1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2004 IBM Corporation 4 * Copyright (C) 2014 Intel Corporation 5 * 6 * Authors: 7 * Leendert van Doorn <leendert@watson.ibm.com> 8 * Dave Safford <safford@watson.ibm.com> 9 * Reiner Sailer <sailer@watson.ibm.com> 10 * Kylene Hall <kjhall@us.ibm.com> 11 * 12 * Maintained by: <tpmdd-devel@lists.sourceforge.net> 13 * 14 * Device driver for TCG/TCPA TPM (trusted platform module). 15 * Specifications at www.trustedcomputinggroup.org 16 * 17 * Note, the TPM chip is not interrupt driven (only polling) 18 * and can have very long timeouts (minutes!). Hence the unusual 19 * calls to msleep. 20 */ 21 22 #include <linux/poll.h> 23 #include <linux/slab.h> 24 #include <linux/mutex.h> 25 #include <linux/spinlock.h> 26 #include <linux/suspend.h> 27 #include <linux/freezer.h> 28 #include <linux/tpm_eventlog.h> 29 30 #include "tpm.h" 31 32 /* 33 * Bug workaround - some TPM's don't flush the most 34 * recently changed pcr on suspend, so force the flush 35 * with an extend to the selected _unused_ non-volatile pcr. 36 */ 37 static u32 tpm_suspend_pcr; 38 module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644); 39 MODULE_PARM_DESC(suspend_pcr, 40 "PCR to use for dummy writes to facilitate flush on suspend."); 41 42 /** 43 * tpm_calc_ordinal_duration() - calculate the maximum command duration 44 * @chip: TPM chip to use. 45 * @ordinal: TPM command ordinal. 46 * 47 * The function returns the maximum amount of time the chip could take 48 * to return the result for a particular ordinal in jiffies. 49 * 50 * Return: A maximal duration time for an ordinal in jiffies. 51 */ 52 unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal) 53 { 54 if (chip->flags & TPM_CHIP_FLAG_TPM2) 55 return tpm2_calc_ordinal_duration(chip, ordinal); 56 else 57 return tpm1_calc_ordinal_duration(chip, ordinal); 58 } 59 EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration); 60 61 static ssize_t tpm_try_transmit(struct tpm_chip *chip, void *buf, size_t bufsiz) 62 { 63 struct tpm_header *header = buf; 64 int rc; 65 ssize_t len = 0; 66 u32 count, ordinal; 67 unsigned long stop; 68 69 if (bufsiz < TPM_HEADER_SIZE) 70 return -EINVAL; 71 72 if (bufsiz > TPM_BUFSIZE) 73 bufsiz = TPM_BUFSIZE; 74 75 count = be32_to_cpu(header->length); 76 ordinal = be32_to_cpu(header->ordinal); 77 if (count == 0) 78 return -ENODATA; 79 if (count > bufsiz) { 80 dev_err(&chip->dev, 81 "invalid count value %x %zx\n", count, bufsiz); 82 return -E2BIG; 83 } 84 85 rc = chip->ops->send(chip, buf, count); 86 if (rc < 0) { 87 if (rc != -EPIPE) 88 dev_err(&chip->dev, 89 "%s: send(): error %d\n", __func__, rc); 90 return rc; 91 } 92 93 /* A sanity check. send() should just return zero on success e.g. 94 * not the command length. 95 */ 96 if (rc > 0) { 97 dev_warn(&chip->dev, 98 "%s: send(): invalid value %d\n", __func__, rc); 99 rc = 0; 100 } 101 102 if (chip->flags & TPM_CHIP_FLAG_IRQ) 103 goto out_recv; 104 105 stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal); 106 do { 107 u8 status = chip->ops->status(chip); 108 if ((status & chip->ops->req_complete_mask) == 109 chip->ops->req_complete_val) 110 goto out_recv; 111 112 if (chip->ops->req_canceled(chip, status)) { 113 dev_err(&chip->dev, "Operation Canceled\n"); 114 return -ECANCELED; 115 } 116 117 tpm_msleep(TPM_TIMEOUT_POLL); 118 rmb(); 119 } while (time_before(jiffies, stop)); 120 121 chip->ops->cancel(chip); 122 dev_err(&chip->dev, "Operation Timed out\n"); 123 return -ETIME; 124 125 out_recv: 126 len = chip->ops->recv(chip, buf, bufsiz); 127 if (len < 0) { 128 rc = len; 129 dev_err(&chip->dev, "tpm_transmit: tpm_recv: error %d\n", rc); 130 } else if (len < TPM_HEADER_SIZE || len != be32_to_cpu(header->length)) 131 rc = -EFAULT; 132 133 return rc ? rc : len; 134 } 135 136 /** 137 * tpm_transmit - Internal kernel interface to transmit TPM commands. 138 * @chip: a TPM chip to use 139 * @buf: a TPM command buffer 140 * @bufsiz: length of the TPM command buffer 141 * 142 * A wrapper around tpm_try_transmit() that handles TPM2_RC_RETRY returns from 143 * the TPM and retransmits the command after a delay up to a maximum wait of 144 * TPM2_DURATION_LONG. 145 * 146 * Note that TPM 1.x never returns TPM2_RC_RETRY so the retry logic is TPM 2.0 147 * only. 148 * 149 * Return: 150 * * The response length - OK 151 * * -errno - A system error 152 */ 153 ssize_t tpm_transmit(struct tpm_chip *chip, u8 *buf, size_t bufsiz) 154 { 155 struct tpm_header *header = (struct tpm_header *)buf; 156 /* space for header and handles */ 157 u8 save[TPM_HEADER_SIZE + 3*sizeof(u32)]; 158 unsigned int delay_msec = TPM2_DURATION_SHORT; 159 u32 rc = 0; 160 ssize_t ret; 161 const size_t save_size = min(sizeof(save), bufsiz); 162 /* the command code is where the return code will be */ 163 u32 cc = be32_to_cpu(header->return_code); 164 165 /* 166 * Subtlety here: if we have a space, the handles will be 167 * transformed, so when we restore the header we also have to 168 * restore the handles. 169 */ 170 memcpy(save, buf, save_size); 171 172 for (;;) { 173 ret = tpm_try_transmit(chip, buf, bufsiz); 174 if (ret < 0) 175 break; 176 rc = be32_to_cpu(header->return_code); 177 if (rc != TPM2_RC_RETRY && rc != TPM2_RC_TESTING) 178 break; 179 /* 180 * return immediately if self test returns test 181 * still running to shorten boot time. 182 */ 183 if (rc == TPM2_RC_TESTING && cc == TPM2_CC_SELF_TEST) 184 break; 185 186 if (delay_msec > TPM2_DURATION_LONG) { 187 if (rc == TPM2_RC_RETRY) 188 dev_err(&chip->dev, "in retry loop\n"); 189 else 190 dev_err(&chip->dev, 191 "self test is still running\n"); 192 break; 193 } 194 tpm_msleep(delay_msec); 195 delay_msec *= 2; 196 memcpy(buf, save, save_size); 197 } 198 return ret; 199 } 200 201 /** 202 * tpm_transmit_cmd - send a tpm command to the device 203 * @chip: a TPM chip to use 204 * @buf: a TPM command buffer 205 * @min_rsp_body_length: minimum expected length of response body 206 * @desc: command description used in the error message 207 * 208 * Return: 209 * * 0 - OK 210 * * -errno - A system error 211 * * TPM_RC - A TPM error 212 */ 213 ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_buf *buf, 214 size_t min_rsp_body_length, const char *desc) 215 { 216 const struct tpm_header *header = (struct tpm_header *)buf->data; 217 int err; 218 ssize_t len; 219 220 len = tpm_transmit(chip, buf->data, PAGE_SIZE); 221 if (len < 0) 222 return len; 223 224 err = be32_to_cpu(header->return_code); 225 if (err != 0 && err != TPM_ERR_DISABLED && err != TPM_ERR_DEACTIVATED 226 && err != TPM2_RC_TESTING && desc) 227 dev_err(&chip->dev, "A TPM error (%d) occurred %s\n", err, 228 desc); 229 if (err) 230 return err; 231 232 if (len < min_rsp_body_length + TPM_HEADER_SIZE) 233 return -EFAULT; 234 235 return 0; 236 } 237 EXPORT_SYMBOL_GPL(tpm_transmit_cmd); 238 239 int tpm_get_timeouts(struct tpm_chip *chip) 240 { 241 if (chip->flags & TPM_CHIP_FLAG_HAVE_TIMEOUTS) 242 return 0; 243 244 if (chip->flags & TPM_CHIP_FLAG_TPM2) 245 return tpm2_get_timeouts(chip); 246 else 247 return tpm1_get_timeouts(chip); 248 } 249 EXPORT_SYMBOL_GPL(tpm_get_timeouts); 250 251 /** 252 * tpm_is_tpm2 - do we a have a TPM2 chip? 253 * @chip: a &struct tpm_chip instance, %NULL for the default chip 254 * 255 * Return: 256 * 1 if we have a TPM2 chip. 257 * 0 if we don't have a TPM2 chip. 258 * A negative number for system errors (errno). 259 */ 260 int tpm_is_tpm2(struct tpm_chip *chip) 261 { 262 int rc; 263 264 chip = tpm_find_get_ops(chip); 265 if (!chip) 266 return -ENODEV; 267 268 rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0; 269 270 tpm_put_ops(chip); 271 272 return rc; 273 } 274 EXPORT_SYMBOL_GPL(tpm_is_tpm2); 275 276 /** 277 * tpm_pcr_read - read a PCR value from SHA1 bank 278 * @chip: a &struct tpm_chip instance, %NULL for the default chip 279 * @pcr_idx: the PCR to be retrieved 280 * @digest: the PCR bank and buffer current PCR value is written to 281 * 282 * Return: same as with tpm_transmit_cmd() 283 */ 284 int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx, 285 struct tpm_digest *digest) 286 { 287 int rc; 288 289 chip = tpm_find_get_ops(chip); 290 if (!chip) 291 return -ENODEV; 292 293 if (chip->flags & TPM_CHIP_FLAG_TPM2) 294 rc = tpm2_pcr_read(chip, pcr_idx, digest, NULL); 295 else 296 rc = tpm1_pcr_read(chip, pcr_idx, digest->digest); 297 298 tpm_put_ops(chip); 299 return rc; 300 } 301 EXPORT_SYMBOL_GPL(tpm_pcr_read); 302 303 /** 304 * tpm_pcr_extend - extend a PCR value in SHA1 bank. 305 * @chip: a &struct tpm_chip instance, %NULL for the default chip 306 * @pcr_idx: the PCR to be retrieved 307 * @digests: array of tpm_digest structures used to extend PCRs 308 * 309 * Note: callers must pass a digest for every allocated PCR bank, in the same 310 * order of the banks in chip->allocated_banks. 311 * 312 * Return: same as with tpm_transmit_cmd() 313 */ 314 int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, 315 struct tpm_digest *digests) 316 { 317 int rc; 318 int i; 319 320 chip = tpm_find_get_ops(chip); 321 if (!chip) 322 return -ENODEV; 323 324 for (i = 0; i < chip->nr_allocated_banks; i++) { 325 if (digests[i].alg_id != chip->allocated_banks[i].alg_id) { 326 rc = -EINVAL; 327 goto out; 328 } 329 } 330 331 if (chip->flags & TPM_CHIP_FLAG_TPM2) { 332 rc = tpm2_pcr_extend(chip, pcr_idx, digests); 333 goto out; 334 } 335 336 rc = tpm1_pcr_extend(chip, pcr_idx, digests[0].digest, 337 "attempting extend a PCR value"); 338 339 out: 340 tpm_put_ops(chip); 341 return rc; 342 } 343 EXPORT_SYMBOL_GPL(tpm_pcr_extend); 344 345 int tpm_auto_startup(struct tpm_chip *chip) 346 { 347 int rc; 348 349 if (!(chip->ops->flags & TPM_OPS_AUTO_STARTUP)) 350 return 0; 351 352 if (chip->flags & TPM_CHIP_FLAG_TPM2) 353 rc = tpm2_auto_startup(chip); 354 else 355 rc = tpm1_auto_startup(chip); 356 357 return rc; 358 } 359 360 /* 361 * We are about to suspend. Save the TPM state 362 * so that it can be restored. 363 */ 364 int tpm_pm_suspend(struct device *dev) 365 { 366 struct tpm_chip *chip = dev_get_drvdata(dev); 367 int rc = 0; 368 369 if (!chip) 370 return -ENODEV; 371 372 if (chip->flags & TPM_CHIP_FLAG_ALWAYS_POWERED) 373 goto suspended; 374 375 if ((chip->flags & TPM_CHIP_FLAG_FIRMWARE_POWER_MANAGED) && 376 !pm_suspend_via_firmware()) 377 goto suspended; 378 379 rc = tpm_try_get_ops(chip); 380 if (!rc) { 381 if (chip->flags & TPM_CHIP_FLAG_TPM2) 382 tpm2_shutdown(chip, TPM2_SU_STATE); 383 else 384 rc = tpm1_pm_suspend(chip, tpm_suspend_pcr); 385 386 tpm_put_ops(chip); 387 } 388 389 suspended: 390 chip->flags |= TPM_CHIP_FLAG_SUSPENDED; 391 392 if (rc) 393 dev_err(dev, "Ignoring error %d while suspending\n", rc); 394 return 0; 395 } 396 EXPORT_SYMBOL_GPL(tpm_pm_suspend); 397 398 /* 399 * Resume from a power safe. The BIOS already restored 400 * the TPM state. 401 */ 402 int tpm_pm_resume(struct device *dev) 403 { 404 struct tpm_chip *chip = dev_get_drvdata(dev); 405 406 if (chip == NULL) 407 return -ENODEV; 408 409 chip->flags &= ~TPM_CHIP_FLAG_SUSPENDED; 410 411 /* 412 * Guarantee that SUSPENDED is written last, so that hwrng does not 413 * activate before the chip has been fully resumed. 414 */ 415 wmb(); 416 417 return 0; 418 } 419 EXPORT_SYMBOL_GPL(tpm_pm_resume); 420 421 /** 422 * tpm_get_random() - get random bytes from the TPM's RNG 423 * @chip: a &struct tpm_chip instance, %NULL for the default chip 424 * @out: destination buffer for the random bytes 425 * @max: the max number of bytes to write to @out 426 * 427 * Return: number of random bytes read or a negative error value. 428 */ 429 int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max) 430 { 431 int rc; 432 433 if (!out || max > TPM_MAX_RNG_DATA) 434 return -EINVAL; 435 436 chip = tpm_find_get_ops(chip); 437 if (!chip) 438 return -ENODEV; 439 440 if (chip->flags & TPM_CHIP_FLAG_TPM2) 441 rc = tpm2_get_random(chip, out, max); 442 else 443 rc = tpm1_get_random(chip, out, max); 444 445 tpm_put_ops(chip); 446 return rc; 447 } 448 EXPORT_SYMBOL_GPL(tpm_get_random); 449 450 static int __init tpm_init(void) 451 { 452 int rc; 453 454 rc = class_register(&tpm_class); 455 if (rc) { 456 pr_err("couldn't create tpm class\n"); 457 return rc; 458 } 459 460 rc = class_register(&tpmrm_class); 461 if (rc) { 462 pr_err("couldn't create tpmrm class\n"); 463 goto out_destroy_tpm_class; 464 } 465 466 rc = alloc_chrdev_region(&tpm_devt, 0, 2*TPM_NUM_DEVICES, "tpm"); 467 if (rc < 0) { 468 pr_err("tpm: failed to allocate char dev region\n"); 469 goto out_destroy_tpmrm_class; 470 } 471 472 rc = tpm_dev_common_init(); 473 if (rc) { 474 pr_err("tpm: failed to allocate char dev region\n"); 475 goto out_unreg_chrdev; 476 } 477 478 return 0; 479 480 out_unreg_chrdev: 481 unregister_chrdev_region(tpm_devt, 2 * TPM_NUM_DEVICES); 482 out_destroy_tpmrm_class: 483 class_unregister(&tpmrm_class); 484 out_destroy_tpm_class: 485 class_unregister(&tpm_class); 486 487 return rc; 488 } 489 490 static void __exit tpm_exit(void) 491 { 492 idr_destroy(&dev_nums_idr); 493 class_unregister(&tpm_class); 494 class_unregister(&tpmrm_class); 495 unregister_chrdev_region(tpm_devt, 2*TPM_NUM_DEVICES); 496 tpm_dev_common_exit(); 497 } 498 499 subsys_initcall(tpm_init); 500 module_exit(tpm_exit); 501 502 MODULE_AUTHOR("Leendert van Doorn <leendert@watson.ibm.com>"); 503 MODULE_DESCRIPTION("TPM Driver"); 504 MODULE_VERSION("2.0"); 505 MODULE_LICENSE("GPL"); 506