tpm-interface.c 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576
  1. // SPDX-License-Identifier: GPL-2.0-only
  2. /*
  3. * Copyright (C) 2004 IBM Corporation
  4. * Copyright (C) 2014 Intel Corporation
  5. *
  6. * Authors:
  7. * Leendert van Doorn <leendert@watson.ibm.com>
  8. * Dave Safford <safford@watson.ibm.com>
  9. * Reiner Sailer <sailer@watson.ibm.com>
  10. * Kylene Hall <kjhall@us.ibm.com>
  11. *
  12. * Maintained by: <tpmdd-devel@lists.sourceforge.net>
  13. *
  14. * Device driver for TCG/TCPA TPM (trusted platform module).
  15. * Specifications at www.trustedcomputinggroup.org
  16. *
  17. * Note, the TPM chip is not interrupt driven (only polling)
  18. * and can have very long timeouts (minutes!). Hence the unusual
  19. * calls to msleep.
  20. */
  21. #include <linux/poll.h>
  22. #include <linux/slab.h>
  23. #include <linux/mutex.h>
  24. #include <linux/spinlock.h>
  25. #include <linux/suspend.h>
  26. #include <linux/freezer.h>
  27. #include <linux/tpm_eventlog.h>
  28. #include "tpm.h"
  29. /*
  30. * Bug workaround - some TPM's don't flush the most
  31. * recently changed pcr on suspend, so force the flush
  32. * with an extend to the selected _unused_ non-volatile pcr.
  33. */
  34. static u32 tpm_suspend_pcr;
  35. module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644);
  36. MODULE_PARM_DESC(suspend_pcr,
  37. "PCR to use for dummy writes to facilitate flush on suspend.");
  38. /**
  39. * tpm_calc_ordinal_duration() - calculate the maximum command duration
  40. * @chip: TPM chip to use.
  41. * @ordinal: TPM command ordinal.
  42. *
  43. * The function returns the maximum amount of time the chip could take
  44. * to return the result for a particular ordinal in jiffies.
  45. *
  46. * Return: A maximal duration time for an ordinal in jiffies.
  47. */
  48. unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
  49. {
  50. if (chip->flags & TPM_CHIP_FLAG_TPM2)
  51. return tpm2_calc_ordinal_duration(ordinal);
  52. else
  53. return tpm1_calc_ordinal_duration(chip, ordinal);
  54. }
  55. EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration);
  56. static void tpm_chip_cancel(struct tpm_chip *chip)
  57. {
  58. if (!chip->ops->cancel)
  59. return;
  60. chip->ops->cancel(chip);
  61. }
  62. static u8 tpm_chip_status(struct tpm_chip *chip)
  63. {
  64. if (!chip->ops->status)
  65. return 0;
  66. return chip->ops->status(chip);
  67. }
  68. static bool tpm_chip_req_canceled(struct tpm_chip *chip, u8 status)
  69. {
  70. if (!chip->ops->req_canceled)
  71. return false;
  72. return chip->ops->req_canceled(chip, status);
  73. }
  74. static bool tpm_transmit_completed(u8 status, struct tpm_chip *chip)
  75. {
  76. u8 status_masked = status & chip->ops->req_complete_mask;
  77. return status_masked == chip->ops->req_complete_val;
  78. }
  79. static ssize_t tpm_try_transmit(struct tpm_chip *chip, void *buf, size_t bufsiz)
  80. {
  81. struct tpm_header *header = buf;
  82. int rc;
  83. ssize_t len = 0;
  84. u32 count, ordinal;
  85. unsigned long stop;
  86. if (bufsiz < TPM_HEADER_SIZE)
  87. return -EINVAL;
  88. if (bufsiz > TPM_BUFSIZE)
  89. bufsiz = TPM_BUFSIZE;
  90. count = be32_to_cpu(header->length);
  91. ordinal = be32_to_cpu(header->ordinal);
  92. if (count == 0)
  93. return -ENODATA;
  94. if (count > bufsiz) {
  95. dev_err(&chip->dev,
  96. "invalid count value %x %zx\n", count, bufsiz);
  97. return -E2BIG;
  98. }
  99. rc = chip->ops->send(chip, buf, bufsiz, count);
  100. if (rc < 0) {
  101. if (rc != -EPIPE)
  102. dev_err(&chip->dev,
  103. "%s: send(): error %d\n", __func__, rc);
  104. return rc;
  105. }
  106. /*
  107. * Synchronous devices return the response directly during the send()
  108. * call in the same buffer.
  109. */
  110. if (chip->flags & TPM_CHIP_FLAG_SYNC) {
  111. len = rc;
  112. rc = 0;
  113. goto out_sync;
  114. }
  115. /*
  116. * A sanity check. send() of asynchronous devices should just return
  117. * zero on success e.g. not the command length.
  118. */
  119. if (rc > 0) {
  120. dev_warn(&chip->dev,
  121. "%s: send(): invalid value %d\n", __func__, rc);
  122. rc = 0;
  123. }
  124. if (chip->flags & TPM_CHIP_FLAG_IRQ)
  125. goto out_recv;
  126. stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal);
  127. do {
  128. u8 status = tpm_chip_status(chip);
  129. if (tpm_transmit_completed(status, chip))
  130. goto out_recv;
  131. if (tpm_chip_req_canceled(chip, status)) {
  132. dev_err(&chip->dev, "Operation Canceled\n");
  133. return -ECANCELED;
  134. }
  135. tpm_msleep(TPM_TIMEOUT_POLL);
  136. rmb();
  137. } while (time_before(jiffies, stop));
  138. /*
  139. * Check for completion one more time, just in case the device reported
  140. * it while the driver was sleeping in the busy loop above.
  141. */
  142. if (tpm_transmit_completed(tpm_chip_status(chip), chip))
  143. goto out_recv;
  144. tpm_chip_cancel(chip);
  145. dev_err(&chip->dev, "Operation Timed out\n");
  146. return -ETIME;
  147. out_recv:
  148. len = chip->ops->recv(chip, buf, bufsiz);
  149. if (len < 0) {
  150. rc = len;
  151. dev_err(&chip->dev, "tpm_transmit: tpm_recv: error %d\n", rc);
  152. return rc;
  153. }
  154. out_sync:
  155. if (len < TPM_HEADER_SIZE || len != be32_to_cpu(header->length))
  156. rc = -EFAULT;
  157. return rc ? rc : len;
  158. }
  159. /**
  160. * tpm_transmit - Internal kernel interface to transmit TPM commands.
  161. * @chip: a TPM chip to use
  162. * @buf: a TPM command buffer
  163. * @bufsiz: length of the TPM command buffer
  164. *
  165. * A wrapper around tpm_try_transmit() that handles TPM2_RC_RETRY returns from
  166. * the TPM and retransmits the command after a delay up to a maximum wait of
  167. * TPM2_DURATION_LONG.
  168. *
  169. * Note that TPM 1.x never returns TPM2_RC_RETRY so the retry logic is TPM 2.0
  170. * only.
  171. *
  172. * Return:
  173. * * The response length - OK
  174. * * -errno - A system error
  175. */
  176. ssize_t tpm_transmit(struct tpm_chip *chip, u8 *buf, size_t bufsiz)
  177. {
  178. struct tpm_header *header = (struct tpm_header *)buf;
  179. /* space for header and handles */
  180. u8 save[TPM_HEADER_SIZE + 3*sizeof(u32)];
  181. unsigned int delay_msec = TPM2_DURATION_SHORT;
  182. u32 rc = 0;
  183. ssize_t ret;
  184. const size_t save_size = min(sizeof(save), bufsiz);
  185. /* the command code is where the return code will be */
  186. u32 cc = be32_to_cpu(header->return_code);
  187. /*
  188. * Subtlety here: if we have a space, the handles will be
  189. * transformed, so when we restore the header we also have to
  190. * restore the handles.
  191. */
  192. memcpy(save, buf, save_size);
  193. for (;;) {
  194. ret = tpm_try_transmit(chip, buf, bufsiz);
  195. if (ret < 0)
  196. break;
  197. rc = be32_to_cpu(header->return_code);
  198. if (rc != TPM2_RC_RETRY && rc != TPM2_RC_TESTING)
  199. break;
  200. /*
  201. * return immediately if self test returns test
  202. * still running to shorten boot time.
  203. */
  204. if (rc == TPM2_RC_TESTING && cc == TPM2_CC_SELF_TEST)
  205. break;
  206. if (delay_msec > TPM2_DURATION_LONG) {
  207. if (rc == TPM2_RC_RETRY)
  208. dev_err(&chip->dev, "in retry loop\n");
  209. else
  210. dev_err(&chip->dev,
  211. "self test is still running\n");
  212. break;
  213. }
  214. tpm_msleep(delay_msec);
  215. delay_msec *= 2;
  216. memcpy(buf, save, save_size);
  217. }
  218. return ret;
  219. }
  220. /**
  221. * tpm_transmit_cmd - send a tpm command to the device
  222. * @chip: a TPM chip to use
  223. * @buf: a TPM command buffer
  224. * @min_rsp_body_length: minimum expected length of response body
  225. * @desc: command description used in the error message
  226. *
  227. * Return:
  228. * * 0 - OK
  229. * * -errno - A system error
  230. * * TPM_RC - A TPM error
  231. */
  232. ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_buf *buf,
  233. size_t min_rsp_body_length, const char *desc)
  234. {
  235. const struct tpm_header *header = (struct tpm_header *)buf->data;
  236. int err;
  237. ssize_t len;
  238. len = tpm_transmit(chip, buf->data, PAGE_SIZE);
  239. if (len < 0)
  240. return len;
  241. err = be32_to_cpu(header->return_code);
  242. if (err != 0 && err != TPM_ERR_DISABLED && err != TPM_ERR_DEACTIVATED
  243. && err != TPM2_RC_TESTING && desc)
  244. dev_err(&chip->dev, "A TPM error (%d) occurred %s\n", err,
  245. desc);
  246. if (err)
  247. return err;
  248. if (len < min_rsp_body_length + TPM_HEADER_SIZE)
  249. return -EFAULT;
  250. buf->length = len;
  251. return 0;
  252. }
  253. EXPORT_SYMBOL_GPL(tpm_transmit_cmd);
  254. int tpm_get_timeouts(struct tpm_chip *chip)
  255. {
  256. if (chip->flags & TPM_CHIP_FLAG_HAVE_TIMEOUTS)
  257. return 0;
  258. if (chip->flags & TPM_CHIP_FLAG_TPM2)
  259. return tpm2_get_timeouts(chip);
  260. else
  261. return tpm1_get_timeouts(chip);
  262. }
  263. EXPORT_SYMBOL_GPL(tpm_get_timeouts);
  264. /**
  265. * tpm_is_tpm2 - do we a have a TPM2 chip?
  266. * @chip: a &struct tpm_chip instance, %NULL for the default chip
  267. *
  268. * Return:
  269. * 1 if we have a TPM2 chip.
  270. * 0 if we don't have a TPM2 chip.
  271. * A negative number for system errors (errno).
  272. */
  273. int tpm_is_tpm2(struct tpm_chip *chip)
  274. {
  275. int rc;
  276. if (!chip)
  277. return -ENODEV;
  278. rc = tpm_try_get_ops(chip);
  279. if (rc)
  280. return rc;
  281. rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0;
  282. tpm_put_ops(chip);
  283. return rc;
  284. }
  285. EXPORT_SYMBOL_GPL(tpm_is_tpm2);
  286. /**
  287. * tpm_pcr_read - read a PCR value from SHA1 bank
  288. * @chip: a &struct tpm_chip instance, %NULL for the default chip
  289. * @pcr_idx: the PCR to be retrieved
  290. * @digest: the PCR bank and buffer current PCR value is written to
  291. *
  292. * Return: same as with tpm_transmit_cmd()
  293. */
  294. int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx,
  295. struct tpm_digest *digest)
  296. {
  297. int rc;
  298. if (!chip)
  299. return -ENODEV;
  300. rc = tpm_try_get_ops(chip);
  301. if (rc)
  302. return rc;
  303. if (chip->flags & TPM_CHIP_FLAG_TPM2)
  304. rc = tpm2_pcr_read(chip, pcr_idx, digest, NULL);
  305. else
  306. rc = tpm1_pcr_read(chip, pcr_idx, digest->digest);
  307. tpm_put_ops(chip);
  308. return rc;
  309. }
  310. EXPORT_SYMBOL_GPL(tpm_pcr_read);
  311. /**
  312. * tpm_pcr_extend - extend a PCR value in SHA1 bank.
  313. * @chip: a &struct tpm_chip instance, %NULL for the default chip
  314. * @pcr_idx: the PCR to be retrieved
  315. * @digests: array of tpm_digest structures used to extend PCRs
  316. *
  317. * Note: callers must pass a digest for every allocated PCR bank, in the same
  318. * order of the banks in chip->allocated_banks.
  319. *
  320. * Return: same as with tpm_transmit_cmd()
  321. */
  322. int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx,
  323. struct tpm_digest *digests)
  324. {
  325. int rc;
  326. int i;
  327. if (!chip)
  328. return -ENODEV;
  329. rc = tpm_try_get_ops(chip);
  330. if (rc)
  331. return rc;
  332. for (i = 0; i < chip->nr_allocated_banks; i++) {
  333. if (digests[i].alg_id != chip->allocated_banks[i].alg_id) {
  334. rc = -EINVAL;
  335. goto out;
  336. }
  337. }
  338. if (chip->flags & TPM_CHIP_FLAG_TPM2) {
  339. rc = tpm2_pcr_extend(chip, pcr_idx, digests);
  340. goto out;
  341. }
  342. rc = tpm1_pcr_extend(chip, pcr_idx, digests[0].digest,
  343. "attempting extend a PCR value");
  344. out:
  345. tpm_put_ops(chip);
  346. return rc;
  347. }
  348. EXPORT_SYMBOL_GPL(tpm_pcr_extend);
  349. int tpm_auto_startup(struct tpm_chip *chip)
  350. {
  351. int rc;
  352. if (!(chip->ops->flags & TPM_OPS_AUTO_STARTUP))
  353. return 0;
  354. if (chip->flags & TPM_CHIP_FLAG_TPM2)
  355. rc = tpm2_auto_startup(chip);
  356. else
  357. rc = tpm1_auto_startup(chip);
  358. return rc;
  359. }
  360. /*
  361. * We are about to suspend. Save the TPM state
  362. * so that it can be restored.
  363. */
  364. int tpm_pm_suspend(struct device *dev)
  365. {
  366. struct tpm_chip *chip = dev_get_drvdata(dev);
  367. int rc = 0;
  368. if (!chip)
  369. return -ENODEV;
  370. rc = tpm_try_get_ops(chip);
  371. if (rc) {
  372. /* Can be safely set out of locks, as no action cannot race: */
  373. chip->flags |= TPM_CHIP_FLAG_SUSPENDED;
  374. goto out;
  375. }
  376. if (chip->flags & TPM_CHIP_FLAG_ALWAYS_POWERED)
  377. goto suspended;
  378. if ((chip->flags & TPM_CHIP_FLAG_FIRMWARE_POWER_MANAGED) &&
  379. !pm_suspend_via_firmware())
  380. goto suspended;
  381. if (chip->flags & TPM_CHIP_FLAG_TPM2) {
  382. tpm2_end_auth_session(chip);
  383. tpm2_shutdown(chip, TPM2_SU_STATE);
  384. goto suspended;
  385. }
  386. rc = tpm1_pm_suspend(chip, tpm_suspend_pcr);
  387. suspended:
  388. chip->flags |= TPM_CHIP_FLAG_SUSPENDED;
  389. tpm_put_ops(chip);
  390. out:
  391. if (rc)
  392. dev_err(dev, "Ignoring error %d while suspending\n", rc);
  393. return 0;
  394. }
  395. EXPORT_SYMBOL_GPL(tpm_pm_suspend);
  396. /*
  397. * Resume from a power safe. The BIOS already restored
  398. * the TPM state.
  399. */
  400. int tpm_pm_resume(struct device *dev)
  401. {
  402. struct tpm_chip *chip = dev_get_drvdata(dev);
  403. if (chip == NULL)
  404. return -ENODEV;
  405. chip->flags &= ~TPM_CHIP_FLAG_SUSPENDED;
  406. /*
  407. * Guarantee that SUSPENDED is written last, so that hwrng does not
  408. * activate before the chip has been fully resumed.
  409. */
  410. wmb();
  411. return 0;
  412. }
  413. EXPORT_SYMBOL_GPL(tpm_pm_resume);
  414. /**
  415. * tpm_get_random() - get random bytes from the TPM's RNG
  416. * @chip: a &struct tpm_chip instance, %NULL for the default chip
  417. * @out: destination buffer for the random bytes
  418. * @max: the max number of bytes to write to @out
  419. *
  420. * Return: number of random bytes read or a negative error value.
  421. */
  422. int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max)
  423. {
  424. int rc;
  425. if (!out || max > TPM_MAX_RNG_DATA)
  426. return -EINVAL;
  427. if (!chip)
  428. return -ENODEV;
  429. rc = tpm_try_get_ops(chip);
  430. if (rc)
  431. return rc;
  432. if (chip->flags & TPM_CHIP_FLAG_TPM2)
  433. rc = tpm2_get_random(chip, out, max);
  434. else
  435. rc = tpm1_get_random(chip, out, max);
  436. tpm_put_ops(chip);
  437. return rc;
  438. }
  439. EXPORT_SYMBOL_GPL(tpm_get_random);
  440. static int __init tpm_init(void)
  441. {
  442. int rc;
  443. rc = class_register(&tpm_class);
  444. if (rc) {
  445. pr_err("couldn't create tpm class\n");
  446. return rc;
  447. }
  448. rc = class_register(&tpmrm_class);
  449. if (rc) {
  450. pr_err("couldn't create tpmrm class\n");
  451. goto out_destroy_tpm_class;
  452. }
  453. rc = alloc_chrdev_region(&tpm_devt, 0, 2*TPM_NUM_DEVICES, "tpm");
  454. if (rc < 0) {
  455. pr_err("tpm: failed to allocate char dev region\n");
  456. goto out_destroy_tpmrm_class;
  457. }
  458. rc = tpm_dev_common_init();
  459. if (rc) {
  460. pr_err("tpm: failed to allocate char dev region\n");
  461. goto out_unreg_chrdev;
  462. }
  463. return 0;
  464. out_unreg_chrdev:
  465. unregister_chrdev_region(tpm_devt, 2 * TPM_NUM_DEVICES);
  466. out_destroy_tpmrm_class:
  467. class_unregister(&tpmrm_class);
  468. out_destroy_tpm_class:
  469. class_unregister(&tpm_class);
  470. return rc;
  471. }
  472. static void __exit tpm_exit(void)
  473. {
  474. idr_destroy(&dev_nums_idr);
  475. class_unregister(&tpm_class);
  476. class_unregister(&tpmrm_class);
  477. unregister_chrdev_region(tpm_devt, 2*TPM_NUM_DEVICES);
  478. tpm_dev_common_exit();
  479. }
  480. subsys_initcall(tpm_init);
  481. module_exit(tpm_exit);
  482. MODULE_AUTHOR("Leendert van Doorn <leendert@watson.ibm.com>");
  483. MODULE_DESCRIPTION("TPM Driver");
  484. MODULE_VERSION("2.0");
  485. MODULE_LICENSE("GPL");