1 | // SPDX-License-Identifier: GPL-2.0 |
2 | /* |
3 | * Copyright (C) 2004 IBM Corporation |
4 | * Copyright (C) 2014 Intel Corporation |
5 | * |
6 | * Authors: |
7 | * Leendert van Doorn <leendert@watson.ibm.com> |
8 | * Dave Safford <safford@watson.ibm.com> |
9 | * Reiner Sailer <sailer@watson.ibm.com> |
10 | * Kylene Hall <kjhall@us.ibm.com> |
11 | * |
12 | * Device driver for TCG/TCPA TPM (trusted platform module). |
13 | * Specifications at www.trustedcomputinggroup.org |
14 | */ |
15 | |
16 | #include <linux/poll.h> |
17 | #include <linux/slab.h> |
18 | #include <linux/mutex.h> |
19 | #include <linux/spinlock.h> |
20 | #include <linux/freezer.h> |
21 | #include <linux/tpm_eventlog.h> |
22 | |
23 | #include "tpm.h" |
24 | |
25 | #define TPM_MAX_ORDINAL 243 |
26 | |
27 | /* |
28 | * Array with one entry per ordinal defining the maximum amount |
29 | * of time the chip could take to return the result. The ordinal |
30 | * designation of short, medium or long is defined in a table in |
31 | * TCG Specification TPM Main Part 2 TPM Structures Section 17. The |
32 | * values of the SHORT, MEDIUM, and LONG durations are retrieved |
33 | * from the chip during initialization with a call to tpm_get_timeouts. |
34 | */ |
35 | static const u8 tpm1_ordinal_duration[TPM_MAX_ORDINAL] = { |
36 | TPM_UNDEFINED, /* 0 */ |
37 | TPM_UNDEFINED, |
38 | TPM_UNDEFINED, |
39 | TPM_UNDEFINED, |
40 | TPM_UNDEFINED, |
41 | TPM_UNDEFINED, /* 5 */ |
42 | TPM_UNDEFINED, |
43 | TPM_UNDEFINED, |
44 | TPM_UNDEFINED, |
45 | TPM_UNDEFINED, |
46 | TPM_SHORT, /* 10 */ |
47 | TPM_SHORT, |
48 | TPM_MEDIUM, |
49 | TPM_LONG, |
50 | TPM_LONG, |
51 | TPM_MEDIUM, /* 15 */ |
52 | TPM_SHORT, |
53 | TPM_SHORT, |
54 | TPM_MEDIUM, |
55 | TPM_LONG, |
56 | TPM_SHORT, /* 20 */ |
57 | TPM_SHORT, |
58 | TPM_MEDIUM, |
59 | TPM_MEDIUM, |
60 | TPM_MEDIUM, |
61 | TPM_SHORT, /* 25 */ |
62 | TPM_SHORT, |
63 | TPM_MEDIUM, |
64 | TPM_SHORT, |
65 | TPM_SHORT, |
66 | TPM_MEDIUM, /* 30 */ |
67 | TPM_LONG, |
68 | TPM_MEDIUM, |
69 | TPM_SHORT, |
70 | TPM_SHORT, |
71 | TPM_SHORT, /* 35 */ |
72 | TPM_MEDIUM, |
73 | TPM_MEDIUM, |
74 | TPM_UNDEFINED, |
75 | TPM_UNDEFINED, |
76 | TPM_MEDIUM, /* 40 */ |
77 | TPM_LONG, |
78 | TPM_MEDIUM, |
79 | TPM_SHORT, |
80 | TPM_SHORT, |
81 | TPM_SHORT, /* 45 */ |
82 | TPM_SHORT, |
83 | TPM_SHORT, |
84 | TPM_SHORT, |
85 | TPM_LONG, |
86 | TPM_MEDIUM, /* 50 */ |
87 | TPM_MEDIUM, |
88 | TPM_UNDEFINED, |
89 | TPM_UNDEFINED, |
90 | TPM_UNDEFINED, |
91 | TPM_UNDEFINED, /* 55 */ |
92 | TPM_UNDEFINED, |
93 | TPM_UNDEFINED, |
94 | TPM_UNDEFINED, |
95 | TPM_UNDEFINED, |
96 | TPM_MEDIUM, /* 60 */ |
97 | TPM_MEDIUM, |
98 | TPM_MEDIUM, |
99 | TPM_SHORT, |
100 | TPM_SHORT, |
101 | TPM_MEDIUM, /* 65 */ |
102 | TPM_UNDEFINED, |
103 | TPM_UNDEFINED, |
104 | TPM_UNDEFINED, |
105 | TPM_UNDEFINED, |
106 | TPM_SHORT, /* 70 */ |
107 | TPM_SHORT, |
108 | TPM_UNDEFINED, |
109 | TPM_UNDEFINED, |
110 | TPM_UNDEFINED, |
111 | TPM_UNDEFINED, /* 75 */ |
112 | TPM_UNDEFINED, |
113 | TPM_UNDEFINED, |
114 | TPM_UNDEFINED, |
115 | TPM_UNDEFINED, |
116 | TPM_LONG, /* 80 */ |
117 | TPM_UNDEFINED, |
118 | TPM_MEDIUM, |
119 | TPM_LONG, |
120 | TPM_SHORT, |
121 | TPM_UNDEFINED, /* 85 */ |
122 | TPM_UNDEFINED, |
123 | TPM_UNDEFINED, |
124 | TPM_UNDEFINED, |
125 | TPM_UNDEFINED, |
126 | TPM_SHORT, /* 90 */ |
127 | TPM_SHORT, |
128 | TPM_SHORT, |
129 | TPM_SHORT, |
130 | TPM_SHORT, |
131 | TPM_UNDEFINED, /* 95 */ |
132 | TPM_UNDEFINED, |
133 | TPM_UNDEFINED, |
134 | TPM_UNDEFINED, |
135 | TPM_UNDEFINED, |
136 | TPM_MEDIUM, /* 100 */ |
137 | TPM_SHORT, |
138 | TPM_SHORT, |
139 | TPM_UNDEFINED, |
140 | TPM_UNDEFINED, |
141 | TPM_UNDEFINED, /* 105 */ |
142 | TPM_UNDEFINED, |
143 | TPM_UNDEFINED, |
144 | TPM_UNDEFINED, |
145 | TPM_UNDEFINED, |
146 | TPM_SHORT, /* 110 */ |
147 | TPM_SHORT, |
148 | TPM_SHORT, |
149 | TPM_SHORT, |
150 | TPM_SHORT, |
151 | TPM_SHORT, /* 115 */ |
152 | TPM_SHORT, |
153 | TPM_SHORT, |
154 | TPM_UNDEFINED, |
155 | TPM_UNDEFINED, |
156 | TPM_LONG, /* 120 */ |
157 | TPM_LONG, |
158 | TPM_MEDIUM, |
159 | TPM_UNDEFINED, |
160 | TPM_SHORT, |
161 | TPM_SHORT, /* 125 */ |
162 | TPM_SHORT, |
163 | TPM_LONG, |
164 | TPM_SHORT, |
165 | TPM_SHORT, |
166 | TPM_SHORT, /* 130 */ |
167 | TPM_MEDIUM, |
168 | TPM_UNDEFINED, |
169 | TPM_SHORT, |
170 | TPM_MEDIUM, |
171 | TPM_UNDEFINED, /* 135 */ |
172 | TPM_UNDEFINED, |
173 | TPM_UNDEFINED, |
174 | TPM_UNDEFINED, |
175 | TPM_UNDEFINED, |
176 | TPM_SHORT, /* 140 */ |
177 | TPM_SHORT, |
178 | TPM_UNDEFINED, |
179 | TPM_UNDEFINED, |
180 | TPM_UNDEFINED, |
181 | TPM_UNDEFINED, /* 145 */ |
182 | TPM_UNDEFINED, |
183 | TPM_UNDEFINED, |
184 | TPM_UNDEFINED, |
185 | TPM_UNDEFINED, |
186 | TPM_SHORT, /* 150 */ |
187 | TPM_MEDIUM, |
188 | TPM_MEDIUM, |
189 | TPM_SHORT, |
190 | TPM_SHORT, |
191 | TPM_UNDEFINED, /* 155 */ |
192 | TPM_UNDEFINED, |
193 | TPM_UNDEFINED, |
194 | TPM_UNDEFINED, |
195 | TPM_UNDEFINED, |
196 | TPM_SHORT, /* 160 */ |
197 | TPM_SHORT, |
198 | TPM_SHORT, |
199 | TPM_SHORT, |
200 | TPM_UNDEFINED, |
201 | TPM_UNDEFINED, /* 165 */ |
202 | TPM_UNDEFINED, |
203 | TPM_UNDEFINED, |
204 | TPM_UNDEFINED, |
205 | TPM_UNDEFINED, |
206 | TPM_LONG, /* 170 */ |
207 | TPM_UNDEFINED, |
208 | TPM_UNDEFINED, |
209 | TPM_UNDEFINED, |
210 | TPM_UNDEFINED, |
211 | TPM_UNDEFINED, /* 175 */ |
212 | TPM_UNDEFINED, |
213 | TPM_UNDEFINED, |
214 | TPM_UNDEFINED, |
215 | TPM_UNDEFINED, |
216 | TPM_MEDIUM, /* 180 */ |
217 | TPM_SHORT, |
218 | TPM_MEDIUM, |
219 | TPM_MEDIUM, |
220 | TPM_MEDIUM, |
221 | TPM_MEDIUM, /* 185 */ |
222 | TPM_SHORT, |
223 | TPM_UNDEFINED, |
224 | TPM_UNDEFINED, |
225 | TPM_UNDEFINED, |
226 | TPM_UNDEFINED, /* 190 */ |
227 | TPM_UNDEFINED, |
228 | TPM_UNDEFINED, |
229 | TPM_UNDEFINED, |
230 | TPM_UNDEFINED, |
231 | TPM_UNDEFINED, /* 195 */ |
232 | TPM_UNDEFINED, |
233 | TPM_UNDEFINED, |
234 | TPM_UNDEFINED, |
235 | TPM_UNDEFINED, |
236 | TPM_SHORT, /* 200 */ |
237 | TPM_UNDEFINED, |
238 | TPM_UNDEFINED, |
239 | TPM_UNDEFINED, |
240 | TPM_SHORT, |
241 | TPM_SHORT, /* 205 */ |
242 | TPM_SHORT, |
243 | TPM_SHORT, |
244 | TPM_SHORT, |
245 | TPM_SHORT, |
246 | TPM_MEDIUM, /* 210 */ |
247 | TPM_UNDEFINED, |
248 | TPM_MEDIUM, |
249 | TPM_MEDIUM, |
250 | TPM_MEDIUM, |
251 | TPM_UNDEFINED, /* 215 */ |
252 | TPM_MEDIUM, |
253 | TPM_UNDEFINED, |
254 | TPM_UNDEFINED, |
255 | TPM_SHORT, |
256 | TPM_SHORT, /* 220 */ |
257 | TPM_SHORT, |
258 | TPM_SHORT, |
259 | TPM_SHORT, |
260 | TPM_SHORT, |
261 | TPM_UNDEFINED, /* 225 */ |
262 | TPM_UNDEFINED, |
263 | TPM_UNDEFINED, |
264 | TPM_UNDEFINED, |
265 | TPM_UNDEFINED, |
266 | TPM_SHORT, /* 230 */ |
267 | TPM_LONG, |
268 | TPM_MEDIUM, |
269 | TPM_UNDEFINED, |
270 | TPM_UNDEFINED, |
271 | TPM_UNDEFINED, /* 235 */ |
272 | TPM_UNDEFINED, |
273 | TPM_UNDEFINED, |
274 | TPM_UNDEFINED, |
275 | TPM_UNDEFINED, |
276 | TPM_SHORT, /* 240 */ |
277 | TPM_UNDEFINED, |
278 | TPM_MEDIUM, |
279 | }; |
280 | |
281 | /** |
282 | * tpm1_calc_ordinal_duration() - calculate the maximum command duration |
283 | * @chip: TPM chip to use. |
284 | * @ordinal: TPM command ordinal. |
285 | * |
286 | * The function returns the maximum amount of time the chip could take |
287 | * to return the result for a particular ordinal in jiffies. |
288 | * |
289 | * Return: A maximal duration time for an ordinal in jiffies. |
290 | */ |
291 | unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal) |
292 | { |
293 | int duration_idx = TPM_UNDEFINED; |
294 | int duration = 0; |
295 | |
296 | /* |
297 | * We only have a duration table for protected commands, where the upper |
298 | * 16 bits are 0. For the few other ordinals the fallback will be used. |
299 | */ |
300 | if (ordinal < TPM_MAX_ORDINAL) |
301 | duration_idx = tpm1_ordinal_duration[ordinal]; |
302 | |
303 | if (duration_idx != TPM_UNDEFINED) |
304 | duration = chip->duration[duration_idx]; |
305 | if (duration <= 0) |
306 | return 2 * 60 * HZ; |
307 | else |
308 | return duration; |
309 | } |
310 | |
311 | #define TPM_ORD_STARTUP 153 |
312 | #define TPM_ST_CLEAR 1 |
313 | |
314 | /** |
315 | * tpm1_startup() - turn on the TPM |
316 | * @chip: TPM chip to use |
317 | * |
318 | * Normally the firmware should start the TPM. This function is provided as a |
319 | * workaround if this does not happen. A legal case for this could be for |
320 | * example when a TPM emulator is used. |
321 | * |
322 | * Return: same as tpm_transmit_cmd() |
323 | */ |
324 | static int tpm1_startup(struct tpm_chip *chip) |
325 | { |
326 | struct tpm_buf buf; |
327 | int rc; |
328 | |
329 | dev_info(&chip->dev, "starting up the TPM manually\n" ); |
330 | |
331 | rc = tpm_buf_init(buf: &buf, TPM_TAG_RQU_COMMAND, TPM_ORD_STARTUP); |
332 | if (rc < 0) |
333 | return rc; |
334 | |
335 | tpm_buf_append_u16(buf: &buf, TPM_ST_CLEAR); |
336 | |
337 | rc = tpm_transmit_cmd(chip, buf: &buf, min_rsp_body_length: 0, desc: "attempting to start the TPM" ); |
338 | tpm_buf_destroy(buf: &buf); |
339 | return rc; |
340 | } |
341 | |
342 | int tpm1_get_timeouts(struct tpm_chip *chip) |
343 | { |
344 | cap_t cap; |
345 | unsigned long timeout_old[4], timeout_chip[4], timeout_eff[4]; |
346 | unsigned long durations[3]; |
347 | ssize_t rc; |
348 | |
349 | rc = tpm1_getcap(chip, subcap_id: TPM_CAP_PROP_TIS_TIMEOUT, cap: &cap, NULL, |
350 | min_cap_length: sizeof(cap.timeout)); |
351 | if (rc == TPM_ERR_INVALID_POSTINIT) { |
352 | if (tpm1_startup(chip)) |
353 | return rc; |
354 | |
355 | rc = tpm1_getcap(chip, subcap_id: TPM_CAP_PROP_TIS_TIMEOUT, cap: &cap, |
356 | desc: "attempting to determine the timeouts" , |
357 | min_cap_length: sizeof(cap.timeout)); |
358 | } |
359 | |
360 | if (rc) { |
361 | dev_err(&chip->dev, "A TPM error (%zd) occurred attempting to determine the timeouts\n" , |
362 | rc); |
363 | return rc; |
364 | } |
365 | |
366 | timeout_old[0] = jiffies_to_usecs(j: chip->timeout_a); |
367 | timeout_old[1] = jiffies_to_usecs(j: chip->timeout_b); |
368 | timeout_old[2] = jiffies_to_usecs(j: chip->timeout_c); |
369 | timeout_old[3] = jiffies_to_usecs(j: chip->timeout_d); |
370 | timeout_chip[0] = be32_to_cpu(cap.timeout.a); |
371 | timeout_chip[1] = be32_to_cpu(cap.timeout.b); |
372 | timeout_chip[2] = be32_to_cpu(cap.timeout.c); |
373 | timeout_chip[3] = be32_to_cpu(cap.timeout.d); |
374 | memcpy(timeout_eff, timeout_chip, sizeof(timeout_eff)); |
375 | |
376 | /* |
377 | * Provide ability for vendor overrides of timeout values in case |
378 | * of misreporting. |
379 | */ |
380 | if (chip->ops->update_timeouts) |
381 | chip->ops->update_timeouts(chip, timeout_eff); |
382 | |
383 | if (!chip->timeout_adjusted) { |
384 | /* Restore default if chip reported 0 */ |
385 | unsigned int i; |
386 | |
387 | for (i = 0; i < ARRAY_SIZE(timeout_eff); i++) { |
388 | if (timeout_eff[i]) |
389 | continue; |
390 | |
391 | timeout_eff[i] = timeout_old[i]; |
392 | chip->timeout_adjusted = true; |
393 | } |
394 | |
395 | if (timeout_eff[0] != 0 && timeout_eff[0] < 1000) { |
396 | /* timeouts in msec rather usec */ |
397 | for (i = 0; i != ARRAY_SIZE(timeout_eff); i++) |
398 | timeout_eff[i] *= 1000; |
399 | chip->timeout_adjusted = true; |
400 | } |
401 | } |
402 | |
403 | /* Report adjusted timeouts */ |
404 | if (chip->timeout_adjusted) { |
405 | dev_info(&chip->dev, HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n" , |
406 | timeout_chip[0], timeout_eff[0], |
407 | timeout_chip[1], timeout_eff[1], |
408 | timeout_chip[2], timeout_eff[2], |
409 | timeout_chip[3], timeout_eff[3]); |
410 | } |
411 | |
412 | chip->timeout_a = usecs_to_jiffies(u: timeout_eff[0]); |
413 | chip->timeout_b = usecs_to_jiffies(u: timeout_eff[1]); |
414 | chip->timeout_c = usecs_to_jiffies(u: timeout_eff[2]); |
415 | chip->timeout_d = usecs_to_jiffies(u: timeout_eff[3]); |
416 | |
417 | rc = tpm1_getcap(chip, subcap_id: TPM_CAP_PROP_TIS_DURATION, cap: &cap, |
418 | desc: "attempting to determine the durations" , |
419 | min_cap_length: sizeof(cap.duration)); |
420 | if (rc) |
421 | return rc; |
422 | |
423 | chip->duration[TPM_SHORT] = |
424 | usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_short)); |
425 | chip->duration[TPM_MEDIUM] = |
426 | usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_medium)); |
427 | chip->duration[TPM_LONG] = |
428 | usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_long)); |
429 | chip->duration[TPM_LONG_LONG] = 0; /* not used under 1.2 */ |
430 | |
431 | /* |
432 | * Provide the ability for vendor overrides of duration values in case |
433 | * of misreporting. |
434 | */ |
435 | if (chip->ops->update_durations) |
436 | chip->ops->update_durations(chip, durations); |
437 | |
438 | if (chip->duration_adjusted) { |
439 | dev_info(&chip->dev, HW_ERR "Adjusting reported durations." ); |
440 | chip->duration[TPM_SHORT] = durations[0]; |
441 | chip->duration[TPM_MEDIUM] = durations[1]; |
442 | chip->duration[TPM_LONG] = durations[2]; |
443 | } |
444 | |
445 | /* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above |
446 | * value wrong and apparently reports msecs rather than usecs. So we |
447 | * fix up the resulting too-small TPM_SHORT value to make things work. |
448 | * We also scale the TPM_MEDIUM and -_LONG values by 1000. |
449 | */ |
450 | if (chip->duration[TPM_SHORT] < (HZ / 100)) { |
451 | chip->duration[TPM_SHORT] = HZ; |
452 | chip->duration[TPM_MEDIUM] *= 1000; |
453 | chip->duration[TPM_LONG] *= 1000; |
454 | chip->duration_adjusted = true; |
455 | dev_info(&chip->dev, "Adjusting TPM timeout parameters." ); |
456 | } |
457 | |
458 | chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS; |
459 | return 0; |
460 | } |
461 | |
462 | #define TPM_ORD_PCR_EXTEND 20 |
463 | int tpm1_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash, |
464 | const char *log_msg) |
465 | { |
466 | struct tpm_buf buf; |
467 | int rc; |
468 | |
469 | rc = tpm_buf_init(buf: &buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCR_EXTEND); |
470 | if (rc) |
471 | return rc; |
472 | |
473 | tpm_buf_append_u32(buf: &buf, value: pcr_idx); |
474 | tpm_buf_append(buf: &buf, new_data: hash, TPM_DIGEST_SIZE); |
475 | |
476 | rc = tpm_transmit_cmd(chip, buf: &buf, TPM_DIGEST_SIZE, desc: log_msg); |
477 | tpm_buf_destroy(buf: &buf); |
478 | return rc; |
479 | } |
480 | |
481 | #define TPM_ORD_GET_CAP 101 |
482 | ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap, |
483 | const char *desc, size_t min_cap_length) |
484 | { |
485 | struct tpm_buf buf; |
486 | int rc; |
487 | |
488 | rc = tpm_buf_init(buf: &buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_CAP); |
489 | if (rc) |
490 | return rc; |
491 | |
492 | if (subcap_id == TPM_CAP_VERSION_1_1 || |
493 | subcap_id == TPM_CAP_VERSION_1_2) { |
494 | tpm_buf_append_u32(buf: &buf, value: subcap_id); |
495 | tpm_buf_append_u32(buf: &buf, value: 0); |
496 | } else { |
497 | if (subcap_id == TPM_CAP_FLAG_PERM || |
498 | subcap_id == TPM_CAP_FLAG_VOL) |
499 | tpm_buf_append_u32(buf: &buf, value: TPM_CAP_FLAG); |
500 | else |
501 | tpm_buf_append_u32(buf: &buf, value: TPM_CAP_PROP); |
502 | |
503 | tpm_buf_append_u32(buf: &buf, value: 4); |
504 | tpm_buf_append_u32(buf: &buf, value: subcap_id); |
505 | } |
506 | rc = tpm_transmit_cmd(chip, buf: &buf, min_rsp_body_length: min_cap_length, desc); |
507 | if (!rc) |
508 | *cap = *(cap_t *)&buf.data[TPM_HEADER_SIZE + 4]; |
509 | tpm_buf_destroy(buf: &buf); |
510 | return rc; |
511 | } |
512 | EXPORT_SYMBOL_GPL(tpm1_getcap); |
513 | |
514 | #define TPM_ORD_GET_RANDOM 70 |
515 | struct tpm1_get_random_out { |
516 | __be32 rng_data_len; |
517 | u8 rng_data[TPM_MAX_RNG_DATA]; |
518 | } __packed; |
519 | |
520 | /** |
521 | * tpm1_get_random() - get random bytes from the TPM's RNG |
522 | * @chip: a &struct tpm_chip instance |
523 | * @dest: destination buffer for the random bytes |
524 | * @max: the maximum number of bytes to write to @dest |
525 | * |
526 | * Return: |
527 | * * number of bytes read |
528 | * * -errno (positive TPM return codes are masked to -EIO) |
529 | */ |
530 | int tpm1_get_random(struct tpm_chip *chip, u8 *dest, size_t max) |
531 | { |
532 | struct tpm1_get_random_out *out; |
533 | u32 num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA); |
534 | struct tpm_buf buf; |
535 | u32 total = 0; |
536 | int retries = 5; |
537 | u32 recd; |
538 | int rc; |
539 | |
540 | rc = tpm_buf_init(buf: &buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_RANDOM); |
541 | if (rc) |
542 | return rc; |
543 | |
544 | do { |
545 | tpm_buf_append_u32(buf: &buf, value: num_bytes); |
546 | |
547 | rc = tpm_transmit_cmd(chip, buf: &buf, min_rsp_body_length: sizeof(out->rng_data_len), |
548 | desc: "attempting get random" ); |
549 | if (rc) { |
550 | if (rc > 0) |
551 | rc = -EIO; |
552 | goto out; |
553 | } |
554 | |
555 | out = (struct tpm1_get_random_out *)&buf.data[TPM_HEADER_SIZE]; |
556 | |
557 | recd = be32_to_cpu(out->rng_data_len); |
558 | if (recd > num_bytes) { |
559 | rc = -EFAULT; |
560 | goto out; |
561 | } |
562 | |
563 | if (tpm_buf_length(buf: &buf) < TPM_HEADER_SIZE + |
564 | sizeof(out->rng_data_len) + recd) { |
565 | rc = -EFAULT; |
566 | goto out; |
567 | } |
568 | memcpy(dest, out->rng_data, recd); |
569 | |
570 | dest += recd; |
571 | total += recd; |
572 | num_bytes -= recd; |
573 | |
574 | tpm_buf_reset(buf: &buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_RANDOM); |
575 | } while (retries-- && total < max); |
576 | |
577 | rc = total ? (int)total : -EIO; |
578 | out: |
579 | tpm_buf_destroy(buf: &buf); |
580 | return rc; |
581 | } |
582 | |
583 | #define TPM_ORD_PCRREAD 21 |
584 | int tpm1_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf) |
585 | { |
586 | struct tpm_buf buf; |
587 | int rc; |
588 | |
589 | rc = tpm_buf_init(buf: &buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCRREAD); |
590 | if (rc) |
591 | return rc; |
592 | |
593 | tpm_buf_append_u32(buf: &buf, value: pcr_idx); |
594 | |
595 | rc = tpm_transmit_cmd(chip, buf: &buf, TPM_DIGEST_SIZE, |
596 | desc: "attempting to read a pcr value" ); |
597 | if (rc) |
598 | goto out; |
599 | |
600 | if (tpm_buf_length(buf: &buf) < TPM_DIGEST_SIZE) { |
601 | rc = -EFAULT; |
602 | goto out; |
603 | } |
604 | |
605 | memcpy(res_buf, &buf.data[TPM_HEADER_SIZE], TPM_DIGEST_SIZE); |
606 | |
607 | out: |
608 | tpm_buf_destroy(buf: &buf); |
609 | return rc; |
610 | } |
611 | |
612 | #define TPM_ORD_CONTINUE_SELFTEST 83 |
613 | /** |
614 | * tpm1_continue_selftest() - run TPM's selftest |
615 | * @chip: TPM chip to use |
616 | * |
617 | * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing |
618 | * a TPM error code. |
619 | */ |
620 | static int tpm1_continue_selftest(struct tpm_chip *chip) |
621 | { |
622 | struct tpm_buf buf; |
623 | int rc; |
624 | |
625 | rc = tpm_buf_init(buf: &buf, TPM_TAG_RQU_COMMAND, TPM_ORD_CONTINUE_SELFTEST); |
626 | if (rc) |
627 | return rc; |
628 | |
629 | rc = tpm_transmit_cmd(chip, buf: &buf, min_rsp_body_length: 0, desc: "continue selftest" ); |
630 | tpm_buf_destroy(buf: &buf); |
631 | return rc; |
632 | } |
633 | |
634 | /** |
635 | * tpm1_do_selftest - have the TPM continue its selftest and wait until it |
636 | * can receive further commands |
637 | * @chip: TPM chip to use |
638 | * |
639 | * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing |
640 | * a TPM error code. |
641 | */ |
642 | int tpm1_do_selftest(struct tpm_chip *chip) |
643 | { |
644 | int rc; |
645 | unsigned int loops; |
646 | unsigned int delay_msec = 100; |
647 | unsigned long duration; |
648 | u8 dummy[TPM_DIGEST_SIZE]; |
649 | |
650 | duration = tpm1_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST); |
651 | |
652 | loops = jiffies_to_msecs(j: duration) / delay_msec; |
653 | |
654 | rc = tpm1_continue_selftest(chip); |
655 | if (rc == TPM_ERR_INVALID_POSTINIT) { |
656 | chip->flags |= TPM_CHIP_FLAG_ALWAYS_POWERED; |
657 | dev_info(&chip->dev, "TPM not ready (%d)\n" , rc); |
658 | } |
659 | /* This may fail if there was no TPM driver during a suspend/resume |
660 | * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST) |
661 | */ |
662 | if (rc) |
663 | return rc; |
664 | |
665 | do { |
666 | /* Attempt to read a PCR value */ |
667 | rc = tpm1_pcr_read(chip, pcr_idx: 0, res_buf: dummy); |
668 | |
669 | /* Some buggy TPMs will not respond to tpm_tis_ready() for |
670 | * around 300ms while the self test is ongoing, keep trying |
671 | * until the self test duration expires. |
672 | */ |
673 | if (rc == -ETIME) { |
674 | dev_info(&chip->dev, HW_ERR "TPM command timed out during continue self test" ); |
675 | tpm_msleep(delay_msec); |
676 | continue; |
677 | } |
678 | |
679 | if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) { |
680 | dev_info(&chip->dev, "TPM is disabled/deactivated (0x%X)\n" , |
681 | rc); |
682 | /* TPM is disabled and/or deactivated; driver can |
683 | * proceed and TPM does handle commands for |
684 | * suspend/resume correctly |
685 | */ |
686 | return 0; |
687 | } |
688 | if (rc != TPM_WARN_DOING_SELFTEST) |
689 | return rc; |
690 | tpm_msleep(delay_msec); |
691 | } while (--loops > 0); |
692 | |
693 | return rc; |
694 | } |
695 | EXPORT_SYMBOL_GPL(tpm1_do_selftest); |
696 | |
697 | /** |
698 | * tpm1_auto_startup - Perform the standard automatic TPM initialization |
699 | * sequence |
700 | * @chip: TPM chip to use |
701 | * |
702 | * Returns 0 on success, < 0 in case of fatal error. |
703 | */ |
704 | int tpm1_auto_startup(struct tpm_chip *chip) |
705 | { |
706 | int rc; |
707 | |
708 | rc = tpm1_get_timeouts(chip); |
709 | if (rc) |
710 | goto out; |
711 | rc = tpm1_do_selftest(chip); |
712 | if (rc == TPM_ERR_FAILEDSELFTEST) { |
713 | dev_warn(&chip->dev, "TPM self test failed, switching to the firmware upgrade mode\n" ); |
714 | /* A TPM in this state possibly allows or needs a firmware upgrade */ |
715 | chip->flags |= TPM_CHIP_FLAG_FIRMWARE_UPGRADE; |
716 | return 0; |
717 | } else if (rc) { |
718 | dev_err(&chip->dev, "TPM self test failed\n" ); |
719 | goto out; |
720 | } |
721 | |
722 | return rc; |
723 | out: |
724 | if (rc > 0) |
725 | rc = -ENODEV; |
726 | return rc; |
727 | } |
728 | |
729 | #define TPM_ORD_SAVESTATE 152 |
730 | |
731 | /** |
732 | * tpm1_pm_suspend() - pm suspend handler |
733 | * @chip: TPM chip to use. |
734 | * @tpm_suspend_pcr: flush pcr for buggy TPM chips. |
735 | * |
736 | * The functions saves the TPM state to be restored on resume. |
737 | * |
738 | * Return: |
739 | * * 0 on success, |
740 | * * < 0 on error. |
741 | */ |
742 | int tpm1_pm_suspend(struct tpm_chip *chip, u32 tpm_suspend_pcr) |
743 | { |
744 | u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 }; |
745 | struct tpm_buf buf; |
746 | unsigned int try; |
747 | int rc; |
748 | |
749 | |
750 | /* for buggy tpm, flush pcrs with extend to selected dummy */ |
751 | if (tpm_suspend_pcr) |
752 | rc = tpm1_pcr_extend(chip, pcr_idx: tpm_suspend_pcr, hash: dummy_hash, |
753 | log_msg: "extending dummy pcr before suspend" ); |
754 | |
755 | rc = tpm_buf_init(buf: &buf, TPM_TAG_RQU_COMMAND, TPM_ORD_SAVESTATE); |
756 | if (rc) |
757 | return rc; |
758 | /* now do the actual savestate */ |
759 | for (try = 0; try < TPM_RETRY; try++) { |
760 | rc = tpm_transmit_cmd(chip, buf: &buf, min_rsp_body_length: 0, NULL); |
761 | /* |
762 | * If the TPM indicates that it is too busy to respond to |
763 | * this command then retry before giving up. It can take |
764 | * several seconds for this TPM to be ready. |
765 | * |
766 | * This can happen if the TPM has already been sent the |
767 | * SaveState command before the driver has loaded. TCG 1.2 |
768 | * specification states that any communication after SaveState |
769 | * may cause the TPM to invalidate previously saved state. |
770 | */ |
771 | if (rc != TPM_WARN_RETRY) |
772 | break; |
773 | tpm_msleep(delay_msec: TPM_TIMEOUT_RETRY); |
774 | |
775 | tpm_buf_reset(buf: &buf, TPM_TAG_RQU_COMMAND, TPM_ORD_SAVESTATE); |
776 | } |
777 | |
778 | if (rc) |
779 | dev_err(&chip->dev, "Error (%d) sending savestate before suspend\n" , |
780 | rc); |
781 | else if (try > 0) |
782 | dev_warn(&chip->dev, "TPM savestate took %dms\n" , |
783 | try * TPM_TIMEOUT_RETRY); |
784 | |
785 | tpm_buf_destroy(buf: &buf); |
786 | |
787 | return rc; |
788 | } |
789 | |
790 | /** |
791 | * tpm1_get_pcr_allocation() - initialize the allocated bank |
792 | * @chip: TPM chip to use. |
793 | * |
794 | * The function initializes the SHA1 allocated bank to extend PCR |
795 | * |
796 | * Return: |
797 | * * 0 on success, |
798 | * * < 0 on error. |
799 | */ |
800 | int tpm1_get_pcr_allocation(struct tpm_chip *chip) |
801 | { |
802 | chip->allocated_banks = kcalloc(n: 1, size: sizeof(*chip->allocated_banks), |
803 | GFP_KERNEL); |
804 | if (!chip->allocated_banks) |
805 | return -ENOMEM; |
806 | |
807 | chip->allocated_banks[0].alg_id = TPM_ALG_SHA1; |
808 | chip->allocated_banks[0].digest_size = hash_digest_size[HASH_ALGO_SHA1]; |
809 | chip->allocated_banks[0].crypto_id = HASH_ALGO_SHA1; |
810 | chip->nr_allocated_banks = 1; |
811 | |
812 | return 0; |
813 | } |
814 | |