tpm1-cmd.c (18731B)
1// SPDX-License-Identifier: GPL-2.0 2/* 3 * Copyright (C) 2004 IBM Corporation 4 * Copyright (C) 2014 Intel Corporation 5 * 6 * Authors: 7 * Leendert van Doorn <leendert@watson.ibm.com> 8 * Dave Safford <safford@watson.ibm.com> 9 * Reiner Sailer <sailer@watson.ibm.com> 10 * Kylene Hall <kjhall@us.ibm.com> 11 * 12 * Device driver for TCG/TCPA TPM (trusted platform module). 13 * Specifications at www.trustedcomputinggroup.org 14 */ 15 16#include <linux/poll.h> 17#include <linux/slab.h> 18#include <linux/mutex.h> 19#include <linux/spinlock.h> 20#include <linux/freezer.h> 21#include <linux/tpm_eventlog.h> 22 23#include "tpm.h" 24 25#define TPM_MAX_ORDINAL 243 26 27/* 28 * Array with one entry per ordinal defining the maximum amount 29 * of time the chip could take to return the result. The ordinal 30 * designation of short, medium or long is defined in a table in 31 * TCG Specification TPM Main Part 2 TPM Structures Section 17. The 32 * values of the SHORT, MEDIUM, and LONG durations are retrieved 33 * from the chip during initialization with a call to tpm_get_timeouts. 34 */ 35static const u8 tpm1_ordinal_duration[TPM_MAX_ORDINAL] = { 36 TPM_UNDEFINED, /* 0 */ 37 TPM_UNDEFINED, 38 TPM_UNDEFINED, 39 TPM_UNDEFINED, 40 TPM_UNDEFINED, 41 TPM_UNDEFINED, /* 5 */ 42 TPM_UNDEFINED, 43 TPM_UNDEFINED, 44 TPM_UNDEFINED, 45 TPM_UNDEFINED, 46 TPM_SHORT, /* 10 */ 47 TPM_SHORT, 48 TPM_MEDIUM, 49 TPM_LONG, 50 TPM_LONG, 51 TPM_MEDIUM, /* 15 */ 52 TPM_SHORT, 53 TPM_SHORT, 54 TPM_MEDIUM, 55 TPM_LONG, 56 TPM_SHORT, /* 20 */ 57 TPM_SHORT, 58 TPM_MEDIUM, 59 TPM_MEDIUM, 60 TPM_MEDIUM, 61 TPM_SHORT, /* 25 */ 62 TPM_SHORT, 63 TPM_MEDIUM, 64 TPM_SHORT, 65 TPM_SHORT, 66 TPM_MEDIUM, /* 30 */ 67 TPM_LONG, 68 TPM_MEDIUM, 69 TPM_SHORT, 70 TPM_SHORT, 71 TPM_SHORT, /* 35 */ 72 TPM_MEDIUM, 73 TPM_MEDIUM, 74 TPM_UNDEFINED, 75 TPM_UNDEFINED, 76 TPM_MEDIUM, /* 40 */ 77 TPM_LONG, 78 TPM_MEDIUM, 79 TPM_SHORT, 80 TPM_SHORT, 81 TPM_SHORT, /* 45 */ 82 TPM_SHORT, 83 TPM_SHORT, 84 TPM_SHORT, 85 TPM_LONG, 86 TPM_MEDIUM, /* 50 */ 87 TPM_MEDIUM, 88 TPM_UNDEFINED, 89 TPM_UNDEFINED, 90 TPM_UNDEFINED, 91 TPM_UNDEFINED, /* 55 */ 92 TPM_UNDEFINED, 93 TPM_UNDEFINED, 94 TPM_UNDEFINED, 95 TPM_UNDEFINED, 96 TPM_MEDIUM, /* 60 */ 97 TPM_MEDIUM, 98 TPM_MEDIUM, 99 TPM_SHORT, 100 TPM_SHORT, 101 TPM_MEDIUM, /* 65 */ 102 TPM_UNDEFINED, 103 TPM_UNDEFINED, 104 TPM_UNDEFINED, 105 TPM_UNDEFINED, 106 TPM_SHORT, /* 70 */ 107 TPM_SHORT, 108 TPM_UNDEFINED, 109 TPM_UNDEFINED, 110 TPM_UNDEFINED, 111 TPM_UNDEFINED, /* 75 */ 112 TPM_UNDEFINED, 113 TPM_UNDEFINED, 114 TPM_UNDEFINED, 115 TPM_UNDEFINED, 116 TPM_LONG, /* 80 */ 117 TPM_UNDEFINED, 118 TPM_MEDIUM, 119 TPM_LONG, 120 TPM_SHORT, 121 TPM_UNDEFINED, /* 85 */ 122 TPM_UNDEFINED, 123 TPM_UNDEFINED, 124 TPM_UNDEFINED, 125 TPM_UNDEFINED, 126 TPM_SHORT, /* 90 */ 127 TPM_SHORT, 128 TPM_SHORT, 129 TPM_SHORT, 130 TPM_SHORT, 131 TPM_UNDEFINED, /* 95 */ 132 TPM_UNDEFINED, 133 TPM_UNDEFINED, 134 TPM_UNDEFINED, 135 TPM_UNDEFINED, 136 TPM_MEDIUM, /* 100 */ 137 TPM_SHORT, 138 TPM_SHORT, 139 TPM_UNDEFINED, 140 TPM_UNDEFINED, 141 TPM_UNDEFINED, /* 105 */ 142 TPM_UNDEFINED, 143 TPM_UNDEFINED, 144 TPM_UNDEFINED, 145 TPM_UNDEFINED, 146 TPM_SHORT, /* 110 */ 147 TPM_SHORT, 148 TPM_SHORT, 149 TPM_SHORT, 150 TPM_SHORT, 151 TPM_SHORT, /* 115 */ 152 TPM_SHORT, 153 TPM_SHORT, 154 TPM_UNDEFINED, 155 TPM_UNDEFINED, 156 TPM_LONG, /* 120 */ 157 TPM_LONG, 158 TPM_MEDIUM, 159 TPM_UNDEFINED, 160 TPM_SHORT, 161 TPM_SHORT, /* 125 */ 162 TPM_SHORT, 163 TPM_LONG, 164 TPM_SHORT, 165 TPM_SHORT, 166 TPM_SHORT, /* 130 */ 167 TPM_MEDIUM, 168 TPM_UNDEFINED, 169 TPM_SHORT, 170 TPM_MEDIUM, 171 TPM_UNDEFINED, /* 135 */ 172 TPM_UNDEFINED, 173 TPM_UNDEFINED, 174 TPM_UNDEFINED, 175 TPM_UNDEFINED, 176 TPM_SHORT, /* 140 */ 177 TPM_SHORT, 178 TPM_UNDEFINED, 179 TPM_UNDEFINED, 180 TPM_UNDEFINED, 181 TPM_UNDEFINED, /* 145 */ 182 TPM_UNDEFINED, 183 TPM_UNDEFINED, 184 TPM_UNDEFINED, 185 TPM_UNDEFINED, 186 TPM_SHORT, /* 150 */ 187 TPM_MEDIUM, 188 TPM_MEDIUM, 189 TPM_SHORT, 190 TPM_SHORT, 191 TPM_UNDEFINED, /* 155 */ 192 TPM_UNDEFINED, 193 TPM_UNDEFINED, 194 TPM_UNDEFINED, 195 TPM_UNDEFINED, 196 TPM_SHORT, /* 160 */ 197 TPM_SHORT, 198 TPM_SHORT, 199 TPM_SHORT, 200 TPM_UNDEFINED, 201 TPM_UNDEFINED, /* 165 */ 202 TPM_UNDEFINED, 203 TPM_UNDEFINED, 204 TPM_UNDEFINED, 205 TPM_UNDEFINED, 206 TPM_LONG, /* 170 */ 207 TPM_UNDEFINED, 208 TPM_UNDEFINED, 209 TPM_UNDEFINED, 210 TPM_UNDEFINED, 211 TPM_UNDEFINED, /* 175 */ 212 TPM_UNDEFINED, 213 TPM_UNDEFINED, 214 TPM_UNDEFINED, 215 TPM_UNDEFINED, 216 TPM_MEDIUM, /* 180 */ 217 TPM_SHORT, 218 TPM_MEDIUM, 219 TPM_MEDIUM, 220 TPM_MEDIUM, 221 TPM_MEDIUM, /* 185 */ 222 TPM_SHORT, 223 TPM_UNDEFINED, 224 TPM_UNDEFINED, 225 TPM_UNDEFINED, 226 TPM_UNDEFINED, /* 190 */ 227 TPM_UNDEFINED, 228 TPM_UNDEFINED, 229 TPM_UNDEFINED, 230 TPM_UNDEFINED, 231 TPM_UNDEFINED, /* 195 */ 232 TPM_UNDEFINED, 233 TPM_UNDEFINED, 234 TPM_UNDEFINED, 235 TPM_UNDEFINED, 236 TPM_SHORT, /* 200 */ 237 TPM_UNDEFINED, 238 TPM_UNDEFINED, 239 TPM_UNDEFINED, 240 TPM_SHORT, 241 TPM_SHORT, /* 205 */ 242 TPM_SHORT, 243 TPM_SHORT, 244 TPM_SHORT, 245 TPM_SHORT, 246 TPM_MEDIUM, /* 210 */ 247 TPM_UNDEFINED, 248 TPM_MEDIUM, 249 TPM_MEDIUM, 250 TPM_MEDIUM, 251 TPM_UNDEFINED, /* 215 */ 252 TPM_MEDIUM, 253 TPM_UNDEFINED, 254 TPM_UNDEFINED, 255 TPM_SHORT, 256 TPM_SHORT, /* 220 */ 257 TPM_SHORT, 258 TPM_SHORT, 259 TPM_SHORT, 260 TPM_SHORT, 261 TPM_UNDEFINED, /* 225 */ 262 TPM_UNDEFINED, 263 TPM_UNDEFINED, 264 TPM_UNDEFINED, 265 TPM_UNDEFINED, 266 TPM_SHORT, /* 230 */ 267 TPM_LONG, 268 TPM_MEDIUM, 269 TPM_UNDEFINED, 270 TPM_UNDEFINED, 271 TPM_UNDEFINED, /* 235 */ 272 TPM_UNDEFINED, 273 TPM_UNDEFINED, 274 TPM_UNDEFINED, 275 TPM_UNDEFINED, 276 TPM_SHORT, /* 240 */ 277 TPM_UNDEFINED, 278 TPM_MEDIUM, 279}; 280 281/** 282 * tpm1_calc_ordinal_duration() - calculate the maximum command duration 283 * @chip: TPM chip to use. 284 * @ordinal: TPM command ordinal. 285 * 286 * The function returns the maximum amount of time the chip could take 287 * to return the result for a particular ordinal in jiffies. 288 * 289 * Return: A maximal duration time for an ordinal in jiffies. 290 */ 291unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal) 292{ 293 int duration_idx = TPM_UNDEFINED; 294 int duration = 0; 295 296 /* 297 * We only have a duration table for protected commands, where the upper 298 * 16 bits are 0. For the few other ordinals the fallback will be used. 299 */ 300 if (ordinal < TPM_MAX_ORDINAL) 301 duration_idx = tpm1_ordinal_duration[ordinal]; 302 303 if (duration_idx != TPM_UNDEFINED) 304 duration = chip->duration[duration_idx]; 305 if (duration <= 0) 306 return 2 * 60 * HZ; 307 else 308 return duration; 309} 310 311#define TPM_ORD_STARTUP 153 312#define TPM_ST_CLEAR 1 313 314/** 315 * tpm1_startup() - turn on the TPM 316 * @chip: TPM chip to use 317 * 318 * Normally the firmware should start the TPM. This function is provided as a 319 * workaround if this does not happen. A legal case for this could be for 320 * example when a TPM emulator is used. 321 * 322 * Return: same as tpm_transmit_cmd() 323 */ 324static int tpm1_startup(struct tpm_chip *chip) 325{ 326 struct tpm_buf buf; 327 int rc; 328 329 dev_info(&chip->dev, "starting up the TPM manually\n"); 330 331 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_STARTUP); 332 if (rc < 0) 333 return rc; 334 335 tpm_buf_append_u16(&buf, TPM_ST_CLEAR); 336 337 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to start the TPM"); 338 tpm_buf_destroy(&buf); 339 return rc; 340} 341 342int tpm1_get_timeouts(struct tpm_chip *chip) 343{ 344 cap_t cap; 345 unsigned long timeout_old[4], timeout_chip[4], timeout_eff[4]; 346 unsigned long durations[3]; 347 ssize_t rc; 348 349 rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL, 350 sizeof(cap.timeout)); 351 if (rc == TPM_ERR_INVALID_POSTINIT) { 352 if (tpm1_startup(chip)) 353 return rc; 354 355 rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, 356 "attempting to determine the timeouts", 357 sizeof(cap.timeout)); 358 } 359 360 if (rc) { 361 dev_err(&chip->dev, "A TPM error (%zd) occurred attempting to determine the timeouts\n", 362 rc); 363 return rc; 364 } 365 366 timeout_old[0] = jiffies_to_usecs(chip->timeout_a); 367 timeout_old[1] = jiffies_to_usecs(chip->timeout_b); 368 timeout_old[2] = jiffies_to_usecs(chip->timeout_c); 369 timeout_old[3] = jiffies_to_usecs(chip->timeout_d); 370 timeout_chip[0] = be32_to_cpu(cap.timeout.a); 371 timeout_chip[1] = be32_to_cpu(cap.timeout.b); 372 timeout_chip[2] = be32_to_cpu(cap.timeout.c); 373 timeout_chip[3] = be32_to_cpu(cap.timeout.d); 374 memcpy(timeout_eff, timeout_chip, sizeof(timeout_eff)); 375 376 /* 377 * Provide ability for vendor overrides of timeout values in case 378 * of misreporting. 379 */ 380 if (chip->ops->update_timeouts) 381 chip->ops->update_timeouts(chip, timeout_eff); 382 383 if (!chip->timeout_adjusted) { 384 /* Restore default if chip reported 0 */ 385 unsigned int i; 386 387 for (i = 0; i < ARRAY_SIZE(timeout_eff); i++) { 388 if (timeout_eff[i]) 389 continue; 390 391 timeout_eff[i] = timeout_old[i]; 392 chip->timeout_adjusted = true; 393 } 394 395 if (timeout_eff[0] != 0 && timeout_eff[0] < 1000) { 396 /* timeouts in msec rather usec */ 397 for (i = 0; i != ARRAY_SIZE(timeout_eff); i++) 398 timeout_eff[i] *= 1000; 399 chip->timeout_adjusted = true; 400 } 401 } 402 403 /* Report adjusted timeouts */ 404 if (chip->timeout_adjusted) { 405 dev_info(&chip->dev, HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n", 406 timeout_chip[0], timeout_eff[0], 407 timeout_chip[1], timeout_eff[1], 408 timeout_chip[2], timeout_eff[2], 409 timeout_chip[3], timeout_eff[3]); 410 } 411 412 chip->timeout_a = usecs_to_jiffies(timeout_eff[0]); 413 chip->timeout_b = usecs_to_jiffies(timeout_eff[1]); 414 chip->timeout_c = usecs_to_jiffies(timeout_eff[2]); 415 chip->timeout_d = usecs_to_jiffies(timeout_eff[3]); 416 417 rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_DURATION, &cap, 418 "attempting to determine the durations", 419 sizeof(cap.duration)); 420 if (rc) 421 return rc; 422 423 chip->duration[TPM_SHORT] = 424 usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_short)); 425 chip->duration[TPM_MEDIUM] = 426 usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_medium)); 427 chip->duration[TPM_LONG] = 428 usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_long)); 429 chip->duration[TPM_LONG_LONG] = 0; /* not used under 1.2 */ 430 431 /* 432 * Provide the ability for vendor overrides of duration values in case 433 * of misreporting. 434 */ 435 if (chip->ops->update_durations) 436 chip->ops->update_durations(chip, durations); 437 438 if (chip->duration_adjusted) { 439 dev_info(&chip->dev, HW_ERR "Adjusting reported durations."); 440 chip->duration[TPM_SHORT] = durations[0]; 441 chip->duration[TPM_MEDIUM] = durations[1]; 442 chip->duration[TPM_LONG] = durations[2]; 443 } 444 445 /* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above 446 * value wrong and apparently reports msecs rather than usecs. So we 447 * fix up the resulting too-small TPM_SHORT value to make things work. 448 * We also scale the TPM_MEDIUM and -_LONG values by 1000. 449 */ 450 if (chip->duration[TPM_SHORT] < (HZ / 100)) { 451 chip->duration[TPM_SHORT] = HZ; 452 chip->duration[TPM_MEDIUM] *= 1000; 453 chip->duration[TPM_LONG] *= 1000; 454 chip->duration_adjusted = true; 455 dev_info(&chip->dev, "Adjusting TPM timeout parameters."); 456 } 457 458 chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS; 459 return 0; 460} 461 462#define TPM_ORD_PCR_EXTEND 20 463int tpm1_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash, 464 const char *log_msg) 465{ 466 struct tpm_buf buf; 467 int rc; 468 469 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCR_EXTEND); 470 if (rc) 471 return rc; 472 473 tpm_buf_append_u32(&buf, pcr_idx); 474 tpm_buf_append(&buf, hash, TPM_DIGEST_SIZE); 475 476 rc = tpm_transmit_cmd(chip, &buf, TPM_DIGEST_SIZE, log_msg); 477 tpm_buf_destroy(&buf); 478 return rc; 479} 480 481#define TPM_ORD_GET_CAP 101 482ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap, 483 const char *desc, size_t min_cap_length) 484{ 485 struct tpm_buf buf; 486 int rc; 487 488 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_CAP); 489 if (rc) 490 return rc; 491 492 if (subcap_id == TPM_CAP_VERSION_1_1 || 493 subcap_id == TPM_CAP_VERSION_1_2) { 494 tpm_buf_append_u32(&buf, subcap_id); 495 tpm_buf_append_u32(&buf, 0); 496 } else { 497 if (subcap_id == TPM_CAP_FLAG_PERM || 498 subcap_id == TPM_CAP_FLAG_VOL) 499 tpm_buf_append_u32(&buf, TPM_CAP_FLAG); 500 else 501 tpm_buf_append_u32(&buf, TPM_CAP_PROP); 502 503 tpm_buf_append_u32(&buf, 4); 504 tpm_buf_append_u32(&buf, subcap_id); 505 } 506 rc = tpm_transmit_cmd(chip, &buf, min_cap_length, desc); 507 if (!rc) 508 *cap = *(cap_t *)&buf.data[TPM_HEADER_SIZE + 4]; 509 tpm_buf_destroy(&buf); 510 return rc; 511} 512EXPORT_SYMBOL_GPL(tpm1_getcap); 513 514#define TPM_ORD_GET_RANDOM 70 515struct tpm1_get_random_out { 516 __be32 rng_data_len; 517 u8 rng_data[TPM_MAX_RNG_DATA]; 518} __packed; 519 520/** 521 * tpm1_get_random() - get random bytes from the TPM's RNG 522 * @chip: a &struct tpm_chip instance 523 * @dest: destination buffer for the random bytes 524 * @max: the maximum number of bytes to write to @dest 525 * 526 * Return: 527 * * number of bytes read 528 * * -errno (positive TPM return codes are masked to -EIO) 529 */ 530int tpm1_get_random(struct tpm_chip *chip, u8 *dest, size_t max) 531{ 532 struct tpm1_get_random_out *out; 533 u32 num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA); 534 struct tpm_buf buf; 535 u32 total = 0; 536 int retries = 5; 537 u32 recd; 538 int rc; 539 540 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_RANDOM); 541 if (rc) 542 return rc; 543 544 do { 545 tpm_buf_append_u32(&buf, num_bytes); 546 547 rc = tpm_transmit_cmd(chip, &buf, sizeof(out->rng_data_len), 548 "attempting get random"); 549 if (rc) { 550 if (rc > 0) 551 rc = -EIO; 552 goto out; 553 } 554 555 out = (struct tpm1_get_random_out *)&buf.data[TPM_HEADER_SIZE]; 556 557 recd = be32_to_cpu(out->rng_data_len); 558 if (recd > num_bytes) { 559 rc = -EFAULT; 560 goto out; 561 } 562 563 if (tpm_buf_length(&buf) < TPM_HEADER_SIZE + 564 sizeof(out->rng_data_len) + recd) { 565 rc = -EFAULT; 566 goto out; 567 } 568 memcpy(dest, out->rng_data, recd); 569 570 dest += recd; 571 total += recd; 572 num_bytes -= recd; 573 574 tpm_buf_reset(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_RANDOM); 575 } while (retries-- && total < max); 576 577 rc = total ? (int)total : -EIO; 578out: 579 tpm_buf_destroy(&buf); 580 return rc; 581} 582 583#define TPM_ORD_PCRREAD 21 584int tpm1_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf) 585{ 586 struct tpm_buf buf; 587 int rc; 588 589 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCRREAD); 590 if (rc) 591 return rc; 592 593 tpm_buf_append_u32(&buf, pcr_idx); 594 595 rc = tpm_transmit_cmd(chip, &buf, TPM_DIGEST_SIZE, 596 "attempting to read a pcr value"); 597 if (rc) 598 goto out; 599 600 if (tpm_buf_length(&buf) < TPM_DIGEST_SIZE) { 601 rc = -EFAULT; 602 goto out; 603 } 604 605 memcpy(res_buf, &buf.data[TPM_HEADER_SIZE], TPM_DIGEST_SIZE); 606 607out: 608 tpm_buf_destroy(&buf); 609 return rc; 610} 611 612#define TPM_ORD_CONTINUE_SELFTEST 83 613/** 614 * tpm1_continue_selftest() - run TPM's selftest 615 * @chip: TPM chip to use 616 * 617 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing 618 * a TPM error code. 619 */ 620static int tpm1_continue_selftest(struct tpm_chip *chip) 621{ 622 struct tpm_buf buf; 623 int rc; 624 625 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_CONTINUE_SELFTEST); 626 if (rc) 627 return rc; 628 629 rc = tpm_transmit_cmd(chip, &buf, 0, "continue selftest"); 630 tpm_buf_destroy(&buf); 631 return rc; 632} 633 634/** 635 * tpm1_do_selftest - have the TPM continue its selftest and wait until it 636 * can receive further commands 637 * @chip: TPM chip to use 638 * 639 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing 640 * a TPM error code. 641 */ 642int tpm1_do_selftest(struct tpm_chip *chip) 643{ 644 int rc; 645 unsigned int loops; 646 unsigned int delay_msec = 100; 647 unsigned long duration; 648 u8 dummy[TPM_DIGEST_SIZE]; 649 650 duration = tpm1_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST); 651 652 loops = jiffies_to_msecs(duration) / delay_msec; 653 654 rc = tpm1_continue_selftest(chip); 655 if (rc == TPM_ERR_INVALID_POSTINIT) { 656 chip->flags |= TPM_CHIP_FLAG_ALWAYS_POWERED; 657 dev_info(&chip->dev, "TPM not ready (%d)\n", rc); 658 } 659 /* This may fail if there was no TPM driver during a suspend/resume 660 * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST) 661 */ 662 if (rc) 663 return rc; 664 665 do { 666 /* Attempt to read a PCR value */ 667 rc = tpm1_pcr_read(chip, 0, dummy); 668 669 /* Some buggy TPMs will not respond to tpm_tis_ready() for 670 * around 300ms while the self test is ongoing, keep trying 671 * until the self test duration expires. 672 */ 673 if (rc == -ETIME) { 674 dev_info(&chip->dev, HW_ERR "TPM command timed out during continue self test"); 675 tpm_msleep(delay_msec); 676 continue; 677 } 678 679 if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) { 680 dev_info(&chip->dev, "TPM is disabled/deactivated (0x%X)\n", 681 rc); 682 /* TPM is disabled and/or deactivated; driver can 683 * proceed and TPM does handle commands for 684 * suspend/resume correctly 685 */ 686 return 0; 687 } 688 if (rc != TPM_WARN_DOING_SELFTEST) 689 return rc; 690 tpm_msleep(delay_msec); 691 } while (--loops > 0); 692 693 return rc; 694} 695EXPORT_SYMBOL_GPL(tpm1_do_selftest); 696 697/** 698 * tpm1_auto_startup - Perform the standard automatic TPM initialization 699 * sequence 700 * @chip: TPM chip to use 701 * 702 * Returns 0 on success, < 0 in case of fatal error. 703 */ 704int tpm1_auto_startup(struct tpm_chip *chip) 705{ 706 int rc; 707 708 rc = tpm1_get_timeouts(chip); 709 if (rc) 710 goto out; 711 rc = tpm1_do_selftest(chip); 712 if (rc) { 713 dev_err(&chip->dev, "TPM self test failed\n"); 714 goto out; 715 } 716 717 return rc; 718out: 719 if (rc > 0) 720 rc = -ENODEV; 721 return rc; 722} 723 724#define TPM_ORD_SAVESTATE 152 725 726/** 727 * tpm1_pm_suspend() - pm suspend handler 728 * @chip: TPM chip to use. 729 * @tpm_suspend_pcr: flush pcr for buggy TPM chips. 730 * 731 * The functions saves the TPM state to be restored on resume. 732 * 733 * Return: 734 * * 0 on success, 735 * * < 0 on error. 736 */ 737int tpm1_pm_suspend(struct tpm_chip *chip, u32 tpm_suspend_pcr) 738{ 739 u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 }; 740 struct tpm_buf buf; 741 unsigned int try; 742 int rc; 743 744 745 /* for buggy tpm, flush pcrs with extend to selected dummy */ 746 if (tpm_suspend_pcr) 747 rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash, 748 "extending dummy pcr before suspend"); 749 750 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_SAVESTATE); 751 if (rc) 752 return rc; 753 /* now do the actual savestate */ 754 for (try = 0; try < TPM_RETRY; try++) { 755 rc = tpm_transmit_cmd(chip, &buf, 0, NULL); 756 /* 757 * If the TPM indicates that it is too busy to respond to 758 * this command then retry before giving up. It can take 759 * several seconds for this TPM to be ready. 760 * 761 * This can happen if the TPM has already been sent the 762 * SaveState command before the driver has loaded. TCG 1.2 763 * specification states that any communication after SaveState 764 * may cause the TPM to invalidate previously saved state. 765 */ 766 if (rc != TPM_WARN_RETRY) 767 break; 768 tpm_msleep(TPM_TIMEOUT_RETRY); 769 770 tpm_buf_reset(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_SAVESTATE); 771 } 772 773 if (rc) 774 dev_err(&chip->dev, "Error (%d) sending savestate before suspend\n", 775 rc); 776 else if (try > 0) 777 dev_warn(&chip->dev, "TPM savestate took %dms\n", 778 try * TPM_TIMEOUT_RETRY); 779 780 tpm_buf_destroy(&buf); 781 782 return rc; 783} 784 785/** 786 * tpm1_get_pcr_allocation() - initialize the allocated bank 787 * @chip: TPM chip to use. 788 * 789 * The function initializes the SHA1 allocated bank to extend PCR 790 * 791 * Return: 792 * * 0 on success, 793 * * < 0 on error. 794 */ 795int tpm1_get_pcr_allocation(struct tpm_chip *chip) 796{ 797 chip->allocated_banks = kcalloc(1, sizeof(*chip->allocated_banks), 798 GFP_KERNEL); 799 if (!chip->allocated_banks) 800 return -ENOMEM; 801 802 chip->allocated_banks[0].alg_id = TPM_ALG_SHA1; 803 chip->allocated_banks[0].digest_size = hash_digest_size[HASH_ALGO_SHA1]; 804 chip->allocated_banks[0].crypto_id = HASH_ALGO_SHA1; 805 chip->nr_allocated_banks = 1; 806 807 return 0; 808}