1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright (C) 2014, 2015 Intel Corporation
4 *
5 * Authors:
6 * Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
7 *
8 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
9 *
10 * This file contains TPM2 protocol implementations of the commands
11 * used by the kernel internally.
12 */
13
14 #include "tpm.h"
15 #include <crypto/hash_info.h>
16
17 static bool disable_pcr_integrity;
18 module_param(disable_pcr_integrity, bool, 0444);
19 MODULE_PARM_DESC(disable_pcr_integrity, "Disable integrity protection of TPM2_PCR_Extend");
20
21 static struct tpm2_hash tpm2_hash_map[] = {
22 {HASH_ALGO_SHA1, TPM_ALG_SHA1},
23 {HASH_ALGO_SHA256, TPM_ALG_SHA256},
24 {HASH_ALGO_SHA384, TPM_ALG_SHA384},
25 {HASH_ALGO_SHA512, TPM_ALG_SHA512},
26 {HASH_ALGO_SM3_256, TPM_ALG_SM3_256},
27 };
28
tpm2_get_timeouts(struct tpm_chip * chip)29 int tpm2_get_timeouts(struct tpm_chip *chip)
30 {
31 chip->timeout_a = msecs_to_jiffies(TPM2_TIMEOUT_A);
32 chip->timeout_b = msecs_to_jiffies(TPM2_TIMEOUT_B);
33 chip->timeout_c = msecs_to_jiffies(TPM2_TIMEOUT_C);
34 chip->timeout_d = msecs_to_jiffies(TPM2_TIMEOUT_D);
35 chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS;
36 return 0;
37 }
38
39 /*
40 * Contains the maximum durations in milliseconds for TPM2 commands.
41 */
42 static const struct {
43 unsigned long ordinal;
44 unsigned long duration;
45 } tpm2_ordinal_duration_map[] = {
46 {TPM2_CC_STARTUP, 750},
47 {TPM2_CC_SELF_TEST, 3000},
48 {TPM2_CC_GET_RANDOM, 2000},
49 {TPM2_CC_SEQUENCE_UPDATE, 750},
50 {TPM2_CC_SEQUENCE_COMPLETE, 750},
51 {TPM2_CC_EVENT_SEQUENCE_COMPLETE, 750},
52 {TPM2_CC_HASH_SEQUENCE_START, 750},
53 {TPM2_CC_VERIFY_SIGNATURE, 30000},
54 {TPM2_CC_PCR_EXTEND, 750},
55 {TPM2_CC_HIERARCHY_CONTROL, 2000},
56 {TPM2_CC_HIERARCHY_CHANGE_AUTH, 2000},
57 {TPM2_CC_GET_CAPABILITY, 750},
58 {TPM2_CC_NV_READ, 2000},
59 {TPM2_CC_CREATE_PRIMARY, 30000},
60 {TPM2_CC_CREATE, 30000},
61 {TPM2_CC_CREATE_LOADED, 30000},
62 };
63
64 /**
65 * tpm2_calc_ordinal_duration() - Calculate the maximum command duration
66 * @ordinal: TPM command ordinal.
67 *
68 * Returns the maximum amount of time the chip is expected by kernel to
69 * take in jiffies.
70 */
tpm2_calc_ordinal_duration(u32 ordinal)71 unsigned long tpm2_calc_ordinal_duration(u32 ordinal)
72 {
73 int i;
74
75 for (i = 0; i < ARRAY_SIZE(tpm2_ordinal_duration_map); i++)
76 if (ordinal == tpm2_ordinal_duration_map[i].ordinal)
77 return msecs_to_jiffies(tpm2_ordinal_duration_map[i].duration);
78
79 return msecs_to_jiffies(TPM2_DURATION_DEFAULT);
80 }
81
82 struct tpm2_pcr_read_out {
83 __be32 update_cnt;
84 __be32 pcr_selects_cnt;
85 __be16 hash_alg;
86 u8 pcr_select_size;
87 u8 pcr_select[TPM2_PCR_SELECT_MIN];
88 __be32 digests_cnt;
89 __be16 digest_size;
90 u8 digest[];
91 } __packed;
92
93 /**
94 * tpm2_pcr_read() - read a PCR value
95 * @chip: TPM chip to use.
96 * @pcr_idx: index of the PCR to read.
97 * @digest: PCR bank and buffer current PCR value is written to.
98 * @digest_size_ptr: pointer to variable that stores the digest size.
99 *
100 * Return: Same as with tpm_transmit_cmd.
101 */
tpm2_pcr_read(struct tpm_chip * chip,u32 pcr_idx,struct tpm_digest * digest,u16 * digest_size_ptr)102 int tpm2_pcr_read(struct tpm_chip *chip, u32 pcr_idx,
103 struct tpm_digest *digest, u16 *digest_size_ptr)
104 {
105 int i;
106 int rc;
107 struct tpm_buf buf;
108 struct tpm2_pcr_read_out *out;
109 u8 pcr_select[TPM2_PCR_SELECT_MIN] = {0};
110 u16 digest_size;
111 u16 expected_digest_size = 0;
112
113 if (pcr_idx >= TPM2_PLATFORM_PCR)
114 return -EINVAL;
115
116 if (!digest_size_ptr) {
117 for (i = 0; i < chip->nr_allocated_banks &&
118 chip->allocated_banks[i].alg_id != digest->alg_id; i++)
119 ;
120
121 if (i == chip->nr_allocated_banks)
122 return -EINVAL;
123
124 expected_digest_size = chip->allocated_banks[i].digest_size;
125 }
126
127 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_PCR_READ);
128 if (rc)
129 return rc;
130
131 pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7);
132
133 tpm_buf_append_u32(&buf, 1);
134 tpm_buf_append_u16(&buf, digest->alg_id);
135 tpm_buf_append_u8(&buf, TPM2_PCR_SELECT_MIN);
136 tpm_buf_append(&buf, (const unsigned char *)pcr_select,
137 sizeof(pcr_select));
138
139 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to read a pcr value");
140 if (rc)
141 goto out;
142
143 out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE];
144 digest_size = be16_to_cpu(out->digest_size);
145 if (digest_size > sizeof(digest->digest) ||
146 (!digest_size_ptr && digest_size != expected_digest_size)) {
147 rc = -EINVAL;
148 goto out;
149 }
150
151 if (digest_size_ptr)
152 *digest_size_ptr = digest_size;
153
154 memcpy(digest->digest, out->digest, digest_size);
155 out:
156 tpm_buf_destroy(&buf);
157 return rc;
158 }
159
160 /**
161 * tpm2_pcr_extend() - extend a PCR value
162 *
163 * @chip: TPM chip to use.
164 * @pcr_idx: index of the PCR.
165 * @digests: list of pcr banks and corresponding digest values to extend.
166 *
167 * Return: Same as with tpm_transmit_cmd.
168 */
tpm2_pcr_extend(struct tpm_chip * chip,u32 pcr_idx,struct tpm_digest * digests)169 int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx,
170 struct tpm_digest *digests)
171 {
172 struct tpm_buf buf;
173 int rc;
174 int i;
175
176 if (!disable_pcr_integrity) {
177 rc = tpm2_start_auth_session(chip);
178 if (rc)
179 return rc;
180 }
181
182 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND);
183 if (rc) {
184 if (!disable_pcr_integrity)
185 tpm2_end_auth_session(chip);
186 return rc;
187 }
188
189 if (!disable_pcr_integrity) {
190 tpm_buf_append_name(chip, &buf, pcr_idx, NULL);
191 tpm_buf_append_hmac_session(chip, &buf, 0, NULL, 0);
192 } else {
193 tpm_buf_append_handle(chip, &buf, pcr_idx);
194 tpm_buf_append_auth(chip, &buf, 0, NULL, 0);
195 }
196
197 tpm_buf_append_u32(&buf, chip->nr_allocated_banks);
198
199 for (i = 0; i < chip->nr_allocated_banks; i++) {
200 tpm_buf_append_u16(&buf, digests[i].alg_id);
201 tpm_buf_append(&buf, (const unsigned char *)&digests[i].digest,
202 chip->allocated_banks[i].digest_size);
203 }
204
205 if (!disable_pcr_integrity)
206 tpm_buf_fill_hmac_session(chip, &buf);
207 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting extend a PCR value");
208 if (!disable_pcr_integrity)
209 rc = tpm_buf_check_hmac_response(chip, &buf, rc);
210
211 tpm_buf_destroy(&buf);
212
213 return rc;
214 }
215
216 struct tpm2_get_random_out {
217 __be16 size;
218 u8 buffer[TPM_MAX_RNG_DATA];
219 } __packed;
220
221 /**
222 * tpm2_get_random() - get random bytes from the TPM RNG
223 *
224 * @chip: a &tpm_chip instance
225 * @dest: destination buffer
226 * @max: the max number of random bytes to pull
227 *
228 * Return:
229 * size of the buffer on success,
230 * -errno otherwise (positive TPM return codes are masked to -EIO)
231 */
tpm2_get_random(struct tpm_chip * chip,u8 * dest,size_t max)232 int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max)
233 {
234 struct tpm2_get_random_out *out;
235 struct tpm_header *head;
236 struct tpm_buf buf;
237 u32 recd;
238 u32 num_bytes = max;
239 int err;
240 int total = 0;
241 int retries = 5;
242 u8 *dest_ptr = dest;
243 off_t offset;
244
245 if (!num_bytes || max > TPM_MAX_RNG_DATA)
246 return -EINVAL;
247
248 err = tpm2_start_auth_session(chip);
249 if (err)
250 return err;
251
252 err = tpm_buf_init(&buf, 0, 0);
253 if (err) {
254 tpm2_end_auth_session(chip);
255 return err;
256 }
257
258 do {
259 tpm_buf_reset(&buf, TPM2_ST_SESSIONS, TPM2_CC_GET_RANDOM);
260 tpm_buf_append_hmac_session_opt(chip, &buf, TPM2_SA_ENCRYPT
261 | TPM2_SA_CONTINUE_SESSION,
262 NULL, 0);
263 tpm_buf_append_u16(&buf, num_bytes);
264 tpm_buf_fill_hmac_session(chip, &buf);
265 err = tpm_transmit_cmd(chip, &buf,
266 offsetof(struct tpm2_get_random_out,
267 buffer),
268 "attempting get random");
269 err = tpm_buf_check_hmac_response(chip, &buf, err);
270 if (err) {
271 if (err > 0)
272 err = -EIO;
273 goto out;
274 }
275
276 head = (struct tpm_header *)buf.data;
277 offset = TPM_HEADER_SIZE;
278 /* Skip the parameter size field: */
279 if (be16_to_cpu(head->tag) == TPM2_ST_SESSIONS)
280 offset += 4;
281
282 out = (struct tpm2_get_random_out *)&buf.data[offset];
283 recd = min_t(u32, be16_to_cpu(out->size), num_bytes);
284 if (tpm_buf_length(&buf) <
285 TPM_HEADER_SIZE +
286 offsetof(struct tpm2_get_random_out, buffer) +
287 recd) {
288 err = -EFAULT;
289 goto out;
290 }
291 memcpy(dest_ptr, out->buffer, recd);
292
293 dest_ptr += recd;
294 total += recd;
295 num_bytes -= recd;
296 } while (retries-- && total < max);
297
298 tpm_buf_destroy(&buf);
299
300 return total ? total : -EIO;
301 out:
302 tpm_buf_destroy(&buf);
303 tpm2_end_auth_session(chip);
304 return err;
305 }
306
307 /**
308 * tpm2_flush_context() - execute a TPM2_FlushContext command
309 * @chip: TPM chip to use
310 * @handle: context handle
311 */
tpm2_flush_context(struct tpm_chip * chip,u32 handle)312 void tpm2_flush_context(struct tpm_chip *chip, u32 handle)
313 {
314 struct tpm_buf buf;
315 int rc;
316
317 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_FLUSH_CONTEXT);
318 if (rc) {
319 dev_warn(&chip->dev, "0x%08x was not flushed, out of memory\n",
320 handle);
321 return;
322 }
323
324 tpm_buf_append_u32(&buf, handle);
325
326 tpm_transmit_cmd(chip, &buf, 0, "flushing context");
327 tpm_buf_destroy(&buf);
328 }
329 EXPORT_SYMBOL_GPL(tpm2_flush_context);
330
331 struct tpm2_get_cap_out {
332 u8 more_data;
333 __be32 subcap_id;
334 __be32 property_cnt;
335 __be32 property_id;
336 __be32 value;
337 } __packed;
338
339 /**
340 * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property
341 * @chip: a &tpm_chip instance
342 * @property_id: property ID.
343 * @value: output variable.
344 * @desc: passed to tpm_transmit_cmd()
345 *
346 * Return:
347 * 0 on success,
348 * -errno or a TPM return code otherwise
349 */
tpm2_get_tpm_pt(struct tpm_chip * chip,u32 property_id,u32 * value,const char * desc)350 ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, u32 *value,
351 const char *desc)
352 {
353 struct tpm2_get_cap_out *out;
354 struct tpm_buf buf;
355 int rc;
356
357 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
358 if (rc)
359 return rc;
360 tpm_buf_append_u32(&buf, TPM2_CAP_TPM_PROPERTIES);
361 tpm_buf_append_u32(&buf, property_id);
362 tpm_buf_append_u32(&buf, 1);
363 rc = tpm_transmit_cmd(chip, &buf, 0, NULL);
364 if (!rc) {
365 out = (struct tpm2_get_cap_out *)
366 &buf.data[TPM_HEADER_SIZE];
367 /*
368 * To prevent failing boot up of some systems, Infineon TPM2.0
369 * returns SUCCESS on TPM2_Startup in field upgrade mode. Also
370 * the TPM2_Getcapability command returns a zero length list
371 * in field upgrade mode.
372 */
373 if (be32_to_cpu(out->property_cnt) > 0)
374 *value = be32_to_cpu(out->value);
375 else
376 rc = -ENODATA;
377 }
378 tpm_buf_destroy(&buf);
379 return rc;
380 }
381 EXPORT_SYMBOL_GPL(tpm2_get_tpm_pt);
382
383 /**
384 * tpm2_shutdown() - send a TPM shutdown command
385 *
386 * Sends a TPM shutdown command. The shutdown command is used in call
387 * sites where the system is going down. If it fails, there is not much
388 * that can be done except print an error message.
389 *
390 * @chip: a &tpm_chip instance
391 * @shutdown_type: TPM_SU_CLEAR or TPM_SU_STATE.
392 */
tpm2_shutdown(struct tpm_chip * chip,u16 shutdown_type)393 void tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type)
394 {
395 struct tpm_buf buf;
396 int rc;
397
398 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_SHUTDOWN);
399 if (rc)
400 return;
401 tpm_buf_append_u16(&buf, shutdown_type);
402 tpm_transmit_cmd(chip, &buf, 0, "stopping the TPM");
403 tpm_buf_destroy(&buf);
404 }
405
406 /**
407 * tpm2_do_selftest() - ensure that all self tests have passed
408 *
409 * @chip: TPM chip to use
410 *
411 * Return: Same as with tpm_transmit_cmd.
412 *
413 * The TPM can either run all self tests synchronously and then return
414 * RC_SUCCESS once all tests were successful. Or it can choose to run the tests
415 * asynchronously and return RC_TESTING immediately while the self tests still
416 * execute in the background. This function handles both cases and waits until
417 * all tests have completed.
418 */
tpm2_do_selftest(struct tpm_chip * chip)419 static int tpm2_do_selftest(struct tpm_chip *chip)
420 {
421 struct tpm_buf buf;
422 int full;
423 int rc;
424
425 for (full = 0; full < 2; full++) {
426 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_SELF_TEST);
427 if (rc)
428 return rc;
429
430 tpm_buf_append_u8(&buf, full);
431 rc = tpm_transmit_cmd(chip, &buf, 0,
432 "attempting the self test");
433 tpm_buf_destroy(&buf);
434
435 if (rc == TPM2_RC_TESTING)
436 rc = TPM2_RC_SUCCESS;
437 if (rc == TPM2_RC_INITIALIZE || rc == TPM2_RC_SUCCESS)
438 return rc;
439 }
440
441 return rc;
442 }
443
444 /**
445 * tpm2_probe() - probe for the TPM 2.0 protocol
446 * @chip: a &tpm_chip instance
447 *
448 * Send an idempotent TPM 2.0 command and see whether there is TPM2 chip in the
449 * other end based on the response tag. The flag TPM_CHIP_FLAG_TPM2 is set by
450 * this function if this is the case.
451 *
452 * Return:
453 * 0 on success,
454 * -errno otherwise
455 */
tpm2_probe(struct tpm_chip * chip)456 int tpm2_probe(struct tpm_chip *chip)
457 {
458 struct tpm_header *out;
459 struct tpm_buf buf;
460 int rc;
461
462 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
463 if (rc)
464 return rc;
465 tpm_buf_append_u32(&buf, TPM2_CAP_TPM_PROPERTIES);
466 tpm_buf_append_u32(&buf, TPM_PT_TOTAL_COMMANDS);
467 tpm_buf_append_u32(&buf, 1);
468 rc = tpm_transmit_cmd(chip, &buf, 0, NULL);
469 /* We ignore TPM return codes on purpose. */
470 if (rc >= 0) {
471 out = (struct tpm_header *)buf.data;
472 if (be16_to_cpu(out->tag) == TPM2_ST_NO_SESSIONS)
473 chip->flags |= TPM_CHIP_FLAG_TPM2;
474 }
475 tpm_buf_destroy(&buf);
476 return 0;
477 }
478 EXPORT_SYMBOL_GPL(tpm2_probe);
479
tpm2_init_bank_info(struct tpm_chip * chip,u32 bank_index)480 static int tpm2_init_bank_info(struct tpm_chip *chip, u32 bank_index)
481 {
482 struct tpm_bank_info *bank = chip->allocated_banks + bank_index;
483 struct tpm_digest digest = { .alg_id = bank->alg_id };
484 int i;
485
486 /*
487 * Avoid unnecessary PCR read operations to reduce overhead
488 * and obtain identifiers of the crypto subsystem.
489 */
490 for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) {
491 enum hash_algo crypto_algo = tpm2_hash_map[i].crypto_id;
492
493 if (bank->alg_id != tpm2_hash_map[i].tpm_id)
494 continue;
495
496 bank->digest_size = hash_digest_size[crypto_algo];
497 bank->crypto_id = crypto_algo;
498 return 0;
499 }
500
501 bank->crypto_id = HASH_ALGO__LAST;
502
503 return tpm2_pcr_read(chip, 0, &digest, &bank->digest_size);
504 }
505
506 struct tpm2_pcr_selection {
507 __be16 hash_alg;
508 u8 size_of_select;
509 u8 pcr_select[3];
510 } __packed;
511
tpm2_get_pcr_allocation(struct tpm_chip * chip)512 ssize_t tpm2_get_pcr_allocation(struct tpm_chip *chip)
513 {
514 struct tpm2_pcr_selection pcr_selection;
515 struct tpm_buf buf;
516 void *marker;
517 void *end;
518 void *pcr_select_offset;
519 u32 sizeof_pcr_selection;
520 u32 nr_possible_banks;
521 u32 nr_alloc_banks = 0;
522 u16 hash_alg;
523 u32 rsp_len;
524 int rc;
525 int i = 0;
526
527 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
528 if (rc)
529 return rc;
530
531 tpm_buf_append_u32(&buf, TPM2_CAP_PCRS);
532 tpm_buf_append_u32(&buf, 0);
533 tpm_buf_append_u32(&buf, 1);
534
535 rc = tpm_transmit_cmd(chip, &buf, 9, "get tpm pcr allocation");
536 if (rc)
537 goto out;
538
539 nr_possible_banks = be32_to_cpup(
540 (__be32 *)&buf.data[TPM_HEADER_SIZE + 5]);
541
542 chip->allocated_banks = kcalloc(nr_possible_banks,
543 sizeof(*chip->allocated_banks),
544 GFP_KERNEL);
545 if (!chip->allocated_banks) {
546 rc = -ENOMEM;
547 goto out;
548 }
549
550 marker = &buf.data[TPM_HEADER_SIZE + 9];
551
552 rsp_len = be32_to_cpup((__be32 *)&buf.data[2]);
553 end = &buf.data[rsp_len];
554
555 for (i = 0; i < nr_possible_banks; i++) {
556 pcr_select_offset = marker +
557 offsetof(struct tpm2_pcr_selection, size_of_select);
558 if (pcr_select_offset >= end) {
559 rc = -EFAULT;
560 break;
561 }
562
563 memcpy(&pcr_selection, marker, sizeof(pcr_selection));
564 hash_alg = be16_to_cpu(pcr_selection.hash_alg);
565
566 pcr_select_offset = memchr_inv(pcr_selection.pcr_select, 0,
567 pcr_selection.size_of_select);
568 if (pcr_select_offset) {
569 chip->allocated_banks[nr_alloc_banks].alg_id = hash_alg;
570
571 rc = tpm2_init_bank_info(chip, nr_alloc_banks);
572 if (rc < 0)
573 break;
574
575 nr_alloc_banks++;
576 }
577
578 sizeof_pcr_selection = sizeof(pcr_selection.hash_alg) +
579 sizeof(pcr_selection.size_of_select) +
580 pcr_selection.size_of_select;
581 marker = marker + sizeof_pcr_selection;
582 }
583
584 chip->nr_allocated_banks = nr_alloc_banks;
585 out:
586 tpm_buf_destroy(&buf);
587
588 return rc;
589 }
590
tpm2_get_cc_attrs_tbl(struct tpm_chip * chip)591 int tpm2_get_cc_attrs_tbl(struct tpm_chip *chip)
592 {
593 struct tpm_buf buf;
594 u32 nr_commands;
595 __be32 *attrs;
596 u32 cc;
597 int i;
598 int rc;
599
600 rc = tpm2_get_tpm_pt(chip, TPM_PT_TOTAL_COMMANDS, &nr_commands, NULL);
601 if (rc)
602 goto out;
603
604 if (nr_commands > 0xFFFFF) {
605 rc = -EFAULT;
606 goto out;
607 }
608
609 chip->cc_attrs_tbl = devm_kcalloc(&chip->dev, 4, nr_commands,
610 GFP_KERNEL);
611 if (!chip->cc_attrs_tbl) {
612 rc = -ENOMEM;
613 goto out;
614 }
615
616 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
617 if (rc)
618 goto out;
619
620 tpm_buf_append_u32(&buf, TPM2_CAP_COMMANDS);
621 tpm_buf_append_u32(&buf, TPM2_CC_FIRST);
622 tpm_buf_append_u32(&buf, nr_commands);
623
624 rc = tpm_transmit_cmd(chip, &buf, 9 + 4 * nr_commands, NULL);
625 if (rc) {
626 tpm_buf_destroy(&buf);
627 goto out;
628 }
629
630 if (nr_commands !=
631 be32_to_cpup((__be32 *)&buf.data[TPM_HEADER_SIZE + 5])) {
632 rc = -EFAULT;
633 tpm_buf_destroy(&buf);
634 goto out;
635 }
636
637 chip->nr_commands = nr_commands;
638
639 attrs = (__be32 *)&buf.data[TPM_HEADER_SIZE + 9];
640 for (i = 0; i < nr_commands; i++, attrs++) {
641 chip->cc_attrs_tbl[i] = be32_to_cpup(attrs);
642 cc = chip->cc_attrs_tbl[i] & 0xFFFF;
643
644 if (cc == TPM2_CC_CONTEXT_SAVE || cc == TPM2_CC_FLUSH_CONTEXT) {
645 chip->cc_attrs_tbl[i] &=
646 ~(GENMASK(2, 0) << TPM2_CC_ATTR_CHANDLES);
647 chip->cc_attrs_tbl[i] |= 1 << TPM2_CC_ATTR_CHANDLES;
648 }
649 }
650
651 tpm_buf_destroy(&buf);
652
653 out:
654 if (rc > 0)
655 rc = -ENODEV;
656 return rc;
657 }
658 EXPORT_SYMBOL_GPL(tpm2_get_cc_attrs_tbl);
659
660 /**
661 * tpm2_startup - turn on the TPM
662 * @chip: TPM chip to use
663 *
664 * Normally the firmware should start the TPM. This function is provided as a
665 * workaround if this does not happen. A legal case for this could be for
666 * example when a TPM emulator is used.
667 *
668 * Return: same as tpm_transmit_cmd()
669 */
670
tpm2_startup(struct tpm_chip * chip)671 static int tpm2_startup(struct tpm_chip *chip)
672 {
673 struct tpm_buf buf;
674 int rc;
675
676 dev_info(&chip->dev, "starting up the TPM manually\n");
677
678 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_STARTUP);
679 if (rc < 0)
680 return rc;
681
682 tpm_buf_append_u16(&buf, TPM2_SU_CLEAR);
683 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to start the TPM");
684 tpm_buf_destroy(&buf);
685
686 return rc;
687 }
688
689 /**
690 * tpm2_auto_startup - Perform the standard automatic TPM initialization
691 * sequence
692 * @chip: TPM chip to use
693 *
694 * Returns 0 on success, < 0 in case of fatal error.
695 */
tpm2_auto_startup(struct tpm_chip * chip)696 int tpm2_auto_startup(struct tpm_chip *chip)
697 {
698 int rc;
699
700 rc = tpm2_get_timeouts(chip);
701 if (rc)
702 goto out;
703
704 rc = tpm2_do_selftest(chip);
705 if (rc && rc != TPM2_RC_INITIALIZE)
706 goto out;
707
708 if (rc == TPM2_RC_INITIALIZE) {
709 rc = tpm2_startup(chip);
710 if (rc)
711 goto out;
712
713 rc = tpm2_do_selftest(chip);
714 if (rc)
715 goto out;
716 }
717
718 rc = tpm2_get_cc_attrs_tbl(chip);
719 if (rc == TPM2_RC_FAILURE || (rc < 0 && rc != -ENOMEM)) {
720 dev_info(&chip->dev,
721 "TPM in field failure mode, requires firmware upgrade\n");
722 chip->flags |= TPM_CHIP_FLAG_FIRMWARE_UPGRADE;
723 rc = 0;
724 }
725
726 if (rc)
727 goto out;
728
729 rc = tpm2_sessions_init(chip);
730
731 out:
732 /*
733 * Infineon TPM in field upgrade mode will return no data for the number
734 * of supported commands.
735 */
736 if (rc == TPM2_RC_UPGRADE || rc == -ENODATA) {
737 dev_info(&chip->dev, "TPM in field upgrade mode, requires firmware upgrade\n");
738 chip->flags |= TPM_CHIP_FLAG_FIRMWARE_UPGRADE;
739 rc = 0;
740 }
741
742 if (rc > 0)
743 rc = -ENODEV;
744 return rc;
745 }
746
tpm2_find_cc(struct tpm_chip * chip,u32 cc)747 int tpm2_find_cc(struct tpm_chip *chip, u32 cc)
748 {
749 u32 cc_mask;
750 int i;
751
752 cc_mask = 1 << TPM2_CC_ATTR_VENDOR | GENMASK(15, 0);
753 for (i = 0; i < chip->nr_commands; i++)
754 if (cc == (chip->cc_attrs_tbl[i] & cc_mask))
755 return i;
756
757 return -1;
758 }
759