LXR linux/drivers/char/tpm/tpm-interface.c

   1/*
   2 * Copyright (C) 2004 IBM Corporation
   3 * Copyright (C) 2014 Intel Corporation
   4 *
   5 * Authors:
   6 * Leendert van Doorn <leendert@watson.ibm.com>
   7 * Dave Safford <safford@watson.ibm.com>
   8 * Reiner Sailer <sailer@watson.ibm.com>
   9 * Kylene Hall <kjhall@us.ibm.com>
  10 *
  11 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
  12 *
  13 * Device driver for TCG/TCPA TPM (trusted platform module).
  14 * Specifications at www.trustedcomputinggroup.org
  15 *
  16 * This program is free software; you can redistribute it and/or
  17 * modify it under the terms of the GNU General Public License as
  18 * published by the Free Software Foundation, version 2 of the
  19 * License.
  20 *
  21 * Note, the TPM chip is not interrupt driven (only polling)
  22 * and can have very long timeouts (minutes!). Hence the unusual
  23 * calls to msleep.
  24 *
  25 */
  26
  27#include <linux/poll.h>
  28#include <linux/slab.h>
  29#include <linux/mutex.h>
  30#include <linux/spinlock.h>
  31#include <linux/freezer.h>
  32#include <linux/tpm_eventlog.h>
  33
  34#include "tpm.h"
  35
  36#define TPM_MAX_ORDINAL 243
  37#define TSC_MAX_ORDINAL 12
  38#define TPM_PROTECTED_COMMAND 0x00
  39#define TPM_CONNECTION_COMMAND 0x40
  40
  41/*
  42 * Bug workaround - some TPM's don't flush the most
  43 * recently changed pcr on suspend, so force the flush
  44 * with an extend to the selected _unused_ non-volatile pcr.
  45 */
  46static int tpm_suspend_pcr;
  47module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644);
  48MODULE_PARM_DESC(suspend_pcr,
  49                 "PCR to use for dummy writes to facilitate flush on suspend.");
  50
  51/*
  52 * Array with one entry per ordinal defining the maximum amount
  53 * of time the chip could take to return the result.  The ordinal
  54 * designation of short, medium or long is defined in a table in
  55 * TCG Specification TPM Main Part 2 TPM Structures Section 17. The
  56 * values of the SHORT, MEDIUM, and LONG durations are retrieved
  57 * from the chip during initialization with a call to tpm_get_timeouts.
  58 */
  59static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = {
  60        TPM_UNDEFINED,          /* 0 */
  61        TPM_UNDEFINED,
  62        TPM_UNDEFINED,
  63        TPM_UNDEFINED,
  64        TPM_UNDEFINED,
  65        TPM_UNDEFINED,          /* 5 */
  66        TPM_UNDEFINED,
  67        TPM_UNDEFINED,
  68        TPM_UNDEFINED,
  69        TPM_UNDEFINED,
  70        TPM_SHORT,              /* 10 */
  71        TPM_SHORT,
  72        TPM_MEDIUM,
  73        TPM_LONG,
  74        TPM_LONG,
  75        TPM_MEDIUM,             /* 15 */
  76        TPM_SHORT,
  77        TPM_SHORT,
  78        TPM_MEDIUM,
  79        TPM_LONG,
  80        TPM_SHORT,              /* 20 */
  81        TPM_SHORT,
  82        TPM_MEDIUM,
  83        TPM_MEDIUM,
  84        TPM_MEDIUM,
  85        TPM_SHORT,              /* 25 */
  86        TPM_SHORT,
  87        TPM_MEDIUM,
  88        TPM_SHORT,
  89        TPM_SHORT,
  90        TPM_MEDIUM,             /* 30 */
  91        TPM_LONG,
  92        TPM_MEDIUM,
  93        TPM_SHORT,
  94        TPM_SHORT,
  95        TPM_SHORT,              /* 35 */
  96        TPM_MEDIUM,
  97        TPM_MEDIUM,
  98        TPM_UNDEFINED,
  99        TPM_UNDEFINED,
 100        TPM_MEDIUM,             /* 40 */
 101        TPM_LONG,
 102        TPM_MEDIUM,
 103        TPM_SHORT,
 104        TPM_SHORT,
 105        TPM_SHORT,              /* 45 */
 106        TPM_SHORT,
 107        TPM_SHORT,
 108        TPM_SHORT,
 109        TPM_LONG,
 110        TPM_MEDIUM,             /* 50 */
 111        TPM_MEDIUM,
 112        TPM_UNDEFINED,
 113        TPM_UNDEFINED,
 114        TPM_UNDEFINED,
 115        TPM_UNDEFINED,          /* 55 */
 116        TPM_UNDEFINED,
 117        TPM_UNDEFINED,
 118        TPM_UNDEFINED,
 119        TPM_UNDEFINED,
 120        TPM_MEDIUM,             /* 60 */
 121        TPM_MEDIUM,
 122        TPM_MEDIUM,
 123        TPM_SHORT,
 124        TPM_SHORT,
 125        TPM_MEDIUM,             /* 65 */
 126        TPM_UNDEFINED,
 127        TPM_UNDEFINED,
 128        TPM_UNDEFINED,
 129        TPM_UNDEFINED,
 130        TPM_SHORT,              /* 70 */
 131        TPM_SHORT,
 132        TPM_UNDEFINED,
 133        TPM_UNDEFINED,
 134        TPM_UNDEFINED,
 135        TPM_UNDEFINED,          /* 75 */
 136        TPM_UNDEFINED,
 137        TPM_UNDEFINED,
 138        TPM_UNDEFINED,
 139        TPM_UNDEFINED,
 140        TPM_LONG,               /* 80 */
 141        TPM_UNDEFINED,
 142        TPM_MEDIUM,
 143        TPM_LONG,
 144        TPM_SHORT,
 145        TPM_UNDEFINED,          /* 85 */
 146        TPM_UNDEFINED,
 147        TPM_UNDEFINED,
 148        TPM_UNDEFINED,
 149        TPM_UNDEFINED,
 150        TPM_SHORT,              /* 90 */
 151        TPM_SHORT,
 152        TPM_SHORT,
 153        TPM_SHORT,
 154        TPM_SHORT,
 155        TPM_UNDEFINED,          /* 95 */
 156        TPM_UNDEFINED,
 157        TPM_UNDEFINED,
 158        TPM_UNDEFINED,
 159        TPM_UNDEFINED,
 160        TPM_MEDIUM,             /* 100 */
 161        TPM_SHORT,
 162        TPM_SHORT,
 163        TPM_UNDEFINED,
 164        TPM_UNDEFINED,
 165        TPM_UNDEFINED,          /* 105 */
 166        TPM_UNDEFINED,
 167        TPM_UNDEFINED,
 168        TPM_UNDEFINED,
 169        TPM_UNDEFINED,
 170        TPM_SHORT,              /* 110 */
 171        TPM_SHORT,
 172        TPM_SHORT,
 173        TPM_SHORT,
 174        TPM_SHORT,
 175        TPM_SHORT,              /* 115 */
 176        TPM_SHORT,
 177        TPM_SHORT,
 178        TPM_UNDEFINED,
 179        TPM_UNDEFINED,
 180        TPM_LONG,               /* 120 */
 181        TPM_LONG,
 182        TPM_MEDIUM,
 183        TPM_UNDEFINED,
 184        TPM_SHORT,
 185        TPM_SHORT,              /* 125 */
 186        TPM_SHORT,
 187        TPM_LONG,
 188        TPM_SHORT,
 189        TPM_SHORT,
 190        TPM_SHORT,              /* 130 */
 191        TPM_MEDIUM,
 192        TPM_UNDEFINED,
 193        TPM_SHORT,
 194        TPM_MEDIUM,
 195        TPM_UNDEFINED,          /* 135 */
 196        TPM_UNDEFINED,
 197        TPM_UNDEFINED,
 198        TPM_UNDEFINED,
 199        TPM_UNDEFINED,
 200        TPM_SHORT,              /* 140 */
 201        TPM_SHORT,
 202        TPM_UNDEFINED,
 203        TPM_UNDEFINED,
 204        TPM_UNDEFINED,
 205        TPM_UNDEFINED,          /* 145 */
 206        TPM_UNDEFINED,
 207        TPM_UNDEFINED,
 208        TPM_UNDEFINED,
 209        TPM_UNDEFINED,
 210        TPM_SHORT,              /* 150 */
 211        TPM_MEDIUM,
 212        TPM_MEDIUM,
 213        TPM_SHORT,
 214        TPM_SHORT,
 215        TPM_UNDEFINED,          /* 155 */
 216        TPM_UNDEFINED,
 217        TPM_UNDEFINED,
 218        TPM_UNDEFINED,
 219        TPM_UNDEFINED,
 220        TPM_SHORT,              /* 160 */
 221        TPM_SHORT,
 222        TPM_SHORT,
 223        TPM_SHORT,
 224        TPM_UNDEFINED,
 225        TPM_UNDEFINED,          /* 165 */
 226        TPM_UNDEFINED,
 227        TPM_UNDEFINED,
 228        TPM_UNDEFINED,
 229        TPM_UNDEFINED,
 230        TPM_LONG,               /* 170 */
 231        TPM_UNDEFINED,
 232        TPM_UNDEFINED,
 233        TPM_UNDEFINED,
 234        TPM_UNDEFINED,
 235        TPM_UNDEFINED,          /* 175 */
 236        TPM_UNDEFINED,
 237        TPM_UNDEFINED,
 238        TPM_UNDEFINED,
 239        TPM_UNDEFINED,
 240        TPM_MEDIUM,             /* 180 */
 241        TPM_SHORT,
 242        TPM_MEDIUM,
 243        TPM_MEDIUM,
 244        TPM_MEDIUM,
 245        TPM_MEDIUM,             /* 185 */
 246        TPM_SHORT,
 247        TPM_UNDEFINED,
 248        TPM_UNDEFINED,
 249        TPM_UNDEFINED,
 250        TPM_UNDEFINED,          /* 190 */
 251        TPM_UNDEFINED,
 252        TPM_UNDEFINED,
 253        TPM_UNDEFINED,
 254        TPM_UNDEFINED,
 255        TPM_UNDEFINED,          /* 195 */
 256        TPM_UNDEFINED,
 257        TPM_UNDEFINED,
 258        TPM_UNDEFINED,
 259        TPM_UNDEFINED,
 260        TPM_SHORT,              /* 200 */
 261        TPM_UNDEFINED,
 262        TPM_UNDEFINED,
 263        TPM_UNDEFINED,
 264        TPM_SHORT,
 265        TPM_SHORT,              /* 205 */
 266        TPM_SHORT,
 267        TPM_SHORT,
 268        TPM_SHORT,
 269        TPM_SHORT,
 270        TPM_MEDIUM,             /* 210 */
 271        TPM_UNDEFINED,
 272        TPM_MEDIUM,
 273        TPM_MEDIUM,
 274        TPM_MEDIUM,
 275        TPM_UNDEFINED,          /* 215 */
 276        TPM_MEDIUM,
 277        TPM_UNDEFINED,
 278        TPM_UNDEFINED,
 279        TPM_SHORT,
 280        TPM_SHORT,              /* 220 */
 281        TPM_SHORT,
 282        TPM_SHORT,
 283        TPM_SHORT,
 284        TPM_SHORT,
 285        TPM_UNDEFINED,          /* 225 */
 286        TPM_UNDEFINED,
 287        TPM_UNDEFINED,
 288        TPM_UNDEFINED,
 289        TPM_UNDEFINED,
 290        TPM_SHORT,              /* 230 */
 291        TPM_LONG,
 292        TPM_MEDIUM,
 293        TPM_UNDEFINED,
 294        TPM_UNDEFINED,
 295        TPM_UNDEFINED,          /* 235 */
 296        TPM_UNDEFINED,
 297        TPM_UNDEFINED,
 298        TPM_UNDEFINED,
 299        TPM_UNDEFINED,
 300        TPM_SHORT,              /* 240 */
 301        TPM_UNDEFINED,
 302        TPM_MEDIUM,
 303};
 304
 305/*
 306 * Returns max number of jiffies to wait
 307 */
 308unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip,
 309                                           u32 ordinal)
 310{
 311        int duration_idx = TPM_UNDEFINED;
 312        int duration = 0;
 313
 314        /*
 315         * We only have a duration table for protected commands, where the upper
 316         * 16 bits are 0. For the few other ordinals the fallback will be used.
 317         */
 318        if (ordinal < TPM_MAX_ORDINAL)
 319                duration_idx = tpm_ordinal_duration[ordinal];
 320
 321        if (duration_idx != TPM_UNDEFINED)
 322                duration = chip->duration[duration_idx];
 323        if (duration <= 0)
 324                return 2 * 60 * HZ;
 325        else
 326                return duration;
 327}
 328EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration);
 329
 330static int tpm_validate_command(struct tpm_chip *chip,
 331                                 struct tpm_space *space,
 332                                 const u8 *cmd,
 333                                 size_t len)
 334{
 335        const struct tpm_input_header *header = (const void *)cmd;
 336        int i;
 337        u32 cc;
 338        u32 attrs;
 339        unsigned int nr_handles;
 340
 341        if (len < TPM_HEADER_SIZE)
 342                return -EINVAL;
 343
 344        if (!space)
 345                return 0;
 346
 347        if (chip->flags & TPM_CHIP_FLAG_TPM2 && chip->nr_commands) {
 348                cc = be32_to_cpu(header->ordinal);
 349
 350                i = tpm2_find_cc(chip, cc);
 351                if (i < 0) {
 352                        dev_dbg(&chip->dev, "0x%04X is an invalid command\n",
 353                                cc);
 354                        return -EOPNOTSUPP;
 355                }
 356
 357                attrs = chip->cc_attrs_tbl[i];
 358                nr_handles =
 359                        4 * ((attrs >> TPM2_CC_ATTR_CHANDLES) & GENMASK(2, 0));
 360                if (len < TPM_HEADER_SIZE + 4 * nr_handles)
 361                        goto err_len;
 362        }
 363
 364        return 0;
 365err_len:
 366        dev_dbg(&chip->dev,
 367                "%s: insufficient command length %zu", __func__, len);
 368        return -EINVAL;
 369}
 370
 371static int tpm_request_locality(struct tpm_chip *chip, unsigned int flags)
 372{
 373        int rc;
 374
 375        if (flags & TPM_TRANSMIT_NESTED)
 376                return 0;
 377
 378        if (!chip->ops->request_locality)
 379                return 0;
 380
 381        rc = chip->ops->request_locality(chip, 0);
 382        if (rc < 0)
 383                return rc;
 384
 385        chip->locality = rc;
 386
 387        return 0;
 388}
 389
 390static void tpm_relinquish_locality(struct tpm_chip *chip, unsigned int flags)
 391{
 392        int rc;
 393
 394        if (flags & TPM_TRANSMIT_NESTED)
 395                return;
 396
 397        if (!chip->ops->relinquish_locality)
 398                return;
 399
 400        rc = chip->ops->relinquish_locality(chip, chip->locality);
 401        if (rc)
 402                dev_err(&chip->dev, "%s: : error %d\n", __func__, rc);
 403
 404        chip->locality = -1;
 405}
 406
 407static int tpm_cmd_ready(struct tpm_chip *chip, unsigned int flags)
 408{
 409        if (flags & TPM_TRANSMIT_NESTED)
 410                return 0;
 411
 412        if (!chip->ops->cmd_ready)
 413                return 0;
 414
 415        return chip->ops->cmd_ready(chip);
 416}
 417
 418static int tpm_go_idle(struct tpm_chip *chip, unsigned int flags)
 419{
 420        if (flags & TPM_TRANSMIT_NESTED)
 421                return 0;
 422
 423        if (!chip->ops->go_idle)
 424                return 0;
 425
 426        return chip->ops->go_idle(chip);
 427}
 428
 429static ssize_t tpm_try_transmit(struct tpm_chip *chip,
 430                                struct tpm_space *space,
 431                                u8 *buf, size_t bufsiz,
 432                                unsigned int flags)
 433{
 434        struct tpm_output_header *header = (void *)buf;
 435        int rc;
 436        ssize_t len = 0;
 437        u32 count, ordinal;
 438        unsigned long stop;
 439        bool need_locality;
 440
 441        rc = tpm_validate_command(chip, space, buf, bufsiz);
 442        if (rc == -EINVAL)
 443                return rc;
 444        /*
 445         * If the command is not implemented by the TPM, synthesize a
 446         * response with a TPM2_RC_COMMAND_CODE return for user-space.
 447         */
 448        if (rc == -EOPNOTSUPP) {
 449                header->length = cpu_to_be32(sizeof(*header));
 450                header->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS);
 451                header->return_code = cpu_to_be32(TPM2_RC_COMMAND_CODE |
 452                                                  TSS2_RESMGR_TPM_RC_LAYER);
 453                return sizeof(*header);
 454        }
 455
 456        if (bufsiz > TPM_BUFSIZE)
 457                bufsiz = TPM_BUFSIZE;
 458
 459        count = be32_to_cpu(*((__be32 *) (buf + 2)));
 460        ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
 461        if (count == 0)
 462                return -ENODATA;
 463        if (count > bufsiz) {
 464                dev_err(&chip->dev,
 465                        "invalid count value %x %zx\n", count, bufsiz);
 466                return -E2BIG;
 467        }
 468
 469        if (!(flags & TPM_TRANSMIT_UNLOCKED) && !(flags & TPM_TRANSMIT_NESTED))
 470                mutex_lock(&chip->tpm_mutex);
 471
 472        if (chip->ops->clk_enable != NULL)
 473                chip->ops->clk_enable(chip, true);
 474
 475        /* Store the decision as chip->locality will be changed. */
 476        need_locality = chip->locality == -1;
 477
 478        if (need_locality) {
 479                rc = tpm_request_locality(chip, flags);
 480                if (rc < 0)
 481                        goto out_no_locality;
 482        }
 483
 484        rc = tpm_cmd_ready(chip, flags);
 485        if (rc)
 486                goto out;
 487
 488        rc = tpm2_prepare_space(chip, space, ordinal, buf);
 489        if (rc)
 490                goto out;
 491
 492        rc = chip->ops->send(chip, buf, count);
 493        if (rc < 0) {
 494                if (rc != -EPIPE)
 495                        dev_err(&chip->dev,
 496                                "%s: tpm_send: error %d\n", __func__, rc);
 497                goto out;
 498        }
 499
 500        if (chip->flags & TPM_CHIP_FLAG_IRQ)
 501                goto out_recv;
 502
 503        if (chip->flags & TPM_CHIP_FLAG_TPM2)
 504                stop = jiffies + tpm2_calc_ordinal_duration(chip, ordinal);
 505        else
 506                stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal);
 507        do {
 508                u8 status = chip->ops->status(chip);
 509                if ((status & chip->ops->req_complete_mask) ==
 510                    chip->ops->req_complete_val)
 511                        goto out_recv;
 512
 513                if (chip->ops->req_canceled(chip, status)) {
 514                        dev_err(&chip->dev, "Operation Canceled\n");
 515                        rc = -ECANCELED;
 516                        goto out;
 517                }
 518
 519                tpm_msleep(TPM_TIMEOUT_POLL);
 520                rmb();
 521        } while (time_before(jiffies, stop));
 522
 523        chip->ops->cancel(chip);
 524        dev_err(&chip->dev, "Operation Timed out\n");
 525        rc = -ETIME;
 526        goto out;
 527
 528out_recv:
 529        len = chip->ops->recv(chip, buf, bufsiz);
 530        if (len < 0) {
 531                rc = len;
 532                dev_err(&chip->dev,
 533                        "tpm_transmit: tpm_recv: error %d\n", rc);
 534                goto out;
 535        } else if (len < TPM_HEADER_SIZE) {
 536                rc = -EFAULT;
 537                goto out;
 538        }
 539
 540        if (len != be32_to_cpu(header->length)) {
 541                rc = -EFAULT;
 542                goto out;
 543        }
 544
 545        rc = tpm2_commit_space(chip, space, ordinal, buf, &len);
 546        if (rc)
 547                dev_err(&chip->dev, "tpm2_commit_space: error %d\n", rc);
 548
 549out:
 550        rc = tpm_go_idle(chip, flags);
 551        if (rc)
 552                goto out;
 553
 554        if (need_locality)
 555                tpm_relinquish_locality(chip, flags);
 556
 557out_no_locality:
 558        if (chip->ops->clk_enable != NULL)
 559                chip->ops->clk_enable(chip, false);
 560
 561        if (!(flags & TPM_TRANSMIT_UNLOCKED) && !(flags & TPM_TRANSMIT_NESTED))
 562                mutex_unlock(&chip->tpm_mutex);
 563        return rc ? rc : len;
 564}
 565
 566/**
 567 * tpm_transmit - Internal kernel interface to transmit TPM commands.
 568 *
 569 * @chip: TPM chip to use
 570 * @space: tpm space
 571 * @buf: TPM command buffer
 572 * @bufsiz: length of the TPM command buffer
 573 * @flags: tpm transmit flags - bitmap
 574 *
 575 * A wrapper around tpm_try_transmit that handles TPM2_RC_RETRY
 576 * returns from the TPM and retransmits the command after a delay up
 577 * to a maximum wait of TPM2_DURATION_LONG.
 578 *
 579 * Note: TPM1 never returns TPM2_RC_RETRY so the retry logic is TPM2
 580 * only
 581 *
 582 * Return:
 583 *     the length of the return when the operation is successful.
 584 *     A negative number for system errors (errno).
 585 */
 586ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space,
 587                     u8 *buf, size_t bufsiz, unsigned int flags)
 588{
 589        struct tpm_output_header *header = (struct tpm_output_header *)buf;
 590        /* space for header and handles */
 591        u8 save[TPM_HEADER_SIZE + 3*sizeof(u32)];
 592        unsigned int delay_msec = TPM2_DURATION_SHORT;
 593        u32 rc = 0;
 594        ssize_t ret;
 595        const size_t save_size = min(space ? sizeof(save) : TPM_HEADER_SIZE,
 596                                     bufsiz);
 597        /* the command code is where the return code will be */
 598        u32 cc = be32_to_cpu(header->return_code);
 599
 600        /*
 601         * Subtlety here: if we have a space, the handles will be
 602         * transformed, so when we restore the header we also have to
 603         * restore the handles.
 604         */
 605        memcpy(save, buf, save_size);
 606
 607        for (;;) {
 608                ret = tpm_try_transmit(chip, space, buf, bufsiz, flags);
 609                if (ret < 0)
 610                        break;
 611                rc = be32_to_cpu(header->return_code);
 612                if (rc != TPM2_RC_RETRY && rc != TPM2_RC_TESTING)
 613                        break;
 614                /*
 615                 * return immediately if self test returns test
 616                 * still running to shorten boot time.
 617                 */
 618                if (rc == TPM2_RC_TESTING && cc == TPM2_CC_SELF_TEST)
 619                        break;
 620
 621                if (delay_msec > TPM2_DURATION_LONG) {
 622                        if (rc == TPM2_RC_RETRY)
 623                                dev_err(&chip->dev, "in retry loop\n");
 624                        else
 625                                dev_err(&chip->dev,
 626                                        "self test is still running\n");
 627                        break;
 628                }
 629                tpm_msleep(delay_msec);
 630                delay_msec *= 2;
 631                memcpy(buf, save, save_size);
 632        }
 633        return ret;
 634}
 635/**
 636 * tpm_transmit_cmd - send a tpm command to the device
 637 *    The function extracts tpm out header return code
 638 *
 639 * @chip: TPM chip to use
 640 * @space: tpm space
 641 * @buf: TPM command buffer
 642 * @bufsiz: length of the buffer
 643 * @min_rsp_body_length: minimum expected length of response body
 644 * @flags: tpm transmit flags - bitmap
 645 * @desc: command description used in the error message
 646 *
 647 * Return:
 648 *     0 when the operation is successful.
 649 *     A negative number for system errors (errno).
 650 *     A positive number for a TPM error.
 651 */
 652ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space,
 653                         void *buf, size_t bufsiz,
 654                         size_t min_rsp_body_length, unsigned int flags,
 655                         const char *desc)
 656{
 657        const struct tpm_output_header *header = buf;
 658        int err;
 659        ssize_t len;
 660
 661        len = tpm_transmit(chip, space, buf, bufsiz, flags);
 662        if (len <  0)
 663                return len;
 664
 665        err = be32_to_cpu(header->return_code);
 666        if (err != 0 && desc)
 667                dev_err(&chip->dev, "A TPM error (%d) occurred %s\n", err,
 668                        desc);
 669        if (err)
 670                return err;
 671
 672        if (len < min_rsp_body_length + TPM_HEADER_SIZE)
 673                return -EFAULT;
 674
 675        return 0;
 676}
 677EXPORT_SYMBOL_GPL(tpm_transmit_cmd);
 678
 679#define TPM_ORD_STARTUP 153
 680#define TPM_ST_CLEAR 1
 681
 682/**
 683 * tpm_startup - turn on the TPM
 684 * @chip: TPM chip to use
 685 *
 686 * Normally the firmware should start the TPM. This function is provided as a
 687 * workaround if this does not happen. A legal case for this could be for
 688 * example when a TPM emulator is used.
 689 *
 690 * Return: same as tpm_transmit_cmd()
 691 */
 692int tpm_startup(struct tpm_chip *chip)
 693{
 694        struct tpm_buf buf;
 695        int rc;
 696
 697        dev_info(&chip->dev, "starting up the TPM manually\n");
 698
 699        if (chip->flags & TPM_CHIP_FLAG_TPM2) {
 700                rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_STARTUP);
 701                if (rc < 0)
 702                        return rc;
 703
 704                tpm_buf_append_u16(&buf, TPM2_SU_CLEAR);
 705        } else {
 706                rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_STARTUP);
 707                if (rc < 0)
 708                        return rc;
 709
 710                tpm_buf_append_u16(&buf, TPM_ST_CLEAR);
 711        }
 712
 713        rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0,
 714                              "attempting to start the TPM");
 715
 716        tpm_buf_destroy(&buf);
 717        return rc;
 718}
 719
 720#define TPM_DIGEST_SIZE 20
 721#define TPM_RET_CODE_IDX 6
 722#define TPM_INTERNAL_RESULT_SIZE 200
 723#define TPM_ORD_GET_CAP 101
 724#define TPM_ORD_GET_RANDOM 70
 725
 726static const struct tpm_input_header tpm_getcap_header = {
 727        .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
 728        .length = cpu_to_be32(22),
 729        .ordinal = cpu_to_be32(TPM_ORD_GET_CAP)
 730};
 731
 732ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
 733                   const char *desc, size_t min_cap_length)
 734{
 735        struct tpm_buf buf;
 736        int rc;
 737
 738        rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_CAP);
 739        if (rc)
 740                return rc;
 741
 742        if (subcap_id == TPM_CAP_VERSION_1_1 ||
 743            subcap_id == TPM_CAP_VERSION_1_2) {
 744                tpm_buf_append_u32(&buf, subcap_id);
 745                tpm_buf_append_u32(&buf, 0);
 746        } else {
 747                if (subcap_id == TPM_CAP_FLAG_PERM ||
 748                    subcap_id == TPM_CAP_FLAG_VOL)
 749                        tpm_buf_append_u32(&buf, TPM_CAP_FLAG);
 750                else
 751                        tpm_buf_append_u32(&buf, TPM_CAP_PROP);
 752
 753                tpm_buf_append_u32(&buf, 4);
 754                tpm_buf_append_u32(&buf, subcap_id);
 755        }
 756        rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE,
 757                              min_cap_length, 0, desc);
 758        if (!rc)
 759                *cap = *(cap_t *)&buf.data[TPM_HEADER_SIZE + 4];
 760
 761        tpm_buf_destroy(&buf);
 762        return rc;
 763}
 764EXPORT_SYMBOL_GPL(tpm_getcap);
 765
 766int tpm_get_timeouts(struct tpm_chip *chip)
 767{
 768        cap_t cap;
 769        unsigned long timeout_old[4], timeout_chip[4], timeout_eff[4];
 770        ssize_t rc;
 771
 772        if (chip->flags & TPM_CHIP_FLAG_HAVE_TIMEOUTS)
 773                return 0;
 774
 775        if (chip->flags & TPM_CHIP_FLAG_TPM2) {
 776                /* Fixed timeouts for TPM2 */
 777                chip->timeout_a = msecs_to_jiffies(TPM2_TIMEOUT_A);
 778                chip->timeout_b = msecs_to_jiffies(TPM2_TIMEOUT_B);
 779                chip->timeout_c = msecs_to_jiffies(TPM2_TIMEOUT_C);
 780                chip->timeout_d = msecs_to_jiffies(TPM2_TIMEOUT_D);
 781                chip->duration[TPM_SHORT] =
 782                    msecs_to_jiffies(TPM2_DURATION_SHORT);
 783                chip->duration[TPM_MEDIUM] =
 784                    msecs_to_jiffies(TPM2_DURATION_MEDIUM);
 785                chip->duration[TPM_LONG] =
 786                    msecs_to_jiffies(TPM2_DURATION_LONG);
 787                chip->duration[TPM_LONG_LONG] =
 788                    msecs_to_jiffies(TPM2_DURATION_LONG_LONG);
 789
 790                chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS;
 791                return 0;
 792        }
 793
 794        rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL,
 795                        sizeof(cap.timeout));
 796        if (rc == TPM_ERR_INVALID_POSTINIT) {
 797                if (tpm_startup(chip))
 798                        return rc;
 799
 800                rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap,
 801                                "attempting to determine the timeouts",
 802                                sizeof(cap.timeout));
 803        }
 804
 805        if (rc) {
 806                dev_err(&chip->dev,
 807                        "A TPM error (%zd) occurred attempting to determine the timeouts\n",
 808                        rc);
 809                return rc;
 810        }
 811
 812        timeout_old[0] = jiffies_to_usecs(chip->timeout_a);
 813        timeout_old[1] = jiffies_to_usecs(chip->timeout_b);
 814        timeout_old[2] = jiffies_to_usecs(chip->timeout_c);
 815        timeout_old[3] = jiffies_to_usecs(chip->timeout_d);
 816        timeout_chip[0] = be32_to_cpu(cap.timeout.a);
 817        timeout_chip[1] = be32_to_cpu(cap.timeout.b);
 818        timeout_chip[2] = be32_to_cpu(cap.timeout.c);
 819        timeout_chip[3] = be32_to_cpu(cap.timeout.d);
 820        memcpy(timeout_eff, timeout_chip, sizeof(timeout_eff));
 821
 822        /*
 823         * Provide ability for vendor overrides of timeout values in case
 824         * of misreporting.
 825         */
 826        if (chip->ops->update_timeouts != NULL)
 827                chip->timeout_adjusted =
 828                        chip->ops->update_timeouts(chip, timeout_eff);
 829
 830        if (!chip->timeout_adjusted) {
 831                /* Restore default if chip reported 0 */
 832                int i;
 833
 834                for (i = 0; i < ARRAY_SIZE(timeout_eff); i++) {
 835                        if (timeout_eff[i])
 836                                continue;
 837
 838                        timeout_eff[i] = timeout_old[i];
 839                        chip->timeout_adjusted = true;
 840                }
 841
 842                if (timeout_eff[0] != 0 && timeout_eff[0] < 1000) {
 843                        /* timeouts in msec rather usec */
 844                        for (i = 0; i != ARRAY_SIZE(timeout_eff); i++)
 845                                timeout_eff[i] *= 1000;
 846                        chip->timeout_adjusted = true;
 847                }
 848        }
 849
 850        /* Report adjusted timeouts */
 851        if (chip->timeout_adjusted) {
 852                dev_info(&chip->dev,
 853                         HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n",
 854                         timeout_chip[0], timeout_eff[0],
 855                         timeout_chip[1], timeout_eff[1],
 856                         timeout_chip[2], timeout_eff[2],
 857                         timeout_chip[3], timeout_eff[3]);
 858        }
 859
 860        chip->timeout_a = usecs_to_jiffies(timeout_eff[0]);
 861        chip->timeout_b = usecs_to_jiffies(timeout_eff[1]);
 862        chip->timeout_c = usecs_to_jiffies(timeout_eff[2]);
 863        chip->timeout_d = usecs_to_jiffies(timeout_eff[3]);
 864
 865        rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_DURATION, &cap,
 866                        "attempting to determine the durations",
 867                        sizeof(cap.duration));
 868        if (rc)
 869                return rc;
 870
 871        chip->duration[TPM_SHORT] =
 872                usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_short));
 873        chip->duration[TPM_MEDIUM] =
 874                usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_medium));
 875        chip->duration[TPM_LONG] =
 876                usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_long));
 877        chip->duration[TPM_LONG_LONG] = 0; /* not used under 1.2 */
 878
 879        /* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above
 880         * value wrong and apparently reports msecs rather than usecs. So we
 881         * fix up the resulting too-small TPM_SHORT value to make things work.
 882         * We also scale the TPM_MEDIUM and -_LONG values by 1000.
 883         */
 884        if (chip->duration[TPM_SHORT] < (HZ / 100)) {
 885                chip->duration[TPM_SHORT] = HZ;
 886                chip->duration[TPM_MEDIUM] *= 1000;
 887                chip->duration[TPM_LONG] *= 1000;
 888                chip->duration_adjusted = true;
 889                dev_info(&chip->dev, "Adjusting TPM timeout parameters.");
 890        }
 891
 892        chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS;
 893        return 0;
 894}
 895EXPORT_SYMBOL_GPL(tpm_get_timeouts);
 896
 897#define TPM_ORD_CONTINUE_SELFTEST 83
 898#define CONTINUE_SELFTEST_RESULT_SIZE 10
 899
 900static const struct tpm_input_header continue_selftest_header = {
 901        .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
 902        .length = cpu_to_be32(10),
 903        .ordinal = cpu_to_be32(TPM_ORD_CONTINUE_SELFTEST),
 904};
 905
 906/**
 907 * tpm_continue_selftest -- run TPM's selftest
 908 * @chip: TPM chip to use
 909 *
 910 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
 911 * a TPM error code.
 912 */
 913static int tpm_continue_selftest(struct tpm_chip *chip)
 914{
 915        int rc;
 916        struct tpm_cmd_t cmd;
 917
 918        cmd.header.in = continue_selftest_header;
 919        rc = tpm_transmit_cmd(chip, NULL, &cmd, CONTINUE_SELFTEST_RESULT_SIZE,
 920                              0, 0, "continue selftest");
 921        return rc;
 922}
 923
 924#define TPM_ORDINAL_PCRREAD 21
 925#define READ_PCR_RESULT_SIZE 30
 926#define READ_PCR_RESULT_BODY_SIZE 20
 927static const struct tpm_input_header pcrread_header = {
 928        .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
 929        .length = cpu_to_be32(14),
 930        .ordinal = cpu_to_be32(TPM_ORDINAL_PCRREAD)
 931};
 932
 933int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
 934{
 935        int rc;
 936        struct tpm_cmd_t cmd;
 937
 938        cmd.header.in = pcrread_header;
 939        cmd.params.pcrread_in.pcr_idx = cpu_to_be32(pcr_idx);
 940        rc = tpm_transmit_cmd(chip, NULL, &cmd, READ_PCR_RESULT_SIZE,
 941                              READ_PCR_RESULT_BODY_SIZE, 0,
 942                              "attempting to read a pcr value");
 943
 944        if (rc == 0)
 945                memcpy(res_buf, cmd.params.pcrread_out.pcr_result,
 946                       TPM_DIGEST_SIZE);
 947        return rc;
 948}
 949
 950/**
 951 * tpm_is_tpm2 - do we a have a TPM2 chip?
 952 * @chip:       a &struct tpm_chip instance, %NULL for the default chip
 953 *
 954 * Return:
 955 * 1 if we have a TPM2 chip.
 956 * 0 if we don't have a TPM2 chip.
 957 * A negative number for system errors (errno).
 958 */
 959int tpm_is_tpm2(struct tpm_chip *chip)
 960{
 961        int rc;
 962
 963        chip = tpm_find_get_ops(chip);
 964        if (!chip)
 965                return -ENODEV;
 966
 967        rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0;
 968
 969        tpm_put_ops(chip);
 970
 971        return rc;
 972}
 973EXPORT_SYMBOL_GPL(tpm_is_tpm2);
 974
 975/**
 976 * tpm_pcr_read - read a PCR value from SHA1 bank
 977 * @chip:       a &struct tpm_chip instance, %NULL for the default chip
 978 * @pcr_idx:    the PCR to be retrieved
 979 * @res_buf:    the value of the PCR
 980 *
 981 * Return: same as with tpm_transmit_cmd()
 982 */
 983int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
 984{
 985        int rc;
 986
 987        chip = tpm_find_get_ops(chip);
 988        if (!chip)
 989                return -ENODEV;
 990        if (chip->flags & TPM_CHIP_FLAG_TPM2)
 991                rc = tpm2_pcr_read(chip, pcr_idx, res_buf);
 992        else
 993                rc = tpm_pcr_read_dev(chip, pcr_idx, res_buf);
 994        tpm_put_ops(chip);
 995        return rc;
 996}
 997EXPORT_SYMBOL_GPL(tpm_pcr_read);
 998
 999#define TPM_ORD_PCR_EXTEND 20
1000#define EXTEND_PCR_RESULT_SIZE 34

1001#define EXTEND_PCR_RESULT_BODY_SIZE 20
1002static const struct tpm_input_header pcrextend_header = {
1003        .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
1004        .length = cpu_to_be32(34),
1005        .ordinal = cpu_to_be32(TPM_ORD_PCR_EXTEND)
1006};
1007
1008static int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
1009                           char *log_msg)
1010{
1011        struct tpm_buf buf;
1012        int rc;
1013
1014        rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCR_EXTEND);
1015        if (rc)
1016                return rc;
1017
1018        tpm_buf_append_u32(&buf, pcr_idx);
1019        tpm_buf_append(&buf, hash, TPM_DIGEST_SIZE);
1020
1021        rc = tpm_transmit_cmd(chip, NULL, buf.data, EXTEND_PCR_RESULT_SIZE,
1022                              EXTEND_PCR_RESULT_BODY_SIZE, 0, log_msg);
1023        tpm_buf_destroy(&buf);
1024        return rc;
1025}
1026
1027/**
1028 * tpm_pcr_extend - extend a PCR value in SHA1 bank.
1029 * @chip:       a &struct tpm_chip instance, %NULL for the default chip
1030 * @pcr_idx:    the PCR to be retrieved
1031 * @hash:       the hash value used to extend the PCR value
1032 *
1033 * Note: with TPM 2.0 extends also those banks with a known digest size to the
1034 * cryto subsystem in order to prevent malicious use of those PCR banks. In the
1035 * future we should dynamically determine digest sizes.
1036 *
1037 * Return: same as with tpm_transmit_cmd()
1038 */
1039int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
1040{
1041        int rc;
1042        struct tpm2_digest digest_list[ARRAY_SIZE(chip->active_banks)];
1043        u32 count = 0;
1044        int i;
1045
1046        chip = tpm_find_get_ops(chip);
1047        if (!chip)
1048                return -ENODEV;
1049
1050        if (chip->flags & TPM_CHIP_FLAG_TPM2) {
1051                memset(digest_list, 0, sizeof(digest_list));
1052
1053                for (i = 0; i < ARRAY_SIZE(chip->active_banks) &&
1054                            chip->active_banks[i] != TPM2_ALG_ERROR; i++) {
1055                        digest_list[i].alg_id = chip->active_banks[i];
1056                        memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE);
1057                        count++;
1058                }
1059
1060                rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list);
1061                tpm_put_ops(chip);
1062                return rc;
1063        }
1064
1065        rc = tpm1_pcr_extend(chip, pcr_idx, hash,
1066                             "attempting extend a PCR value");
1067        tpm_put_ops(chip);
1068        return rc;
1069}
1070EXPORT_SYMBOL_GPL(tpm_pcr_extend);
1071
1072/**
1073 * tpm_do_selftest - have the TPM continue its selftest and wait until it
1074 *                   can receive further commands
1075 * @chip: TPM chip to use
1076 *
1077 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
1078 * a TPM error code.
1079 */
1080int tpm_do_selftest(struct tpm_chip *chip)
1081{
1082        int rc;
1083        unsigned int loops;
1084        unsigned int delay_msec = 100;
1085        unsigned long duration;
1086        u8 dummy[TPM_DIGEST_SIZE];
1087
1088        duration = tpm_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST);
1089
1090        loops = jiffies_to_msecs(duration) / delay_msec;
1091
1092        rc = tpm_continue_selftest(chip);
1093        if (rc == TPM_ERR_INVALID_POSTINIT) {
1094                chip->flags |= TPM_CHIP_FLAG_ALWAYS_POWERED;
1095                dev_info(&chip->dev, "TPM not ready (%d)\n", rc);
1096        }
1097        /* This may fail if there was no TPM driver during a suspend/resume
1098         * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST)
1099         */
1100        if (rc)
1101                return rc;
1102
1103        do {
1104                /* Attempt to read a PCR value */
1105                rc = tpm_pcr_read_dev(chip, 0, dummy);
1106
1107                /* Some buggy TPMs will not respond to tpm_tis_ready() for
1108                 * around 300ms while the self test is ongoing, keep trying
1109                 * until the self test duration expires. */
1110                if (rc == -ETIME) {
1111                        dev_info(
1112                            &chip->dev, HW_ERR
1113                            "TPM command timed out during continue self test");
1114                        tpm_msleep(delay_msec);
1115                        continue;
1116                }
1117
1118                if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) {
1119                        dev_info(&chip->dev,
1120                                 "TPM is disabled/deactivated (0x%X)\n", rc);
1121                        /* TPM is disabled and/or deactivated; driver can
1122                         * proceed and TPM does handle commands for
1123                         * suspend/resume correctly
1124                         */
1125                        return 0;
1126                }
1127                if (rc != TPM_WARN_DOING_SELFTEST)
1128                        return rc;
1129                tpm_msleep(delay_msec);
1130        } while (--loops > 0);
1131
1132        return rc;
1133}
1134EXPORT_SYMBOL_GPL(tpm_do_selftest);
1135
1136/**
1137 * tpm1_auto_startup - Perform the standard automatic TPM initialization
1138 *                     sequence
1139 * @chip: TPM chip to use
1140 *
1141 * Returns 0 on success, < 0 in case of fatal error.
1142 */
1143int tpm1_auto_startup(struct tpm_chip *chip)
1144{
1145        int rc;
1146
1147        rc = tpm_get_timeouts(chip);
1148        if (rc)
1149                goto out;
1150        rc = tpm_do_selftest(chip);
1151        if (rc) {
1152                dev_err(&chip->dev, "TPM self test failed\n");
1153                goto out;
1154        }
1155
1156        return rc;
1157out:
1158        if (rc > 0)
1159                rc = -ENODEV;
1160        return rc;
1161}
1162
1163/**
1164 * tpm_send - send a TPM command
1165 * @chip:       a &struct tpm_chip instance, %NULL for the default chip
1166 * @cmd:        a TPM command buffer
1167 * @buflen:     the length of the TPM command buffer
1168 *
1169 * Return: same as with tpm_transmit_cmd()
1170 */
1171int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen)
1172{
1173        int rc;
1174
1175        chip = tpm_find_get_ops(chip);
1176        if (!chip)
1177                return -ENODEV;
1178
1179        rc = tpm_transmit_cmd(chip, NULL, cmd, buflen, 0, 0,
1180                              "attempting to a send a command");
1181        tpm_put_ops(chip);
1182        return rc;
1183}
1184EXPORT_SYMBOL_GPL(tpm_send);
1185
1186#define TPM_ORD_SAVESTATE 152
1187#define SAVESTATE_RESULT_SIZE 10
1188
1189static const struct tpm_input_header savestate_header = {
1190        .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
1191        .length = cpu_to_be32(10),
1192        .ordinal = cpu_to_be32(TPM_ORD_SAVESTATE)
1193};
1194
1195/*
1196 * We are about to suspend. Save the TPM state
1197 * so that it can be restored.
1198 */
1199int tpm_pm_suspend(struct device *dev)
1200{
1201        struct tpm_chip *chip = dev_get_drvdata(dev);
1202        struct tpm_cmd_t cmd;
1203        int rc, try;
1204
1205        u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 };
1206
1207        if (chip == NULL)
1208                return -ENODEV;
1209
1210        if (chip->flags & TPM_CHIP_FLAG_ALWAYS_POWERED)
1211                return 0;
1212
1213        if (chip->flags & TPM_CHIP_FLAG_TPM2) {
1214                tpm2_shutdown(chip, TPM2_SU_STATE);
1215                return 0;
1216        }
1217
1218        /* for buggy tpm, flush pcrs with extend to selected dummy */
1219        if (tpm_suspend_pcr)
1220                rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash,
1221                                     "extending dummy pcr before suspend");
1222
1223        /* now do the actual savestate */
1224        for (try = 0; try < TPM_RETRY; try++) {
1225                cmd.header.in = savestate_header;
1226                rc = tpm_transmit_cmd(chip, NULL, &cmd, SAVESTATE_RESULT_SIZE,
1227                                      0, 0, NULL);
1228
1229                /*
1230                 * If the TPM indicates that it is too busy to respond to
1231                 * this command then retry before giving up.  It can take
1232                 * several seconds for this TPM to be ready.
1233                 *
1234                 * This can happen if the TPM has already been sent the
1235                 * SaveState command before the driver has loaded.  TCG 1.2
1236                 * specification states that any communication after SaveState
1237                 * may cause the TPM to invalidate previously saved state.
1238                 */
1239                if (rc != TPM_WARN_RETRY)
1240                        break;
1241                tpm_msleep(TPM_TIMEOUT_RETRY);
1242        }
1243
1244        if (rc)
1245                dev_err(&chip->dev,
1246                        "Error (%d) sending savestate before suspend\n", rc);
1247        else if (try > 0)
1248                dev_warn(&chip->dev, "TPM savestate took %dms\n",
1249                         try * TPM_TIMEOUT_RETRY);
1250
1251        return rc;
1252}
1253EXPORT_SYMBOL_GPL(tpm_pm_suspend);
1254
1255/*
1256 * Resume from a power safe. The BIOS already restored
1257 * the TPM state.
1258 */
1259int tpm_pm_resume(struct device *dev)
1260{
1261        struct tpm_chip *chip = dev_get_drvdata(dev);
1262
1263        if (chip == NULL)
1264                return -ENODEV;
1265
1266        return 0;
1267}
1268EXPORT_SYMBOL_GPL(tpm_pm_resume);
1269
1270#define TPM_GETRANDOM_RESULT_SIZE       18
1271static const struct tpm_input_header tpm_getrandom_header = {
1272        .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
1273        .length = cpu_to_be32(14),
1274        .ordinal = cpu_to_be32(TPM_ORD_GET_RANDOM)
1275};
1276
1277/**
1278 * tpm_get_random() - get random bytes from the TPM's RNG
1279 * @chip:       a &struct tpm_chip instance, %NULL for the default chip
1280 * @out:        destination buffer for the random bytes
1281 * @max:        the max number of bytes to write to @out
1282 *
1283 * Return: same as with tpm_transmit_cmd()
1284 */
1285int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max)
1286{
1287        struct tpm_cmd_t tpm_cmd;
1288        u32 recd, num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA), rlength;
1289        int err, total = 0, retries = 5;
1290        u8 *dest = out;
1291
1292        if (!out || !num_bytes || max > TPM_MAX_RNG_DATA)
1293                return -EINVAL;
1294
1295        chip = tpm_find_get_ops(chip);
1296        if (!chip)
1297                return -ENODEV;
1298
1299        if (chip->flags & TPM_CHIP_FLAG_TPM2) {
1300                err = tpm2_get_random(chip, out, max);
1301                tpm_put_ops(chip);
1302                return err;
1303        }
1304
1305        do {
1306                tpm_cmd.header.in = tpm_getrandom_header;
1307                tpm_cmd.params.getrandom_in.num_bytes = cpu_to_be32(num_bytes);
1308
1309                err = tpm_transmit_cmd(chip, NULL, &tpm_cmd,
1310                                       TPM_GETRANDOM_RESULT_SIZE + num_bytes,
1311                                       offsetof(struct tpm_getrandom_out,
1312                                                rng_data),
1313                                       0, "attempting get random");
1314                if (err)
1315                        break;
1316
1317                recd = be32_to_cpu(tpm_cmd.params.getrandom_out.rng_data_len);
1318                if (recd > num_bytes) {
1319                        total = -EFAULT;
1320                        break;
1321                }
1322
1323                rlength = be32_to_cpu(tpm_cmd.header.out.length);
1324                if (rlength < offsetof(struct tpm_getrandom_out, rng_data) +
1325                              recd) {
1326                        total = -EFAULT;
1327                        break;
1328                }
1329                memcpy(dest, tpm_cmd.params.getrandom_out.rng_data, recd);
1330
1331                dest += recd;
1332                total += recd;
1333                num_bytes -= recd;
1334        } while (retries-- && total < max);
1335
1336        tpm_put_ops(chip);
1337        return total ? total : -EIO;
1338}
1339EXPORT_SYMBOL_GPL(tpm_get_random);
1340
1341/**
1342 * tpm_seal_trusted() - seal a trusted key payload
1343 * @chip:       a &struct tpm_chip instance, %NULL for the default chip
1344 * @options:    authentication values and other options
1345 * @payload:    the key data in clear and encrypted form
1346 *
1347 * Note: only TPM 2.0 chip are supported. TPM 1.x implementation is located in
1348 * the keyring subsystem.
1349 *
1350 * Return: same as with tpm_transmit_cmd()
1351 */
1352int tpm_seal_trusted(struct tpm_chip *chip, struct trusted_key_payload *payload,
1353                     struct trusted_key_options *options)
1354{
1355        int rc;
1356
1357        chip = tpm_find_get_ops(chip);
1358        if (!chip || !(chip->flags & TPM_CHIP_FLAG_TPM2))
1359                return -ENODEV;
1360
1361        rc = tpm2_seal_trusted(chip, payload, options);
1362
1363        tpm_put_ops(chip);
1364        return rc;
1365}
1366EXPORT_SYMBOL_GPL(tpm_seal_trusted);
1367
1368/**
1369 * tpm_unseal_trusted() - unseal a trusted key
1370 * @chip:       a &struct tpm_chip instance, %NULL for the default chip
1371 * @options:    authentication values and other options
1372 * @payload:    the key data in clear and encrypted form
1373 *
1374 * Note: only TPM 2.0 chip are supported. TPM 1.x implementation is located in
1375 * the keyring subsystem.
1376 *
1377 * Return: same as with tpm_transmit_cmd()
1378 */
1379int tpm_unseal_trusted(struct tpm_chip *chip,
1380                       struct trusted_key_payload *payload,
1381                       struct trusted_key_options *options)
1382{
1383        int rc;
1384
1385        chip = tpm_find_get_ops(chip);
1386        if (!chip || !(chip->flags & TPM_CHIP_FLAG_TPM2))
1387                return -ENODEV;
1388
1389        rc = tpm2_unseal_trusted(chip, payload, options);
1390
1391        tpm_put_ops(chip);
1392
1393        return rc;
1394}
1395EXPORT_SYMBOL_GPL(tpm_unseal_trusted);
1396
1397static int __init tpm_init(void)
1398{
1399        int rc;
1400
1401        tpm_class = class_create(THIS_MODULE, "tpm");
1402        if (IS_ERR(tpm_class)) {
1403                pr_err("couldn't create tpm class\n");
1404                return PTR_ERR(tpm_class);
1405        }
1406
1407        tpmrm_class = class_create(THIS_MODULE, "tpmrm");
1408        if (IS_ERR(tpmrm_class)) {
1409                pr_err("couldn't create tpmrm class\n");
1410                class_destroy(tpm_class);
1411                return PTR_ERR(tpmrm_class);
1412        }
1413
1414        rc = alloc_chrdev_region(&tpm_devt, 0, 2*TPM_NUM_DEVICES, "tpm");
1415        if (rc < 0) {
1416                pr_err("tpm: failed to allocate char dev region\n");
1417                class_destroy(tpmrm_class);
1418                class_destroy(tpm_class);
1419                return rc;
1420        }
1421
1422        return 0;
1423}
1424
1425static void __exit tpm_exit(void)
1426{
1427        idr_destroy(&dev_nums_idr);
1428        class_destroy(tpm_class);
1429        class_destroy(tpmrm_class);
1430        unregister_chrdev_region(tpm_devt, 2*TPM_NUM_DEVICES);
1431}
1432
1433subsys_initcall(tpm_init);
1434module_exit(tpm_exit);
1435
1436MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)");
1437MODULE_DESCRIPTION("TPM Driver");
1438MODULE_VERSION("2.0");
1439MODULE_LICENSE("GPL");
1440