1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2004 IBM Corporation 4 * Copyright (C) 2014 Intel Corporation 5 * 6 * Authors: 7 * Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> 8 * Leendert van Doorn <leendert@watson.ibm.com> 9 * Dave Safford <safford@watson.ibm.com> 10 * Reiner Sailer <sailer@watson.ibm.com> 11 * Kylene Hall <kjhall@us.ibm.com> 12 * 13 * Maintained by: <tpmdd-devel@lists.sourceforge.net> 14 * 15 * TPM chip management routines. 16 */ 17 18 #include <linux/poll.h> 19 #include <linux/slab.h> 20 #include <linux/mutex.h> 21 #include <linux/spinlock.h> 22 #include <linux/freezer.h> 23 #include <linux/major.h> 24 #include <linux/tpm_eventlog.h> 25 #include <linux/hw_random.h> 26 #include "tpm.h" 27 28 DEFINE_IDR(dev_nums_idr); 29 static DEFINE_MUTEX(idr_lock); 30 31 const struct class tpm_class = { 32 .name = "tpm", 33 .shutdown_pre = tpm_class_shutdown, 34 }; 35 const struct class tpmrm_class = { 36 .name = "tpmrm", 37 }; 38 dev_t tpm_devt; 39 40 static int tpm_request_locality(struct tpm_chip *chip) 41 { 42 int rc; 43 44 if (!chip->ops->request_locality) 45 return 0; 46 47 rc = chip->ops->request_locality(chip, 0); 48 if (rc < 0) 49 return rc; 50 51 chip->locality = rc; 52 return 0; 53 } 54 55 static void tpm_relinquish_locality(struct tpm_chip *chip) 56 { 57 int rc; 58 59 if (!chip->ops->relinquish_locality) 60 return; 61 62 rc = chip->ops->relinquish_locality(chip, chip->locality); 63 if (rc) 64 dev_err(&chip->dev, "%s: : error %d\n", __func__, rc); 65 66 chip->locality = -1; 67 } 68 69 static int tpm_cmd_ready(struct tpm_chip *chip) 70 { 71 if (!chip->ops->cmd_ready) 72 return 0; 73 74 return chip->ops->cmd_ready(chip); 75 } 76 77 static int tpm_go_idle(struct tpm_chip *chip) 78 { 79 if (!chip->ops->go_idle) 80 return 0; 81 82 return chip->ops->go_idle(chip); 83 } 84 85 static void tpm_clk_enable(struct tpm_chip *chip) 86 { 87 if (chip->ops->clk_enable) 88 chip->ops->clk_enable(chip, true); 89 } 90 91 static void tpm_clk_disable(struct tpm_chip *chip) 92 { 93 if (chip->ops->clk_enable) 94 chip->ops->clk_enable(chip, false); 95 } 96 97 /** 98 * tpm_chip_start() - power on the TPM 99 * @chip: a TPM chip to use 100 * 101 * Return: 102 * * The response length - OK 103 * * -errno - A system error 104 */ 105 int tpm_chip_start(struct tpm_chip *chip) 106 { 107 int ret; 108 109 tpm_clk_enable(chip); 110 111 if (chip->locality == -1) { 112 ret = tpm_request_locality(chip); 113 if (ret) { 114 tpm_clk_disable(chip); 115 return ret; 116 } 117 } 118 119 ret = tpm_cmd_ready(chip); 120 if (ret) { 121 tpm_relinquish_locality(chip); 122 tpm_clk_disable(chip); 123 return ret; 124 } 125 126 return 0; 127 } 128 EXPORT_SYMBOL_GPL(tpm_chip_start); 129 130 /** 131 * tpm_chip_stop() - power off the TPM 132 * @chip: a TPM chip to use 133 * 134 * Return: 135 * * The response length - OK 136 * * -errno - A system error 137 */ 138 void tpm_chip_stop(struct tpm_chip *chip) 139 { 140 tpm_go_idle(chip); 141 tpm_relinquish_locality(chip); 142 tpm_clk_disable(chip); 143 } 144 EXPORT_SYMBOL_GPL(tpm_chip_stop); 145 146 /** 147 * tpm_try_get_ops() - Get a ref to the tpm_chip 148 * @chip: Chip to ref 149 * 150 * The caller must already have some kind of locking to ensure that chip is 151 * valid. This function will lock the chip so that the ops member can be 152 * accessed safely. The locking prevents tpm_chip_unregister from 153 * completing, so it should not be held for long periods. 154 * 155 * Returns -ERRNO if the chip could not be got. 156 */ 157 int tpm_try_get_ops(struct tpm_chip *chip) 158 { 159 int rc = -EIO; 160 161 get_device(&chip->dev); 162 163 down_read(&chip->ops_sem); 164 if (!chip->ops) 165 goto out_ops; 166 167 mutex_lock(&chip->tpm_mutex); 168 rc = tpm_chip_start(chip); 169 if (rc) 170 goto out_lock; 171 172 return 0; 173 out_lock: 174 mutex_unlock(&chip->tpm_mutex); 175 out_ops: 176 up_read(&chip->ops_sem); 177 put_device(&chip->dev); 178 return rc; 179 } 180 EXPORT_SYMBOL_GPL(tpm_try_get_ops); 181 182 /** 183 * tpm_put_ops() - Release a ref to the tpm_chip 184 * @chip: Chip to put 185 * 186 * This is the opposite pair to tpm_try_get_ops(). After this returns chip may 187 * be kfree'd. 188 */ 189 void tpm_put_ops(struct tpm_chip *chip) 190 { 191 tpm_chip_stop(chip); 192 mutex_unlock(&chip->tpm_mutex); 193 up_read(&chip->ops_sem); 194 put_device(&chip->dev); 195 } 196 EXPORT_SYMBOL_GPL(tpm_put_ops); 197 198 /** 199 * tpm_default_chip() - find a TPM chip and get a reference to it 200 */ 201 struct tpm_chip *tpm_default_chip(void) 202 { 203 struct tpm_chip *chip, *res = NULL; 204 int chip_num = 0; 205 int chip_prev; 206 207 mutex_lock(&idr_lock); 208 209 do { 210 chip_prev = chip_num; 211 chip = idr_get_next(&dev_nums_idr, &chip_num); 212 if (chip) { 213 get_device(&chip->dev); 214 res = chip; 215 break; 216 } 217 } while (chip_prev != chip_num); 218 219 mutex_unlock(&idr_lock); 220 221 return res; 222 } 223 EXPORT_SYMBOL_GPL(tpm_default_chip); 224 225 /** 226 * tpm_find_get_ops() - find and reserve a TPM chip 227 * @chip: a &struct tpm_chip instance, %NULL for the default chip 228 * 229 * Finds a TPM chip and reserves its class device and operations. The chip must 230 * be released with tpm_put_ops() after use. 231 * This function is for internal use only. It supports existing TPM callers 232 * by accepting NULL, but those callers should be converted to pass in a chip 233 * directly. 234 * 235 * Return: 236 * A reserved &struct tpm_chip instance. 237 * %NULL if a chip is not found. 238 * %NULL if the chip is not available. 239 */ 240 struct tpm_chip *tpm_find_get_ops(struct tpm_chip *chip) 241 { 242 int rc; 243 244 if (chip) { 245 if (!tpm_try_get_ops(chip)) 246 return chip; 247 return NULL; 248 } 249 250 chip = tpm_default_chip(); 251 if (!chip) 252 return NULL; 253 rc = tpm_try_get_ops(chip); 254 /* release additional reference we got from tpm_default_chip() */ 255 put_device(&chip->dev); 256 if (rc) 257 return NULL; 258 return chip; 259 } 260 261 /** 262 * tpm_dev_release() - free chip memory and the device number 263 * @dev: the character device for the TPM chip 264 * 265 * This is used as the release function for the character device. 266 */ 267 static void tpm_dev_release(struct device *dev) 268 { 269 struct tpm_chip *chip = container_of(dev, struct tpm_chip, dev); 270 271 mutex_lock(&idr_lock); 272 idr_remove(&dev_nums_idr, chip->dev_num); 273 mutex_unlock(&idr_lock); 274 275 kfree(chip->work_space.context_buf); 276 kfree(chip->work_space.session_buf); 277 kfree(chip->allocated_banks); 278 #ifdef CONFIG_TCG_TPM2_HMAC 279 kfree(chip->auth); 280 #endif 281 kfree(chip); 282 } 283 284 /** 285 * tpm_class_shutdown() - prepare the TPM device for loss of power. 286 * @dev: device to which the chip is associated. 287 * 288 * Issues a TPM2_Shutdown command prior to loss of power, as required by the 289 * TPM 2.0 spec. Then, calls bus- and device- specific shutdown code. 290 * 291 * Return: always 0 (i.e. success) 292 */ 293 int tpm_class_shutdown(struct device *dev) 294 { 295 struct tpm_chip *chip = container_of(dev, struct tpm_chip, dev); 296 297 down_write(&chip->ops_sem); 298 if (chip->flags & TPM_CHIP_FLAG_TPM2) { 299 if (!tpm_chip_start(chip)) { 300 tpm2_shutdown(chip, TPM2_SU_CLEAR); 301 tpm_chip_stop(chip); 302 } 303 } 304 chip->ops = NULL; 305 up_write(&chip->ops_sem); 306 307 return 0; 308 } 309 310 /** 311 * tpm_chip_alloc() - allocate a new struct tpm_chip instance 312 * @pdev: device to which the chip is associated 313 * At this point pdev mst be initialized, but does not have to 314 * be registered 315 * @ops: struct tpm_class_ops instance 316 * 317 * Allocates a new struct tpm_chip instance and assigns a free 318 * device number for it. Must be paired with put_device(&chip->dev). 319 */ 320 struct tpm_chip *tpm_chip_alloc(struct device *pdev, 321 const struct tpm_class_ops *ops) 322 { 323 struct tpm_chip *chip; 324 int rc; 325 326 chip = kzalloc(sizeof(*chip), GFP_KERNEL); 327 if (chip == NULL) 328 return ERR_PTR(-ENOMEM); 329 330 mutex_init(&chip->tpm_mutex); 331 init_rwsem(&chip->ops_sem); 332 333 chip->ops = ops; 334 335 mutex_lock(&idr_lock); 336 rc = idr_alloc(&dev_nums_idr, NULL, 0, TPM_NUM_DEVICES, GFP_KERNEL); 337 mutex_unlock(&idr_lock); 338 if (rc < 0) { 339 dev_err(pdev, "No available tpm device numbers\n"); 340 kfree(chip); 341 return ERR_PTR(rc); 342 } 343 chip->dev_num = rc; 344 345 device_initialize(&chip->dev); 346 347 chip->dev.class = &tpm_class; 348 chip->dev.release = tpm_dev_release; 349 chip->dev.parent = pdev; 350 chip->dev.groups = chip->groups; 351 352 if (chip->dev_num == 0) 353 chip->dev.devt = MKDEV(MISC_MAJOR, TPM_MINOR); 354 else 355 chip->dev.devt = MKDEV(MAJOR(tpm_devt), chip->dev_num); 356 357 rc = dev_set_name(&chip->dev, "tpm%d", chip->dev_num); 358 if (rc) 359 goto out; 360 361 if (!pdev) 362 chip->flags |= TPM_CHIP_FLAG_VIRTUAL; 363 364 cdev_init(&chip->cdev, &tpm_fops); 365 chip->cdev.owner = THIS_MODULE; 366 367 rc = tpm2_init_space(&chip->work_space, TPM2_SPACE_BUFFER_SIZE); 368 if (rc) { 369 rc = -ENOMEM; 370 goto out; 371 } 372 373 chip->locality = -1; 374 return chip; 375 376 out: 377 put_device(&chip->dev); 378 return ERR_PTR(rc); 379 } 380 EXPORT_SYMBOL_GPL(tpm_chip_alloc); 381 382 static void tpm_put_device(void *dev) 383 { 384 put_device(dev); 385 } 386 387 /** 388 * tpmm_chip_alloc() - allocate a new struct tpm_chip instance 389 * @pdev: parent device to which the chip is associated 390 * @ops: struct tpm_class_ops instance 391 * 392 * Same as tpm_chip_alloc except devm is used to do the put_device 393 */ 394 struct tpm_chip *tpmm_chip_alloc(struct device *pdev, 395 const struct tpm_class_ops *ops) 396 { 397 struct tpm_chip *chip; 398 int rc; 399 400 chip = tpm_chip_alloc(pdev, ops); 401 if (IS_ERR(chip)) 402 return chip; 403 404 rc = devm_add_action_or_reset(pdev, 405 tpm_put_device, 406 &chip->dev); 407 if (rc) 408 return ERR_PTR(rc); 409 410 dev_set_drvdata(pdev, chip); 411 412 return chip; 413 } 414 EXPORT_SYMBOL_GPL(tpmm_chip_alloc); 415 416 static int tpm_add_char_device(struct tpm_chip *chip) 417 { 418 int rc; 419 420 rc = cdev_device_add(&chip->cdev, &chip->dev); 421 if (rc) { 422 dev_err(&chip->dev, 423 "unable to cdev_device_add() %s, major %d, minor %d, err=%d\n", 424 dev_name(&chip->dev), MAJOR(chip->dev.devt), 425 MINOR(chip->dev.devt), rc); 426 return rc; 427 } 428 429 if (chip->flags & TPM_CHIP_FLAG_TPM2 && !tpm_is_firmware_upgrade(chip)) { 430 rc = tpm_devs_add(chip); 431 if (rc) 432 goto err_del_cdev; 433 } 434 435 /* Make the chip available. */ 436 mutex_lock(&idr_lock); 437 idr_replace(&dev_nums_idr, chip, chip->dev_num); 438 mutex_unlock(&idr_lock); 439 440 return 0; 441 442 err_del_cdev: 443 cdev_device_del(&chip->cdev, &chip->dev); 444 return rc; 445 } 446 447 static void tpm_del_char_device(struct tpm_chip *chip) 448 { 449 cdev_device_del(&chip->cdev, &chip->dev); 450 451 /* Make the chip unavailable. */ 452 mutex_lock(&idr_lock); 453 idr_replace(&dev_nums_idr, NULL, chip->dev_num); 454 mutex_unlock(&idr_lock); 455 456 /* Make the driver uncallable. */ 457 down_write(&chip->ops_sem); 458 459 /* 460 * Check if chip->ops is still valid: In case that the controller 461 * drivers shutdown handler unregisters the controller in its 462 * shutdown handler we are called twice and chip->ops to NULL. 463 */ 464 if (chip->ops) { 465 if (chip->flags & TPM_CHIP_FLAG_TPM2) { 466 if (!tpm_chip_start(chip)) { 467 tpm2_shutdown(chip, TPM2_SU_CLEAR); 468 tpm_chip_stop(chip); 469 } 470 } 471 chip->ops = NULL; 472 } 473 up_write(&chip->ops_sem); 474 } 475 476 static void tpm_del_legacy_sysfs(struct tpm_chip *chip) 477 { 478 struct attribute **i; 479 480 if (chip->flags & (TPM_CHIP_FLAG_TPM2 | TPM_CHIP_FLAG_VIRTUAL) || 481 tpm_is_firmware_upgrade(chip)) 482 return; 483 484 sysfs_remove_link(&chip->dev.parent->kobj, "ppi"); 485 486 for (i = chip->groups[0]->attrs; *i != NULL; ++i) 487 sysfs_remove_link(&chip->dev.parent->kobj, (*i)->name); 488 } 489 490 /* For compatibility with legacy sysfs paths we provide symlinks from the 491 * parent dev directory to selected names within the tpm chip directory. Old 492 * kernel versions created these files directly under the parent. 493 */ 494 static int tpm_add_legacy_sysfs(struct tpm_chip *chip) 495 { 496 struct attribute **i; 497 int rc; 498 499 if (chip->flags & (TPM_CHIP_FLAG_TPM2 | TPM_CHIP_FLAG_VIRTUAL) || 500 tpm_is_firmware_upgrade(chip)) 501 return 0; 502 503 rc = compat_only_sysfs_link_entry_to_kobj( 504 &chip->dev.parent->kobj, &chip->dev.kobj, "ppi", NULL); 505 if (rc && rc != -ENOENT) 506 return rc; 507 508 /* All the names from tpm-sysfs */ 509 for (i = chip->groups[0]->attrs; *i != NULL; ++i) { 510 rc = compat_only_sysfs_link_entry_to_kobj( 511 &chip->dev.parent->kobj, &chip->dev.kobj, (*i)->name, NULL); 512 if (rc) { 513 tpm_del_legacy_sysfs(chip); 514 return rc; 515 } 516 } 517 518 return 0; 519 } 520 521 static int tpm_hwrng_read(struct hwrng *rng, void *data, size_t max, bool wait) 522 { 523 struct tpm_chip *chip = container_of(rng, struct tpm_chip, hwrng); 524 525 /* Give back zero bytes, as TPM chip has not yet fully resumed: */ 526 if (chip->flags & TPM_CHIP_FLAG_SUSPENDED) 527 return 0; 528 529 return tpm_get_random(chip, data, max); 530 } 531 532 static bool tpm_is_hwrng_enabled(struct tpm_chip *chip) 533 { 534 if (!IS_ENABLED(CONFIG_HW_RANDOM_TPM)) 535 return false; 536 if (tpm_is_firmware_upgrade(chip)) 537 return false; 538 if (chip->flags & TPM_CHIP_FLAG_HWRNG_DISABLED) 539 return false; 540 return true; 541 } 542 543 static int tpm_add_hwrng(struct tpm_chip *chip) 544 { 545 if (!tpm_is_hwrng_enabled(chip)) 546 return 0; 547 548 snprintf(chip->hwrng_name, sizeof(chip->hwrng_name), 549 "tpm-rng-%d", chip->dev_num); 550 chip->hwrng.name = chip->hwrng_name; 551 chip->hwrng.read = tpm_hwrng_read; 552 return hwrng_register(&chip->hwrng); 553 } 554 555 static int tpm_get_pcr_allocation(struct tpm_chip *chip) 556 { 557 int rc; 558 559 if (tpm_is_firmware_upgrade(chip)) 560 return 0; 561 562 rc = (chip->flags & TPM_CHIP_FLAG_TPM2) ? 563 tpm2_get_pcr_allocation(chip) : 564 tpm1_get_pcr_allocation(chip); 565 566 if (rc > 0) 567 return -ENODEV; 568 569 return rc; 570 } 571 572 /* 573 * tpm_chip_bootstrap() - Boostrap TPM chip after power on 574 * @chip: TPM chip to use. 575 * 576 * Initialize TPM chip after power on. This a one-shot function: subsequent 577 * calls will have no effect. 578 */ 579 int tpm_chip_bootstrap(struct tpm_chip *chip) 580 { 581 int rc; 582 583 if (chip->flags & TPM_CHIP_FLAG_BOOTSTRAPPED) 584 return 0; 585 586 rc = tpm_chip_start(chip); 587 if (rc) 588 return rc; 589 590 rc = tpm_auto_startup(chip); 591 if (rc) 592 goto stop; 593 594 rc = tpm_get_pcr_allocation(chip); 595 stop: 596 tpm_chip_stop(chip); 597 598 /* 599 * Unconditionally set, as driver initialization should cease, when the 600 * boostrapping process fails. 601 */ 602 chip->flags |= TPM_CHIP_FLAG_BOOTSTRAPPED; 603 604 return rc; 605 } 606 EXPORT_SYMBOL_GPL(tpm_chip_bootstrap); 607 608 /* 609 * tpm_chip_register() - create a character device for the TPM chip 610 * @chip: TPM chip to use. 611 * 612 * Creates a character device for the TPM chip and adds sysfs attributes for 613 * the device. As the last step this function adds the chip to the list of TPM 614 * chips available for in-kernel use. 615 * 616 * This function should be only called after the chip initialization is 617 * complete. 618 */ 619 int tpm_chip_register(struct tpm_chip *chip) 620 { 621 int rc; 622 623 rc = tpm_chip_bootstrap(chip); 624 if (rc) 625 return rc; 626 627 tpm_sysfs_add_device(chip); 628 629 tpm_bios_log_setup(chip); 630 631 tpm_add_ppi(chip); 632 633 rc = tpm_add_hwrng(chip); 634 if (rc) 635 goto out_ppi; 636 637 rc = tpm_add_char_device(chip); 638 if (rc) 639 goto out_hwrng; 640 641 rc = tpm_add_legacy_sysfs(chip); 642 if (rc) { 643 tpm_chip_unregister(chip); 644 return rc; 645 } 646 647 return 0; 648 649 out_hwrng: 650 if (tpm_is_hwrng_enabled(chip)) 651 hwrng_unregister(&chip->hwrng); 652 out_ppi: 653 tpm_bios_log_teardown(chip); 654 655 return rc; 656 } 657 EXPORT_SYMBOL_GPL(tpm_chip_register); 658 659 /* 660 * tpm_chip_unregister() - release the TPM driver 661 * @chip: TPM chip to use. 662 * 663 * Takes the chip first away from the list of available TPM chips and then 664 * cleans up all the resources reserved by tpm_chip_register(). 665 * 666 * Once this function returns the driver call backs in 'op's will not be 667 * running and will no longer start. 668 * 669 * NOTE: This function should be only called before deinitializing chip 670 * resources. 671 */ 672 void tpm_chip_unregister(struct tpm_chip *chip) 673 { 674 tpm_del_legacy_sysfs(chip); 675 if (tpm_is_hwrng_enabled(chip)) 676 hwrng_unregister(&chip->hwrng); 677 tpm_bios_log_teardown(chip); 678 if (chip->flags & TPM_CHIP_FLAG_TPM2 && !tpm_is_firmware_upgrade(chip)) 679 tpm_devs_remove(chip); 680 tpm_del_char_device(chip); 681 } 682 EXPORT_SYMBOL_GPL(tpm_chip_unregister); 683