1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 */
26
27 /*
28 * TPM 1.2 Driver for the TPMs that follow TIS v1.2
29 */
30
31 #include <sys/devops.h> /* used by dev_ops */
32 #include <sys/conf.h> /* used by dev_ops,cb_ops */
33 #include <sys/modctl.h> /* for _init,_info,_fini,mod_* */
34 #include <sys/ddi.h> /* used by all entry points */
35 #include <sys/sunddi.h> /* used by all entry points */
36 #include <sys/cmn_err.h> /* used for debug outputs */
37 #include <sys/types.h> /* used by prop_op, ddi_prop_op */
38
39 #include <sys/file.h> /* used by open, close */
40 #include <sys/errno.h> /* used by open,close,read,write */
41 #include <sys/open.h> /* used by open,close,read,write */
42 #include <sys/cred.h> /* used by open,close,read */
43 #include <sys/uio.h> /* used by read */
44 #include <sys/stat.h> /* defines S_IFCHR */
45
46 #include <sys/byteorder.h> /* for ntohs, ntohl, htons, htonl */
47
48 #ifdef sun4v
49 #include <sys/hypervisor_api.h>
50 #include <sys/hsvc.h>
51 #endif
52
53 #include <tss/platform.h> /* from SUNWtss */
54 #include <tss/tpm.h> /* from SUNWtss */
55
56 #include "tpm_tis.h"
57 #include "tpm_ddi.h"
58 #include "tpm_duration.h"
59
60 #define TPM_HEADER_SIZE 10
61 typedef enum {
62 TPM_TAG_OFFSET = 0,
63 TPM_PARAMSIZE_OFFSET = 2,
64 TPM_RETURN_OFFSET = 6,
65 TPM_COMMAND_CODE_OFFSET = 6,
66 } TPM_HEADER_OFFSET_T;
67
68 /*
69 * This is to address some TPMs that does not report the correct duration
70 * and timeouts. In our experience with the production TPMs, we encountered
71 * time errors such as GetCapability command from TPM reporting the timeout
72 * and durations in milliseconds rather than microseconds. Some other TPMs
73 * report the value 0's
74 *
75 * Short Duration is based on section 11.3.4 of TIS speciciation, that
76 * TPM_GetCapability (short duration) commands should not be longer than 750ms
77 * and that section 11.3.7 states that TPM_ContinueSelfTest (medium duration)
78 * should not be longer than 1 second.
79 */
80 #define DEFAULT_SHORT_DURATION 750000
81 #define DEFAULT_MEDIUM_DURATION 1000000
82 #define DEFAULT_LONG_DURATION 300000000
83 #define DEFAULT_TIMEOUT_A 750000
84 #define DEFAULT_TIMEOUT_B 2000000
85 #define DEFAULT_TIMEOUT_C 750000
86 #define DEFAULT_TIMEOUT_D 750000
87
88 /*
89 * In order to test the 'millisecond bug', we test if DURATIONS and TIMEOUTS
90 * are unreasonably low...such as 10 milliseconds (TPM isn't that fast).
91 * and 400 milliseconds for long duration
92 */
93 #define TEN_MILLISECONDS 10000 /* 10 milliseconds */
94 #define FOUR_HUNDRED_MILLISECONDS 400000 /* 4 hundred milliseconds */
95
96 #define DEFAULT_LOCALITY 0
97 /*
98 * TPM input/output buffer offsets
99 */
100
101 typedef enum {
102 TPM_CAP_RESPSIZE_OFFSET = 10,
103 TPM_CAP_RESP_OFFSET = 14,
104 } TPM_CAP_RET_OFFSET_T;
105
106 typedef enum {
107 TPM_CAP_TIMEOUT_A_OFFSET = 14,
108 TPM_CAP_TIMEOUT_B_OFFSET = 18,
109 TPM_CAP_TIMEOUT_C_OFFSET = 22,
110 TPM_CAP_TIMEOUT_D_OFFSET = 26,
111 } TPM_CAP_TIMEOUT_OFFSET_T;
112
113 typedef enum {
114 TPM_CAP_DUR_SHORT_OFFSET = 14,
115 TPM_CAP_DUR_MEDIUM_OFFSET = 18,
116 TPM_CAP_DUR_LONG_OFFSET = 22,
117 } TPM_CAP_DURATION_OFFSET_T;
118
119 #define TPM_CAP_VERSION_INFO_OFFSET 14
120 #define TPM_CAP_VERSION_INFO_SIZE 15
121
122 /*
123 * Internal TPM command functions
124 */
125 static int itpm_command(tpm_state_t *tpm, uint8_t *buf, size_t bufsiz);
126 static int tpm_get_timeouts(tpm_state_t *tpm);
127 static int tpm_get_duration(tpm_state_t *tpm);
128 static int tpm_get_version(tpm_state_t *tpm);
129 static int tpm_continue_selftest(tpm_state_t *tpm);
130
131 /*
132 * Internal TIS related functions
133 */
134 static int tpm_wait_for_stat(tpm_state_t *, uint8_t, clock_t);
135 static clock_t tpm_get_ordinal_duration(tpm_state_t *, uint8_t);
136 static int tis_check_active_locality(tpm_state_t *, char);
137 static int tis_request_locality(tpm_state_t *, char);
138 static void tis_release_locality(tpm_state_t *, char, int);
139 static int tis_init(tpm_state_t *);
140 static uint8_t tis_get_status(tpm_state_t *);
141 static int tis_send_data(tpm_state_t *, uint8_t *, size_t);
142 static int tis_recv_data(tpm_state_t *, uint8_t *, size_t);
143
144 /* Auxilliary */
145 static int receive_data(tpm_state_t *, uint8_t *, size_t);
146 static inline int tpm_io_lock(tpm_state_t *);
147 static inline void tpm_unlock(tpm_state_t *);
148 static void tpm_cleanup(dev_info_t *, tpm_state_t *);
149
150 /*
151 * Sun DDI/DDK entry points
152 */
153
154 /* Declaration of autoconfig functions */
155 static int tpm_attach(dev_info_t *, ddi_attach_cmd_t);
156 static int tpm_detach(dev_info_t *, ddi_detach_cmd_t);
157 static int tpm_getinfo(dev_info_t *, ddi_info_cmd_t, void *, void **);
158 static int tpm_quiesce(dev_info_t *);
159 /* End of autoconfig functions */
160
161 /* Declaration of driver entry point functions */
162 static int tpm_open(dev_t *, int, int, cred_t *);
163 static int tpm_close(dev_t, int, int, cred_t *);
164 static int tpm_read(dev_t, struct uio *, cred_t *);
165 static int tpm_write(dev_t, struct uio *, cred_t *);
166 /* End of driver entry point functions */
167
168 /* cb_ops structure */
169 static struct cb_ops tpm_cb_ops = {
170 tpm_open,
171 tpm_close,
172 nodev, /* no strategy - nodev returns ENXIO */
173 nodev, /* no print */
174 nodev, /* no dump */
175 tpm_read,
176 tpm_write,
177 nodev, /* no ioctl */
178 nodev, /* no devmap */
179 nodev, /* no mmap */
180 nodev, /* no segmap */
181 nochpoll, /* returns ENXIO for non-pollable devices */
182 ddi_prop_op,
183 NULL, /* streamtab struc */
184 D_MP, /* compatibility flags */
185 CB_REV, /* cb_ops revision number */
186 nodev, /* no aread */
187 nodev /* no awrite */
188 };
189
190 /* dev_ops structure */
191 static struct dev_ops tpm_dev_ops = {
192 DEVO_REV,
193 0, /* reference count */
194 tpm_getinfo,
195 nulldev, /* no identify - nulldev returns 0 */
196 nulldev,
197 tpm_attach,
198 tpm_detach,
199 nodev, /* no reset - nodev returns ENXIO */
200 &tpm_cb_ops,
201 (struct bus_ops *)NULL,
202 nodev, /* no power */
203 tpm_quiesce
204 };
205
206 /* modldrv structure */
207 static struct modldrv modldrv = {
208 &mod_driverops, /* Type: This is a driver */
209 "TPM 1.2 driver", /* Name of the module. */
210 &tpm_dev_ops
211 };
212
213 /* modlinkage structure */
214 static struct modlinkage tpm_ml = {
215 MODREV_1,
216 &modldrv,
217 NULL
218 };
219
220
221 #ifdef KCF_TPM_RNG_PROVIDER
222
223 #define IDENT_TPMRNG "TPM Random Number Generator"
224
225 #include <sys/crypto/common.h>
226 #include <sys/crypto/impl.h>
227 #include <sys/crypto/spi.h>
228 /*
229 * CSPI information (entry points, provider info, etc.)
230 */
231 static void tpmrng_provider_status(crypto_provider_handle_t, uint_t *);
232
233 static crypto_control_ops_t tpmrng_control_ops = {
234 tpmrng_provider_status
235 };
236
237 static int tpmrng_seed_random(crypto_provider_handle_t, crypto_session_id_t,
238 uchar_t *, size_t, uint_t, uint32_t, crypto_req_handle_t);
239
240 static int tpmrng_generate_random(crypto_provider_handle_t,
241 crypto_session_id_t, uchar_t *, size_t, crypto_req_handle_t);
242
243 static crypto_random_number_ops_t tpmrng_random_number_ops = {
244 tpmrng_seed_random,
245 tpmrng_generate_random
246 };
247
248 static int tpmrng_ext_info(crypto_provider_handle_t,
249 crypto_provider_ext_info_t *,
250 crypto_req_handle_t);
251
252 static crypto_provider_management_ops_t tpmrng_extinfo_op = {
253 tpmrng_ext_info,
254 NULL,
255 NULL,
256 NULL
257 };
258
259 static int tpmrng_register(tpm_state_t *);
260 static int tpmrng_unregister(tpm_state_t *);
261
262 static crypto_ops_t tpmrng_crypto_ops = {
263 &tpmrng_control_ops,
264 NULL,
265 NULL,
266 NULL,
267 NULL,
268 NULL,
269 NULL,
270 NULL,
271 &tpmrng_random_number_ops,
272 NULL,
273 NULL,
274 NULL,
275 &tpmrng_extinfo_op,
276 NULL,
277 NULL
278 };
279
280 static crypto_provider_info_t tpmrng_prov_info = {
281 CRYPTO_SPI_VERSION_2,
282 "TPM Random Number Provider",
283 CRYPTO_HW_PROVIDER,
284 NULL,
285 NULL,
286 &tpmrng_crypto_ops,
287 0,
288 NULL,
289 0,
290 NULL
291 };
292 #endif /* KCF_TPM_RNG_PROVIDER */
293
294 static void *statep = NULL;
295
296 /*
297 * Inline code to get exclusive lock on the TPM device and to make sure
298 * the device is not suspended. This grabs the primary TPM mutex (pm_mutex)
299 * and then checks the suspend status. If suspended, it will wait until
300 * the device is "resumed" before releasing the pm_mutex and continuing.
301 */
302 #define TPM_EXCLUSIVE_LOCK(tpm) { \
303 mutex_enter(&tpm->pm_mutex); \
304 while (tpm->suspended) \
305 cv_wait(&tpm->suspend_cv, &tpm->pm_mutex); \
306 mutex_exit(&tpm->pm_mutex); }
307
308 /*
309 * TPM accessor functions
310 */
311 #ifdef sun4v
312
313 extern uint64_t
314 hcall_tpm_get(uint64_t, uint64_t, uint64_t, uint64_t *);
315
316 extern uint64_t
317 hcall_tpm_put(uint64_t, uint64_t, uint64_t, uint64_t);
318
319 static inline uint8_t
tpm_get8(tpm_state_t * tpm,unsigned long offset)320 tpm_get8(tpm_state_t *tpm, unsigned long offset)
321 {
322 uint64_t value;
323
324 ASSERT(tpm != NULL);
325 (void) hcall_tpm_get(tpm->locality, offset, sizeof (uint8_t), &value);
326 return ((uint8_t)value);
327 }
328
329 static inline uint32_t
tpm_get32(tpm_state_t * tpm,unsigned long offset)330 tpm_get32(tpm_state_t *tpm, unsigned long offset)
331 {
332 uint64_t value;
333
334 ASSERT(tpm != NULL);
335 (void) hcall_tpm_get(tpm->locality, offset, sizeof (uint32_t), &value);
336 return ((uint32_t)value);
337 }
338
339 static inline void
tpm_put8(tpm_state_t * tpm,unsigned long offset,uint8_t value)340 tpm_put8(tpm_state_t *tpm, unsigned long offset, uint8_t value)
341 {
342 ASSERT(tpm != NULL);
343 (void) hcall_tpm_put(tpm->locality, offset, sizeof (uint8_t), value);
344 }
345
346 #else
347
348 static inline uint8_t
tpm_get8(tpm_state_t * tpm,unsigned long offset)349 tpm_get8(tpm_state_t *tpm, unsigned long offset)
350 {
351 ASSERT(tpm != NULL);
352
353 return (ddi_get8(tpm->handle,
354 (uint8_t *)(TPM_LOCALITY_OFFSET(tpm->locality) |
355 (uintptr_t)tpm->addr + offset)));
356 }
357
358 static inline uint32_t
tpm_get32(tpm_state_t * tpm,unsigned long offset)359 tpm_get32(tpm_state_t *tpm, unsigned long offset)
360 {
361 ASSERT(tpm != NULL);
362 return (ddi_get32(tpm->handle,
363 (uint32_t *)(TPM_LOCALITY_OFFSET(tpm->locality) |
364 (uintptr_t)tpm->addr + offset)));
365 }
366
367 static inline void
tpm_put8(tpm_state_t * tpm,unsigned long offset,uint8_t value)368 tpm_put8(tpm_state_t *tpm, unsigned long offset, uint8_t value)
369 {
370 ASSERT(tpm != NULL);
371 ddi_put8(tpm->handle,
372 (uint8_t *)(TPM_LOCALITY_OFFSET(tpm->locality) |
373 (uintptr_t)tpm->addr + offset), value);
374 }
375
376 #endif /* sun4v */
377
378 /*
379 * TPM commands to get the TPM's properties, e.g.,timeout
380 */
381 /*ARGSUSED*/
382 static int
tpm_quiesce(dev_info_t * dip)383 tpm_quiesce(dev_info_t *dip)
384 {
385 return (DDI_SUCCESS);
386 }
387
388 static uint32_t
load32(uchar_t * ptr,uint32_t offset)389 load32(uchar_t *ptr, uint32_t offset)
390 {
391 uint32_t val;
392 bcopy(ptr + offset, &val, sizeof (uint32_t));
393
394 return (ntohl(val));
395 }
396
397 /*
398 * Get the actual timeouts supported by the TPM by issuing TPM_GetCapability
399 * with the subcommand TPM_CAP_PROP_TIS_TIMEOUT
400 * TPM_GetCapability (TPM Main Part 3 Rev. 94, pg.38)
401 */
402 static int
tpm_get_timeouts(tpm_state_t * tpm)403 tpm_get_timeouts(tpm_state_t *tpm)
404 {
405 int ret;
406 uint32_t timeout; /* in milliseconds */
407 uint32_t len;
408
409 /* The buffer size (30) needs room for 4 timeout values (uint32_t) */
410 uint8_t buf[30] = {
411 0, 193, /* TPM_TAG_RQU_COMMAND */
412 0, 0, 0, 22, /* paramsize in bytes */
413 0, 0, 0, 101, /* TPM_ORD_GetCapability */
414 0, 0, 0, 5, /* TPM_CAP_Prop */
415 0, 0, 0, 4, /* SUB_CAP size in bytes */
416 0, 0, 1, 21 /* TPM_CAP_PROP_TIS_TIMEOUT(0x115) */
417 };
418 char *myname = "tpm_get_timeout";
419
420 ASSERT(tpm != NULL);
421
422 ret = itpm_command(tpm, buf, sizeof (buf));
423 if (ret != DDI_SUCCESS) {
424 #ifdef DEBUG
425 cmn_err(CE_WARN, "!%s: itpm_command failed", myname);
426 #endif
427 return (DDI_FAILURE);
428 }
429
430 /*
431 * Get the length of the returned buffer
432 * Make sure that there are 4 timeout values returned
433 * length of the capability response is stored in data[10-13]
434 * Also the TPM is in network byte order
435 */
436 len = load32(buf, TPM_CAP_RESPSIZE_OFFSET);
437 if (len != 4 * sizeof (uint32_t)) {
438 #ifdef DEBUG
439 cmn_err(CE_WARN, "!%s: capability response size should be %d"
440 "instead len = %d",
441 myname, (int)(4 * sizeof (uint32_t)), (int)len);
442 #endif
443 return (DDI_FAILURE);
444 }
445
446 /* Get the four timeout's: a,b,c,d (they are 4 bytes long each) */
447 timeout = load32(buf, TPM_CAP_TIMEOUT_A_OFFSET);
448 if (timeout == 0) {
449 timeout = DEFAULT_TIMEOUT_A;
450 } else if (timeout < TEN_MILLISECONDS) {
451 /* timeout is in millisecond range (should be microseconds) */
452 timeout *= 1000;
453 }
454 tpm->timeout_a = drv_usectohz(timeout);
455
456 timeout = load32(buf, TPM_CAP_TIMEOUT_B_OFFSET);
457 if (timeout == 0) {
458 timeout = DEFAULT_TIMEOUT_B;
459 } else if (timeout < TEN_MILLISECONDS) {
460 /* timeout is in millisecond range (should be microseconds) */
461 timeout *= 1000;
462 }
463 tpm->timeout_b = drv_usectohz(timeout);
464
465 timeout = load32(buf, TPM_CAP_TIMEOUT_C_OFFSET);
466 if (timeout == 0) {
467 timeout = DEFAULT_TIMEOUT_C;
468 } else if (timeout < TEN_MILLISECONDS) {
469 /* timeout is in millisecond range (should be microseconds) */
470 timeout *= 1000;
471 }
472 tpm->timeout_c = drv_usectohz(timeout);
473
474 timeout = load32(buf, TPM_CAP_TIMEOUT_D_OFFSET);
475 if (timeout == 0) {
476 timeout = DEFAULT_TIMEOUT_D;
477 } else if (timeout < TEN_MILLISECONDS) {
478 /* timeout is in millisecond range (should be microseconds) */
479 timeout *= 1000;
480 }
481 tpm->timeout_d = drv_usectohz(timeout);
482
483 return (DDI_SUCCESS);
484 }
485
486 /*
487 * Get the actual timeouts supported by the TPM by issuing TPM_GetCapability
488 * with the subcommand TPM_CAP_PROP_TIS_DURATION
489 * TPM_GetCapability (TPM Main Part 3 Rev. 94, pg.38)
490 */
491 static int
tpm_get_duration(tpm_state_t * tpm)492 tpm_get_duration(tpm_state_t *tpm) {
493 int ret;
494 uint32_t duration;
495 uint32_t len;
496 uint8_t buf[30] = {
497 0, 193, /* TPM_TAG_RQU_COMMAND */
498 0, 0, 0, 22, /* paramsize in bytes */
499 0, 0, 0, 101, /* TPM_ORD_GetCapability */
500 0, 0, 0, 5, /* TPM_CAP_Prop */
501 0, 0, 0, 4, /* SUB_CAP size in bytes */
502 0, 0, 1, 32 /* TPM_CAP_PROP_TIS_DURATION(0x120) */
503 };
504 char *myname = "tpm_get_duration";
505
506 ASSERT(tpm != NULL);
507
508 ret = itpm_command(tpm, buf, sizeof (buf));
509 if (ret != DDI_SUCCESS) {
510 #ifdef DEBUG
511 cmn_err(CE_WARN, "!%s: itpm_command failed with ret code: 0x%x",
512 myname, ret);
513 #endif
514 return (DDI_FAILURE);
515 }
516
517 /*
518 * Get the length of the returned buffer
519 * Make sure that there are 3 duration values (S,M,L: in that order)
520 * length of the capability response is stored in data[10-13]
521 * Also the TPM is in network byte order
522 */
523 len = load32(buf, TPM_CAP_RESPSIZE_OFFSET);
524 if (len != 3 * sizeof (uint32_t)) {
525 #ifdef DEBUG
526 cmn_err(CE_WARN, "!%s: capability response should be %d, "
527 "instead, it's %d",
528 myname, (int)(3 * sizeof (uint32_t)), (int)len);
529 #endif
530 return (DDI_FAILURE);
531 }
532
533 duration = load32(buf, TPM_CAP_DUR_SHORT_OFFSET);
534 if (duration == 0) {
535 duration = DEFAULT_SHORT_DURATION;
536 } else if (duration < TEN_MILLISECONDS) {
537 duration *= 1000;
538 }
539 tpm->duration[TPM_SHORT] = drv_usectohz(duration);
540
541 duration = load32(buf, TPM_CAP_DUR_MEDIUM_OFFSET);
542 if (duration == 0) {
543 duration = DEFAULT_MEDIUM_DURATION;
544 } else if (duration < TEN_MILLISECONDS) {
545 duration *= 1000;
546 }
547 tpm->duration[TPM_MEDIUM] = drv_usectohz(duration);
548
549 duration = load32(buf, TPM_CAP_DUR_LONG_OFFSET);
550 if (duration == 0) {
551 duration = DEFAULT_LONG_DURATION;
552 } else if (duration < FOUR_HUNDRED_MILLISECONDS) {
553 duration *= 1000;
554 }
555 tpm->duration[TPM_LONG] = drv_usectohz(duration);
556
557 /* Just make the undefined duration be the same as the LONG */
558 tpm->duration[TPM_UNDEFINED] = tpm->duration[TPM_LONG];
559
560 return (DDI_SUCCESS);
561 }
562
563 /*
564 * Get the actual timeouts supported by the TPM by issuing TPM_GetCapability
565 * with the subcommand TPM_CAP_PROP_TIS_DURATION
566 * TPM_GetCapability (TPM Main Part 3 Rev. 94, pg.38)
567 */
568 static int
tpm_get_version(tpm_state_t * tpm)569 tpm_get_version(tpm_state_t *tpm) {
570 int ret;
571 uint32_t len;
572 char vendorId[5];
573 /* If this buf is too small, the "vendor specific" data won't fit */
574 uint8_t buf[64] = {
575 0, 193, /* TPM_TAG_RQU_COMMAND */
576 0, 0, 0, 18, /* paramsize in bytes */
577 0, 0, 0, 101, /* TPM_ORD_GetCapability */
578 0, 0, 0, 0x1A, /* TPM_CAP_VERSION_VAL */
579 0, 0, 0, 0, /* SUB_CAP size in bytes */
580 };
581 char *myname = "tpm_get_version";
582
583 ASSERT(tpm != NULL);
584
585 ret = itpm_command(tpm, buf, sizeof (buf));
586 if (ret != DDI_SUCCESS) {
587 #ifdef DEBUG
588 cmn_err(CE_WARN, "!%s: itpm_command failed with ret code: 0x%x",
589 myname, ret);
590 #endif
591 return (DDI_FAILURE);
592 }
593
594 /*
595 * Get the length of the returned buffer.
596 */
597 len = load32(buf, TPM_CAP_RESPSIZE_OFFSET);
598 if (len < TPM_CAP_VERSION_INFO_SIZE) {
599 #ifdef DEBUG
600 cmn_err(CE_WARN, "!%s: capability response should be greater"
601 " than %d, instead, it's %d",
602 myname, TPM_CAP_VERSION_INFO_SIZE, len);
603 #endif
604 return (DDI_FAILURE);
605 }
606
607 bcopy(buf + TPM_CAP_VERSION_INFO_OFFSET, &tpm->vers_info,
608 TPM_CAP_VERSION_INFO_SIZE);
609
610 bcopy(tpm->vers_info.tpmVendorID, vendorId,
611 sizeof (tpm->vers_info.tpmVendorID));
612 vendorId[4] = '\0';
613
614 cmn_err(CE_NOTE, "!TPM found: Ver %d.%d, Rev %d.%d, "
615 "SpecLevel %d, errataRev %d, VendorId '%s'",
616 tpm->vers_info.version.major, /* Version */
617 tpm->vers_info.version.minor,
618 tpm->vers_info.version.revMajor, /* Revision */
619 tpm->vers_info.version.revMinor,
620 (int)ntohs(tpm->vers_info.specLevel),
621 tpm->vers_info.errataRev,
622 vendorId);
623
624 /*
625 * This driver only supports TPM Version 1.2
626 */
627 if (tpm->vers_info.version.major != 1 &&
628 tpm->vers_info.version.minor != 2) {
629 cmn_err(CE_WARN, "!%s: Unsupported TPM version (%d.%d)",
630 myname,
631 tpm->vers_info.version.major, /* Version */
632 tpm->vers_info.version.minor);
633 return (DDI_FAILURE);
634 }
635
636 return (DDI_SUCCESS);
637 }
638
639 /*
640 * To prevent the TPM from complaining that certain functions are not tested
641 * we run this command when the driver attaches.
642 * For details see Section 4.2 of TPM Main Part 3 Command Specification
643 */
644 static int
tpm_continue_selftest(tpm_state_t * tpm)645 tpm_continue_selftest(tpm_state_t *tpm) {
646 int ret;
647 uint8_t buf[10] = {
648 0, 193, /* TPM_TAG_RQU COMMAND */
649 0, 0, 0, 10, /* paramsize in bytes */
650 0, 0, 0, 83 /* TPM_ORD_ContinueSelfTest */
651 };
652 char *myname = "tpm_continue_selftest";
653
654 /* Need a longer timeout */
655 ret = itpm_command(tpm, buf, sizeof (buf));
656 if (ret != DDI_SUCCESS) {
657 #ifdef DEBUG
658 cmn_err(CE_WARN, "!%s: itpm_command failed", myname);
659 #endif
660 return (DDI_FAILURE);
661 }
662
663 return (DDI_SUCCESS);
664 }
665 /*
666 * Auxilary Functions
667 */
668
669 /*
670 * Find out how long we should wait for the TPM command to complete a command
671 */
672 static clock_t
tpm_get_ordinal_duration(tpm_state_t * tpm,uint8_t ordinal)673 tpm_get_ordinal_duration(tpm_state_t *tpm, uint8_t ordinal)
674 {
675 uint8_t index;
676 char *myname = "tpm_get_ordinal_duration";
677
678 ASSERT(tpm != NULL);
679
680 /* Default and failure case for IFX */
681 /* Is it a TSC_ORDINAL? */
682 if (ordinal & TSC_ORDINAL_MASK) {
683 if (ordinal > TSC_ORDINAL_MAX) {
684 #ifdef DEBUG
685 cmn_err(CE_WARN,
686 "!%s: tsc ordinal: %d exceeds MAX: %d",
687 myname, ordinal, TSC_ORDINAL_MAX);
688 #endif
689 return (0);
690 }
691 index = tsc_ords_duration[ordinal];
692 } else {
693 if (ordinal > TPM_ORDINAL_MAX) {
694 #ifdef DEBUG
695 cmn_err(CE_WARN,
696 "!%s: ordinal %d exceeds MAX: %d",
697 myname, ordinal, TPM_ORDINAL_MAX);
698 #endif
699 return (0);
700 }
701 index = tpm_ords_duration[ordinal];
702 }
703
704 if (index > TPM_DURATION_MAX_IDX) {
705 #ifdef DEBUG
706 cmn_err(CE_WARN, "!%s: duration index '%d' is out of bounds",
707 myname, index);
708 #endif
709 return (0);
710 }
711 return (tpm->duration[index]);
712 }
713
714 /*
715 * Internal TPM Transmit Function:
716 * Calls implementation specific sendto and receive
717 * The code assumes that the buffer is in network byte order
718 */
719 static int
itpm_command(tpm_state_t * tpm,uint8_t * buf,size_t bufsiz)720 itpm_command(tpm_state_t *tpm, uint8_t *buf, size_t bufsiz)
721 {
722 int ret;
723 uint32_t count;
724 char *myname = "itpm_command";
725
726 ASSERT(tpm != NULL && buf != NULL);
727
728 /* The byte order is network byte order so convert it */
729 count = load32(buf, TPM_PARAMSIZE_OFFSET);
730
731 if (count == 0 || (count > bufsiz)) {
732 #ifdef DEBUG
733 cmn_err(CE_WARN, "!%s: invalid byte count value "
734 "(%d > bufsiz %d)", myname, (int)count, (int)bufsiz);
735 #endif
736 return (DDI_FAILURE);
737 }
738
739 /* Send the command */
740 ret = tis_send_data(tpm, buf, count);
741 if (ret != DDI_SUCCESS) {
742 #ifdef DEBUG
743 cmn_err(CE_WARN, "!%s: tis_send_data failed with error %x",
744 myname, ret);
745 #endif
746 return (DDI_FAILURE);
747 }
748
749 /*
750 * Now receive the data from the tpm
751 * Should at least receive "the common" 10 bytes (TPM_HEADER_SIZE)
752 */
753 ret = tis_recv_data(tpm, buf, bufsiz);
754 if (ret < TPM_HEADER_SIZE) {
755 #ifdef DEBUG
756 cmn_err(CE_WARN, "!%s: tis_recv_data failed", myname);
757 #endif
758 return (DDI_FAILURE);
759 }
760
761 /* Check the return code */
762 ret = load32(buf, TPM_RETURN_OFFSET);
763 if (ret != TPM_SUCCESS) {
764 if (ret == TPM_E_DEACTIVATED)
765 cmn_err(CE_WARN, "!%s: TPM is deactivated", myname);
766 else if (ret == TPM_E_DISABLED)
767 cmn_err(CE_WARN, "!%s: TPM is disabled", myname);
768 else
769 cmn_err(CE_WARN, "!%s: TPM error code 0x%0x",
770 myname, ret);
771 return (DDI_FAILURE);
772 }
773
774 return (DDI_SUCCESS);
775 }
776
777 /*
778 * Whenever the driver wants to write to the DATA_IO register, it must need
779 * to figure out the burstcount. This is the amount of bytes it can write
780 * before having to wait for long LPC bus cycle
781 *
782 * Returns: 0 if error, burst count if sucess
783 */
784 static uint16_t
tpm_get_burstcount(tpm_state_t * tpm)785 tpm_get_burstcount(tpm_state_t *tpm) {
786 clock_t stop;
787 uint16_t burstcnt;
788
789 ASSERT(tpm != NULL);
790
791 /*
792 * Spec says timeout should be TIMEOUT_D
793 * burst count is TPM_STS bits 8..23
794 */
795 stop = ddi_get_lbolt() + tpm->timeout_d;
796 do {
797 /*
798 * burstcnt is stored as a little endian value
799 * 'ntohs' doesn't work since the value is not word-aligned
800 */
801 burstcnt = tpm_get8(tpm, TPM_STS + 1);
802 burstcnt += tpm_get8(tpm, TPM_STS + 2) << 8;
803
804 if (burstcnt)
805 return (burstcnt);
806
807 delay(tpm->timeout_poll);
808 } while (ddi_get_lbolt() < stop);
809
810 return (0);
811 }
812
813 /*
814 * Writing 1 to TPM_STS_CMD_READY bit in TPM_STS will do the following:
815 * 1. The TPM will clears IO buffers if any
816 * 2. The TPM will enters either Idle or Ready state within TIMEOUT_B
817 * (checked in the calling function)
818 */
819 static void
tpm_set_ready(tpm_state_t * tpm)820 tpm_set_ready(tpm_state_t *tpm) {
821 tpm_put8(tpm, TPM_STS, TPM_STS_CMD_READY);
822 }
823
824 static int
receive_data(tpm_state_t * tpm,uint8_t * buf,size_t bufsiz)825 receive_data(tpm_state_t *tpm, uint8_t *buf, size_t bufsiz) {
826 int size = 0;
827 int retried = 0;
828 uint8_t stsbits;
829
830 /* A number of consecutive bytes that can be written to TPM */
831 uint16_t burstcnt;
832
833 ASSERT(tpm != NULL && buf != NULL);
834 retry:
835 while (size < bufsiz &&
836 (tpm_wait_for_stat(tpm,
837 (TPM_STS_DATA_AVAIL|TPM_STS_VALID),
838 tpm->timeout_c) == DDI_SUCCESS)) {
839 /*
840 * Burstcount should be available within TIMEOUT_D
841 * after STS is set to valid
842 * burstcount is dynamic, so have to get it each time
843 */
844 burstcnt = tpm_get_burstcount(tpm);
845 for (; burstcnt > 0 && size < bufsiz; burstcnt--) {
846 buf[size++] = tpm_get8(tpm, TPM_DATA_FIFO);
847 }
848 }
849 stsbits = tis_get_status(tpm);
850 /* check to see if we need to retry (just once) */
851 if (size < bufsiz && !(stsbits & TPM_STS_DATA_AVAIL) && retried == 0) {
852 /* issue responseRetry (TIS 1.2 pg 54) */
853 tpm_put8(tpm, TPM_STS, TPM_STS_RESPONSE_RETRY);
854 /* update the retry counter so we only retry once */
855 retried++;
856 /* reset the size to 0 and reread the entire response */
857 size = 0;
858 goto retry;
859 }
860 return (size);
861 }
862
863 /* Receive the data from the TPM */
864 static int
tis_recv_data(tpm_state_t * tpm,uint8_t * buf,size_t bufsiz)865 tis_recv_data(tpm_state_t *tpm, uint8_t *buf, size_t bufsiz) {
866 int ret;
867 int size = 0;
868 uint32_t expected, status;
869 uint32_t cmdresult;
870 char *myname = "tis_recv_data";
871
872 ASSERT(tpm != NULL && buf != NULL);
873
874 if (bufsiz < TPM_HEADER_SIZE) {
875 /* There should be at least tag, paramsize, return code */
876 #ifdef DEBUG
877 cmn_err(CE_WARN, "!%s: received data should contain at least "
878 "the header which is %d bytes long",
879 myname, TPM_HEADER_SIZE);
880 #endif
881 goto OUT;
882 }
883
884 /* Read tag(2 bytes), paramsize(4), and result(4) */
885 size = receive_data(tpm, buf, TPM_HEADER_SIZE);
886 if (size < TPM_HEADER_SIZE) {
887 #ifdef DEBUG
888 cmn_err(CE_WARN, "!%s: recv TPM_HEADER failed, size = %d",
889 myname, size);
890 #endif
891 goto OUT;
892 }
893
894 cmdresult = load32(buf, TPM_RETURN_OFFSET);
895
896 /* Get 'paramsize'(4 bytes)--it includes tag and paramsize */
897 expected = load32(buf, TPM_PARAMSIZE_OFFSET);
898 if (expected > bufsiz) {
899 #ifdef DEBUG
900 cmn_err(CE_WARN, "!%s: paramSize is bigger "
901 "than the requested size: paramSize=%d bufsiz=%d result=%d",
902 myname, (int)expected, (int)bufsiz, cmdresult);
903 #endif
904 goto OUT;
905 }
906
907 /* Read in the rest of the data from the TPM */
908 size += receive_data(tpm, (uint8_t *)&buf[TPM_HEADER_SIZE],
909 expected - TPM_HEADER_SIZE);
910 if (size < expected) {
911 #ifdef DEBUG
912 cmn_err(CE_WARN, "!%s: received data length (%d) "
913 "is less than expected (%d)", myname, size, expected);
914 #endif
915 goto OUT;
916 }
917
918 /* The TPM MUST set the state to stsValid within TIMEOUT_C */
919 ret = tpm_wait_for_stat(tpm, TPM_STS_VALID, tpm->timeout_c);
920
921 status = tis_get_status(tpm);
922 if (ret != DDI_SUCCESS) {
923 #ifdef DEBUG
924 cmn_err(CE_WARN, "!%s: TPM didn't set stsValid after its I/O: "
925 "status = 0x%08X", myname, status);
926 #endif
927 goto OUT;
928 }
929
930 /* There is still more data? */
931 if (status & TPM_STS_DATA_AVAIL) {
932 #ifdef DEBUG
933 cmn_err(CE_WARN, "!%s: TPM_STS_DATA_AVAIL is set:0x%08X",
934 myname, status);
935 #endif
936 goto OUT;
937 }
938
939 /*
940 * Release the control of the TPM after we are done with it
941 * it...so others can also get a chance to send data
942 */
943 tis_release_locality(tpm, tpm->locality, 0);
944
945 OUT:
946 tpm_set_ready(tpm);
947 tis_release_locality(tpm, tpm->locality, 0);
948 return (size);
949 }
950
951 /*
952 * Send the data (TPM commands) to the Data IO register
953 */
954 static int
tis_send_data(tpm_state_t * tpm,uint8_t * buf,size_t bufsiz)955 tis_send_data(tpm_state_t *tpm, uint8_t *buf, size_t bufsiz) {
956 int ret;
957 uint8_t status;
958 uint16_t burstcnt;
959 uint32_t ordinal;
960 size_t count = 0;
961 char *myname = "tis_send_data";
962
963 ASSERT(tpm != NULL && buf != NULL);
964
965 if (bufsiz == 0) {
966 #ifdef DEBUG
967 cmn_err(CE_WARN, "!%s: bufsiz arg is zero", myname);
968 #endif
969 return (DDI_FAILURE);
970 }
971
972 /* Put the TPM in ready state */
973 status = tis_get_status(tpm);
974
975 if (!(status & TPM_STS_CMD_READY)) {
976 tpm_set_ready(tpm);
977 ret = tpm_wait_for_stat(tpm, TPM_STS_CMD_READY, tpm->timeout_b);
978 if (ret != DDI_SUCCESS) {
979 #ifdef DEBUG
980 cmn_err(CE_WARN, "!%s: could not put the TPM "
981 "in the command ready state:"
982 "tpm_wait_for_stat returned error",
983 myname);
984 #endif
985 goto FAIL;
986 }
987 }
988
989 /*
990 * Now we are ready to send command
991 * TPM's burstcount dictates how many bytes we can write at a time
992 * Burstcount is dynamic if INTF_CAPABILITY for static burstcount is
993 * not set.
994 */
995 while (count < bufsiz - 1) {
996 burstcnt = tpm_get_burstcount(tpm);
997 if (burstcnt == 0) {
998 #ifdef DEBUG
999 cmn_err(CE_WARN, "!%s: tpm_get_burstcnt returned error",
1000 myname);
1001 #endif
1002 ret = DDI_FAILURE;
1003 goto FAIL;
1004 }
1005
1006 for (; burstcnt > 0 && count < bufsiz - 1; burstcnt--) {
1007 tpm_put8(tpm, TPM_DATA_FIFO, buf[count]);
1008 count++;
1009 }
1010 /* Wait for TPM to indicate that it is ready for more data */
1011 ret = tpm_wait_for_stat(tpm,
1012 (TPM_STS_VALID | TPM_STS_DATA_EXPECT), tpm->timeout_c);
1013 if (ret != DDI_SUCCESS) {
1014 #ifdef DEBUG
1015 cmn_err(CE_WARN, "!%s: TPM didn't enter STS_VALID "
1016 "state", myname);
1017 #endif
1018 goto FAIL;
1019 }
1020 }
1021 /* We can't exit the loop above unless we wrote bufsiz-1 bytes */
1022
1023 /* Write last byte */
1024 tpm_put8(tpm, TPM_DATA_FIFO, buf[count]);
1025 count++;
1026
1027 /* Wait for the TPM to enter Valid State */
1028 ret = tpm_wait_for_stat(tpm, TPM_STS_VALID, tpm->timeout_c);
1029 if (ret == DDI_FAILURE) {
1030 #ifdef DEBUG
1031 cmn_err(CE_WARN, "!%s: tpm didn't enter STS_VALID state",
1032 myname);
1033 #endif
1034 goto FAIL;
1035 }
1036
1037 status = tis_get_status(tpm);
1038 /* The TPM should NOT be expecing more data at this point */
1039 if ((status & TPM_STS_DATA_EXPECT) != 0) {
1040 #ifdef DEBUG
1041 cmn_err(CE_WARN, "!%s: DATA_EXPECT should not be set after "
1042 "writing the last byte: status=0x%08X", myname, status);
1043 #endif
1044 ret = DDI_FAILURE;
1045 goto FAIL;
1046 }
1047
1048 /*
1049 * Final step: Writing TPM_STS_GO to TPM_STS
1050 * register will actually send the command.
1051 */
1052 tpm_put8(tpm, TPM_STS, TPM_STS_GO);
1053
1054 /* Ordinal/Command_code is located in buf[6..9] */
1055 ordinal = load32(buf, TPM_COMMAND_CODE_OFFSET);
1056
1057 ret = tpm_wait_for_stat(tpm, TPM_STS_DATA_AVAIL | TPM_STS_VALID,
1058 tpm_get_ordinal_duration(tpm, ordinal));
1059 if (ret == DDI_FAILURE) {
1060 #ifdef DEBUG
1061 status = tis_get_status(tpm);
1062 if (!(status & TPM_STS_DATA_AVAIL) ||
1063 !(status & TPM_STS_VALID)) {
1064 cmn_err(CE_WARN, "!%s: TPM not ready or valid "
1065 "(ordinal = %d timeout = %ld status = 0x%0x)",
1066 myname, ordinal,
1067 tpm_get_ordinal_duration(tpm, ordinal),
1068 status);
1069 } else {
1070 cmn_err(CE_WARN, "!%s: tpm_wait_for_stat "
1071 "(DATA_AVAIL | VALID) failed status = 0x%0X",
1072 myname, status);
1073 }
1074 #endif
1075 goto FAIL;
1076 }
1077 return (DDI_SUCCESS);
1078
1079 FAIL:
1080 tpm_set_ready(tpm);
1081 tis_release_locality(tpm, tpm->locality, 0);
1082 return (ret);
1083 }
1084
1085 /*
1086 * Clear XrequestUse and Xactivelocality, where X is the current locality
1087 */
1088 static void
tis_release_locality(tpm_state_t * tpm,char locality,int force)1089 tis_release_locality(tpm_state_t *tpm, char locality, int force) {
1090 ASSERT(tpm != NULL && locality >= 0 && locality < 5);
1091
1092 if (force ||
1093 (tpm_get8(tpm, TPM_ACCESS) &
1094 (TPM_ACCESS_REQUEST_PENDING | TPM_ACCESS_VALID)) ==
1095 (TPM_ACCESS_REQUEST_PENDING | TPM_ACCESS_VALID)) {
1096 /*
1097 * Writing 1 to active locality bit in TPM_ACCESS
1098 * register reliquishes the control of the locality
1099 */
1100 tpm_put8(tpm, TPM_ACCESS, TPM_ACCESS_ACTIVE_LOCALITY);
1101 }
1102 }
1103
1104 /*
1105 * Checks whether the given locality is active
1106 * Use TPM_ACCESS register and the masks TPM_ACCESS_VALID,TPM_ACTIVE_LOCALITY
1107 */
1108 static int
tis_check_active_locality(tpm_state_t * tpm,char locality)1109 tis_check_active_locality(tpm_state_t *tpm, char locality) {
1110 uint8_t access_bits;
1111 uint8_t old_locality;
1112
1113 ASSERT(tpm != NULL && locality >= 0 && locality < 5);
1114
1115 old_locality = tpm->locality;
1116 tpm->locality = locality;
1117
1118 /* Just check to see if the requested locality works */
1119 access_bits = tpm_get8(tpm, TPM_ACCESS);
1120 access_bits &= (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID);
1121
1122 /* this was just a check, not a request to switch */
1123 tpm->locality = old_locality;
1124
1125 if (access_bits == (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID)) {
1126 return (DDI_SUCCESS);
1127 } else {
1128 return (DDI_FAILURE);
1129 }
1130 }
1131
1132 /* Request the TPM to be in the given locality */
1133 static int
tis_request_locality(tpm_state_t * tpm,char locality)1134 tis_request_locality(tpm_state_t *tpm, char locality) {
1135 clock_t timeout;
1136 int ret;
1137 char *myname = "tis_request_locality";
1138
1139 ASSERT(tpm != NULL && locality >= 0 && locality < 5);
1140
1141 ret = tis_check_active_locality(tpm, locality);
1142
1143 if (ret == DDI_SUCCESS) {
1144 /* Locality is already active */
1145 tpm->locality = locality;
1146 return (DDI_SUCCESS);
1147 }
1148
1149 tpm_put8(tpm, TPM_ACCESS, TPM_ACCESS_REQUEST_USE);
1150 timeout = ddi_get_lbolt() + tpm->timeout_a;
1151
1152 /* Using polling */
1153 while (tis_check_active_locality(tpm, locality)
1154 != DDI_SUCCESS) {
1155 if (ddi_get_lbolt() >= timeout) {
1156 #ifdef DEBUG
1157 cmn_err(CE_WARN, "!%s: (interrupt-disabled) "
1158 "tis_request_locality timed out (timeout_a = %ld)",
1159 myname, tpm->timeout_a);
1160 #endif
1161 return (DDI_FAILURE);
1162 }
1163 delay(tpm->timeout_poll);
1164 }
1165
1166 tpm->locality = locality;
1167 return (DDI_SUCCESS);
1168 }
1169
1170 /* Read the status register */
1171 static uint8_t
tis_get_status(tpm_state_t * tpm)1172 tis_get_status(tpm_state_t *tpm) {
1173 return (tpm_get8(tpm, TPM_STS));
1174 }
1175
1176 static int
tpm_wait_for_stat(tpm_state_t * tpm,uint8_t mask,clock_t timeout)1177 tpm_wait_for_stat(tpm_state_t *tpm, uint8_t mask, clock_t timeout) {
1178 char *myname = "tpm_wait_for_stat";
1179 clock_t absolute_timeout = ddi_get_lbolt() + timeout;
1180
1181 /* Using polling */
1182 while ((tis_get_status(tpm) & mask) != mask) {
1183 if (ddi_get_lbolt() >= absolute_timeout) {
1184 /* Timeout reached */
1185 #ifdef DEBUG
1186 cmn_err(CE_WARN, "!%s: using "
1187 "polling - reached timeout (%ld usecs)",
1188 myname, drv_hztousec(timeout));
1189 #endif
1190 return (DDI_FAILURE);
1191 }
1192 delay(tpm->timeout_poll);
1193 }
1194 return (DDI_SUCCESS);
1195 }
1196
1197 /*
1198 * Initialize TPM device
1199 * 1. Find out supported interrupt capabilities
1200 * 2. Set up interrupt handler if supported (some BIOSes don't support
1201 * interrupts for TPMS, in which case we set up polling)
1202 * 3. Determine timeouts and commands duration
1203 */
1204 static int
tis_init(tpm_state_t * tpm)1205 tis_init(tpm_state_t *tpm) {
1206 uint32_t intf_caps;
1207 int ret;
1208 char *myname = "tis_init";
1209
1210 /*
1211 * Temporarily set up timeouts before we get the real timeouts
1212 * by issuing TPM_CAP commands (but to issue TPM_CAP commands,
1213 * you need TIMEOUTs defined...chicken and egg problem here.
1214 * TPM timeouts: Convert the milliseconds to clock cycles
1215 */
1216 tpm->timeout_a = drv_usectohz(TIS_TIMEOUT_A);
1217 tpm->timeout_b = drv_usectohz(TIS_TIMEOUT_B);
1218 tpm->timeout_c = drv_usectohz(TIS_TIMEOUT_C);
1219 tpm->timeout_d = drv_usectohz(TIS_TIMEOUT_D);
1220 /*
1221 * Do the same with the duration (real duration will be filled out
1222 * when we call TPM_GetCapability to get the duration values from
1223 * the TPM itself).
1224 */
1225 tpm->duration[TPM_SHORT] = drv_usectohz(TPM_DEFAULT_DURATION);
1226 tpm->duration[TPM_MEDIUM] = drv_usectohz(TPM_DEFAULT_DURATION);
1227 tpm->duration[TPM_LONG] = drv_usectohz(TPM_DEFAULT_DURATION);
1228 tpm->duration[TPM_UNDEFINED] = drv_usectohz(TPM_DEFAULT_DURATION);
1229
1230 /* Find out supported capabilities */
1231 intf_caps = tpm_get32(tpm, TPM_INTF_CAP);
1232
1233 /* Upper 3 bytes should always return 0 */
1234 if (intf_caps & 0x7FFFFF00) {
1235 cmn_err(CE_WARN, "!%s: bad intf_caps value 0x%0X",
1236 myname, intf_caps);
1237 return (DDI_FAILURE);
1238 }
1239
1240 /* These two interrupts are mandatory */
1241 if (!(intf_caps & TPM_INTF_INT_LOCALITY_CHANGE_INT)) {
1242 cmn_err(CE_WARN,
1243 "!%s: Mandatory capability Locality Change Int "
1244 "not supported", myname);
1245 return (DDI_FAILURE);
1246 }
1247 if (!(intf_caps & TPM_INTF_INT_DATA_AVAIL_INT)) {
1248 cmn_err(CE_WARN, "!%s: Mandatory capability Data Available Int "
1249 "not supported.", myname);
1250 return (DDI_FAILURE);
1251 }
1252
1253 /*
1254 * Before we start writing anything to TPM's registers,
1255 * make sure we are in locality 0
1256 */
1257 ret = tis_request_locality(tpm, DEFAULT_LOCALITY);
1258 if (ret != DDI_SUCCESS) {
1259 cmn_err(CE_WARN, "!%s: Unable to request locality %d", myname,
1260 DEFAULT_LOCALITY);
1261 return (DDI_FAILURE);
1262 } /* Now we can refer to the locality as tpm->locality */
1263
1264 tpm->timeout_poll = drv_usectohz(TPM_POLLING_TIMEOUT);
1265 tpm->intr_enabled = 0;
1266
1267 /* Get the real timeouts from the TPM */
1268 ret = tpm_get_timeouts(tpm);
1269 if (ret != DDI_SUCCESS) {
1270 cmn_err(CE_WARN, "!%s: tpm_get_timeouts error", myname);
1271 return (DDI_FAILURE);
1272 }
1273
1274 ret = tpm_get_duration(tpm);
1275 if (ret != DDI_SUCCESS) {
1276 cmn_err(CE_WARN, "!%s: tpm_get_duration error", myname);
1277 return (DDI_FAILURE);
1278 }
1279
1280 /* This gets the TPM version information */
1281 ret = tpm_get_version(tpm);
1282 if (ret != DDI_SUCCESS) {
1283 cmn_err(CE_WARN, "!%s: tpm_get_version error", myname);
1284 return (DDI_FAILURE);
1285 }
1286
1287 /*
1288 * Unless the TPM completes the test of its commands,
1289 * it can return an error when the untested commands are called
1290 */
1291 ret = tpm_continue_selftest(tpm);
1292 if (ret != DDI_SUCCESS) {
1293 cmn_err(CE_WARN, "!%s: tpm_continue_selftest error", myname);
1294 return (DDI_FAILURE);
1295 }
1296 return (DDI_SUCCESS);
1297 }
1298
1299 /*
1300 * Module Entry points
1301 */
1302 int
_init(void)1303 _init(void)
1304 {
1305 int ret;
1306
1307 ret = ddi_soft_state_init(&statep, sizeof (tpm_state_t), 1);
1308 if (ret) {
1309 #ifdef DEBUG
1310 cmn_err(CE_WARN, "!ddi_soft_state_init failed: %d", ret);
1311 #endif
1312 return (ret);
1313 }
1314 ret = mod_install(&tpm_ml);
1315 if (ret != 0) {
1316 #ifdef DEBUG
1317 cmn_err(CE_WARN, "!_init: mod_install returned non-zero");
1318 #endif
1319 ddi_soft_state_fini(&statep);
1320 return (ret);
1321 }
1322
1323 return (ret);
1324 }
1325
1326 int
_info(struct modinfo * modinfop)1327 _info(struct modinfo *modinfop)
1328 {
1329 int ret;
1330 ret = mod_info(&tpm_ml, modinfop);
1331 #ifdef DEBUG
1332 if (ret == 0)
1333 cmn_err(CE_WARN, "!mod_info failed: %d", ret);
1334 #endif
1335
1336 return (ret);
1337 }
1338
1339 int
_fini()1340 _fini()
1341 {
1342 int ret;
1343
1344 ret = mod_remove(&tpm_ml);
1345 if (ret != 0)
1346 return (ret);
1347
1348 ddi_soft_state_fini(&statep);
1349
1350 return (ret);
1351 }
1352 /* End of driver configuration functions */
1353
1354 static int
tpm_resume(tpm_state_t * tpm)1355 tpm_resume(tpm_state_t *tpm)
1356 {
1357 mutex_enter(&tpm->pm_mutex);
1358 if (!tpm->suspended) {
1359 mutex_exit(&tpm->pm_mutex);
1360 return (DDI_FAILURE);
1361 }
1362 tpm->suspended = 0;
1363 cv_broadcast(&tpm->suspend_cv);
1364 mutex_exit(&tpm->pm_mutex);
1365
1366 return (DDI_SUCCESS);
1367 }
1368
1369 #ifdef sun4v
1370 static uint64_t hsvc_tpm_minor = 0;
1371 static hsvc_info_t hsvc_tpm = {
1372 HSVC_REV_1, NULL, HSVC_GROUP_TPM, 1, 0, NULL
1373 };
1374 #endif
1375
1376 /*
1377 * Sun DDI/DDK entry points
1378 */
1379 static int
tpm_attach(dev_info_t * dip,ddi_attach_cmd_t cmd)1380 tpm_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
1381 {
1382 int ret;
1383 int instance;
1384 #ifndef sun4v
1385 int idx, nregs;
1386 #endif
1387 char *myname = "tpm_attach";
1388 tpm_state_t *tpm = NULL;
1389
1390 ASSERT(dip != NULL);
1391
1392 instance = ddi_get_instance(dip);
1393 if (instance < 0)
1394 return (DDI_FAILURE);
1395
1396 /* Nothing out of ordinary here */
1397 switch (cmd) {
1398 case DDI_ATTACH:
1399 if (ddi_soft_state_zalloc(statep, instance) == DDI_SUCCESS) {
1400 tpm = ddi_get_soft_state(statep, instance);
1401 if (tpm == NULL) {
1402 #ifdef DEBUG
1403 cmn_err(CE_WARN,
1404 "!%s: cannot get state information.",
1405 myname);
1406 #endif
1407 return (DDI_FAILURE);
1408 }
1409 tpm->dip = dip;
1410 } else {
1411 #ifdef DEBUG
1412 cmn_err(CE_WARN,
1413 "!%s: cannot allocate state information.",
1414 myname);
1415 #endif
1416 return (DDI_FAILURE);
1417 }
1418 break;
1419 case DDI_RESUME:
1420 tpm = ddi_get_soft_state(statep, instance);
1421 if (tpm == NULL) {
1422 #ifdef DEBUG
1423 cmn_err(CE_WARN, "!%s: cannot get state information.",
1424 myname);
1425 #endif
1426 return (DDI_FAILURE);
1427 }
1428 return (tpm_resume(tpm));
1429 default:
1430 #ifdef DEBUG
1431 cmn_err(CE_WARN, "!%s: cmd %d is not implemented", myname, cmd);
1432 #endif
1433 ret = DDI_FAILURE;
1434 goto FAIL;
1435 }
1436
1437 /* Zeroize the flag, which is used to keep track of what is allocated */
1438 tpm->flags = 0;
1439
1440 #ifdef sun4v
1441 ret = hsvc_register(&hsvc_tpm, &hsvc_tpm_minor);
1442 if (ret != 0) {
1443 cmn_err(CE_WARN, "!%s: failed to register with "
1444 "hypervisor: 0x%0x", myname, ret);
1445 goto FAIL;
1446 }
1447 tpm->flags |= TPM_HSVC_REGISTERED;
1448 #else
1449 tpm->accattr.devacc_attr_version = DDI_DEVICE_ATTR_V0;
1450 tpm->accattr.devacc_attr_endian_flags = DDI_NEVERSWAP_ACC;
1451 tpm->accattr.devacc_attr_dataorder = DDI_STRICTORDER_ACC;
1452
1453 idx = 0;
1454 ret = ddi_dev_nregs(tpm->dip, &nregs);
1455 if (ret != DDI_SUCCESS)
1456 goto FAIL;
1457
1458 /*
1459 * TPM vendors put the TPM registers in different
1460 * slots in their register lists. They are not always
1461 * the 1st set of registers, for instance.
1462 * Loop until we find the set that matches the expected
1463 * register size (0x5000).
1464 */
1465 for (idx = 0; idx < nregs; idx++) {
1466 off_t regsize;
1467
1468 if ((ret = ddi_dev_regsize(tpm->dip, idx, ®size)) !=
1469 DDI_SUCCESS)
1470 goto FAIL;
1471 /* The TIS spec says the TPM registers must be 0x5000 bytes */
1472 if (regsize == 0x5000)
1473 break;
1474 }
1475 if (idx == nregs) {
1476 ret = DDI_FAILURE;
1477 goto FAIL;
1478 }
1479
1480 ret = ddi_regs_map_setup(tpm->dip, idx, (caddr_t *)&tpm->addr,
1481 (offset_t)0, (offset_t)0x5000,
1482 &tpm->accattr, &tpm->handle);
1483
1484 if (ret != DDI_SUCCESS) {
1485 goto FAIL;
1486 }
1487 tpm->flags |= TPM_DIDREGSMAP;
1488 #endif
1489 /* Enable TPM device according to the TIS specification */
1490 ret = tis_init(tpm);
1491 if (ret != DDI_SUCCESS) {
1492 #ifdef DEBUG
1493 cmn_err(CE_WARN, "!%s: tis_init() failed with error %d",
1494 myname, ret);
1495 #endif
1496
1497 /* We need to clean up the ddi_regs_map_setup call */
1498 if (tpm->flags & TPM_DIDREGSMAP) {
1499 ddi_regs_map_free(&tpm->handle);
1500 tpm->handle = NULL;
1501 tpm->flags &= ~TPM_DIDREGSMAP;
1502 }
1503 goto FAIL;
1504 }
1505
1506 /* Initialize the inter-process lock */
1507 mutex_init(&tpm->dev_lock, NULL, MUTEX_DRIVER, NULL);
1508 mutex_init(&tpm->pm_mutex, NULL, MUTEX_DRIVER, NULL);
1509 cv_init(&tpm->suspend_cv, NULL, CV_DRIVER, NULL);
1510
1511 /* Set the suspend/resume property */
1512 (void) ddi_prop_update_string(DDI_DEV_T_NONE, dip,
1513 "pm-hardware-state", "needs-suspend-resume");
1514
1515 mutex_enter(&tpm->pm_mutex);
1516 tpm->suspended = 0;
1517 mutex_exit(&tpm->pm_mutex);
1518
1519 tpm->flags |= TPM_DID_MUTEX;
1520
1521 /* Initialize the buffer and the lock associated with it */
1522 tpm->bufsize = TPM_IO_BUF_SIZE;
1523 tpm->iobuf = kmem_zalloc((sizeof (uint8_t))*(tpm->bufsize), KM_SLEEP);
1524 tpm->flags |= TPM_DID_IO_ALLOC;
1525
1526 mutex_init(&tpm->iobuf_lock, NULL, MUTEX_DRIVER, NULL);
1527 tpm->flags |= TPM_DID_IO_MUTEX;
1528
1529 cv_init(&tpm->iobuf_cv, NULL, CV_DRIVER, NULL);
1530 tpm->flags |= TPM_DID_IO_CV;
1531
1532 /* Create minor node */
1533 ret = ddi_create_minor_node(dip, "tpm", S_IFCHR, ddi_get_instance(dip),
1534 DDI_PSEUDO, 0);
1535 if (ret != DDI_SUCCESS) {
1536 #ifdef DEBUG
1537 cmn_err(CE_WARN, "!%s: ddi_create_minor_node failed", myname);
1538 #endif
1539 goto FAIL;
1540 }
1541 tpm->flags |= TPM_DIDMINOR;
1542
1543 #ifdef KCF_TPM_RNG_PROVIDER
1544 /* register RNG with kcf */
1545 if (tpmrng_register(tpm) != DDI_SUCCESS)
1546 cmn_err(CE_WARN, "!%s: tpm RNG failed to register with kcf",
1547 myname);
1548 #endif
1549
1550 return (DDI_SUCCESS);
1551 FAIL:
1552 if (tpm != NULL) {
1553 tpm_cleanup(dip, tpm);
1554 ddi_soft_state_free(statep, instance);
1555 tpm = NULL;
1556 }
1557
1558 return (DDI_FAILURE);
1559 }
1560
1561 /*
1562 * Called by tpm_detach and tpm_attach (only on failure)
1563 * Free up the resources that are allocated
1564 */
1565 static void
tpm_cleanup(dev_info_t * dip,tpm_state_t * tpm)1566 tpm_cleanup(dev_info_t *dip, tpm_state_t *tpm)
1567 {
1568 if (tpm == NULL)
1569 return;
1570
1571 #ifdef KCF_TPM_RNG_PROVIDER
1572 (void) tpmrng_unregister(tpm);
1573 #endif
1574
1575 #ifdef sun4v
1576 if (tpm->flags & TPM_HSVC_REGISTERED) {
1577 (void) hsvc_unregister(&hsvc_tpm);
1578 tpm->flags &= ~(TPM_HSVC_REGISTERED);
1579 }
1580 #endif
1581 if (tpm->flags & TPM_DID_MUTEX) {
1582 mutex_destroy(&tpm->dev_lock);
1583 mutex_destroy(&tpm->pm_mutex);
1584 cv_destroy(&tpm->suspend_cv);
1585 tpm->flags &= ~(TPM_DID_MUTEX);
1586 }
1587 if (tpm->flags & TPM_DID_IO_ALLOC) {
1588 ASSERT(tpm->iobuf != NULL);
1589 kmem_free(tpm->iobuf, (sizeof (uint8_t))*(tpm->bufsize));
1590 tpm->flags &= ~(TPM_DID_IO_ALLOC);
1591 }
1592 if (tpm->flags & TPM_DID_IO_MUTEX) {
1593 mutex_destroy(&tpm->iobuf_lock);
1594 tpm->flags &= ~(TPM_DID_IO_MUTEX);
1595 }
1596 if (tpm->flags & TPM_DID_IO_CV) {
1597 cv_destroy(&tpm->iobuf_cv);
1598 tpm->flags &= ~(TPM_DID_IO_CV);
1599 }
1600 if (tpm->flags & TPM_DIDREGSMAP) {
1601 /* Free the mapped addresses */
1602 if (tpm->handle != NULL)
1603 ddi_regs_map_free(&tpm->handle);
1604 tpm->flags &= ~(TPM_DIDREGSMAP);
1605 }
1606 if (tpm->flags & TPM_DIDMINOR) {
1607 /* Remove minor node */
1608 ddi_remove_minor_node(dip, NULL);
1609 tpm->flags &= ~(TPM_DIDMINOR);
1610 }
1611 }
1612
1613 static int
tpm_suspend(tpm_state_t * tpm)1614 tpm_suspend(tpm_state_t *tpm)
1615 {
1616 if (tpm == NULL)
1617 return (DDI_FAILURE);
1618 mutex_enter(&tpm->pm_mutex);
1619 if (tpm->suspended) {
1620 mutex_exit(&tpm->pm_mutex);
1621 return (DDI_SUCCESS);
1622 }
1623 tpm->suspended = 1;
1624 mutex_exit(&tpm->pm_mutex);
1625
1626 return (DDI_SUCCESS);
1627 }
1628
1629 static int
tpm_detach(dev_info_t * dip,ddi_detach_cmd_t cmd)1630 tpm_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
1631 {
1632 char *myname = "tpm_detach";
1633 int instance;
1634 tpm_state_t *tpm;
1635
1636 ASSERT(dip != NULL);
1637
1638 instance = ddi_get_instance(dip);
1639 if (instance < 0)
1640 return (DDI_FAILURE);
1641
1642 if ((tpm = ddi_get_soft_state(statep, instance)) == NULL) {
1643 #ifdef DEBUG
1644 cmn_err(CE_WARN, "!%s: stored pointer to tpm state is NULL",
1645 myname);
1646 #endif
1647 return (ENXIO);
1648 }
1649
1650 switch (cmd) {
1651 case DDI_DETACH:
1652 /* Body is after the switch stmt */
1653 break;
1654 case DDI_SUSPEND:
1655 return (tpm_suspend(tpm));
1656 default:
1657 #ifdef DEBUG
1658 cmn_err(CE_WARN, "!%s: case %d not implemented", myname, cmd);
1659 #endif
1660 return (DDI_FAILURE);
1661 }
1662
1663 /* Since we are freeing tpm structure, we need to gain the lock */
1664 tpm_cleanup(dip, tpm);
1665
1666 /* Free the soft state */
1667 ddi_soft_state_free(statep, instance);
1668 tpm = NULL;
1669
1670 return (DDI_SUCCESS);
1671 }
1672
1673 /*ARGSUSED*/
1674 static int
tpm_getinfo(dev_info_t * dip,ddi_info_cmd_t cmd,void * arg,void ** resultp)1675 tpm_getinfo(dev_info_t *dip, ddi_info_cmd_t cmd, void *arg, void **resultp)
1676 {
1677 char *myname = "tpm_getinfo";
1678 int instance;
1679 tpm_state_t *tpm;
1680
1681 instance = ddi_get_instance(dip);
1682 if ((tpm = ddi_get_soft_state(statep, instance)) == NULL) {
1683 #ifdef DEBUG
1684 cmn_err(CE_WARN, "!%s: stored pointer to tpm state is NULL",
1685 myname);
1686 #endif
1687 return (DDI_FAILURE);
1688 }
1689
1690 switch (cmd) {
1691 case DDI_INFO_DEVT2DEVINFO:
1692 *resultp = tpm->dip;
1693 break;
1694 case DDI_INFO_DEVT2INSTANCE:
1695 *resultp = 0;
1696 break;
1697 default:
1698 #ifdef DEBUG
1699 cmn_err(CE_WARN, "!%s: cmd %d is not implemented", myname, cmd);
1700 #endif
1701 return (DDI_FAILURE);
1702 }
1703 return (DDI_SUCCESS);
1704 }
1705
1706 /*
1707 * Driver entry points
1708 */
1709
1710 /*ARGSUSED*/
1711 static int
tpm_open(dev_t * devp,int flag,int otyp,cred_t * cred)1712 tpm_open(dev_t *devp, int flag, int otyp, cred_t *cred)
1713 {
1714 char *myname = "tpm_open";
1715 int instance;
1716 tpm_state_t *tpm;
1717
1718 ASSERT(devp != NULL);
1719
1720 instance = getminor(*devp);
1721 if ((tpm = ddi_get_soft_state(statep, instance)) == NULL) {
1722 #ifdef DEBUG
1723 cmn_err(CE_WARN, "!%s: stored pointer to tpm state is NULL",
1724 myname);
1725 #endif
1726 return (ENXIO);
1727 }
1728 if (otyp != OTYP_CHR) {
1729 #ifdef DEBUG
1730 cmn_err(CE_WARN, "!%s: otyp(%d) != OTYP_CHR(%d)",
1731 myname, otyp, OTYP_CHR);
1732 #endif
1733 return (EINVAL);
1734 }
1735 TPM_EXCLUSIVE_LOCK(tpm);
1736
1737 mutex_enter(&tpm->dev_lock);
1738 if (tpm->dev_held) {
1739 #ifdef DEBUG
1740 cmn_err(CE_WARN, "!%s: the device is already being used",
1741 myname);
1742 #endif
1743 mutex_exit(&tpm->dev_lock);
1744 return (EBUSY);
1745 }
1746
1747 /* The device is free so mark it busy */
1748 tpm->dev_held = 1;
1749 mutex_exit(&tpm->dev_lock);
1750
1751 return (0);
1752 }
1753
1754 /*ARGSUSED*/
1755 static int
tpm_close(dev_t dev,int flag,int otyp,cred_t * cred)1756 tpm_close(dev_t dev, int flag, int otyp, cred_t *cred)
1757 {
1758 char *myname = "tpm_close";
1759 int instance;
1760 tpm_state_t *tpm;
1761
1762 instance = getminor(dev);
1763 if ((tpm = ddi_get_soft_state(statep, instance)) == NULL) {
1764 #ifdef DEBUG
1765 cmn_err(CE_WARN, "!%s: stored pointer to tpm state is NULL",
1766 myname);
1767 #endif
1768 return (ENXIO);
1769 }
1770 if (otyp != OTYP_CHR) {
1771 #ifdef DEBUG
1772 cmn_err(CE_WARN, "!%s: otyp(%d) != OTYP_CHR(%d)",
1773 myname, otyp, OTYP_CHR);
1774 #endif
1775 return (EINVAL);
1776 }
1777 TPM_EXCLUSIVE_LOCK(tpm);
1778
1779 ASSERT(tpm->dev_held);
1780
1781 mutex_enter(&tpm->dev_lock);
1782 ASSERT(mutex_owned(&tpm->dev_lock));
1783 tpm->dev_held = 0;
1784 mutex_exit(&tpm->dev_lock);
1785
1786 return (0);
1787 }
1788
1789 /*ARGSUSED*/
1790 static int
tpm_read(dev_t dev,struct uio * uiop,cred_t * credp)1791 tpm_read(dev_t dev, struct uio *uiop, cred_t *credp)
1792 {
1793 int ret;
1794 uint32_t size;
1795 char *myname = "tpm_read";
1796 int instance;
1797 tpm_state_t *tpm;
1798
1799 instance = getminor(dev);
1800 if ((tpm = ddi_get_soft_state(statep, instance)) == NULL) {
1801 #ifdef DEBUG
1802 cmn_err(CE_WARN, "!%s: stored pointer to tpm state is NULL",
1803 myname);
1804 #endif
1805 return (ENXIO);
1806 }
1807 if (uiop == NULL) {
1808 #ifdef DEBUG
1809 cmn_err(CE_WARN, "!%s: passed in uiop is NULL", myname);
1810 #endif
1811 return (EFAULT);
1812 }
1813
1814 TPM_EXCLUSIVE_LOCK(tpm);
1815
1816 /* Receive the data after requiring the lock */
1817 ret = tpm_io_lock(tpm);
1818
1819 /* Timeout reached */
1820 if (ret)
1821 return (ret);
1822
1823 if (uiop->uio_resid > tpm->bufsize) {
1824 #ifdef DEBUG
1825 cmn_err(CE_WARN, "!%s: read_in data is bigger "
1826 "than tpm->bufsize:read in:%d, bufsiz:%d",
1827 myname, (int)uiop->uio_resid, (int)tpm->bufsize);
1828 #endif
1829 ret = EIO;
1830 goto OUT;
1831 }
1832
1833 ret = tis_recv_data(tpm, tpm->iobuf, tpm->bufsize);
1834 if (ret < TPM_HEADER_SIZE) {
1835 #ifdef DEBUG
1836 cmn_err(CE_WARN, "!%s: tis_recv_data returned error", myname);
1837 #endif
1838 ret = EIO;
1839 goto OUT;
1840 }
1841
1842 size = load32(tpm->iobuf, 2);
1843 if (ret != size) {
1844 #ifdef DEBUG
1845 cmn_err(CE_WARN, "!%s: tis_recv_data:"
1846 "expected size=%d, actually read=%d",
1847 myname, size, ret);
1848 #endif
1849 ret = EIO;
1850 goto OUT;
1851 }
1852
1853 /* Send the buffer from the kernel to the userspace */
1854 ret = uiomove(tpm->iobuf, size, UIO_READ, uiop);
1855 if (ret) {
1856 #ifdef DEBUG
1857 cmn_err(CE_WARN, "!%s: uiomove returned error", myname);
1858 #endif
1859 goto OUT;
1860 }
1861
1862 /* Zeroize the buffer... */
1863 bzero(tpm->iobuf, tpm->bufsize);
1864 ret = DDI_SUCCESS;
1865 OUT:
1866 /* We are done now: wake up the waiting threads */
1867 tpm_unlock(tpm);
1868
1869 return (ret);
1870 }
1871
1872 /*ARGSUSED*/
1873 static int
tpm_write(dev_t dev,struct uio * uiop,cred_t * credp)1874 tpm_write(dev_t dev, struct uio *uiop, cred_t *credp)
1875 {
1876 int ret;
1877 size_t len;
1878 uint32_t size;
1879 char *myname = "tpm_write";
1880 int instance;
1881 tpm_state_t *tpm;
1882
1883 instance = getminor(dev);
1884 if ((tpm = ddi_get_soft_state(statep, instance)) == NULL) {
1885 #ifdef DEBUG
1886 cmn_err(CE_WARN, "!%s: stored pointer to tpm state is NULL",
1887 myname);
1888 #endif
1889 return (ENXIO);
1890 }
1891
1892 if (uiop == NULL) {
1893 #ifdef DEBUG
1894 cmn_err(CE_WARN, "!%s: passed in uiop is NULL", myname);
1895 #endif
1896 return (EFAULT);
1897 }
1898
1899 TPM_EXCLUSIVE_LOCK(tpm);
1900
1901 len = uiop->uio_resid;
1902 if (len == 0) {
1903 #ifdef DEBUG
1904 cmn_err(CE_WARN, "!%s: requested read of len 0", myname);
1905 #endif
1906 return (0);
1907 }
1908
1909 /* Get the lock for using iobuf */
1910 ret = tpm_io_lock(tpm);
1911 /* Timeout Reached */
1912 if (ret)
1913 return (ret);
1914
1915 /* Copy the header and parse the structure to find out the size... */
1916 ret = uiomove(tpm->iobuf, TPM_HEADER_SIZE, UIO_WRITE, uiop);
1917 if (ret) {
1918 #ifdef DEBUG
1919 cmn_err(CE_WARN, "!%s: uiomove returned error"
1920 "while getting the the header",
1921 myname);
1922 #endif
1923 goto OUT;
1924 }
1925
1926 /* Get the buffersize from the command buffer structure */
1927 size = load32(tpm->iobuf, TPM_PARAMSIZE_OFFSET);
1928
1929 /* Copy the command to the contiguous buffer */
1930 if (size > tpm->bufsize) {
1931 #ifdef DEBUG
1932 cmn_err(CE_WARN, "!%s: size %d is greater than "
1933 "the tpm input buffer size %d",
1934 myname, (int)size, (int)tpm->bufsize);
1935 #endif
1936 ret = ENXIO;
1937 goto OUT;
1938 }
1939
1940 /* Copy the buffer from the userspace to kernel */
1941 ret = uiomove(tpm->iobuf+TPM_HEADER_SIZE, size-TPM_HEADER_SIZE,
1942 UIO_WRITE, uiop);
1943
1944 if (ret) {
1945 #ifdef DEBUG
1946 cmn_err(CE_WARN, "!%s: uiomove returned error"
1947 "while getting the rest of the command", myname);
1948 #endif
1949 goto OUT;
1950 }
1951
1952 /* Send the command */
1953 ret = tis_send_data(tpm, tpm->iobuf, size);
1954 if (ret != DDI_SUCCESS) {
1955 #ifdef DEBUG
1956 cmn_err(CE_WARN, "!%s: tis_send_data returned error", myname);
1957 #endif
1958 ret = EFAULT;
1959 goto OUT;
1960 }
1961
1962 /* Zeroize the buffer... */
1963 bzero(tpm->iobuf, tpm->bufsize);
1964 ret = DDI_SUCCESS;
1965 OUT:
1966 tpm_unlock(tpm);
1967 return (ret);
1968 }
1969
1970 /*
1971 * This is to deal with the contentions for the iobuf
1972 */
1973 static inline int
tpm_io_lock(tpm_state_t * tpm)1974 tpm_io_lock(tpm_state_t *tpm)
1975 {
1976 int ret;
1977 clock_t timeout;
1978
1979 mutex_enter(&tpm->iobuf_lock);
1980 ASSERT(mutex_owned(&tpm->iobuf_lock));
1981
1982 timeout = ddi_get_lbolt() + drv_usectohz(TPM_IO_TIMEOUT);
1983
1984 /* Wait until the iobuf becomes free with the timeout */
1985 while (tpm->iobuf_inuse) {
1986 ret = cv_timedwait(&tpm->iobuf_cv, &tpm->iobuf_lock, timeout);
1987 if (ret <= 0) {
1988 /* Timeout reached */
1989 mutex_exit(&tpm->iobuf_lock);
1990 #ifdef DEBUG
1991 cmn_err(CE_WARN, "!tpm_io_lock:iorequest timed out");
1992 #endif
1993 return (ETIME);
1994 }
1995 }
1996 tpm->iobuf_inuse = 1;
1997 mutex_exit(&tpm->iobuf_lock);
1998 return (0);
1999 }
2000
2001 /*
2002 * This is to deal with the contentions for the iobuf
2003 */
2004 static inline void
tpm_unlock(tpm_state_t * tpm)2005 tpm_unlock(tpm_state_t *tpm)
2006 {
2007 /* Wake up the waiting threads */
2008 mutex_enter(&tpm->iobuf_lock);
2009 ASSERT(tpm->iobuf_inuse == 1 && mutex_owned(&tpm->iobuf_lock));
2010 tpm->iobuf_inuse = 0;
2011 cv_broadcast(&tpm->iobuf_cv);
2012 mutex_exit(&tpm->iobuf_lock);
2013 }
2014
2015 #ifdef KCF_TPM_RNG_PROVIDER
2016 /*
2017 * Random number generator entry points
2018 */
2019 static void
strncpy_spacepad(uchar_t * s1,char * s2,int n)2020 strncpy_spacepad(uchar_t *s1, char *s2, int n)
2021 {
2022 int s2len = strlen(s2);
2023 (void) strncpy((char *)s1, s2, n);
2024 if (s2len < n)
2025 (void) memset(s1 + s2len, ' ', n - s2len);
2026 }
2027
2028 /*ARGSUSED*/
2029 static int
tpmrng_ext_info(crypto_provider_handle_t prov,crypto_provider_ext_info_t * ext_info,crypto_req_handle_t cfreq)2030 tpmrng_ext_info(crypto_provider_handle_t prov,
2031 crypto_provider_ext_info_t *ext_info,
2032 crypto_req_handle_t cfreq)
2033 {
2034 tpm_state_t *tpm = (tpm_state_t *)prov;
2035 char buf[64];
2036
2037 if (tpm == NULL)
2038 return (DDI_FAILURE);
2039
2040 strncpy_spacepad(ext_info->ei_manufacturerID,
2041 (char *)tpm->vers_info.tpmVendorID,
2042 sizeof (ext_info->ei_manufacturerID));
2043
2044 strncpy_spacepad(ext_info->ei_model, "0",
2045 sizeof (ext_info->ei_model));
2046 strncpy_spacepad(ext_info->ei_serial_number, "0",
2047 sizeof (ext_info->ei_serial_number));
2048
2049 ext_info->ei_flags = CRYPTO_EXTF_RNG | CRYPTO_EXTF_SO_PIN_LOCKED;
2050 ext_info->ei_max_session_count = CRYPTO_EFFECTIVELY_INFINITE;
2051 ext_info->ei_max_pin_len = 0;
2052 ext_info->ei_min_pin_len = 0;
2053 ext_info->ei_total_public_memory = CRYPTO_UNAVAILABLE_INFO;
2054 ext_info->ei_free_public_memory = CRYPTO_UNAVAILABLE_INFO;
2055 ext_info->ei_total_private_memory = CRYPTO_UNAVAILABLE_INFO;
2056 ext_info->ei_free_public_memory = CRYPTO_UNAVAILABLE_INFO;
2057 ext_info->ei_time[0] = 0;
2058
2059 ext_info->ei_hardware_version.cv_major = tpm->vers_info.version.major;
2060 ext_info->ei_hardware_version.cv_minor = tpm->vers_info.version.minor;
2061 ext_info->ei_firmware_version.cv_major =
2062 tpm->vers_info.version.revMajor;
2063 ext_info->ei_firmware_version.cv_minor =
2064 tpm->vers_info.version.revMinor;
2065
2066 (void) snprintf(buf, sizeof (buf), "tpmrng TPM RNG");
2067
2068 strncpy_spacepad(ext_info->ei_label, buf,
2069 sizeof (ext_info->ei_label));
2070 #undef BUFSZ
2071 return (CRYPTO_SUCCESS);
2072
2073 }
2074
2075 static int
tpmrng_register(tpm_state_t * tpm)2076 tpmrng_register(tpm_state_t *tpm)
2077 {
2078 int ret;
2079 char ID[64];
2080 crypto_mech_name_t *rngmech;
2081
2082 ASSERT(tpm != NULL);
2083
2084 (void) snprintf(ID, sizeof (ID), "tpmrng %s", IDENT_TPMRNG);
2085
2086 tpmrng_prov_info.pi_provider_description = ID;
2087 tpmrng_prov_info.pi_provider_dev.pd_hw = tpm->dip;
2088 tpmrng_prov_info.pi_provider_handle = tpm;
2089
2090 ret = crypto_register_provider(&tpmrng_prov_info, &tpm->n_prov);
2091 if (ret != CRYPTO_SUCCESS) {
2092 tpm->n_prov = NULL;
2093 return (DDI_FAILURE);
2094 }
2095
2096 crypto_provider_notification(tpm->n_prov, CRYPTO_PROVIDER_READY);
2097
2098 rngmech = kmem_zalloc(strlen("random") + 1, KM_SLEEP);
2099 (void) memcpy(rngmech, "random", 6);
2100 ret = crypto_load_dev_disabled("tpm", ddi_get_instance(tpm->dip),
2101 1, rngmech);
2102 #ifdef DEBUG
2103 if (ret != CRYPTO_SUCCESS)
2104 cmn_err(CE_WARN, "!crypto_load_dev_disabled failed (%d)", ret);
2105 #endif
2106 return (DDI_SUCCESS);
2107 }
2108
2109 static int
tpmrng_unregister(tpm_state_t * tpm)2110 tpmrng_unregister(tpm_state_t *tpm)
2111 {
2112 int ret;
2113 ASSERT(tpm != NULL);
2114 if (tpm->n_prov) {
2115 ret = crypto_unregister_provider(tpm->n_prov);
2116 tpm->n_prov = NULL;
2117 if (ret != CRYPTO_SUCCESS)
2118 return (DDI_FAILURE);
2119 }
2120 return (DDI_SUCCESS);
2121 }
2122
2123 /*ARGSUSED*/
2124 static void
tpmrng_provider_status(crypto_provider_handle_t provider,uint_t * status)2125 tpmrng_provider_status(crypto_provider_handle_t provider, uint_t *status)
2126 {
2127 *status = CRYPTO_PROVIDER_READY;
2128 }
2129
2130 /*ARGSUSED*/
2131 static int
tpmrng_seed_random(crypto_provider_handle_t provider,crypto_session_id_t sid,uchar_t * buf,size_t len,uint_t entropy_est,uint32_t flags,crypto_req_handle_t req)2132 tpmrng_seed_random(crypto_provider_handle_t provider, crypto_session_id_t sid,
2133 uchar_t *buf, size_t len, uint_t entropy_est, uint32_t flags,
2134 crypto_req_handle_t req)
2135 {
2136 int ret;
2137 tpm_state_t *tpm;
2138 uint32_t len32;
2139 /* Max length of seed is 256 bytes, add 14 for header. */
2140 uint8_t cmdbuf[270] = {
2141 0, 193, /* TPM_TAG_RQU COMMAND */
2142 0, 0, 0, 0x0A, /* paramsize in bytes */
2143 0, 0, 0, TPM_ORD_StirRandom,
2144 0, 0, 0, 0 /* number of input bytes (< 256) */
2145 };
2146 uint32_t buflen;
2147
2148 if (len == 0 || len > 255 || buf == NULL)
2149 return (CRYPTO_ARGUMENTS_BAD);
2150
2151 tpm = (tpm_state_t *)provider;
2152 if (tpm == NULL)
2153 return (CRYPTO_INVALID_CONTEXT);
2154
2155 /* Acquire lock for exclusive use of TPM */
2156 TPM_EXCLUSIVE_LOCK(tpm);
2157
2158 ret = tpm_io_lock(tpm);
2159 /* Timeout reached */
2160 if (ret)
2161 return (CRYPTO_BUSY);
2162
2163 /* TPM only handles 32 bit length, so truncate if too big. */
2164 len32 = (uint32_t)len;
2165 buflen = len32 + 14;
2166
2167 /* The length must be in network order */
2168 buflen = htonl(buflen);
2169 bcopy(&buflen, cmdbuf + 2, sizeof (uint32_t));
2170
2171 /* Convert it back */
2172 buflen = ntohl(buflen);
2173
2174 /* length must be in network order */
2175 len32 = htonl(len32);
2176 bcopy(&len32, cmdbuf + 10, sizeof (uint32_t));
2177
2178 /* convert it back */
2179 len32 = ntohl(len32);
2180
2181 bcopy(buf, cmdbuf + 14, len32);
2182
2183 ret = itpm_command(tpm, cmdbuf, buflen);
2184 tpm_unlock(tpm);
2185
2186 if (ret != DDI_SUCCESS) {
2187 #ifdef DEBUG
2188 cmn_err(CE_WARN, "!tpmrng_seed_random failed");
2189 #endif
2190 return (CRYPTO_FAILED);
2191 }
2192
2193 return (CRYPTO_SUCCESS);
2194 }
2195
2196 /* ARGSUSED */
2197 static int
tpmrng_generate_random(crypto_provider_handle_t provider,crypto_session_id_t sid,uchar_t * buf,size_t len,crypto_req_handle_t req)2198 tpmrng_generate_random(crypto_provider_handle_t provider,
2199 crypto_session_id_t sid, uchar_t *buf, size_t len, crypto_req_handle_t req)
2200 {
2201 int ret;
2202 tpm_state_t *tpm;
2203 uint8_t hdr[14] = {
2204 0, 193, /* TPM_TAG_RQU COMMAND */
2205 0, 0, 0, 14, /* paramsize in bytes */
2206 0, 0, 0, TPM_ORD_GetRandom,
2207 0, 0, 0, 0
2208 };
2209 uint8_t *cmdbuf = NULL;
2210 uint32_t len32 = (uint32_t)len;
2211 uint32_t buflen = len32 + sizeof (hdr);
2212
2213 if (len == 0 || buf == NULL)
2214 return (CRYPTO_ARGUMENTS_BAD);
2215
2216 tpm = (tpm_state_t *)provider;
2217 if (tpm == NULL)
2218 return (CRYPTO_INVALID_CONTEXT);
2219
2220 TPM_EXCLUSIVE_LOCK(tpm);
2221
2222 ret = tpm_io_lock(tpm);
2223 /* Timeout reached */
2224 if (ret)
2225 return (CRYPTO_BUSY);
2226
2227 cmdbuf = kmem_zalloc(buflen, KM_SLEEP);
2228 bcopy(hdr, cmdbuf, sizeof (hdr));
2229
2230 /* Length is written in network byte order */
2231 len32 = htonl(len32);
2232 bcopy(&len32, cmdbuf + 10, sizeof (uint32_t));
2233
2234 ret = itpm_command(tpm, cmdbuf, buflen);
2235 if (ret != DDI_SUCCESS) {
2236 #ifdef DEBUG
2237 cmn_err(CE_WARN, "!tpmrng_generate_random failed");
2238 #endif
2239 kmem_free(cmdbuf, buflen);
2240 tpm_unlock(tpm);
2241 return (CRYPTO_FAILED);
2242 }
2243
2244 /* Find out how many bytes were really returned */
2245 len32 = load32(cmdbuf, 10);
2246
2247 /* Copy the random bytes back to the callers buffer */
2248 bcopy(cmdbuf + 14, buf, len32);
2249
2250 kmem_free(cmdbuf, buflen);
2251 tpm_unlock(tpm);
2252
2253 return (CRYPTO_SUCCESS);
2254 }
2255 #endif /* KCF_TPM_RNG_PROVIDER */
2256