tpm2-cmd.c 19 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794
  1. // SPDX-License-Identifier: GPL-2.0-only
  2. /*
  3. * Copyright (C) 2014, 2015 Intel Corporation
  4. *
  5. * Authors:
  6. * Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
  7. *
  8. * Maintained by: <tpmdd-devel@lists.sourceforge.net>
  9. *
  10. * This file contains TPM2 protocol implementations of the commands
  11. * used by the kernel internally.
  12. */
  13. #include "linux/dev_printk.h"
  14. #include "linux/tpm.h"
  15. #include "tpm.h"
  16. #include <crypto/hash_info.h>
  17. #include <linux/unaligned.h>
  18. static bool disable_pcr_integrity;
  19. module_param(disable_pcr_integrity, bool, 0444);
  20. MODULE_PARM_DESC(disable_pcr_integrity, "Disable integrity protection of TPM2_PCR_Extend");
  21. struct tpm2_hash tpm2_hash_map[] = {
  22. {HASH_ALGO_SHA1, TPM_ALG_SHA1},
  23. {HASH_ALGO_SHA256, TPM_ALG_SHA256},
  24. {HASH_ALGO_SHA384, TPM_ALG_SHA384},
  25. {HASH_ALGO_SHA512, TPM_ALG_SHA512},
  26. {HASH_ALGO_SM3_256, TPM_ALG_SM3_256},
  27. };
  28. int tpm2_find_hash_alg(unsigned int crypto_id)
  29. {
  30. int i;
  31. for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++)
  32. if (crypto_id == tpm2_hash_map[i].crypto_id)
  33. return tpm2_hash_map[i].tpm_id;
  34. return -EINVAL;
  35. }
  36. EXPORT_SYMBOL_GPL(tpm2_find_hash_alg);
  37. int tpm2_get_timeouts(struct tpm_chip *chip)
  38. {
  39. chip->timeout_a = msecs_to_jiffies(TPM2_TIMEOUT_A);
  40. chip->timeout_b = msecs_to_jiffies(TPM2_TIMEOUT_B);
  41. chip->timeout_c = msecs_to_jiffies(TPM2_TIMEOUT_C);
  42. chip->timeout_d = msecs_to_jiffies(TPM2_TIMEOUT_D);
  43. chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS;
  44. return 0;
  45. }
  46. /*
  47. * Contains the maximum durations in milliseconds for TPM2 commands.
  48. */
  49. static const struct {
  50. unsigned long ordinal;
  51. unsigned long duration;
  52. } tpm2_ordinal_duration_map[] = {
  53. {TPM2_CC_STARTUP, 750},
  54. {TPM2_CC_SELF_TEST, 3000},
  55. {TPM2_CC_GET_RANDOM, 2000},
  56. {TPM2_CC_SEQUENCE_UPDATE, 750},
  57. {TPM2_CC_SEQUENCE_COMPLETE, 750},
  58. {TPM2_CC_EVENT_SEQUENCE_COMPLETE, 750},
  59. {TPM2_CC_HASH_SEQUENCE_START, 750},
  60. {TPM2_CC_VERIFY_SIGNATURE, 30000},
  61. {TPM2_CC_PCR_EXTEND, 750},
  62. {TPM2_CC_HIERARCHY_CONTROL, 2000},
  63. {TPM2_CC_HIERARCHY_CHANGE_AUTH, 2000},
  64. {TPM2_CC_GET_CAPABILITY, 750},
  65. {TPM2_CC_NV_READ, 2000},
  66. {TPM2_CC_CREATE_PRIMARY, 30000},
  67. {TPM2_CC_CREATE, 30000},
  68. {TPM2_CC_CREATE_LOADED, 30000},
  69. };
  70. /**
  71. * tpm2_calc_ordinal_duration() - Calculate the maximum command duration
  72. * @ordinal: TPM command ordinal.
  73. *
  74. * Returns the maximum amount of time the chip is expected by kernel to
  75. * take in jiffies.
  76. */
  77. unsigned long tpm2_calc_ordinal_duration(u32 ordinal)
  78. {
  79. int i;
  80. for (i = 0; i < ARRAY_SIZE(tpm2_ordinal_duration_map); i++)
  81. if (ordinal == tpm2_ordinal_duration_map[i].ordinal)
  82. return msecs_to_jiffies(tpm2_ordinal_duration_map[i].duration);
  83. return msecs_to_jiffies(TPM2_DURATION_DEFAULT);
  84. }
  85. struct tpm2_pcr_read_out {
  86. __be32 update_cnt;
  87. __be32 pcr_selects_cnt;
  88. __be16 hash_alg;
  89. u8 pcr_select_size;
  90. u8 pcr_select[TPM2_PCR_SELECT_MIN];
  91. __be32 digests_cnt;
  92. __be16 digest_size;
  93. u8 digest[];
  94. } __packed;
  95. /**
  96. * tpm2_pcr_read() - read a PCR value
  97. * @chip: TPM chip to use.
  98. * @pcr_idx: index of the PCR to read.
  99. * @digest: PCR bank and buffer current PCR value is written to.
  100. * @digest_size_ptr: pointer to variable that stores the digest size.
  101. *
  102. * Return: Same as with tpm_transmit_cmd.
  103. */
  104. int tpm2_pcr_read(struct tpm_chip *chip, u32 pcr_idx,
  105. struct tpm_digest *digest, u16 *digest_size_ptr)
  106. {
  107. int i;
  108. int rc;
  109. struct tpm_buf buf;
  110. struct tpm2_pcr_read_out *out;
  111. u8 pcr_select[TPM2_PCR_SELECT_MIN] = {0};
  112. u16 digest_size;
  113. u16 expected_digest_size = 0;
  114. if (pcr_idx >= TPM2_PLATFORM_PCR)
  115. return -EINVAL;
  116. if (!digest_size_ptr) {
  117. for (i = 0; i < chip->nr_allocated_banks &&
  118. chip->allocated_banks[i].alg_id != digest->alg_id; i++)
  119. ;
  120. if (i == chip->nr_allocated_banks)
  121. return -EINVAL;
  122. expected_digest_size = chip->allocated_banks[i].digest_size;
  123. }
  124. rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_PCR_READ);
  125. if (rc)
  126. return rc;
  127. pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7);
  128. tpm_buf_append_u32(&buf, 1);
  129. tpm_buf_append_u16(&buf, digest->alg_id);
  130. tpm_buf_append_u8(&buf, TPM2_PCR_SELECT_MIN);
  131. tpm_buf_append(&buf, (const unsigned char *)pcr_select,
  132. sizeof(pcr_select));
  133. rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to read a pcr value");
  134. if (rc)
  135. goto out;
  136. out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE];
  137. digest_size = be16_to_cpu(out->digest_size);
  138. if (digest_size > sizeof(digest->digest) ||
  139. (!digest_size_ptr && digest_size != expected_digest_size)) {
  140. rc = -EINVAL;
  141. goto out;
  142. }
  143. if (digest_size_ptr)
  144. *digest_size_ptr = digest_size;
  145. memcpy(digest->digest, out->digest, digest_size);
  146. out:
  147. tpm_buf_destroy(&buf);
  148. return rc;
  149. }
  150. /**
  151. * tpm2_pcr_extend() - extend a PCR value
  152. *
  153. * @chip: TPM chip to use.
  154. * @pcr_idx: index of the PCR.
  155. * @digests: list of pcr banks and corresponding digest values to extend.
  156. *
  157. * Return: Same as with tpm_transmit_cmd.
  158. */
  159. int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx,
  160. struct tpm_digest *digests)
  161. {
  162. struct tpm_buf buf;
  163. int rc;
  164. int i;
  165. if (!disable_pcr_integrity) {
  166. rc = tpm2_start_auth_session(chip);
  167. if (rc)
  168. return rc;
  169. }
  170. rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND);
  171. if (rc) {
  172. if (!disable_pcr_integrity)
  173. tpm2_end_auth_session(chip);
  174. return rc;
  175. }
  176. if (!disable_pcr_integrity) {
  177. rc = tpm_buf_append_name(chip, &buf, pcr_idx, NULL);
  178. if (rc) {
  179. tpm_buf_destroy(&buf);
  180. return rc;
  181. }
  182. tpm_buf_append_hmac_session(chip, &buf, 0, NULL, 0);
  183. } else {
  184. tpm_buf_append_handle(chip, &buf, pcr_idx);
  185. tpm_buf_append_auth(chip, &buf, NULL, 0);
  186. }
  187. tpm_buf_append_u32(&buf, chip->nr_allocated_banks);
  188. for (i = 0; i < chip->nr_allocated_banks; i++) {
  189. tpm_buf_append_u16(&buf, digests[i].alg_id);
  190. tpm_buf_append(&buf, (const unsigned char *)&digests[i].digest,
  191. chip->allocated_banks[i].digest_size);
  192. }
  193. if (!disable_pcr_integrity) {
  194. rc = tpm_buf_fill_hmac_session(chip, &buf);
  195. if (rc) {
  196. tpm_buf_destroy(&buf);
  197. return rc;
  198. }
  199. }
  200. rc = tpm_transmit_cmd(chip, &buf, 0, "attempting extend a PCR value");
  201. if (!disable_pcr_integrity)
  202. rc = tpm_buf_check_hmac_response(chip, &buf, rc);
  203. tpm_buf_destroy(&buf);
  204. return rc;
  205. }
  206. struct tpm2_get_random_out {
  207. __be16 size;
  208. u8 buffer[TPM_MAX_RNG_DATA];
  209. } __packed;
  210. /**
  211. * tpm2_get_random() - get random bytes from the TPM RNG
  212. *
  213. * @chip: a &tpm_chip instance
  214. * @dest: destination buffer
  215. * @max: the max number of random bytes to pull
  216. *
  217. * Return:
  218. * size of the buffer on success,
  219. * -errno otherwise (positive TPM return codes are masked to -EIO)
  220. */
  221. int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max)
  222. {
  223. struct tpm2_get_random_out *out;
  224. struct tpm_header *head;
  225. struct tpm_buf buf;
  226. u32 recd;
  227. u32 num_bytes = max;
  228. int err;
  229. int total = 0;
  230. int retries = 5;
  231. u8 *dest_ptr = dest;
  232. off_t offset;
  233. if (!num_bytes || max > TPM_MAX_RNG_DATA)
  234. return -EINVAL;
  235. err = tpm2_start_auth_session(chip);
  236. if (err)
  237. return err;
  238. err = tpm_buf_init(&buf, 0, 0);
  239. if (err) {
  240. tpm2_end_auth_session(chip);
  241. return err;
  242. }
  243. do {
  244. tpm_buf_reset(&buf, TPM2_ST_SESSIONS, TPM2_CC_GET_RANDOM);
  245. if (tpm2_chip_auth(chip)) {
  246. tpm_buf_append_hmac_session(chip, &buf,
  247. TPM2_SA_ENCRYPT |
  248. TPM2_SA_CONTINUE_SESSION,
  249. NULL, 0);
  250. } else {
  251. offset = buf.handles * 4 + TPM_HEADER_SIZE;
  252. head = (struct tpm_header *)buf.data;
  253. if (tpm_buf_length(&buf) == offset)
  254. head->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS);
  255. }
  256. tpm_buf_append_u16(&buf, num_bytes);
  257. err = tpm_buf_fill_hmac_session(chip, &buf);
  258. if (err) {
  259. tpm_buf_destroy(&buf);
  260. return err;
  261. }
  262. err = tpm_transmit_cmd(chip, &buf,
  263. offsetof(struct tpm2_get_random_out,
  264. buffer),
  265. "attempting get random");
  266. err = tpm_buf_check_hmac_response(chip, &buf, err);
  267. if (err) {
  268. if (err > 0)
  269. err = -EIO;
  270. goto out;
  271. }
  272. head = (struct tpm_header *)buf.data;
  273. offset = TPM_HEADER_SIZE;
  274. /* Skip the parameter size field: */
  275. if (be16_to_cpu(head->tag) == TPM2_ST_SESSIONS)
  276. offset += 4;
  277. out = (struct tpm2_get_random_out *)&buf.data[offset];
  278. recd = min_t(u32, be16_to_cpu(out->size), num_bytes);
  279. if (tpm_buf_length(&buf) <
  280. TPM_HEADER_SIZE +
  281. offsetof(struct tpm2_get_random_out, buffer) +
  282. recd) {
  283. err = -EFAULT;
  284. goto out;
  285. }
  286. memcpy(dest_ptr, out->buffer, recd);
  287. dest_ptr += recd;
  288. total += recd;
  289. num_bytes -= recd;
  290. } while (retries-- && total < max);
  291. tpm_buf_destroy(&buf);
  292. return total ? total : -EIO;
  293. out:
  294. tpm_buf_destroy(&buf);
  295. tpm2_end_auth_session(chip);
  296. return err;
  297. }
  298. /**
  299. * tpm2_flush_context() - execute a TPM2_FlushContext command
  300. * @chip: TPM chip to use
  301. * @handle: context handle
  302. */
  303. void tpm2_flush_context(struct tpm_chip *chip, u32 handle)
  304. {
  305. struct tpm_buf buf;
  306. int rc;
  307. rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_FLUSH_CONTEXT);
  308. if (rc) {
  309. dev_warn(&chip->dev, "0x%08x was not flushed, out of memory\n",
  310. handle);
  311. return;
  312. }
  313. tpm_buf_append_u32(&buf, handle);
  314. tpm_transmit_cmd(chip, &buf, 0, "flushing context");
  315. tpm_buf_destroy(&buf);
  316. }
  317. EXPORT_SYMBOL_GPL(tpm2_flush_context);
  318. struct tpm2_get_cap_out {
  319. u8 more_data;
  320. __be32 subcap_id;
  321. __be32 property_cnt;
  322. __be32 property_id;
  323. __be32 value;
  324. } __packed;
  325. /**
  326. * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property
  327. * @chip: a &tpm_chip instance
  328. * @property_id: property ID.
  329. * @value: output variable.
  330. * @desc: passed to tpm_transmit_cmd()
  331. *
  332. * Return:
  333. * 0 on success,
  334. * -errno or a TPM return code otherwise
  335. */
  336. ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, u32 *value,
  337. const char *desc)
  338. {
  339. struct tpm2_get_cap_out *out;
  340. struct tpm_buf buf;
  341. int rc;
  342. rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
  343. if (rc)
  344. return rc;
  345. tpm_buf_append_u32(&buf, TPM2_CAP_TPM_PROPERTIES);
  346. tpm_buf_append_u32(&buf, property_id);
  347. tpm_buf_append_u32(&buf, 1);
  348. rc = tpm_transmit_cmd(chip, &buf, 0, NULL);
  349. if (!rc) {
  350. out = (struct tpm2_get_cap_out *)
  351. &buf.data[TPM_HEADER_SIZE];
  352. /*
  353. * To prevent failing boot up of some systems, Infineon TPM2.0
  354. * returns SUCCESS on TPM2_Startup in field upgrade mode. Also
  355. * the TPM2_Getcapability command returns a zero length list
  356. * in field upgrade mode.
  357. */
  358. if (be32_to_cpu(out->property_cnt) > 0)
  359. *value = be32_to_cpu(out->value);
  360. else
  361. rc = -ENODATA;
  362. }
  363. tpm_buf_destroy(&buf);
  364. return rc;
  365. }
  366. EXPORT_SYMBOL_GPL(tpm2_get_tpm_pt);
  367. /**
  368. * tpm2_shutdown() - send a TPM shutdown command
  369. *
  370. * Sends a TPM shutdown command. The shutdown command is used in call
  371. * sites where the system is going down. If it fails, there is not much
  372. * that can be done except print an error message.
  373. *
  374. * @chip: a &tpm_chip instance
  375. * @shutdown_type: TPM_SU_CLEAR or TPM_SU_STATE.
  376. */
  377. void tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type)
  378. {
  379. struct tpm_buf buf;
  380. int rc;
  381. rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_SHUTDOWN);
  382. if (rc)
  383. return;
  384. tpm_buf_append_u16(&buf, shutdown_type);
  385. tpm_transmit_cmd(chip, &buf, 0, "stopping the TPM");
  386. tpm_buf_destroy(&buf);
  387. }
  388. /**
  389. * tpm2_do_selftest() - ensure that all self tests have passed
  390. *
  391. * @chip: TPM chip to use
  392. *
  393. * Return: Same as with tpm_transmit_cmd.
  394. *
  395. * The TPM can either run all self tests synchronously and then return
  396. * RC_SUCCESS once all tests were successful. Or it can choose to run the tests
  397. * asynchronously and return RC_TESTING immediately while the self tests still
  398. * execute in the background. This function handles both cases and waits until
  399. * all tests have completed.
  400. */
  401. static int tpm2_do_selftest(struct tpm_chip *chip)
  402. {
  403. struct tpm_buf buf;
  404. int full;
  405. int rc;
  406. for (full = 0; full < 2; full++) {
  407. rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_SELF_TEST);
  408. if (rc)
  409. return rc;
  410. tpm_buf_append_u8(&buf, full);
  411. rc = tpm_transmit_cmd(chip, &buf, 0,
  412. "attempting the self test");
  413. tpm_buf_destroy(&buf);
  414. if (rc == TPM2_RC_TESTING)
  415. rc = TPM2_RC_SUCCESS;
  416. if (rc == TPM2_RC_INITIALIZE || rc == TPM2_RC_SUCCESS)
  417. return rc;
  418. }
  419. return rc;
  420. }
  421. /**
  422. * tpm2_probe() - probe for the TPM 2.0 protocol
  423. * @chip: a &tpm_chip instance
  424. *
  425. * Send an idempotent TPM 2.0 command and see whether there is TPM2 chip in the
  426. * other end based on the response tag. The flag TPM_CHIP_FLAG_TPM2 is set by
  427. * this function if this is the case.
  428. *
  429. * Return:
  430. * 0 on success,
  431. * -errno otherwise
  432. */
  433. int tpm2_probe(struct tpm_chip *chip)
  434. {
  435. struct tpm_header *out;
  436. struct tpm_buf buf;
  437. int rc;
  438. rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
  439. if (rc)
  440. return rc;
  441. tpm_buf_append_u32(&buf, TPM2_CAP_TPM_PROPERTIES);
  442. tpm_buf_append_u32(&buf, TPM_PT_TOTAL_COMMANDS);
  443. tpm_buf_append_u32(&buf, 1);
  444. rc = tpm_transmit_cmd(chip, &buf, 0, NULL);
  445. /* We ignore TPM return codes on purpose. */
  446. if (rc >= 0) {
  447. out = (struct tpm_header *)buf.data;
  448. if (be16_to_cpu(out->tag) == TPM2_ST_NO_SESSIONS)
  449. chip->flags |= TPM_CHIP_FLAG_TPM2;
  450. }
  451. tpm_buf_destroy(&buf);
  452. return 0;
  453. }
  454. EXPORT_SYMBOL_GPL(tpm2_probe);
  455. static int tpm2_init_bank_info(struct tpm_chip *chip, u32 bank_index)
  456. {
  457. struct tpm_bank_info *bank = chip->allocated_banks + bank_index;
  458. struct tpm_digest digest = { .alg_id = bank->alg_id };
  459. int i;
  460. /*
  461. * Avoid unnecessary PCR read operations to reduce overhead
  462. * and obtain identifiers of the crypto subsystem.
  463. */
  464. for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) {
  465. enum hash_algo crypto_algo = tpm2_hash_map[i].crypto_id;
  466. if (bank->alg_id != tpm2_hash_map[i].tpm_id)
  467. continue;
  468. bank->digest_size = hash_digest_size[crypto_algo];
  469. bank->crypto_id = crypto_algo;
  470. return 0;
  471. }
  472. bank->crypto_id = HASH_ALGO__LAST;
  473. return tpm2_pcr_read(chip, 0, &digest, &bank->digest_size);
  474. }
  475. struct tpm2_pcr_selection {
  476. __be16 hash_alg;
  477. u8 size_of_select;
  478. u8 pcr_select[3];
  479. } __packed;
  480. ssize_t tpm2_get_pcr_allocation(struct tpm_chip *chip)
  481. {
  482. struct tpm2_pcr_selection pcr_selection;
  483. struct tpm_buf buf;
  484. void *marker;
  485. void *end;
  486. void *pcr_select_offset;
  487. u32 sizeof_pcr_selection;
  488. u32 nr_possible_banks;
  489. u32 nr_alloc_banks = 0;
  490. u16 hash_alg;
  491. u32 rsp_len;
  492. int rc;
  493. int i = 0;
  494. rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
  495. if (rc)
  496. return rc;
  497. tpm_buf_append_u32(&buf, TPM2_CAP_PCRS);
  498. tpm_buf_append_u32(&buf, 0);
  499. tpm_buf_append_u32(&buf, 1);
  500. rc = tpm_transmit_cmd(chip, &buf, 9, "get tpm pcr allocation");
  501. if (rc)
  502. goto out;
  503. nr_possible_banks = be32_to_cpup(
  504. (__be32 *)&buf.data[TPM_HEADER_SIZE + 5]);
  505. if (nr_possible_banks > TPM2_MAX_PCR_BANKS) {
  506. pr_err("tpm: out of bank capacity: %u > %u\n",
  507. nr_possible_banks, TPM2_MAX_PCR_BANKS);
  508. rc = -ENOMEM;
  509. goto out;
  510. }
  511. marker = &buf.data[TPM_HEADER_SIZE + 9];
  512. rsp_len = be32_to_cpup((__be32 *)&buf.data[2]);
  513. end = &buf.data[rsp_len];
  514. for (i = 0; i < nr_possible_banks; i++) {
  515. pcr_select_offset = marker +
  516. offsetof(struct tpm2_pcr_selection, size_of_select);
  517. if (pcr_select_offset >= end) {
  518. rc = -EFAULT;
  519. break;
  520. }
  521. memcpy(&pcr_selection, marker, sizeof(pcr_selection));
  522. hash_alg = be16_to_cpu(pcr_selection.hash_alg);
  523. pcr_select_offset = memchr_inv(pcr_selection.pcr_select, 0,
  524. pcr_selection.size_of_select);
  525. if (pcr_select_offset) {
  526. chip->allocated_banks[nr_alloc_banks].alg_id = hash_alg;
  527. rc = tpm2_init_bank_info(chip, nr_alloc_banks);
  528. if (rc < 0)
  529. break;
  530. nr_alloc_banks++;
  531. }
  532. sizeof_pcr_selection = sizeof(pcr_selection.hash_alg) +
  533. sizeof(pcr_selection.size_of_select) +
  534. pcr_selection.size_of_select;
  535. marker = marker + sizeof_pcr_selection;
  536. }
  537. chip->nr_allocated_banks = nr_alloc_banks;
  538. out:
  539. tpm_buf_destroy(&buf);
  540. return rc;
  541. }
  542. int tpm2_get_cc_attrs_tbl(struct tpm_chip *chip)
  543. {
  544. struct tpm_buf buf;
  545. u32 nr_commands;
  546. __be32 *attrs;
  547. u32 cc;
  548. int i;
  549. int rc;
  550. rc = tpm2_get_tpm_pt(chip, TPM_PT_TOTAL_COMMANDS, &nr_commands, NULL);
  551. if (rc)
  552. goto out;
  553. if (nr_commands > 0xFFFFF) {
  554. rc = -EFAULT;
  555. goto out;
  556. }
  557. chip->cc_attrs_tbl = devm_kcalloc(&chip->dev, 4, nr_commands,
  558. GFP_KERNEL);
  559. if (!chip->cc_attrs_tbl) {
  560. rc = -ENOMEM;
  561. goto out;
  562. }
  563. rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
  564. if (rc)
  565. goto out;
  566. tpm_buf_append_u32(&buf, TPM2_CAP_COMMANDS);
  567. tpm_buf_append_u32(&buf, TPM2_CC_FIRST);
  568. tpm_buf_append_u32(&buf, nr_commands);
  569. rc = tpm_transmit_cmd(chip, &buf, 9 + 4 * nr_commands, NULL);
  570. if (rc) {
  571. tpm_buf_destroy(&buf);
  572. goto out;
  573. }
  574. if (nr_commands !=
  575. be32_to_cpup((__be32 *)&buf.data[TPM_HEADER_SIZE + 5])) {
  576. rc = -EFAULT;
  577. tpm_buf_destroy(&buf);
  578. goto out;
  579. }
  580. chip->nr_commands = nr_commands;
  581. attrs = (__be32 *)&buf.data[TPM_HEADER_SIZE + 9];
  582. for (i = 0; i < nr_commands; i++, attrs++) {
  583. chip->cc_attrs_tbl[i] = be32_to_cpup(attrs);
  584. cc = chip->cc_attrs_tbl[i] & 0xFFFF;
  585. if (cc == TPM2_CC_CONTEXT_SAVE || cc == TPM2_CC_FLUSH_CONTEXT) {
  586. chip->cc_attrs_tbl[i] &=
  587. ~(GENMASK(2, 0) << TPM2_CC_ATTR_CHANDLES);
  588. chip->cc_attrs_tbl[i] |= 1 << TPM2_CC_ATTR_CHANDLES;
  589. }
  590. }
  591. tpm_buf_destroy(&buf);
  592. out:
  593. if (rc > 0)
  594. rc = -ENODEV;
  595. return rc;
  596. }
  597. EXPORT_SYMBOL_GPL(tpm2_get_cc_attrs_tbl);
  598. /**
  599. * tpm2_startup - turn on the TPM
  600. * @chip: TPM chip to use
  601. *
  602. * Normally the firmware should start the TPM. This function is provided as a
  603. * workaround if this does not happen. A legal case for this could be for
  604. * example when a TPM emulator is used.
  605. *
  606. * Return: same as tpm_transmit_cmd()
  607. */
  608. static int tpm2_startup(struct tpm_chip *chip)
  609. {
  610. struct tpm_buf buf;
  611. int rc;
  612. dev_info(&chip->dev, "starting up the TPM manually\n");
  613. rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_STARTUP);
  614. if (rc < 0)
  615. return rc;
  616. tpm_buf_append_u16(&buf, TPM2_SU_CLEAR);
  617. rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to start the TPM");
  618. tpm_buf_destroy(&buf);
  619. return rc;
  620. }
  621. /**
  622. * tpm2_auto_startup - Perform the standard automatic TPM initialization
  623. * sequence
  624. * @chip: TPM chip to use
  625. *
  626. * Returns 0 on success, < 0 in case of fatal error.
  627. */
  628. int tpm2_auto_startup(struct tpm_chip *chip)
  629. {
  630. int rc;
  631. rc = tpm2_get_timeouts(chip);
  632. if (rc)
  633. goto out;
  634. rc = tpm2_do_selftest(chip);
  635. if (rc && rc != TPM2_RC_INITIALIZE)
  636. goto out;
  637. if (rc == TPM2_RC_INITIALIZE) {
  638. rc = tpm2_startup(chip);
  639. if (rc)
  640. goto out;
  641. rc = tpm2_do_selftest(chip);
  642. if (rc)
  643. goto out;
  644. }
  645. rc = tpm2_get_cc_attrs_tbl(chip);
  646. if (rc == TPM2_RC_FAILURE || (rc < 0 && rc != -ENOMEM)) {
  647. dev_info(&chip->dev,
  648. "TPM in field failure mode, requires firmware upgrade\n");
  649. chip->flags |= TPM_CHIP_FLAG_FIRMWARE_UPGRADE;
  650. rc = 0;
  651. }
  652. if (rc)
  653. goto out;
  654. rc = tpm2_sessions_init(chip);
  655. out:
  656. /*
  657. * Infineon TPM in field upgrade mode will return no data for the number
  658. * of supported commands.
  659. */
  660. if (rc == TPM2_RC_UPGRADE || rc == -ENODATA) {
  661. dev_info(&chip->dev, "TPM in field upgrade mode, requires firmware upgrade\n");
  662. chip->flags |= TPM_CHIP_FLAG_FIRMWARE_UPGRADE;
  663. rc = 0;
  664. }
  665. if (rc > 0)
  666. rc = -ENODEV;
  667. return rc;
  668. }
  669. int tpm2_find_cc(struct tpm_chip *chip, u32 cc)
  670. {
  671. u32 cc_mask;
  672. int i;
  673. cc_mask = 1 << TPM2_CC_ATTR_VENDOR | GENMASK(15, 0);
  674. for (i = 0; i < chip->nr_commands; i++)
  675. if (cc == (chip->cc_attrs_tbl[i] & cc_mask))
  676. return i;
  677. return -1;
  678. }