1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2004 IBM Corporation 4 * Copyright (C) 2014 Intel Corporation 5 * 6 * Authors: 7 * Leendert van Doorn <leendert@watson.ibm.com> 8 * Dave Safford <safford@watson.ibm.com> 9 * Reiner Sailer <sailer@watson.ibm.com> 10 * Kylene Hall <kjhall@us.ibm.com> 11 * 12 * Maintained by: <tpmdd-devel@lists.sourceforge.net> 13 * 14 * Device driver for TCG/TCPA TPM (trusted platform module). 15 * Specifications at www.trustedcomputinggroup.org 16 * 17 * Note, the TPM chip is not interrupt driven (only polling) 18 * and can have very long timeouts (minutes!). Hence the unusual 19 * calls to msleep. 20 */ 21 22 #include <linux/poll.h> 23 #include <linux/slab.h> 24 #include <linux/mutex.h> 25 #include <linux/spinlock.h> 26 #include <linux/suspend.h> 27 #include <linux/freezer.h> 28 #include <linux/tpm_eventlog.h> 29 30 #include "tpm.h" 31 32 /* 33 * Bug workaround - some TPM's don't flush the most 34 * recently changed pcr on suspend, so force the flush 35 * with an extend to the selected _unused_ non-volatile pcr. 36 */ 37 static u32 tpm_suspend_pcr; 38 module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644); 39 MODULE_PARM_DESC(suspend_pcr, 40 "PCR to use for dummy writes to facilitate flush on suspend."); 41 42 /** 43 * tpm_calc_ordinal_duration() - calculate the maximum command duration 44 * @chip: TPM chip to use. 45 * @ordinal: TPM command ordinal. 46 * 47 * The function returns the maximum amount of time the chip could take 48 * to return the result for a particular ordinal in jiffies. 49 * 50 * Return: A maximal duration time for an ordinal in jiffies. 51 */ 52 unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal) 53 { 54 if (chip->flags & TPM_CHIP_FLAG_TPM2) 55 return tpm2_calc_ordinal_duration(ordinal); 56 else 57 return tpm1_calc_ordinal_duration(chip, ordinal); 58 } 59 EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration); 60 61 static void tpm_chip_cancel(struct tpm_chip *chip) 62 { 63 if (!chip->ops->cancel) 64 return; 65 66 chip->ops->cancel(chip); 67 } 68 69 static u8 tpm_chip_status(struct tpm_chip *chip) 70 { 71 if (!chip->ops->status) 72 return 0; 73 74 return chip->ops->status(chip); 75 } 76 77 static bool tpm_chip_req_canceled(struct tpm_chip *chip, u8 status) 78 { 79 if (!chip->ops->req_canceled) 80 return false; 81 82 return chip->ops->req_canceled(chip, status); 83 } 84 85 static bool tpm_transmit_completed(u8 status, struct tpm_chip *chip) 86 { 87 u8 status_masked = status & chip->ops->req_complete_mask; 88 89 return status_masked == chip->ops->req_complete_val; 90 } 91 92 static ssize_t tpm_try_transmit(struct tpm_chip *chip, void *buf, size_t bufsiz) 93 { 94 struct tpm_header *header = buf; 95 int rc; 96 ssize_t len = 0; 97 u32 count, ordinal; 98 unsigned long stop; 99 100 if (bufsiz < TPM_HEADER_SIZE) 101 return -EINVAL; 102 103 if (bufsiz > TPM_BUFSIZE) 104 bufsiz = TPM_BUFSIZE; 105 106 count = be32_to_cpu(header->length); 107 ordinal = be32_to_cpu(header->ordinal); 108 if (count == 0) 109 return -ENODATA; 110 if (count > bufsiz) { 111 dev_err(&chip->dev, 112 "invalid count value %x %zx\n", count, bufsiz); 113 return -E2BIG; 114 } 115 116 rc = chip->ops->send(chip, buf, bufsiz, count); 117 if (rc < 0) { 118 if (rc != -EPIPE) 119 dev_err(&chip->dev, 120 "%s: send(): error %d\n", __func__, rc); 121 return rc; 122 } 123 124 /* 125 * Synchronous devices return the response directly during the send() 126 * call in the same buffer. 127 */ 128 if (chip->flags & TPM_CHIP_FLAG_SYNC) { 129 len = rc; 130 rc = 0; 131 goto out_sync; 132 } 133 134 /* 135 * A sanity check. send() of asynchronous devices should just return 136 * zero on success e.g. not the command length. 137 */ 138 if (rc > 0) { 139 dev_warn(&chip->dev, 140 "%s: send(): invalid value %d\n", __func__, rc); 141 rc = 0; 142 } 143 144 if (chip->flags & TPM_CHIP_FLAG_IRQ) 145 goto out_recv; 146 147 stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal); 148 do { 149 u8 status = tpm_chip_status(chip); 150 if (tpm_transmit_completed(status, chip)) 151 goto out_recv; 152 153 if (tpm_chip_req_canceled(chip, status)) { 154 dev_err(&chip->dev, "Operation Canceled\n"); 155 return -ECANCELED; 156 } 157 158 tpm_msleep(TPM_TIMEOUT_POLL); 159 rmb(); 160 } while (time_before(jiffies, stop)); 161 162 /* 163 * Check for completion one more time, just in case the device reported 164 * it while the driver was sleeping in the busy loop above. 165 */ 166 if (tpm_transmit_completed(tpm_chip_status(chip), chip)) 167 goto out_recv; 168 169 tpm_chip_cancel(chip); 170 dev_err(&chip->dev, "Operation Timed out\n"); 171 return -ETIME; 172 173 out_recv: 174 len = chip->ops->recv(chip, buf, bufsiz); 175 if (len < 0) { 176 rc = len; 177 dev_err(&chip->dev, "tpm_transmit: tpm_recv: error %d\n", rc); 178 return rc; 179 } 180 out_sync: 181 if (len < TPM_HEADER_SIZE || len != be32_to_cpu(header->length)) 182 rc = -EFAULT; 183 184 return rc ? rc : len; 185 } 186 187 /** 188 * tpm_transmit - Internal kernel interface to transmit TPM commands. 189 * @chip: a TPM chip to use 190 * @buf: a TPM command buffer 191 * @bufsiz: length of the TPM command buffer 192 * 193 * A wrapper around tpm_try_transmit() that handles TPM2_RC_RETRY returns from 194 * the TPM and retransmits the command after a delay up to a maximum wait of 195 * TPM2_DURATION_LONG. 196 * 197 * Note that TPM 1.x never returns TPM2_RC_RETRY so the retry logic is TPM 2.0 198 * only. 199 * 200 * Return: 201 * * The response length - OK 202 * * -errno - A system error 203 */ 204 ssize_t tpm_transmit(struct tpm_chip *chip, u8 *buf, size_t bufsiz) 205 { 206 struct tpm_header *header = (struct tpm_header *)buf; 207 /* space for header and handles */ 208 u8 save[TPM_HEADER_SIZE + 3*sizeof(u32)]; 209 unsigned int delay_msec = TPM2_DURATION_SHORT; 210 u32 rc = 0; 211 ssize_t ret; 212 const size_t save_size = min(sizeof(save), bufsiz); 213 /* the command code is where the return code will be */ 214 u32 cc = be32_to_cpu(header->return_code); 215 216 /* 217 * Subtlety here: if we have a space, the handles will be 218 * transformed, so when we restore the header we also have to 219 * restore the handles. 220 */ 221 memcpy(save, buf, save_size); 222 223 for (;;) { 224 ret = tpm_try_transmit(chip, buf, bufsiz); 225 if (ret < 0) 226 break; 227 rc = be32_to_cpu(header->return_code); 228 if (rc != TPM2_RC_RETRY && rc != TPM2_RC_TESTING) 229 break; 230 /* 231 * return immediately if self test returns test 232 * still running to shorten boot time. 233 */ 234 if (rc == TPM2_RC_TESTING && cc == TPM2_CC_SELF_TEST) 235 break; 236 237 if (delay_msec > TPM2_DURATION_LONG) { 238 if (rc == TPM2_RC_RETRY) 239 dev_err(&chip->dev, "in retry loop\n"); 240 else 241 dev_err(&chip->dev, 242 "self test is still running\n"); 243 break; 244 } 245 tpm_msleep(delay_msec); 246 delay_msec *= 2; 247 memcpy(buf, save, save_size); 248 } 249 return ret; 250 } 251 252 /** 253 * tpm_transmit_cmd - send a tpm command to the device 254 * @chip: a TPM chip to use 255 * @buf: a TPM command buffer 256 * @min_rsp_body_length: minimum expected length of response body 257 * @desc: command description used in the error message 258 * 259 * Return: 260 * * 0 - OK 261 * * -errno - A system error 262 * * TPM_RC - A TPM error 263 */ 264 ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_buf *buf, 265 size_t min_rsp_body_length, const char *desc) 266 { 267 const struct tpm_header *header = (struct tpm_header *)buf->data; 268 int err; 269 ssize_t len; 270 271 len = tpm_transmit(chip, buf->data, PAGE_SIZE); 272 if (len < 0) 273 return len; 274 275 err = be32_to_cpu(header->return_code); 276 if (err != 0 && err != TPM_ERR_DISABLED && err != TPM_ERR_DEACTIVATED 277 && err != TPM2_RC_TESTING && desc) 278 dev_err(&chip->dev, "A TPM error (%d) occurred %s\n", err, 279 desc); 280 if (err) 281 return err; 282 283 if (len < min_rsp_body_length + TPM_HEADER_SIZE) 284 return -EFAULT; 285 286 buf->length = len; 287 return 0; 288 } 289 EXPORT_SYMBOL_GPL(tpm_transmit_cmd); 290 291 int tpm_get_timeouts(struct tpm_chip *chip) 292 { 293 if (chip->flags & TPM_CHIP_FLAG_HAVE_TIMEOUTS) 294 return 0; 295 296 if (chip->flags & TPM_CHIP_FLAG_TPM2) 297 return tpm2_get_timeouts(chip); 298 else 299 return tpm1_get_timeouts(chip); 300 } 301 EXPORT_SYMBOL_GPL(tpm_get_timeouts); 302 303 /** 304 * tpm_is_tpm2 - do we a have a TPM2 chip? 305 * @chip: a &struct tpm_chip instance, %NULL for the default chip 306 * 307 * Return: 308 * 1 if we have a TPM2 chip. 309 * 0 if we don't have a TPM2 chip. 310 * A negative number for system errors (errno). 311 */ 312 int tpm_is_tpm2(struct tpm_chip *chip) 313 { 314 int rc; 315 316 if (!chip) 317 return -ENODEV; 318 319 rc = tpm_try_get_ops(chip); 320 if (rc) 321 return rc; 322 323 rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0; 324 325 tpm_put_ops(chip); 326 327 return rc; 328 } 329 EXPORT_SYMBOL_GPL(tpm_is_tpm2); 330 331 /** 332 * tpm_pcr_read - read a PCR value from SHA1 bank 333 * @chip: a &struct tpm_chip instance, %NULL for the default chip 334 * @pcr_idx: the PCR to be retrieved 335 * @digest: the PCR bank and buffer current PCR value is written to 336 * 337 * Return: same as with tpm_transmit_cmd() 338 */ 339 int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx, 340 struct tpm_digest *digest) 341 { 342 int rc; 343 344 if (!chip) 345 return -ENODEV; 346 347 rc = tpm_try_get_ops(chip); 348 if (rc) 349 return rc; 350 351 if (chip->flags & TPM_CHIP_FLAG_TPM2) 352 rc = tpm2_pcr_read(chip, pcr_idx, digest, NULL); 353 else 354 rc = tpm1_pcr_read(chip, pcr_idx, digest->digest); 355 356 tpm_put_ops(chip); 357 return rc; 358 } 359 EXPORT_SYMBOL_GPL(tpm_pcr_read); 360 361 /** 362 * tpm_pcr_extend - extend a PCR value in SHA1 bank. 363 * @chip: a &struct tpm_chip instance, %NULL for the default chip 364 * @pcr_idx: the PCR to be retrieved 365 * @digests: array of tpm_digest structures used to extend PCRs 366 * 367 * Note: callers must pass a digest for every allocated PCR bank, in the same 368 * order of the banks in chip->allocated_banks. 369 * 370 * Return: same as with tpm_transmit_cmd() 371 */ 372 int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, 373 struct tpm_digest *digests) 374 { 375 int rc; 376 int i; 377 378 if (!chip) 379 return -ENODEV; 380 381 rc = tpm_try_get_ops(chip); 382 if (rc) 383 return rc; 384 385 for (i = 0; i < chip->nr_allocated_banks; i++) { 386 if (digests[i].alg_id != chip->allocated_banks[i].alg_id) { 387 rc = -EINVAL; 388 goto out; 389 } 390 } 391 392 if (chip->flags & TPM_CHIP_FLAG_TPM2) { 393 rc = tpm2_pcr_extend(chip, pcr_idx, digests); 394 goto out; 395 } 396 397 rc = tpm1_pcr_extend(chip, pcr_idx, digests[0].digest, 398 "attempting extend a PCR value"); 399 400 out: 401 tpm_put_ops(chip); 402 return rc; 403 } 404 EXPORT_SYMBOL_GPL(tpm_pcr_extend); 405 406 int tpm_auto_startup(struct tpm_chip *chip) 407 { 408 int rc; 409 410 if (!(chip->ops->flags & TPM_OPS_AUTO_STARTUP)) 411 return 0; 412 413 if (chip->flags & TPM_CHIP_FLAG_TPM2) 414 rc = tpm2_auto_startup(chip); 415 else 416 rc = tpm1_auto_startup(chip); 417 418 return rc; 419 } 420 421 /* 422 * We are about to suspend. Save the TPM state 423 * so that it can be restored. 424 */ 425 int tpm_pm_suspend(struct device *dev) 426 { 427 struct tpm_chip *chip = dev_get_drvdata(dev); 428 int rc = 0; 429 430 if (!chip) 431 return -ENODEV; 432 433 rc = tpm_try_get_ops(chip); 434 if (rc) { 435 /* Can be safely set out of locks, as no action cannot race: */ 436 chip->flags |= TPM_CHIP_FLAG_SUSPENDED; 437 goto out; 438 } 439 440 if (chip->flags & TPM_CHIP_FLAG_ALWAYS_POWERED) 441 goto suspended; 442 443 if ((chip->flags & TPM_CHIP_FLAG_FIRMWARE_POWER_MANAGED) && 444 !pm_suspend_via_firmware()) 445 goto suspended; 446 447 if (chip->flags & TPM_CHIP_FLAG_TPM2) { 448 tpm2_end_auth_session(chip); 449 tpm2_shutdown(chip, TPM2_SU_STATE); 450 goto suspended; 451 } 452 453 rc = tpm1_pm_suspend(chip, tpm_suspend_pcr); 454 455 suspended: 456 chip->flags |= TPM_CHIP_FLAG_SUSPENDED; 457 tpm_put_ops(chip); 458 459 out: 460 if (rc) 461 dev_err(dev, "Ignoring error %d while suspending\n", rc); 462 return 0; 463 } 464 EXPORT_SYMBOL_GPL(tpm_pm_suspend); 465 466 /* 467 * Resume from a power safe. The BIOS already restored 468 * the TPM state. 469 */ 470 int tpm_pm_resume(struct device *dev) 471 { 472 struct tpm_chip *chip = dev_get_drvdata(dev); 473 474 if (chip == NULL) 475 return -ENODEV; 476 477 chip->flags &= ~TPM_CHIP_FLAG_SUSPENDED; 478 479 /* 480 * Guarantee that SUSPENDED is written last, so that hwrng does not 481 * activate before the chip has been fully resumed. 482 */ 483 wmb(); 484 485 return 0; 486 } 487 EXPORT_SYMBOL_GPL(tpm_pm_resume); 488 489 /** 490 * tpm_get_random() - get random bytes from the TPM's RNG 491 * @chip: a &struct tpm_chip instance, %NULL for the default chip 492 * @out: destination buffer for the random bytes 493 * @max: the max number of bytes to write to @out 494 * 495 * Return: number of random bytes read or a negative error value. 496 */ 497 int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max) 498 { 499 int rc; 500 501 if (!out || max > TPM_MAX_RNG_DATA) 502 return -EINVAL; 503 504 if (!chip) 505 return -ENODEV; 506 507 rc = tpm_try_get_ops(chip); 508 if (rc) 509 return rc; 510 511 if (chip->flags & TPM_CHIP_FLAG_TPM2) 512 rc = tpm2_get_random(chip, out, max); 513 else 514 rc = tpm1_get_random(chip, out, max); 515 516 tpm_put_ops(chip); 517 return rc; 518 } 519 EXPORT_SYMBOL_GPL(tpm_get_random); 520 521 static int __init tpm_init(void) 522 { 523 int rc; 524 525 rc = class_register(&tpm_class); 526 if (rc) { 527 pr_err("couldn't create tpm class\n"); 528 return rc; 529 } 530 531 rc = class_register(&tpmrm_class); 532 if (rc) { 533 pr_err("couldn't create tpmrm class\n"); 534 goto out_destroy_tpm_class; 535 } 536 537 rc = alloc_chrdev_region(&tpm_devt, 0, 2*TPM_NUM_DEVICES, "tpm"); 538 if (rc < 0) { 539 pr_err("tpm: failed to allocate char dev region\n"); 540 goto out_destroy_tpmrm_class; 541 } 542 543 rc = tpm_dev_common_init(); 544 if (rc) { 545 pr_err("tpm: failed to allocate char dev region\n"); 546 goto out_unreg_chrdev; 547 } 548 549 return 0; 550 551 out_unreg_chrdev: 552 unregister_chrdev_region(tpm_devt, 2 * TPM_NUM_DEVICES); 553 out_destroy_tpmrm_class: 554 class_unregister(&tpmrm_class); 555 out_destroy_tpm_class: 556 class_unregister(&tpm_class); 557 558 return rc; 559 } 560 561 static void __exit tpm_exit(void) 562 { 563 idr_destroy(&dev_nums_idr); 564 class_unregister(&tpm_class); 565 class_unregister(&tpmrm_class); 566 unregister_chrdev_region(tpm_devt, 2*TPM_NUM_DEVICES); 567 tpm_dev_common_exit(); 568 } 569 570 subsys_initcall(tpm_init); 571 module_exit(tpm_exit); 572 573 MODULE_AUTHOR("Leendert van Doorn <leendert@watson.ibm.com>"); 574 MODULE_DESCRIPTION("TPM Driver"); 575 MODULE_VERSION("2.0"); 576 MODULE_LICENSE("GPL"); 577