LXR linux/drivers/char/tpm/tpm-interface.c

   1// SPDX-License-Identifier: GPL-2.0-only
   2/*
   3 * Copyright (C) 2004 IBM Corporation
   4 * Copyright (C) 2014 Intel Corporation
   5 *
   6 * Authors:
   7 * Leendert van Doorn <leendert@watson.ibm.com>
   8 * Dave Safford <safford@watson.ibm.com>
   9 * Reiner Sailer <sailer@watson.ibm.com>
  10 * Kylene Hall <kjhall@us.ibm.com>
  11 *
  12 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
  13 *
  14 * Device driver for TCG/TCPA TPM (trusted platform module).
  15 * Specifications at www.trustedcomputinggroup.org
  16 *
  17 * Note, the TPM chip is not interrupt driven (only polling)
  18 * and can have very long timeouts (minutes!). Hence the unusual
  19 * calls to msleep.
  20 */
  21
  22#include <linux/poll.h>
  23#include <linux/slab.h>
  24#include <linux/mutex.h>
  25#include <linux/spinlock.h>
  26#include <linux/suspend.h>
  27#include <linux/freezer.h>
  28#include <linux/tpm_eventlog.h>
  29
  30#include "tpm.h"
  31
  32/*
  33 * Bug workaround - some TPM's don't flush the most
  34 * recently changed pcr on suspend, so force the flush
  35 * with an extend to the selected _unused_ non-volatile pcr.
  36 */
  37static u32 tpm_suspend_pcr;
  38module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644);
  39MODULE_PARM_DESC(suspend_pcr,
  40                 "PCR to use for dummy writes to facilitate flush on suspend.");
  41
  42/**
  43 * tpm_calc_ordinal_duration() - calculate the maximum command duration
  44 * @chip:    TPM chip to use.
  45 * @ordinal: TPM command ordinal.
  46 *
  47 * The function returns the maximum amount of time the chip could take
  48 * to return the result for a particular ordinal in jiffies.
  49 *
  50 * Return: A maximal duration time for an ordinal in jiffies.
  51 */
  52unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
  53{
  54        if (chip->flags & TPM_CHIP_FLAG_TPM2)
  55                return tpm2_calc_ordinal_duration(chip, ordinal);
  56        else
  57                return tpm1_calc_ordinal_duration(chip, ordinal);
  58}
  59EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration);
  60
  61static ssize_t tpm_try_transmit(struct tpm_chip *chip, void *buf, size_t bufsiz)
  62{
  63        struct tpm_header *header = buf;
  64        int rc;
  65        ssize_t len = 0;
  66        u32 count, ordinal;
  67        unsigned long stop;
  68
  69        if (bufsiz < TPM_HEADER_SIZE)
  70                return -EINVAL;
  71
  72        if (bufsiz > TPM_BUFSIZE)
  73                bufsiz = TPM_BUFSIZE;
  74
  75        count = be32_to_cpu(header->length);
  76        ordinal = be32_to_cpu(header->ordinal);
  77        if (count == 0)
  78                return -ENODATA;
  79        if (count > bufsiz) {
  80                dev_err(&chip->dev,
  81                        "invalid count value %x %zx\n", count, bufsiz);
  82                return -E2BIG;
  83        }
  84
  85        rc = chip->ops->send(chip, buf, count);
  86        if (rc < 0) {
  87                if (rc != -EPIPE)
  88                        dev_err(&chip->dev,
  89                                "%s: send(): error %d\n", __func__, rc);
  90                return rc;
  91        }
  92
  93        /* A sanity check. send() should just return zero on success e.g.
  94         * not the command length.
  95         */
  96        if (rc > 0) {
  97                dev_warn(&chip->dev,
  98                         "%s: send(): invalid value %d\n", __func__, rc);
  99                rc = 0;
 100        }
 101
 102        if (chip->flags & TPM_CHIP_FLAG_IRQ)
 103                goto out_recv;
 104
 105        stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal);
 106        do {
 107                u8 status = chip->ops->status(chip);
 108                if ((status & chip->ops->req_complete_mask) ==
 109                    chip->ops->req_complete_val)
 110                        goto out_recv;
 111
 112                if (chip->ops->req_canceled(chip, status)) {
 113                        dev_err(&chip->dev, "Operation Canceled\n");
 114                        return -ECANCELED;
 115                }
 116
 117                tpm_msleep(TPM_TIMEOUT_POLL);
 118                rmb();
 119        } while (time_before(jiffies, stop));
 120
 121        chip->ops->cancel(chip);
 122        dev_err(&chip->dev, "Operation Timed out\n");
 123        return -ETIME;
 124
 125out_recv:
 126        len = chip->ops->recv(chip, buf, bufsiz);
 127        if (len < 0) {
 128                rc = len;
 129                dev_err(&chip->dev, "tpm_transmit: tpm_recv: error %d\n", rc);
 130        } else if (len < TPM_HEADER_SIZE || len != be32_to_cpu(header->length))
 131                rc = -EFAULT;
 132
 133        return rc ? rc : len;
 134}
 135
 136/**
 137 * tpm_transmit - Internal kernel interface to transmit TPM commands.
 138 * @chip:       a TPM chip to use
 139 * @buf:        a TPM command buffer
 140 * @bufsiz:     length of the TPM command buffer
 141 *
 142 * A wrapper around tpm_try_transmit() that handles TPM2_RC_RETRY returns from
 143 * the TPM and retransmits the command after a delay up to a maximum wait of
 144 * TPM2_DURATION_LONG.
 145 *
 146 * Note that TPM 1.x never returns TPM2_RC_RETRY so the retry logic is TPM 2.0
 147 * only.
 148 *
 149 * Return:
 150 * * The response length        - OK
 151 * * -errno                     - A system error
 152 */
 153ssize_t tpm_transmit(struct tpm_chip *chip, u8 *buf, size_t bufsiz)
 154{
 155        struct tpm_header *header = (struct tpm_header *)buf;
 156        /* space for header and handles */
 157        u8 save[TPM_HEADER_SIZE + 3*sizeof(u32)];
 158        unsigned int delay_msec = TPM2_DURATION_SHORT;
 159        u32 rc = 0;
 160        ssize_t ret;
 161        const size_t save_size = min(sizeof(save), bufsiz);
 162        /* the command code is where the return code will be */
 163        u32 cc = be32_to_cpu(header->return_code);
 164
 165        /*
 166         * Subtlety here: if we have a space, the handles will be
 167         * transformed, so when we restore the header we also have to
 168         * restore the handles.
 169         */
 170        memcpy(save, buf, save_size);
 171
 172        for (;;) {
 173                ret = tpm_try_transmit(chip, buf, bufsiz);
 174                if (ret < 0)
 175                        break;
 176                rc = be32_to_cpu(header->return_code);
 177                if (rc != TPM2_RC_RETRY && rc != TPM2_RC_TESTING)
 178                        break;
 179                /*
 180                 * return immediately if self test returns test
 181                 * still running to shorten boot time.
 182                 */
 183                if (rc == TPM2_RC_TESTING && cc == TPM2_CC_SELF_TEST)
 184                        break;
 185
 186                if (delay_msec > TPM2_DURATION_LONG) {
 187                        if (rc == TPM2_RC_RETRY)
 188                                dev_err(&chip->dev, "in retry loop\n");
 189                        else
 190                                dev_err(&chip->dev,
 191                                        "self test is still running\n");
 192                        break;
 193                }
 194                tpm_msleep(delay_msec);
 195                delay_msec *= 2;
 196                memcpy(buf, save, save_size);
 197        }
 198        return ret;
 199}
 200
 201/**
 202 * tpm_transmit_cmd - send a tpm command to the device
 203 * @chip:                       a TPM chip to use
 204 * @buf:                        a TPM command buffer
 205 * @min_rsp_body_length:        minimum expected length of response body
 206 * @desc:                       command description used in the error message
 207 *
 208 * Return:
 209 * * 0          - OK
 210 * * -errno     - A system error
 211 * * TPM_RC     - A TPM error
 212 */
 213ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_buf *buf,
 214                         size_t min_rsp_body_length, const char *desc)
 215{
 216        const struct tpm_header *header = (struct tpm_header *)buf->data;
 217        int err;
 218        ssize_t len;
 219
 220        len = tpm_transmit(chip, buf->data, PAGE_SIZE);
 221        if (len <  0)
 222                return len;
 223
 224        err = be32_to_cpu(header->return_code);
 225        if (err != 0 && err != TPM_ERR_DISABLED && err != TPM_ERR_DEACTIVATED
 226            && err != TPM2_RC_TESTING && desc)
 227                dev_err(&chip->dev, "A TPM error (%d) occurred %s\n", err,
 228                        desc);
 229        if (err)
 230                return err;
 231
 232        if (len < min_rsp_body_length + TPM_HEADER_SIZE)
 233                return -EFAULT;
 234
 235        return 0;
 236}
 237EXPORT_SYMBOL_GPL(tpm_transmit_cmd);
 238
 239int tpm_get_timeouts(struct tpm_chip *chip)
 240{
 241        if (chip->flags & TPM_CHIP_FLAG_HAVE_TIMEOUTS)
 242                return 0;
 243
 244        if (chip->flags & TPM_CHIP_FLAG_TPM2)
 245                return tpm2_get_timeouts(chip);
 246        else
 247                return tpm1_get_timeouts(chip);
 248}
 249EXPORT_SYMBOL_GPL(tpm_get_timeouts);
 250
 251/**
 252 * tpm_is_tpm2 - do we a have a TPM2 chip?
 253 * @chip:       a &struct tpm_chip instance, %NULL for the default chip
 254 *
 255 * Return:
 256 * 1 if we have a TPM2 chip.
 257 * 0 if we don't have a TPM2 chip.
 258 * A negative number for system errors (errno).
 259 */
 260int tpm_is_tpm2(struct tpm_chip *chip)
 261{
 262        int rc;
 263
 264        chip = tpm_find_get_ops(chip);
 265        if (!chip)
 266                return -ENODEV;
 267
 268        rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0;
 269
 270        tpm_put_ops(chip);
 271
 272        return rc;
 273}
 274EXPORT_SYMBOL_GPL(tpm_is_tpm2);
 275
 276/**
 277 * tpm_pcr_read - read a PCR value from SHA1 bank
 278 * @chip:       a &struct tpm_chip instance, %NULL for the default chip
 279 * @pcr_idx:    the PCR to be retrieved
 280 * @digest:     the PCR bank and buffer current PCR value is written to
 281 *
 282 * Return: same as with tpm_transmit_cmd()
 283 */
 284int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx,
 285                 struct tpm_digest *digest)
 286{
 287        int rc;
 288
 289        chip = tpm_find_get_ops(chip);
 290        if (!chip)
 291                return -ENODEV;
 292
 293        if (chip->flags & TPM_CHIP_FLAG_TPM2)
 294                rc = tpm2_pcr_read(chip, pcr_idx, digest, NULL);
 295        else
 296                rc = tpm1_pcr_read(chip, pcr_idx, digest->digest);
 297
 298        tpm_put_ops(chip);
 299        return rc;
 300}
 301EXPORT_SYMBOL_GPL(tpm_pcr_read);
 302
 303/**
 304 * tpm_pcr_extend - extend a PCR value in SHA1 bank.
 305 * @chip:       a &struct tpm_chip instance, %NULL for the default chip
 306 * @pcr_idx:    the PCR to be retrieved
 307 * @digests:    array of tpm_digest structures used to extend PCRs
 308 *
 309 * Note: callers must pass a digest for every allocated PCR bank, in the same
 310 * order of the banks in chip->allocated_banks.
 311 *
 312 * Return: same as with tpm_transmit_cmd()
 313 */
 314int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx,
 315                   struct tpm_digest *digests)
 316{
 317        int rc;
 318        int i;
 319
 320        chip = tpm_find_get_ops(chip);
 321        if (!chip)
 322                return -ENODEV;
 323
 324        for (i = 0; i < chip->nr_allocated_banks; i++) {
 325                if (digests[i].alg_id != chip->allocated_banks[i].alg_id) {
 326                        rc = -EINVAL;
 327                        goto out;
 328                }
 329        }
 330
 331        if (chip->flags & TPM_CHIP_FLAG_TPM2) {
 332                rc = tpm2_pcr_extend(chip, pcr_idx, digests);
 333                goto out;
 334        }
 335
 336        rc = tpm1_pcr_extend(chip, pcr_idx, digests[0].digest,
 337                             "attempting extend a PCR value");
 338
 339out:
 340        tpm_put_ops(chip);
 341        return rc;
 342}
 343EXPORT_SYMBOL_GPL(tpm_pcr_extend);
 344
 345/**
 346 * tpm_send - send a TPM command
 347 * @chip:       a &struct tpm_chip instance, %NULL for the default chip
 348 * @cmd:        a TPM command buffer
 349 * @buflen:     the length of the TPM command buffer
 350 *
 351 * Return: same as with tpm_transmit_cmd()
 352 */
 353int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen)
 354{
 355        struct tpm_buf buf;
 356        int rc;
 357
 358        chip = tpm_find_get_ops(chip);
 359        if (!chip)
 360                return -ENODEV;
 361
 362        buf.data = cmd;
 363        rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to a send a command");
 364
 365        tpm_put_ops(chip);
 366        return rc;
 367}
 368EXPORT_SYMBOL_GPL(tpm_send);
 369
 370int tpm_auto_startup(struct tpm_chip *chip)
 371{
 372        int rc;
 373
 374        if (!(chip->ops->flags & TPM_OPS_AUTO_STARTUP))
 375                return 0;
 376
 377        if (chip->flags & TPM_CHIP_FLAG_TPM2)
 378                rc = tpm2_auto_startup(chip);
 379        else
 380                rc = tpm1_auto_startup(chip);
 381
 382        return rc;
 383}
 384
 385/*
 386 * We are about to suspend. Save the TPM state
 387 * so that it can be restored.
 388 */
 389int tpm_pm_suspend(struct device *dev)
 390{
 391        struct tpm_chip *chip = dev_get_drvdata(dev);
 392        int rc = 0;
 393
 394        if (!chip)
 395                return -ENODEV;
 396
 397        if (chip->flags & TPM_CHIP_FLAG_ALWAYS_POWERED)
 398                goto suspended;
 399
 400        if ((chip->flags & TPM_CHIP_FLAG_FIRMWARE_POWER_MANAGED) &&
 401            !pm_suspend_via_firmware())
 402                goto suspended;
 403
 404        if (!tpm_chip_start(chip)) {
 405                if (chip->flags & TPM_CHIP_FLAG_TPM2)
 406                        tpm2_shutdown(chip, TPM2_SU_STATE);
 407                else
 408                        rc = tpm1_pm_suspend(chip, tpm_suspend_pcr);
 409
 410                tpm_chip_stop(chip);
 411        }
 412
 413suspended:
 414        return rc;
 415}
 416EXPORT_SYMBOL_GPL(tpm_pm_suspend);
 417
 418/*
 419 * Resume from a power safe. The BIOS already restored
 420 * the TPM state.
 421 */
 422int tpm_pm_resume(struct device *dev)
 423{
 424        struct tpm_chip *chip = dev_get_drvdata(dev);
 425
 426        if (chip == NULL)
 427                return -ENODEV;
 428
 429        return 0;
 430}
 431EXPORT_SYMBOL_GPL(tpm_pm_resume);
 432
 433/**
 434 * tpm_get_random() - get random bytes from the TPM's RNG
 435 * @chip:       a &struct tpm_chip instance, %NULL for the default chip
 436 * @out:        destination buffer for the random bytes
 437 * @max:        the max number of bytes to write to @out
 438 *
 439 * Return: number of random bytes read or a negative error value.
 440 */
 441int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max)
 442{
 443        int rc;
 444
 445        if (!out || max > TPM_MAX_RNG_DATA)
 446                return -EINVAL;
 447
 448        chip = tpm_find_get_ops(chip);
 449        if (!chip)
 450                return -ENODEV;
 451
 452        if (chip->flags & TPM_CHIP_FLAG_TPM2)
 453                rc = tpm2_get_random(chip, out, max);
 454        else
 455                rc = tpm1_get_random(chip, out, max);
 456
 457        tpm_put_ops(chip);
 458        return rc;
 459}
 460EXPORT_SYMBOL_GPL(tpm_get_random);
 461
 462static int __init tpm_init(void)
 463{
 464        int rc;
 465
 466        tpm_class = class_create(THIS_MODULE, "tpm");
 467        if (IS_ERR(tpm_class)) {
 468                pr_err("couldn't create tpm class\n");
 469                return PTR_ERR(tpm_class);
 470        }
 471
 472        tpmrm_class = class_create(THIS_MODULE, "tpmrm");
 473        if (IS_ERR(tpmrm_class)) {
 474                pr_err("couldn't create tpmrm class\n");
 475                rc = PTR_ERR(tpmrm_class);
 476                goto out_destroy_tpm_class;
 477        }
 478
 479        rc = alloc_chrdev_region(&tpm_devt, 0, 2*TPM_NUM_DEVICES, "tpm");
 480        if (rc < 0) {
 481                pr_err("tpm: failed to allocate char dev region\n");
 482                goto out_destroy_tpmrm_class;
 483        }
 484
 485        rc = tpm_dev_common_init();
 486        if (rc) {
 487                pr_err("tpm: failed to allocate char dev region\n");
 488                goto out_unreg_chrdev;
 489        }
 490
 491        return 0;
 492
 493out_unreg_chrdev:
 494        unregister_chrdev_region(tpm_devt, 2 * TPM_NUM_DEVICES);
 495out_destroy_tpmrm_class:
 496        class_destroy(tpmrm_class);
 497out_destroy_tpm_class:
 498        class_destroy(tpm_class);
 499
 500        return rc;
 501}
 502
 503static void __exit tpm_exit(void)
 504{
 505        idr_destroy(&dev_nums_idr);
 506        class_destroy(tpm_class);
 507        class_destroy(tpmrm_class);
 508        unregister_chrdev_region(tpm_devt, 2*TPM_NUM_DEVICES);
 509        tpm_dev_common_exit();
 510}
 511
 512subsys_initcall(tpm_init);
 513module_exit(tpm_exit);
 514
 515MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)");
 516MODULE_DESCRIPTION("TPM Driver");
 517MODULE_VERSION("2.0");
 518MODULE_LICENSE("GPL");
 519