1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (C) 2004 IBM Corporation 4 * Copyright (C) 2014 Intel Corporation 5 * 6 * Authors: 7 * Leendert van Doorn <leendert@watson.ibm.com> 8 * Dave Safford <safford@watson.ibm.com> 9 * Reiner Sailer <sailer@watson.ibm.com> 10 * Kylene Hall <kjhall@us.ibm.com> 11 * 12 * Device driver for TCG/TCPA TPM (trusted platform module). 13 * Specifications at www.trustedcomputinggroup.org 14 */ 15 16 #include <linux/poll.h> 17 #include <linux/slab.h> 18 #include <linux/mutex.h> 19 #include <linux/spinlock.h> 20 #include <linux/freezer.h> 21 #include <linux/tpm_eventlog.h> 22 23 #include "tpm.h" 24 25 #define TPM_MAX_ORDINAL 243 26 27 /* 28 * Array with one entry per ordinal defining the maximum amount 29 * of time the chip could take to return the result. The ordinal 30 * designation of short, medium or long is defined in a table in 31 * TCG Specification TPM Main Part 2 TPM Structures Section 17. The 32 * values of the SHORT, MEDIUM, and LONG durations are retrieved 33 * from the chip during initialization with a call to tpm_get_timeouts. 34 */ 35 static const u8 tpm1_ordinal_duration[TPM_MAX_ORDINAL] = { 36 TPM_UNDEFINED, /* 0 */ 37 TPM_UNDEFINED, 38 TPM_UNDEFINED, 39 TPM_UNDEFINED, 40 TPM_UNDEFINED, 41 TPM_UNDEFINED, /* 5 */ 42 TPM_UNDEFINED, 43 TPM_UNDEFINED, 44 TPM_UNDEFINED, 45 TPM_UNDEFINED, 46 TPM_SHORT, /* 10 */ 47 TPM_SHORT, 48 TPM_MEDIUM, 49 TPM_LONG, 50 TPM_LONG, 51 TPM_MEDIUM, /* 15 */ 52 TPM_SHORT, 53 TPM_SHORT, 54 TPM_MEDIUM, 55 TPM_LONG, 56 TPM_SHORT, /* 20 */ 57 TPM_SHORT, 58 TPM_MEDIUM, 59 TPM_MEDIUM, 60 TPM_MEDIUM, 61 TPM_SHORT, /* 25 */ 62 TPM_SHORT, 63 TPM_MEDIUM, 64 TPM_SHORT, 65 TPM_SHORT, 66 TPM_MEDIUM, /* 30 */ 67 TPM_LONG, 68 TPM_MEDIUM, 69 TPM_SHORT, 70 TPM_SHORT, 71 TPM_SHORT, /* 35 */ 72 TPM_MEDIUM, 73 TPM_MEDIUM, 74 TPM_UNDEFINED, 75 TPM_UNDEFINED, 76 TPM_MEDIUM, /* 40 */ 77 TPM_LONG, 78 TPM_MEDIUM, 79 TPM_SHORT, 80 TPM_SHORT, 81 TPM_SHORT, /* 45 */ 82 TPM_SHORT, 83 TPM_SHORT, 84 TPM_SHORT, 85 TPM_LONG, 86 TPM_MEDIUM, /* 50 */ 87 TPM_MEDIUM, 88 TPM_UNDEFINED, 89 TPM_UNDEFINED, 90 TPM_UNDEFINED, 91 TPM_UNDEFINED, /* 55 */ 92 TPM_UNDEFINED, 93 TPM_UNDEFINED, 94 TPM_UNDEFINED, 95 TPM_UNDEFINED, 96 TPM_MEDIUM, /* 60 */ 97 TPM_MEDIUM, 98 TPM_MEDIUM, 99 TPM_SHORT, 100 TPM_SHORT, 101 TPM_MEDIUM, /* 65 */ 102 TPM_UNDEFINED, 103 TPM_UNDEFINED, 104 TPM_UNDEFINED, 105 TPM_UNDEFINED, 106 TPM_SHORT, /* 70 */ 107 TPM_SHORT, 108 TPM_UNDEFINED, 109 TPM_UNDEFINED, 110 TPM_UNDEFINED, 111 TPM_UNDEFINED, /* 75 */ 112 TPM_UNDEFINED, 113 TPM_UNDEFINED, 114 TPM_UNDEFINED, 115 TPM_UNDEFINED, 116 TPM_LONG, /* 80 */ 117 TPM_UNDEFINED, 118 TPM_MEDIUM, 119 TPM_LONG, 120 TPM_SHORT, 121 TPM_UNDEFINED, /* 85 */ 122 TPM_UNDEFINED, 123 TPM_UNDEFINED, 124 TPM_UNDEFINED, 125 TPM_UNDEFINED, 126 TPM_SHORT, /* 90 */ 127 TPM_SHORT, 128 TPM_SHORT, 129 TPM_SHORT, 130 TPM_SHORT, 131 TPM_UNDEFINED, /* 95 */ 132 TPM_UNDEFINED, 133 TPM_UNDEFINED, 134 TPM_UNDEFINED, 135 TPM_UNDEFINED, 136 TPM_MEDIUM, /* 100 */ 137 TPM_SHORT, 138 TPM_SHORT, 139 TPM_UNDEFINED, 140 TPM_UNDEFINED, 141 TPM_UNDEFINED, /* 105 */ 142 TPM_UNDEFINED, 143 TPM_UNDEFINED, 144 TPM_UNDEFINED, 145 TPM_UNDEFINED, 146 TPM_SHORT, /* 110 */ 147 TPM_SHORT, 148 TPM_SHORT, 149 TPM_SHORT, 150 TPM_SHORT, 151 TPM_SHORT, /* 115 */ 152 TPM_SHORT, 153 TPM_SHORT, 154 TPM_UNDEFINED, 155 TPM_UNDEFINED, 156 TPM_LONG, /* 120 */ 157 TPM_LONG, 158 TPM_MEDIUM, 159 TPM_UNDEFINED, 160 TPM_SHORT, 161 TPM_SHORT, /* 125 */ 162 TPM_SHORT, 163 TPM_LONG, 164 TPM_SHORT, 165 TPM_SHORT, 166 TPM_SHORT, /* 130 */ 167 TPM_MEDIUM, 168 TPM_UNDEFINED, 169 TPM_SHORT, 170 TPM_MEDIUM, 171 TPM_UNDEFINED, /* 135 */ 172 TPM_UNDEFINED, 173 TPM_UNDEFINED, 174 TPM_UNDEFINED, 175 TPM_UNDEFINED, 176 TPM_SHORT, /* 140 */ 177 TPM_SHORT, 178 TPM_UNDEFINED, 179 TPM_UNDEFINED, 180 TPM_UNDEFINED, 181 TPM_UNDEFINED, /* 145 */ 182 TPM_UNDEFINED, 183 TPM_UNDEFINED, 184 TPM_UNDEFINED, 185 TPM_UNDEFINED, 186 TPM_SHORT, /* 150 */ 187 TPM_MEDIUM, 188 TPM_MEDIUM, 189 TPM_SHORT, 190 TPM_SHORT, 191 TPM_UNDEFINED, /* 155 */ 192 TPM_UNDEFINED, 193 TPM_UNDEFINED, 194 TPM_UNDEFINED, 195 TPM_UNDEFINED, 196 TPM_SHORT, /* 160 */ 197 TPM_SHORT, 198 TPM_SHORT, 199 TPM_SHORT, 200 TPM_UNDEFINED, 201 TPM_UNDEFINED, /* 165 */ 202 TPM_UNDEFINED, 203 TPM_UNDEFINED, 204 TPM_UNDEFINED, 205 TPM_UNDEFINED, 206 TPM_LONG, /* 170 */ 207 TPM_UNDEFINED, 208 TPM_UNDEFINED, 209 TPM_UNDEFINED, 210 TPM_UNDEFINED, 211 TPM_UNDEFINED, /* 175 */ 212 TPM_UNDEFINED, 213 TPM_UNDEFINED, 214 TPM_UNDEFINED, 215 TPM_UNDEFINED, 216 TPM_MEDIUM, /* 180 */ 217 TPM_SHORT, 218 TPM_MEDIUM, 219 TPM_MEDIUM, 220 TPM_MEDIUM, 221 TPM_MEDIUM, /* 185 */ 222 TPM_SHORT, 223 TPM_UNDEFINED, 224 TPM_UNDEFINED, 225 TPM_UNDEFINED, 226 TPM_UNDEFINED, /* 190 */ 227 TPM_UNDEFINED, 228 TPM_UNDEFINED, 229 TPM_UNDEFINED, 230 TPM_UNDEFINED, 231 TPM_UNDEFINED, /* 195 */ 232 TPM_UNDEFINED, 233 TPM_UNDEFINED, 234 TPM_UNDEFINED, 235 TPM_UNDEFINED, 236 TPM_SHORT, /* 200 */ 237 TPM_UNDEFINED, 238 TPM_UNDEFINED, 239 TPM_UNDEFINED, 240 TPM_SHORT, 241 TPM_SHORT, /* 205 */ 242 TPM_SHORT, 243 TPM_SHORT, 244 TPM_SHORT, 245 TPM_SHORT, 246 TPM_MEDIUM, /* 210 */ 247 TPM_UNDEFINED, 248 TPM_MEDIUM, 249 TPM_MEDIUM, 250 TPM_MEDIUM, 251 TPM_UNDEFINED, /* 215 */ 252 TPM_MEDIUM, 253 TPM_UNDEFINED, 254 TPM_UNDEFINED, 255 TPM_SHORT, 256 TPM_SHORT, /* 220 */ 257 TPM_SHORT, 258 TPM_SHORT, 259 TPM_SHORT, 260 TPM_SHORT, 261 TPM_UNDEFINED, /* 225 */ 262 TPM_UNDEFINED, 263 TPM_UNDEFINED, 264 TPM_UNDEFINED, 265 TPM_UNDEFINED, 266 TPM_SHORT, /* 230 */ 267 TPM_LONG, 268 TPM_MEDIUM, 269 TPM_UNDEFINED, 270 TPM_UNDEFINED, 271 TPM_UNDEFINED, /* 235 */ 272 TPM_UNDEFINED, 273 TPM_UNDEFINED, 274 TPM_UNDEFINED, 275 TPM_UNDEFINED, 276 TPM_SHORT, /* 240 */ 277 TPM_UNDEFINED, 278 TPM_MEDIUM, 279 }; 280 281 /** 282 * tpm1_calc_ordinal_duration() - calculate the maximum command duration 283 * @chip: TPM chip to use. 284 * @ordinal: TPM command ordinal. 285 * 286 * The function returns the maximum amount of time the chip could take 287 * to return the result for a particular ordinal in jiffies. 288 * 289 * Return: A maximal duration time for an ordinal in jiffies. 290 */ 291 unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal) 292 { 293 int duration_idx = TPM_UNDEFINED; 294 int duration = 0; 295 296 /* 297 * We only have a duration table for protected commands, where the upper 298 * 16 bits are 0. For the few other ordinals the fallback will be used. 299 */ 300 if (ordinal < TPM_MAX_ORDINAL) 301 duration_idx = tpm1_ordinal_duration[ordinal]; 302 303 if (duration_idx != TPM_UNDEFINED) 304 duration = chip->duration[duration_idx]; 305 if (duration <= 0) 306 return 2 * 60 * HZ; 307 else 308 return duration; 309 } 310 311 #define TPM_ORD_STARTUP 153 312 #define TPM_ST_CLEAR 1 313 314 /** 315 * tpm_startup() - turn on the TPM 316 * @chip: TPM chip to use 317 * 318 * Normally the firmware should start the TPM. This function is provided as a 319 * workaround if this does not happen. A legal case for this could be for 320 * example when a TPM emulator is used. 321 * 322 * Return: same as tpm_transmit_cmd() 323 */ 324 static int tpm1_startup(struct tpm_chip *chip) 325 { 326 struct tpm_buf buf; 327 int rc; 328 329 dev_info(&chip->dev, "starting up the TPM manually\n"); 330 331 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_STARTUP); 332 if (rc < 0) 333 return rc; 334 335 tpm_buf_append_u16(&buf, TPM_ST_CLEAR); 336 337 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to start the TPM"); 338 tpm_buf_destroy(&buf); 339 return rc; 340 } 341 342 int tpm1_get_timeouts(struct tpm_chip *chip) 343 { 344 cap_t cap; 345 unsigned long timeout_old[4], timeout_chip[4], timeout_eff[4]; 346 ssize_t rc; 347 348 rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL, 349 sizeof(cap.timeout)); 350 if (rc == TPM_ERR_INVALID_POSTINIT) { 351 if (tpm1_startup(chip)) 352 return rc; 353 354 rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, 355 "attempting to determine the timeouts", 356 sizeof(cap.timeout)); 357 } 358 359 if (rc) { 360 dev_err(&chip->dev, "A TPM error (%zd) occurred attempting to determine the timeouts\n", 361 rc); 362 return rc; 363 } 364 365 timeout_old[0] = jiffies_to_usecs(chip->timeout_a); 366 timeout_old[1] = jiffies_to_usecs(chip->timeout_b); 367 timeout_old[2] = jiffies_to_usecs(chip->timeout_c); 368 timeout_old[3] = jiffies_to_usecs(chip->timeout_d); 369 timeout_chip[0] = be32_to_cpu(cap.timeout.a); 370 timeout_chip[1] = be32_to_cpu(cap.timeout.b); 371 timeout_chip[2] = be32_to_cpu(cap.timeout.c); 372 timeout_chip[3] = be32_to_cpu(cap.timeout.d); 373 memcpy(timeout_eff, timeout_chip, sizeof(timeout_eff)); 374 375 /* 376 * Provide ability for vendor overrides of timeout values in case 377 * of misreporting. 378 */ 379 if (chip->ops->update_timeouts) 380 chip->ops->update_timeouts(chip, timeout_eff); 381 382 if (!chip->timeout_adjusted) { 383 /* Restore default if chip reported 0 */ 384 unsigned int i; 385 386 for (i = 0; i < ARRAY_SIZE(timeout_eff); i++) { 387 if (timeout_eff[i]) 388 continue; 389 390 timeout_eff[i] = timeout_old[i]; 391 chip->timeout_adjusted = true; 392 } 393 394 if (timeout_eff[0] != 0 && timeout_eff[0] < 1000) { 395 /* timeouts in msec rather usec */ 396 for (i = 0; i != ARRAY_SIZE(timeout_eff); i++) 397 timeout_eff[i] *= 1000; 398 chip->timeout_adjusted = true; 399 } 400 } 401 402 /* Report adjusted timeouts */ 403 if (chip->timeout_adjusted) { 404 dev_info(&chip->dev, HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n", 405 timeout_chip[0], timeout_eff[0], 406 timeout_chip[1], timeout_eff[1], 407 timeout_chip[2], timeout_eff[2], 408 timeout_chip[3], timeout_eff[3]); 409 } 410 411 chip->timeout_a = usecs_to_jiffies(timeout_eff[0]); 412 chip->timeout_b = usecs_to_jiffies(timeout_eff[1]); 413 chip->timeout_c = usecs_to_jiffies(timeout_eff[2]); 414 chip->timeout_d = usecs_to_jiffies(timeout_eff[3]); 415 416 rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_DURATION, &cap, 417 "attempting to determine the durations", 418 sizeof(cap.duration)); 419 if (rc) 420 return rc; 421 422 chip->duration[TPM_SHORT] = 423 usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_short)); 424 chip->duration[TPM_MEDIUM] = 425 usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_medium)); 426 chip->duration[TPM_LONG] = 427 usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_long)); 428 chip->duration[TPM_LONG_LONG] = 0; /* not used under 1.2 */ 429 430 /* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above 431 * value wrong and apparently reports msecs rather than usecs. So we 432 * fix up the resulting too-small TPM_SHORT value to make things work. 433 * We also scale the TPM_MEDIUM and -_LONG values by 1000. 434 */ 435 if (chip->duration[TPM_SHORT] < (HZ / 100)) { 436 chip->duration[TPM_SHORT] = HZ; 437 chip->duration[TPM_MEDIUM] *= 1000; 438 chip->duration[TPM_LONG] *= 1000; 439 chip->duration_adjusted = true; 440 dev_info(&chip->dev, "Adjusting TPM timeout parameters."); 441 } 442 443 chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS; 444 return 0; 445 } 446 447 #define TPM_ORD_PCR_EXTEND 20 448 int tpm1_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash, 449 const char *log_msg) 450 { 451 struct tpm_buf buf; 452 int rc; 453 454 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCR_EXTEND); 455 if (rc) 456 return rc; 457 458 tpm_buf_append_u32(&buf, pcr_idx); 459 tpm_buf_append(&buf, hash, TPM_DIGEST_SIZE); 460 461 rc = tpm_transmit_cmd(chip, &buf, TPM_DIGEST_SIZE, log_msg); 462 tpm_buf_destroy(&buf); 463 return rc; 464 } 465 466 #define TPM_ORD_GET_CAP 101 467 ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap, 468 const char *desc, size_t min_cap_length) 469 { 470 struct tpm_buf buf; 471 int rc; 472 473 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_CAP); 474 if (rc) 475 return rc; 476 477 if (subcap_id == TPM_CAP_VERSION_1_1 || 478 subcap_id == TPM_CAP_VERSION_1_2) { 479 tpm_buf_append_u32(&buf, subcap_id); 480 tpm_buf_append_u32(&buf, 0); 481 } else { 482 if (subcap_id == TPM_CAP_FLAG_PERM || 483 subcap_id == TPM_CAP_FLAG_VOL) 484 tpm_buf_append_u32(&buf, TPM_CAP_FLAG); 485 else 486 tpm_buf_append_u32(&buf, TPM_CAP_PROP); 487 488 tpm_buf_append_u32(&buf, 4); 489 tpm_buf_append_u32(&buf, subcap_id); 490 } 491 rc = tpm_transmit_cmd(chip, &buf, min_cap_length, desc); 492 if (!rc) 493 *cap = *(cap_t *)&buf.data[TPM_HEADER_SIZE + 4]; 494 tpm_buf_destroy(&buf); 495 return rc; 496 } 497 EXPORT_SYMBOL_GPL(tpm1_getcap); 498 499 #define TPM_ORD_GET_RANDOM 70 500 struct tpm1_get_random_out { 501 __be32 rng_data_len; 502 u8 rng_data[TPM_MAX_RNG_DATA]; 503 } __packed; 504 505 /** 506 * tpm1_get_random() - get random bytes from the TPM's RNG 507 * @chip: a &struct tpm_chip instance 508 * @dest: destination buffer for the random bytes 509 * @max: the maximum number of bytes to write to @dest 510 * 511 * Return: 512 * * number of bytes read 513 * * -errno or a TPM return code otherwise 514 */ 515 int tpm1_get_random(struct tpm_chip *chip, u8 *dest, size_t max) 516 { 517 struct tpm1_get_random_out *out; 518 u32 num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA); 519 struct tpm_buf buf; 520 u32 total = 0; 521 int retries = 5; 522 u32 recd; 523 int rc; 524 525 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_RANDOM); 526 if (rc) 527 return rc; 528 529 do { 530 tpm_buf_append_u32(&buf, num_bytes); 531 532 rc = tpm_transmit_cmd(chip, &buf, sizeof(out->rng_data_len), 533 "attempting get random"); 534 if (rc) 535 goto out; 536 537 out = (struct tpm1_get_random_out *)&buf.data[TPM_HEADER_SIZE]; 538 539 recd = be32_to_cpu(out->rng_data_len); 540 if (recd > num_bytes) { 541 rc = -EFAULT; 542 goto out; 543 } 544 545 if (tpm_buf_length(&buf) < TPM_HEADER_SIZE + 546 sizeof(out->rng_data_len) + recd) { 547 rc = -EFAULT; 548 goto out; 549 } 550 memcpy(dest, out->rng_data, recd); 551 552 dest += recd; 553 total += recd; 554 num_bytes -= recd; 555 556 tpm_buf_reset(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_RANDOM); 557 } while (retries-- && total < max); 558 559 rc = total ? (int)total : -EIO; 560 out: 561 tpm_buf_destroy(&buf); 562 return rc; 563 } 564 565 #define TPM_ORD_PCRREAD 21 566 int tpm1_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf) 567 { 568 struct tpm_buf buf; 569 int rc; 570 571 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCRREAD); 572 if (rc) 573 return rc; 574 575 tpm_buf_append_u32(&buf, pcr_idx); 576 577 rc = tpm_transmit_cmd(chip, &buf, TPM_DIGEST_SIZE, 578 "attempting to read a pcr value"); 579 if (rc) 580 goto out; 581 582 if (tpm_buf_length(&buf) < TPM_DIGEST_SIZE) { 583 rc = -EFAULT; 584 goto out; 585 } 586 587 memcpy(res_buf, &buf.data[TPM_HEADER_SIZE], TPM_DIGEST_SIZE); 588 589 out: 590 tpm_buf_destroy(&buf); 591 return rc; 592 } 593 594 #define TPM_ORD_CONTINUE_SELFTEST 83 595 /** 596 * tpm_continue_selftest() - run TPM's selftest 597 * @chip: TPM chip to use 598 * 599 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing 600 * a TPM error code. 601 */ 602 static int tpm1_continue_selftest(struct tpm_chip *chip) 603 { 604 struct tpm_buf buf; 605 int rc; 606 607 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_CONTINUE_SELFTEST); 608 if (rc) 609 return rc; 610 611 rc = tpm_transmit_cmd(chip, &buf, 0, "continue selftest"); 612 tpm_buf_destroy(&buf); 613 return rc; 614 } 615 616 /** 617 * tpm1_do_selftest - have the TPM continue its selftest and wait until it 618 * can receive further commands 619 * @chip: TPM chip to use 620 * 621 * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing 622 * a TPM error code. 623 */ 624 int tpm1_do_selftest(struct tpm_chip *chip) 625 { 626 int rc; 627 unsigned int loops; 628 unsigned int delay_msec = 100; 629 unsigned long duration; 630 u8 dummy[TPM_DIGEST_SIZE]; 631 632 duration = tpm1_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST); 633 634 loops = jiffies_to_msecs(duration) / delay_msec; 635 636 rc = tpm1_continue_selftest(chip); 637 if (rc == TPM_ERR_INVALID_POSTINIT) { 638 chip->flags |= TPM_CHIP_FLAG_ALWAYS_POWERED; 639 dev_info(&chip->dev, "TPM not ready (%d)\n", rc); 640 } 641 /* This may fail if there was no TPM driver during a suspend/resume 642 * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST) 643 */ 644 if (rc) 645 return rc; 646 647 do { 648 /* Attempt to read a PCR value */ 649 rc = tpm1_pcr_read(chip, 0, dummy); 650 651 /* Some buggy TPMs will not respond to tpm_tis_ready() for 652 * around 300ms while the self test is ongoing, keep trying 653 * until the self test duration expires. 654 */ 655 if (rc == -ETIME) { 656 dev_info(&chip->dev, HW_ERR "TPM command timed out during continue self test"); 657 tpm_msleep(delay_msec); 658 continue; 659 } 660 661 if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) { 662 dev_info(&chip->dev, "TPM is disabled/deactivated (0x%X)\n", 663 rc); 664 /* TPM is disabled and/or deactivated; driver can 665 * proceed and TPM does handle commands for 666 * suspend/resume correctly 667 */ 668 return 0; 669 } 670 if (rc != TPM_WARN_DOING_SELFTEST) 671 return rc; 672 tpm_msleep(delay_msec); 673 } while (--loops > 0); 674 675 return rc; 676 } 677 EXPORT_SYMBOL_GPL(tpm1_do_selftest); 678 679 /** 680 * tpm1_auto_startup - Perform the standard automatic TPM initialization 681 * sequence 682 * @chip: TPM chip to use 683 * 684 * Returns 0 on success, < 0 in case of fatal error. 685 */ 686 int tpm1_auto_startup(struct tpm_chip *chip) 687 { 688 int rc; 689 690 rc = tpm1_get_timeouts(chip); 691 if (rc) 692 goto out; 693 rc = tpm1_do_selftest(chip); 694 if (rc) { 695 dev_err(&chip->dev, "TPM self test failed\n"); 696 goto out; 697 } 698 699 chip->allocated_banks = kcalloc(1, sizeof(*chip->allocated_banks), 700 GFP_KERNEL); 701 if (!chip->allocated_banks) { 702 rc = -ENOMEM; 703 goto out; 704 } 705 706 chip->allocated_banks[0].alg_id = TPM_ALG_SHA1; 707 chip->allocated_banks[0].digest_size = hash_digest_size[HASH_ALGO_SHA1]; 708 chip->allocated_banks[0].crypto_id = HASH_ALGO_SHA1; 709 chip->nr_allocated_banks = 1; 710 711 return rc; 712 out: 713 if (rc > 0) 714 rc = -ENODEV; 715 return rc; 716 } 717 718 #define TPM_ORD_SAVESTATE 152 719 720 /** 721 * tpm1_pm_suspend() - pm suspend handler 722 * @chip: TPM chip to use. 723 * @tpm_suspend_pcr: flush pcr for buggy TPM chips. 724 * 725 * The functions saves the TPM state to be restored on resume. 726 * 727 * Return: 728 * * 0 on success, 729 * * < 0 on error. 730 */ 731 int tpm1_pm_suspend(struct tpm_chip *chip, u32 tpm_suspend_pcr) 732 { 733 u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 }; 734 struct tpm_buf buf; 735 unsigned int try; 736 int rc; 737 738 739 /* for buggy tpm, flush pcrs with extend to selected dummy */ 740 if (tpm_suspend_pcr) 741 rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash, 742 "extending dummy pcr before suspend"); 743 744 rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_SAVESTATE); 745 if (rc) 746 return rc; 747 /* now do the actual savestate */ 748 for (try = 0; try < TPM_RETRY; try++) { 749 rc = tpm_transmit_cmd(chip, &buf, 0, NULL); 750 /* 751 * If the TPM indicates that it is too busy to respond to 752 * this command then retry before giving up. It can take 753 * several seconds for this TPM to be ready. 754 * 755 * This can happen if the TPM has already been sent the 756 * SaveState command before the driver has loaded. TCG 1.2 757 * specification states that any communication after SaveState 758 * may cause the TPM to invalidate previously saved state. 759 */ 760 if (rc != TPM_WARN_RETRY) 761 break; 762 tpm_msleep(TPM_TIMEOUT_RETRY); 763 764 tpm_buf_reset(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_SAVESTATE); 765 } 766 767 if (rc) 768 dev_err(&chip->dev, "Error (%d) sending savestate before suspend\n", 769 rc); 770 else if (try > 0) 771 dev_warn(&chip->dev, "TPM savestate took %dms\n", 772 try * TPM_TIMEOUT_RETRY); 773 774 tpm_buf_destroy(&buf); 775 776 return rc; 777 } 778 779