 146        TPM_SHORT,              /* 110 */
 147        TPM_SHORT,
 148        TPM_SHORT,
 149        TPM_SHORT,
 150        TPM_SHORT,
 151        TPM_SHORT,              /* 115 */
 152        TPM_SHORT,
 153        TPM_SHORT,
 154        TPM_UNDEFINED,
 155        TPM_UNDEFINED,
 156        TPM_LONG,               /* 120 */
 157        TPM_LONG,
 158        TPM_MEDIUM,
 159        TPM_UNDEFINED,
 160        TPM_SHORT,
 161        TPM_SHORT,              /* 125 */
 162        TPM_SHORT,
 163        TPM_LONG,
 164        TPM_SHORT,
 165        TPM_SHORT,
 166        TPM_SHORT,              /* 130 */
 167        TPM_MEDIUM,
 168        TPM_UNDEFINED,
 169        TPM_SHORT,
 170        TPM_MEDIUM,
 171        TPM_UNDEFINED,          /* 135 */
 172        TPM_UNDEFINED,
 173        TPM_UNDEFINED,
 174        TPM_UNDEFINED,
 175        TPM_UNDEFINED,
 176        TPM_SHORT,              /* 140 */
 177        TPM_SHORT,
 178        TPM_UNDEFINED,
 179        TPM_UNDEFINED,
 180        TPM_UNDEFINED,
 181        TPM_UNDEFINED,          /* 145 */
 182        TPM_UNDEFINED,
 183        TPM_UNDEFINED,
 184        TPM_UNDEFINED,
 185        TPM_UNDEFINED,
 186        TPM_SHORT,              /* 150 */
 187        TPM_MEDIUM,
 188        TPM_MEDIUM,
 189        TPM_SHORT,
 190        TPM_SHORT,
 191        TPM_UNDEFINED,          /* 155 */
 192        TPM_UNDEFINED,
 193        TPM_UNDEFINED,
 194        TPM_UNDEFINED,
 195        TPM_UNDEFINED,
 196        TPM_SHORT,              /* 160 */
 197        TPM_SHORT,
 198        TPM_SHORT,
 199        TPM_SHORT,
 200        TPM_UNDEFINED,
 201        TPM_UNDEFINED,          /* 165 */
 202        TPM_UNDEFINED,
 203        TPM_UNDEFINED,
 204        TPM_UNDEFINED,
 205        TPM_UNDEFINED,
 206        TPM_LONG,               /* 170 */
 207        TPM_UNDEFINED,
 208        TPM_UNDEFINED,
 209        TPM_UNDEFINED,
 210        TPM_UNDEFINED,
 211        TPM_UNDEFINED,          /* 175 */
 212        TPM_UNDEFINED,
 213        TPM_UNDEFINED,
 214        TPM_UNDEFINED,
 215        TPM_UNDEFINED,
 216        TPM_MEDIUM,             /* 180 */
 217        TPM_SHORT,
 218        TPM_MEDIUM,
 219        TPM_MEDIUM,
 220        TPM_MEDIUM,
 221        TPM_MEDIUM,             /* 185 */
 222        TPM_SHORT,
 223        TPM_UNDEFINED,
 224        TPM_UNDEFINED,
 225        TPM_UNDEFINED,
 226        TPM_UNDEFINED,          /* 190 */
 227        TPM_UNDEFINED,
 228        TPM_UNDEFINED,
 229        TPM_UNDEFINED,
 230        TPM_UNDEFINED,
 231        TPM_UNDEFINED,          /* 195 */
 232        TPM_UNDEFINED,
 233        TPM_UNDEFINED,
 234        TPM_UNDEFINED,
 235        TPM_UNDEFINED,
 236        TPM_SHORT,              /* 200 */
 237        TPM_UNDEFINED,
 238        TPM_UNDEFINED,
 239        TPM_UNDEFINED,
 240        TPM_SHORT,
 241        TPM_SHORT,              /* 205 */
 242        TPM_SHORT,
 243        TPM_SHORT,
 244        TPM_SHORT,
 245        TPM_SHORT,
 246        TPM_MEDIUM,             /* 210 */
 247        TPM_UNDEFINED,
 248        TPM_MEDIUM,
 249        TPM_MEDIUM,
 250        TPM_MEDIUM,
 251        TPM_UNDEFINED,          /* 215 */
 252        TPM_MEDIUM,
 253        TPM_UNDEFINED,
 254        TPM_UNDEFINED,
 255        TPM_SHORT,
 256        TPM_SHORT,              /* 220 */
 257        TPM_SHORT,
 258        TPM_SHORT,
 259        TPM_SHORT,
 260        TPM_SHORT,
 261        TPM_UNDEFINED,          /* 225 */
 262        TPM_UNDEFINED,
 263        TPM_UNDEFINED,
 264        TPM_UNDEFINED,
 265        TPM_UNDEFINED,
 266        TPM_SHORT,              /* 230 */
 267        TPM_LONG,
 268        TPM_MEDIUM,
 269        TPM_UNDEFINED,
 270        TPM_UNDEFINED,
 271        TPM_UNDEFINED,          /* 235 */
 272        TPM_UNDEFINED,
 273        TPM_UNDEFINED,
 274        TPM_UNDEFINED,
 275        TPM_UNDEFINED,
 276        TPM_SHORT,              /* 240 */
 277        TPM_UNDEFINED,
 278        TPM_MEDIUM,
 279};
 280
 281/**
 282 * tpm1_calc_ordinal_duration() - calculate the maximum command duration
 283 * @chip:    TPM chip to use.
 284 * @ordinal: TPM command ordinal.
 285 *
 286 * The function returns the maximum amount of time the chip could take
 287 * to return the result for a particular ordinal in jiffies.
 288 *
 289 * Return: A maximal duration time for an ordinal in jiffies.
 290 */
 291unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
 292{
 293        int duration_idx = TPM_UNDEFINED;
 294        int duration = 0;
 295
 296        /*
 297         * We only have a duration table for protected commands, where the upper
 298         * 16 bits are 0. For the few other ordinals the fallback will be used.
 299         */
 300        if (ordinal < TPM_MAX_ORDINAL)
 301                duration_idx = tpm1_ordinal_duration[ordinal];
 302
 303        if (duration_idx != TPM_UNDEFINED)
 304                duration = chip->duration[duration_idx];
 305        if (duration <= 0)
 306                return 2 * 60 * HZ;
 307        else
 308                return duration;
 309}
 310
 311#define TPM_ORD_STARTUP 153
 312#define TPM_ST_CLEAR 1
 313
 314/**
 315 * tpm_startup() - turn on the TPM
 316 * @chip: TPM chip to use
 317 *
 318 * Normally the firmware should start the TPM. This function is provided as a
 319 * workaround if this does not happen. A legal case for this could be for
 320 * example when a TPM emulator is used.
 321 *
 322 * Return: same as tpm_transmit_cmd()
 323 */
 324static int tpm1_startup(struct tpm_chip *chip)
 325{
 326        struct tpm_buf buf;
 327        int rc;
 328
 329        dev_info(&chip->dev, "starting up the TPM manually\n");
 330
 331        rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_STARTUP);
 332        if (rc < 0)
 333                return rc;
 334
 335        tpm_buf_append_u16(&buf, TPM_ST_CLEAR);
 336
 337        rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to start the TPM");
 338        tpm_buf_destroy(&buf);
 339        return rc;
 340}
 341
 342int tpm1_get_timeouts(struct tpm_chip *chip)
 343{
 344        cap_t cap;
 345        unsigned long timeout_old[4], timeout_chip[4], timeout_eff[4];
 346        unsigned long durations[3];
 347        ssize_t rc;
 348
 349        rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL,
 350                         sizeof(cap.timeout));
 351        if (rc == TPM_ERR_INVALID_POSTINIT) {
 352                if (tpm1_startup(chip))
 353                        return rc;
 354
 355                rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap,
 356                                 "attempting to determine the timeouts",
 357                                 sizeof(cap.timeout));
 358        }
 359
 360        if (rc) {
 361                dev_err(&chip->dev, "A TPM error (%zd) occurred attempting to determine the timeouts\n",
 362                        rc);
 363                return rc;
 364        }
 365
 366        timeout_old[0] = jiffies_to_usecs(chip->timeout_a);
 367        timeout_old[1] = jiffies_to_usecs(chip->timeout_b);
 368        timeout_old[2] = jiffies_to_usecs(chip->timeout_c);
 369        timeout_old[3] = jiffies_to_usecs(chip->timeout_d);
 370        timeout_chip[0] = be32_to_cpu(cap.timeout.a);
 371        timeout_chip[1] = be32_to_cpu(cap.timeout.b);
 372        timeout_chip[2] = be32_to_cpu(cap.timeout.c);
 373        timeout_chip[3] = be32_to_cpu(cap.timeout.d);
 374        memcpy(timeout_eff, timeout_chip, sizeof(timeout_eff));
 375
 376        /*
 377         * Provide ability for vendor overrides of timeout values in case
 378         * of misreporting.
 379         */
 380        if (chip->ops->update_timeouts)
 381                chip->ops->update_timeouts(chip, timeout_eff);
 382
 383        if (!chip->timeout_adjusted) {
 384                /* Restore default if chip reported 0 */
 385                unsigned int i;
 386
 387                for (i = 0; i < ARRAY_SIZE(timeout_eff); i++) {
 388                        if (timeout_eff[i])
 389                                continue;
 390
 391                        timeout_eff[i] = timeout_old[i];
 392                        chip->timeout_adjusted = true;
 393                }
 394
 395                if (timeout_eff[0] != 0 && timeout_eff[0] < 1000) {
 396                        /* timeouts in msec rather usec */
 397                        for (i = 0; i != ARRAY_SIZE(timeout_eff); i++)
 398                                timeout_eff[i] *= 1000;
 399                        chip->timeout_adjusted = true;
 400                }
 401        }
 402
 403        /* Report adjusted timeouts */
 404        if (chip->timeout_adjusted) {
 405                dev_info(&chip->dev, HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n",
 406                         timeout_chip[0], timeout_eff[0],
 407                         timeout_chip[1], timeout_eff[1],
 408                         timeout_chip[2], timeout_eff[2],
 409                         timeout_chip[3], timeout_eff[3]);
 410        }
 411
 412        chip->timeout_a = usecs_to_jiffies(timeout_eff[0]);
 413        chip->timeout_b = usecs_to_jiffies(timeout_eff[1]);
 414        chip->timeout_c = usecs_to_jiffies(timeout_eff[2]);
 415        chip->timeout_d = usecs_to_jiffies(timeout_eff[3]);
 416
 417        rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_DURATION, &cap,
 418                         "attempting to determine the durations",
 419                          sizeof(cap.duration));
 420        if (rc)
 421                return rc;
 422
 423        chip->duration[TPM_SHORT] =
 424                usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_short));
 425        chip->duration[TPM_MEDIUM] =
 426                usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_medium));
 427        chip->duration[TPM_LONG] =
 428                usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_long));
 429        chip->duration[TPM_LONG_LONG] = 0; /* not used under 1.2 */
 430
 431        /*
 432         * Provide the ability for vendor overrides of duration values in case
 433         * of misreporting.
 434         */
 435        if (chip->ops->update_durations)
 436                chip->ops->update_durations(chip, durations);
 437
 438        if (chip->duration_adjusted) {
 439                dev_info(&chip->dev, HW_ERR "Adjusting reported durations.");
 440                chip->duration[TPM_SHORT] = durations[0];
 441                chip->duration[TPM_MEDIUM] = durations[1];
 442                chip->duration[TPM_LONG] = durations[2];
 443        }
 444
 445        /* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above
 446         * value wrong and apparently reports msecs rather than usecs. So we
 447         * fix up the resulting too-small TPM_SHORT value to make things work.
 448         * We also scale the TPM_MEDIUM and -_LONG values by 1000.
 449         */
 450        if (chip->duration[TPM_SHORT] < (HZ / 100)) {
 451                chip->duration[TPM_SHORT] = HZ;
 452                chip->duration[TPM_MEDIUM] *= 1000;
 453                chip->duration[TPM_LONG] *= 1000;
 454                chip->duration_adjusted = true;
 455                dev_info(&chip->dev, "Adjusting TPM timeout parameters.");
 456        }
 457
 458        chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS;
 459        return 0;
 460}
 461
 462#define TPM_ORD_PCR_EXTEND 20
 463int tpm1_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash,
 464                    const char *log_msg)
 465{
 466        struct tpm_buf buf;
 467        int rc;
 468
 469        rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCR_EXTEND);
 470        if (rc)
 471                return rc;
 472
 473        tpm_buf_append_u32(&buf, pcr_idx);
 474        tpm_buf_append(&buf, hash, TPM_DIGEST_SIZE);
 475
 476        rc = tpm_transmit_cmd(chip, &buf, TPM_DIGEST_SIZE, log_msg);
 477        tpm_buf_destroy(&buf);
 478        return rc;
 479}
 480
 481#define TPM_ORD_GET_CAP 101
 482ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
 483                    const char *desc, size_t min_cap_length)
 484{
 485        struct tpm_buf buf;
 486        int rc;
 487
 488        rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_CAP);
 489        if (rc)
 490                return rc;
 491
 492        if (subcap_id == TPM_CAP_VERSION_1_1 ||
 493            subcap_id == TPM_CAP_VERSION_1_2) {
 494                tpm_buf_append_u32(&buf, subcap_id);
 495                tpm_buf_append_u32(&buf, 0);
 496        } else {
 497                if (subcap_id == TPM_CAP_FLAG_PERM ||
 498                    subcap_id == TPM_CAP_FLAG_VOL)
 499                        tpm_buf_append_u32(&buf, TPM_CAP_FLAG);
 500                else
 501                        tpm_buf_append_u32(&buf, TPM_CAP_PROP);
 502
 503                tpm_buf_append_u32(&buf, 4);
 504                tpm_buf_append_u32(&buf, subcap_id);
 505        }
 506        rc = tpm_transmit_cmd(chip, &buf, min_cap_length, desc);
 507        if (!rc)
 508                *cap = *(cap_t *)&buf.data[TPM_HEADER_SIZE + 4];
 509        tpm_buf_destroy(&buf);
 510        return rc;
 511}
 512EXPORT_SYMBOL_GPL(tpm1_getcap);
 513
 514#define TPM_ORD_GET_RANDOM 70
 515struct tpm1_get_random_out {
 516        __be32 rng_data_len;
 517        u8 rng_data[TPM_MAX_RNG_DATA];
 518} __packed;
 519
 520/**
 521 * tpm1_get_random() - get random bytes from the TPM's RNG
 522 * @chip:       a &struct tpm_chip instance
 523 * @dest:       destination buffer for the random bytes
 524 * @max:        the maximum number of bytes to write to @dest
 525 *
 526 * Return:
 527 * *  number of bytes read
 528 * * -errno (positive TPM return codes are masked to -EIO)
 529 */
 530int tpm1_get_random(struct tpm_chip *chip, u8 *dest, size_t max)
 531{
 532        struct tpm1_get_random_out *out;
 533        u32 num_bytes =  min_t(u32, max, TPM_MAX_RNG_DATA);
 534        struct tpm_buf buf;
 535        u32 total = 0;
 536        int retries = 5;
 537        u32 recd;
 538        int rc;
 539
 540        rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_RANDOM);
 541        if (rc)
 542                return rc;
 543
 544        do {
 545                tpm_buf_append_u32(&buf, num_bytes);
 546
 547                rc = tpm_transmit_cmd(chip, &buf, sizeof(out->rng_data_len),
 548                                      "attempting get random");
 549                if (rc) {
 550                        if (rc > 0)
 551                                rc = -EIO;
 552                        goto out;
 553                }
 554
 555                out = (struct tpm1_get_random_out *)&buf.data[TPM_HEADER_SIZE];
 556
 557                recd = be32_to_cpu(out->rng_data_len);
 558                if (recd > num_bytes) {
 559                        rc = -EFAULT;
 560                        goto out;
 561                }
 562
 563                if (tpm_buf_length(&buf) < TPM_HEADER_SIZE +
 564                                           sizeof(out->rng_data_len) + recd) {
 565                        rc = -EFAULT;
 566                        goto out;
 567                }
 568                memcpy(dest, out->rng_data, recd);
 569
 570                dest += recd;
 571                total += recd;
 572                num_bytes -= recd;
 573
 574                tpm_buf_reset(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_RANDOM);
 575        } while (retries-- && total < max);
 576
 577        rc = total ? (int)total : -EIO;
 578out:
 579        tpm_buf_destroy(&buf);
 580        return rc;
 581}
 582
 583#define TPM_ORD_PCRREAD 21
 584int tpm1_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
 585{
 586        struct tpm_buf buf;
 587        int rc;
 588
 589        rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCRREAD);
 590        if (rc)
 591                return rc;
 592
 593        tpm_buf_append_u32(&buf, pcr_idx);
 594
 595        rc = tpm_transmit_cmd(chip, &buf, TPM_DIGEST_SIZE,
 596                              "attempting to read a pcr value");
 597        if (rc)
 598                goto out;
 599
 600        if (tpm_buf_length(&buf) < TPM_DIGEST_SIZE) {
 601                rc = -EFAULT;
 602                goto out;
 603        }
 604
 605        memcpy(res_buf, &buf.data[TPM_HEADER_SIZE], TPM_DIGEST_SIZE);
 606
 607out:
 608        tpm_buf_destroy(&buf);
 609        return rc;
 610}
 611
 612#define TPM_ORD_CONTINUE_SELFTEST 83
 613/**
 614 * tpm_continue_selftest() - run TPM's selftest
 615 * @chip: TPM chip to use
 616 *
 617 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
 618 * a TPM error code.
 619 */
 620static int tpm1_continue_selftest(struct tpm_chip *chip)
 621{
 622        struct tpm_buf buf;
 623        int rc;
 624
 625        rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_CONTINUE_SELFTEST);
 626        if (rc)
 627                return rc;
 628
 629        rc = tpm_transmit_cmd(chip, &buf, 0, "continue selftest");
 630        tpm_buf_destroy(&buf);
 631        return rc;
 632}
 633
 634/**
 635 * tpm1_do_selftest - have the TPM continue its selftest and wait until it
 636 *                   can receive further commands
 637 * @chip: TPM chip to use
 638 *
 639 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
 640 * a TPM error code.
 641 */
 642int tpm1_do_selftest(struct tpm_chip *chip)
 643{
 644        int rc;
 645        unsigned int loops;
 646        unsigned int delay_msec = 100;
 647        unsigned long duration;
 648        u8 dummy[TPM_DIGEST_SIZE];
 649
 650        duration = tpm1_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST);
 651
 652        loops = jiffies_to_msecs(duration) / delay_msec;
 653
 654        rc = tpm1_continue_selftest(chip);
 655        if (rc == TPM_ERR_INVALID_POSTINIT) {
 656                chip->flags |= TPM_CHIP_FLAG_ALWAYS_POWERED;
 657                dev_info(&chip->dev, "TPM not ready (%d)\n", rc);
 658        }
 659        /* This may fail if there was no TPM driver during a suspend/resume
 660         * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST)
 661         */
 662        if (rc)
 663                return rc;
 664
 665        do {
 666                /* Attempt to read a PCR value */
 667                rc = tpm1_pcr_read(chip, 0, dummy);
 668
 669                /* Some buggy TPMs will not respond to tpm_tis_ready() for
 670                 * around 300ms while the self test is ongoing, keep trying
 671                 * until the self test duration expires.
 672                 */
 673                if (rc == -ETIME) {
 674                        dev_info(&chip->dev, HW_ERR "TPM command timed out during continue self test");
 675                        tpm_msleep(delay_msec);
 676                        continue;
 677                }
 678
 679                if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) {
 680                        dev_info(&chip->dev, "TPM is disabled/deactivated (0x%X)\n",
 681                                 rc);
 682                        /* TPM is disabled and/or deactivated; driver can
 683                         * proceed and TPM does handle commands for
 684                         * suspend/resume correctly
 685                         */
 686                        return 0;
 687                }
 688                if (rc != TPM_WARN_DOING_SELFTEST)
 689                        return rc;
 690                tpm_msleep(delay_msec);
 691        } while (--loops > 0);
 692
 693        return rc;
 694}
 695EXPORT_SYMBOL_GPL(tpm1_do_selftest);
 696
 697/**
 698 * tpm1_auto_startup - Perform the standard automatic TPM initialization
 699 *                     sequence
 700 * @chip: TPM chip to use
 701 *
 702 * Returns 0 on success, < 0 in case of fatal error.
 703 */
 704int tpm1_auto_startup(struct tpm_chip *chip)
 705{
 706        int rc;
 707
 708        rc = tpm1_get_timeouts(chip);
 709        if (rc)
 710                goto out;
 711        rc = tpm1_do_selftest(chip);
 712        if (rc) {
 713                dev_err(&chip->dev, "TPM self test failed\n");
 714                goto out;
 715        }
 716
 717        return rc;
 718out:
 719        if (rc > 0)
 720                rc = -ENODEV;
 721        return rc;
 722}
 723
 724#define TPM_ORD_SAVESTATE 152
 725
 726/**
 727 * tpm1_pm_suspend() - pm suspend handler
 728 * @chip: TPM chip to use.
 729 * @tpm_suspend_pcr: flush pcr for buggy TPM chips.
 730 *
 731 * The functions saves the TPM state to be restored on resume.
 732 *
 733 * Return:
 734 * * 0 on success,
 735 * * < 0 on error.
 736 */
 737int tpm1_pm_suspend(struct tpm_chip *chip, u32 tpm_suspend_pcr)
 738{
 739        u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 };
 740        struct tpm_buf buf;
 741        unsigned int try;
 742        int rc;
 743
 744
 745        /* for buggy tpm, flush pcrs with extend to selected dummy */
 746        if (tpm_suspend_pcr)
 747                rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash,
 748                                     "extending dummy pcr before suspend");
 749
 750        rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_SAVESTATE);
 751        if (rc)
 752                return rc;
 753        /* now do the actual savestate */
 754        for (try = 0; try < TPM_RETRY; try++) {
 755                rc = tpm_transmit_cmd(chip, &buf, 0, NULL);
 756                /*
 757                 * If the TPM indicates that it is too busy to respond to
 758                 * this command then retry before giving up.  It can take
 759                 * several seconds for this TPM to be ready.
 760                 *
 761                 * This can happen if the TPM has already been sent the
 762                 * SaveState command before the driver has loaded.  TCG 1.2
 763                 * specification states that any communication after SaveState
 764                 * may cause the TPM to invalidate previously saved state.
 765                 */
 766                if (rc != TPM_WARN_RETRY)
 767                        break;
 768                tpm_msleep(TPM_TIMEOUT_RETRY);
 769
 770                tpm_buf_reset(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_SAVESTATE);
 771        }
 772
 773        if (rc)
 774                dev_err(&chip->dev, "Error (%d) sending savestate before suspend\n",
 775                        rc);
 776        else if (try > 0)
 777                dev_warn(&chip->dev, "TPM savestate took %dms\n",
 778                         try * TPM_TIMEOUT_RETRY);
 779
 780        tpm_buf_destroy(&buf);
 781
 782        return rc;
 783}
 784
 785/**
 786 * tpm1_get_pcr_allocation() - initialize the allocated bank
 787 * @chip: TPM chip to use.
 788 *
 789 * The function initializes the SHA1 allocated bank to extend PCR
 790 *
 791 * Return:
 792 * * 0 on success,
 793 * * < 0 on error.
 794 */
 795int tpm1_get_pcr_allocation(struct tpm_chip *chip)
 796{
 797        chip->allocated_banks = kcalloc(1, sizeof(*chip->allocated_banks),
 798                                        GFP_KERNEL);
 799        if (!chip->allocated_banks)
 800                return -ENOMEM;
 801
 802        chip->allocated_banks[0].alg_id = TPM_ALG_SHA1;
 803        chip->allocated_banks[0].digest_size = hash_digest_size[HASH_ALGO_SHA1];
 804        chip->allocated_banks[0].crypto_id = HASH_ALGO_SHA1;
 805        chip->nr_allocated_banks = 1;
 806
 807        return 0;
 808}
 809