1 /* 2 * Copyright (C) 2004 IBM Corporation 3 * Authors: 4 * Leendert van Doorn <leendert@watson.ibm.com> 5 * Dave Safford <safford@watson.ibm.com> 6 * Reiner Sailer <sailer@watson.ibm.com> 7 * Kylene Hall <kjhall@us.ibm.com> 8 * 9 * Copyright (C) 2013 Obsidian Research Corp 10 * Jason Gunthorpe <jgunthorpe@obsidianresearch.com> 11 * 12 * Device file system interface to the TPM 13 * 14 * This program is free software; you can redistribute it and/or 15 * modify it under the terms of the GNU General Public License as 16 * published by the Free Software Foundation, version 2 of the 17 * License. 18 * 19 */ 20 #include <linux/slab.h> 21 #include <linux/uaccess.h> 22 #include "tpm.h" 23 24 struct file_priv { 25 struct tpm_chip *chip; 26 27 /* Data passed to and from the tpm via the read/write calls */ 28 atomic_t data_pending; 29 struct mutex buffer_mutex; 30 31 struct timer_list user_read_timer; /* user needs to claim result */ 32 struct work_struct work; 33 34 u8 data_buffer[TPM_BUFSIZE]; 35 }; 36 37 static void user_reader_timeout(unsigned long ptr) 38 { 39 struct file_priv *priv = (struct file_priv *)ptr; 40 41 schedule_work(&priv->work); 42 } 43 44 static void timeout_work(struct work_struct *work) 45 { 46 struct file_priv *priv = container_of(work, struct file_priv, work); 47 48 mutex_lock(&priv->buffer_mutex); 49 atomic_set(&priv->data_pending, 0); 50 memset(priv->data_buffer, 0, sizeof(priv->data_buffer)); 51 mutex_unlock(&priv->buffer_mutex); 52 } 53 54 static int tpm_open(struct inode *inode, struct file *file) 55 { 56 struct tpm_chip *chip = 57 container_of(inode->i_cdev, struct tpm_chip, cdev); 58 struct file_priv *priv; 59 60 /* It's assured that the chip will be opened just once, 61 * by the check of is_open variable, which is protected 62 * by driver_lock. */ 63 if (test_and_set_bit(0, &chip->is_open)) { 64 dev_dbg(&chip->dev, "Another process owns this TPM\n"); 65 return -EBUSY; 66 } 67 68 priv = kzalloc(sizeof(*priv), GFP_KERNEL); 69 if (priv == NULL) { 70 clear_bit(0, &chip->is_open); 71 return -ENOMEM; 72 } 73 74 priv->chip = chip; 75 atomic_set(&priv->data_pending, 0); 76 mutex_init(&priv->buffer_mutex); 77 setup_timer(&priv->user_read_timer, user_reader_timeout, 78 (unsigned long)priv); 79 INIT_WORK(&priv->work, timeout_work); 80 81 file->private_data = priv; 82 return 0; 83 } 84 85 static ssize_t tpm_read(struct file *file, char __user *buf, 86 size_t size, loff_t *off) 87 { 88 struct file_priv *priv = file->private_data; 89 ssize_t ret_size; 90 int rc; 91 92 del_singleshot_timer_sync(&priv->user_read_timer); 93 flush_work(&priv->work); 94 ret_size = atomic_read(&priv->data_pending); 95 if (ret_size > 0) { /* relay data */ 96 ssize_t orig_ret_size = ret_size; 97 if (size < ret_size) 98 ret_size = size; 99 100 mutex_lock(&priv->buffer_mutex); 101 rc = copy_to_user(buf, priv->data_buffer, ret_size); 102 memset(priv->data_buffer, 0, orig_ret_size); 103 if (rc) 104 ret_size = -EFAULT; 105 106 mutex_unlock(&priv->buffer_mutex); 107 } 108 109 atomic_set(&priv->data_pending, 0); 110 111 return ret_size; 112 } 113 114 static ssize_t tpm_write(struct file *file, const char __user *buf, 115 size_t size, loff_t *off) 116 { 117 struct file_priv *priv = file->private_data; 118 size_t in_size = size; 119 ssize_t out_size; 120 121 /* cannot perform a write until the read has cleared 122 either via tpm_read or a user_read_timer timeout. 123 This also prevents splitted buffered writes from blocking here. 124 */ 125 if (atomic_read(&priv->data_pending) != 0) 126 return -EBUSY; 127 128 if (in_size > TPM_BUFSIZE) 129 return -E2BIG; 130 131 mutex_lock(&priv->buffer_mutex); 132 133 if (copy_from_user 134 (priv->data_buffer, (void __user *) buf, in_size)) { 135 mutex_unlock(&priv->buffer_mutex); 136 return -EFAULT; 137 } 138 139 /* atomic tpm command send and result receive. We only hold the ops 140 * lock during this period so that the tpm can be unregistered even if 141 * the char dev is held open. 142 */ 143 if (tpm_try_get_ops(priv->chip)) { 144 mutex_unlock(&priv->buffer_mutex); 145 return -EPIPE; 146 } 147 out_size = tpm_transmit(priv->chip, priv->data_buffer, 148 sizeof(priv->data_buffer), 0); 149 150 tpm_put_ops(priv->chip); 151 if (out_size < 0) { 152 mutex_unlock(&priv->buffer_mutex); 153 return out_size; 154 } 155 156 atomic_set(&priv->data_pending, out_size); 157 mutex_unlock(&priv->buffer_mutex); 158 159 /* Set a timeout by which the reader must come claim the result */ 160 mod_timer(&priv->user_read_timer, jiffies + (60 * HZ)); 161 162 return in_size; 163 } 164 165 /* 166 * Called on file close 167 */ 168 static int tpm_release(struct inode *inode, struct file *file) 169 { 170 struct file_priv *priv = file->private_data; 171 172 del_singleshot_timer_sync(&priv->user_read_timer); 173 flush_work(&priv->work); 174 file->private_data = NULL; 175 atomic_set(&priv->data_pending, 0); 176 clear_bit(0, &priv->chip->is_open); 177 kfree(priv); 178 return 0; 179 } 180 181 const struct file_operations tpm_fops = { 182 .owner = THIS_MODULE, 183 .llseek = no_llseek, 184 .open = tpm_open, 185 .read = tpm_read, 186 .write = tpm_write, 187 .release = tpm_release, 188 }; 189 190 191