1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2014, 2015 Intel Corporation 4 * 5 * Authors: 6 * Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> 7 * 8 * Maintained by: <tpmdd-devel@lists.sourceforge.net> 9 * 10 * This file contains TPM2 protocol implementations of the commands 11 * used by the kernel internally. 12 */ 13 14 #include "linux/dev_printk.h" 15 #include "linux/tpm.h" 16 #include "tpm.h" 17 #include <crypto/hash_info.h> 18 #include <linux/unaligned.h> 19 20 static bool disable_pcr_integrity; 21 module_param(disable_pcr_integrity, bool, 0444); 22 MODULE_PARM_DESC(disable_pcr_integrity, "Disable integrity protection of TPM2_PCR_Extend"); 23 24 struct tpm2_hash tpm2_hash_map[] = { 25 {HASH_ALGO_SHA1, TPM_ALG_SHA1}, 26 {HASH_ALGO_SHA256, TPM_ALG_SHA256}, 27 {HASH_ALGO_SHA384, TPM_ALG_SHA384}, 28 {HASH_ALGO_SHA512, TPM_ALG_SHA512}, 29 {HASH_ALGO_SM3_256, TPM_ALG_SM3_256}, 30 }; 31 32 int tpm2_find_hash_alg(unsigned int crypto_id) 33 { 34 int i; 35 36 for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) 37 if (crypto_id == tpm2_hash_map[i].crypto_id) 38 return tpm2_hash_map[i].tpm_id; 39 40 return -EINVAL; 41 } 42 EXPORT_SYMBOL_GPL(tpm2_find_hash_alg); 43 44 int tpm2_get_timeouts(struct tpm_chip *chip) 45 { 46 chip->timeout_a = msecs_to_jiffies(TPM2_TIMEOUT_A); 47 chip->timeout_b = msecs_to_jiffies(TPM2_TIMEOUT_B); 48 chip->timeout_c = msecs_to_jiffies(TPM2_TIMEOUT_C); 49 chip->timeout_d = msecs_to_jiffies(TPM2_TIMEOUT_D); 50 chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS; 51 return 0; 52 } 53 54 /* 55 * Contains the maximum durations in milliseconds for TPM2 commands. 56 */ 57 static const struct { 58 unsigned long ordinal; 59 unsigned long duration; 60 } tpm2_ordinal_duration_map[] = { 61 {TPM2_CC_STARTUP, 750}, 62 {TPM2_CC_SELF_TEST, 3000}, 63 {TPM2_CC_GET_RANDOM, 2000}, 64 {TPM2_CC_SEQUENCE_UPDATE, 750}, 65 {TPM2_CC_SEQUENCE_COMPLETE, 750}, 66 {TPM2_CC_EVENT_SEQUENCE_COMPLETE, 750}, 67 {TPM2_CC_HASH_SEQUENCE_START, 750}, 68 {TPM2_CC_VERIFY_SIGNATURE, 30000}, 69 {TPM2_CC_PCR_EXTEND, 750}, 70 {TPM2_CC_HIERARCHY_CONTROL, 2000}, 71 {TPM2_CC_HIERARCHY_CHANGE_AUTH, 2000}, 72 {TPM2_CC_GET_CAPABILITY, 750}, 73 {TPM2_CC_NV_READ, 2000}, 74 {TPM2_CC_CREATE_PRIMARY, 30000}, 75 {TPM2_CC_CREATE, 30000}, 76 {TPM2_CC_CREATE_LOADED, 30000}, 77 }; 78 79 /** 80 * tpm2_calc_ordinal_duration() - Calculate the maximum command duration 81 * @ordinal: TPM command ordinal. 82 * 83 * Returns the maximum amount of time the chip is expected by kernel to 84 * take in jiffies. 85 */ 86 unsigned long tpm2_calc_ordinal_duration(u32 ordinal) 87 { 88 int i; 89 90 for (i = 0; i < ARRAY_SIZE(tpm2_ordinal_duration_map); i++) 91 if (ordinal == tpm2_ordinal_duration_map[i].ordinal) 92 return msecs_to_jiffies(tpm2_ordinal_duration_map[i].duration); 93 94 return msecs_to_jiffies(TPM2_DURATION_DEFAULT); 95 } 96 97 struct tpm2_pcr_read_out { 98 __be32 update_cnt; 99 __be32 pcr_selects_cnt; 100 __be16 hash_alg; 101 u8 pcr_select_size; 102 u8 pcr_select[TPM2_PCR_SELECT_MIN]; 103 __be32 digests_cnt; 104 __be16 digest_size; 105 u8 digest[]; 106 } __packed; 107 108 /** 109 * tpm2_pcr_read() - read a PCR value 110 * @chip: TPM chip to use. 111 * @pcr_idx: index of the PCR to read. 112 * @digest: PCR bank and buffer current PCR value is written to. 113 * @digest_size_ptr: pointer to variable that stores the digest size. 114 * 115 * Return: Same as with tpm_transmit_cmd. 116 */ 117 int tpm2_pcr_read(struct tpm_chip *chip, u32 pcr_idx, 118 struct tpm_digest *digest, u16 *digest_size_ptr) 119 { 120 int i; 121 int rc; 122 struct tpm_buf buf; 123 struct tpm2_pcr_read_out *out; 124 u8 pcr_select[TPM2_PCR_SELECT_MIN] = {0}; 125 u16 digest_size; 126 u16 expected_digest_size = 0; 127 128 if (pcr_idx >= TPM2_PLATFORM_PCR) 129 return -EINVAL; 130 131 if (!digest_size_ptr) { 132 for (i = 0; i < chip->nr_allocated_banks && 133 chip->allocated_banks[i].alg_id != digest->alg_id; i++) 134 ; 135 136 if (i == chip->nr_allocated_banks) 137 return -EINVAL; 138 139 expected_digest_size = chip->allocated_banks[i].digest_size; 140 } 141 142 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_PCR_READ); 143 if (rc) 144 return rc; 145 146 pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7); 147 148 tpm_buf_append_u32(&buf, 1); 149 tpm_buf_append_u16(&buf, digest->alg_id); 150 tpm_buf_append_u8(&buf, TPM2_PCR_SELECT_MIN); 151 tpm_buf_append(&buf, (const unsigned char *)pcr_select, 152 sizeof(pcr_select)); 153 154 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to read a pcr value"); 155 if (rc) 156 goto out; 157 158 out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE]; 159 digest_size = be16_to_cpu(out->digest_size); 160 if (digest_size > sizeof(digest->digest) || 161 (!digest_size_ptr && digest_size != expected_digest_size)) { 162 rc = -EINVAL; 163 goto out; 164 } 165 166 if (digest_size_ptr) 167 *digest_size_ptr = digest_size; 168 169 memcpy(digest->digest, out->digest, digest_size); 170 out: 171 tpm_buf_destroy(&buf); 172 return rc; 173 } 174 175 /** 176 * tpm2_pcr_extend() - extend a PCR value 177 * 178 * @chip: TPM chip to use. 179 * @pcr_idx: index of the PCR. 180 * @digests: list of pcr banks and corresponding digest values to extend. 181 * 182 * Return: Same as with tpm_transmit_cmd. 183 */ 184 int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, 185 struct tpm_digest *digests) 186 { 187 struct tpm_buf buf; 188 int rc; 189 int i; 190 191 if (!disable_pcr_integrity) { 192 rc = tpm2_start_auth_session(chip); 193 if (rc) 194 return rc; 195 } 196 197 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND); 198 if (rc) { 199 if (!disable_pcr_integrity) 200 tpm2_end_auth_session(chip); 201 return rc; 202 } 203 204 if (!disable_pcr_integrity) { 205 rc = tpm_buf_append_name(chip, &buf, pcr_idx, NULL); 206 if (rc) { 207 tpm_buf_destroy(&buf); 208 return rc; 209 } 210 tpm_buf_append_hmac_session(chip, &buf, 0, NULL, 0); 211 } else { 212 tpm_buf_append_handle(chip, &buf, pcr_idx); 213 tpm_buf_append_auth(chip, &buf, NULL, 0); 214 } 215 216 tpm_buf_append_u32(&buf, chip->nr_allocated_banks); 217 218 for (i = 0; i < chip->nr_allocated_banks; i++) { 219 tpm_buf_append_u16(&buf, digests[i].alg_id); 220 tpm_buf_append(&buf, (const unsigned char *)&digests[i].digest, 221 chip->allocated_banks[i].digest_size); 222 } 223 224 if (!disable_pcr_integrity) { 225 rc = tpm_buf_fill_hmac_session(chip, &buf); 226 if (rc) { 227 tpm_buf_destroy(&buf); 228 return rc; 229 } 230 } 231 232 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting extend a PCR value"); 233 if (!disable_pcr_integrity) 234 rc = tpm_buf_check_hmac_response(chip, &buf, rc); 235 236 tpm_buf_destroy(&buf); 237 238 return rc; 239 } 240 241 struct tpm2_get_random_out { 242 __be16 size; 243 u8 buffer[TPM_MAX_RNG_DATA]; 244 } __packed; 245 246 /** 247 * tpm2_get_random() - get random bytes from the TPM RNG 248 * 249 * @chip: a &tpm_chip instance 250 * @dest: destination buffer 251 * @max: the max number of random bytes to pull 252 * 253 * Return: 254 * size of the buffer on success, 255 * -errno otherwise (positive TPM return codes are masked to -EIO) 256 */ 257 int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max) 258 { 259 struct tpm2_get_random_out *out; 260 struct tpm_header *head; 261 struct tpm_buf buf; 262 u32 recd; 263 u32 num_bytes = max; 264 int err; 265 int total = 0; 266 int retries = 5; 267 u8 *dest_ptr = dest; 268 off_t offset; 269 270 if (!num_bytes || max > TPM_MAX_RNG_DATA) 271 return -EINVAL; 272 273 err = tpm2_start_auth_session(chip); 274 if (err) 275 return err; 276 277 err = tpm_buf_init(&buf, 0, 0); 278 if (err) { 279 tpm2_end_auth_session(chip); 280 return err; 281 } 282 283 do { 284 tpm_buf_reset(&buf, TPM2_ST_SESSIONS, TPM2_CC_GET_RANDOM); 285 if (tpm2_chip_auth(chip)) { 286 tpm_buf_append_hmac_session(chip, &buf, 287 TPM2_SA_ENCRYPT | 288 TPM2_SA_CONTINUE_SESSION, 289 NULL, 0); 290 } else { 291 offset = buf.handles * 4 + TPM_HEADER_SIZE; 292 head = (struct tpm_header *)buf.data; 293 if (tpm_buf_length(&buf) == offset) 294 head->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS); 295 } 296 tpm_buf_append_u16(&buf, num_bytes); 297 err = tpm_buf_fill_hmac_session(chip, &buf); 298 if (err) { 299 tpm_buf_destroy(&buf); 300 return err; 301 } 302 303 err = tpm_transmit_cmd(chip, &buf, 304 offsetof(struct tpm2_get_random_out, 305 buffer), 306 "attempting get random"); 307 err = tpm_buf_check_hmac_response(chip, &buf, err); 308 if (err) { 309 if (err > 0) 310 err = -EIO; 311 goto out; 312 } 313 314 head = (struct tpm_header *)buf.data; 315 offset = TPM_HEADER_SIZE; 316 /* Skip the parameter size field: */ 317 if (be16_to_cpu(head->tag) == TPM2_ST_SESSIONS) 318 offset += 4; 319 320 out = (struct tpm2_get_random_out *)&buf.data[offset]; 321 recd = min_t(u32, be16_to_cpu(out->size), num_bytes); 322 if (tpm_buf_length(&buf) < 323 TPM_HEADER_SIZE + 324 offsetof(struct tpm2_get_random_out, buffer) + 325 recd) { 326 err = -EFAULT; 327 goto out; 328 } 329 memcpy(dest_ptr, out->buffer, recd); 330 331 dest_ptr += recd; 332 total += recd; 333 num_bytes -= recd; 334 } while (retries-- && total < max); 335 336 tpm_buf_destroy(&buf); 337 338 return total ? total : -EIO; 339 out: 340 tpm_buf_destroy(&buf); 341 tpm2_end_auth_session(chip); 342 return err; 343 } 344 345 /** 346 * tpm2_flush_context() - execute a TPM2_FlushContext command 347 * @chip: TPM chip to use 348 * @handle: context handle 349 */ 350 void tpm2_flush_context(struct tpm_chip *chip, u32 handle) 351 { 352 struct tpm_buf buf; 353 int rc; 354 355 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_FLUSH_CONTEXT); 356 if (rc) { 357 dev_warn(&chip->dev, "0x%08x was not flushed, out of memory\n", 358 handle); 359 return; 360 } 361 362 tpm_buf_append_u32(&buf, handle); 363 364 tpm_transmit_cmd(chip, &buf, 0, "flushing context"); 365 tpm_buf_destroy(&buf); 366 } 367 EXPORT_SYMBOL_GPL(tpm2_flush_context); 368 369 struct tpm2_get_cap_out { 370 u8 more_data; 371 __be32 subcap_id; 372 __be32 property_cnt; 373 __be32 property_id; 374 __be32 value; 375 } __packed; 376 377 /** 378 * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property 379 * @chip: a &tpm_chip instance 380 * @property_id: property ID. 381 * @value: output variable. 382 * @desc: passed to tpm_transmit_cmd() 383 * 384 * Return: 385 * 0 on success, 386 * -errno or a TPM return code otherwise 387 */ 388 ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, u32 *value, 389 const char *desc) 390 { 391 struct tpm2_get_cap_out *out; 392 struct tpm_buf buf; 393 int rc; 394 395 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 396 if (rc) 397 return rc; 398 tpm_buf_append_u32(&buf, TPM2_CAP_TPM_PROPERTIES); 399 tpm_buf_append_u32(&buf, property_id); 400 tpm_buf_append_u32(&buf, 1); 401 rc = tpm_transmit_cmd(chip, &buf, 0, NULL); 402 if (!rc) { 403 out = (struct tpm2_get_cap_out *) 404 &buf.data[TPM_HEADER_SIZE]; 405 /* 406 * To prevent failing boot up of some systems, Infineon TPM2.0 407 * returns SUCCESS on TPM2_Startup in field upgrade mode. Also 408 * the TPM2_Getcapability command returns a zero length list 409 * in field upgrade mode. 410 */ 411 if (be32_to_cpu(out->property_cnt) > 0) 412 *value = be32_to_cpu(out->value); 413 else 414 rc = -ENODATA; 415 } 416 tpm_buf_destroy(&buf); 417 return rc; 418 } 419 EXPORT_SYMBOL_GPL(tpm2_get_tpm_pt); 420 421 /** 422 * tpm2_shutdown() - send a TPM shutdown command 423 * 424 * Sends a TPM shutdown command. The shutdown command is used in call 425 * sites where the system is going down. If it fails, there is not much 426 * that can be done except print an error message. 427 * 428 * @chip: a &tpm_chip instance 429 * @shutdown_type: TPM_SU_CLEAR or TPM_SU_STATE. 430 */ 431 void tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type) 432 { 433 struct tpm_buf buf; 434 int rc; 435 436 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_SHUTDOWN); 437 if (rc) 438 return; 439 tpm_buf_append_u16(&buf, shutdown_type); 440 tpm_transmit_cmd(chip, &buf, 0, "stopping the TPM"); 441 tpm_buf_destroy(&buf); 442 } 443 444 /** 445 * tpm2_do_selftest() - ensure that all self tests have passed 446 * 447 * @chip: TPM chip to use 448 * 449 * Return: Same as with tpm_transmit_cmd. 450 * 451 * The TPM can either run all self tests synchronously and then return 452 * RC_SUCCESS once all tests were successful. Or it can choose to run the tests 453 * asynchronously and return RC_TESTING immediately while the self tests still 454 * execute in the background. This function handles both cases and waits until 455 * all tests have completed. 456 */ 457 static int tpm2_do_selftest(struct tpm_chip *chip) 458 { 459 struct tpm_buf buf; 460 int full; 461 int rc; 462 463 for (full = 0; full < 2; full++) { 464 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_SELF_TEST); 465 if (rc) 466 return rc; 467 468 tpm_buf_append_u8(&buf, full); 469 rc = tpm_transmit_cmd(chip, &buf, 0, 470 "attempting the self test"); 471 tpm_buf_destroy(&buf); 472 473 if (rc == TPM2_RC_TESTING) 474 rc = TPM2_RC_SUCCESS; 475 if (rc == TPM2_RC_INITIALIZE || rc == TPM2_RC_SUCCESS) 476 return rc; 477 } 478 479 return rc; 480 } 481 482 /** 483 * tpm2_probe() - probe for the TPM 2.0 protocol 484 * @chip: a &tpm_chip instance 485 * 486 * Send an idempotent TPM 2.0 command and see whether there is TPM2 chip in the 487 * other end based on the response tag. The flag TPM_CHIP_FLAG_TPM2 is set by 488 * this function if this is the case. 489 * 490 * Return: 491 * 0 on success, 492 * -errno otherwise 493 */ 494 int tpm2_probe(struct tpm_chip *chip) 495 { 496 struct tpm_header *out; 497 struct tpm_buf buf; 498 int rc; 499 500 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 501 if (rc) 502 return rc; 503 tpm_buf_append_u32(&buf, TPM2_CAP_TPM_PROPERTIES); 504 tpm_buf_append_u32(&buf, TPM_PT_TOTAL_COMMANDS); 505 tpm_buf_append_u32(&buf, 1); 506 rc = tpm_transmit_cmd(chip, &buf, 0, NULL); 507 /* We ignore TPM return codes on purpose. */ 508 if (rc >= 0) { 509 out = (struct tpm_header *)buf.data; 510 if (be16_to_cpu(out->tag) == TPM2_ST_NO_SESSIONS) 511 chip->flags |= TPM_CHIP_FLAG_TPM2; 512 } 513 tpm_buf_destroy(&buf); 514 return 0; 515 } 516 EXPORT_SYMBOL_GPL(tpm2_probe); 517 518 static int tpm2_init_bank_info(struct tpm_chip *chip, u32 bank_index) 519 { 520 struct tpm_bank_info *bank = chip->allocated_banks + bank_index; 521 struct tpm_digest digest = { .alg_id = bank->alg_id }; 522 int i; 523 524 /* 525 * Avoid unnecessary PCR read operations to reduce overhead 526 * and obtain identifiers of the crypto subsystem. 527 */ 528 for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) { 529 enum hash_algo crypto_algo = tpm2_hash_map[i].crypto_id; 530 531 if (bank->alg_id != tpm2_hash_map[i].tpm_id) 532 continue; 533 534 bank->digest_size = hash_digest_size[crypto_algo]; 535 bank->crypto_id = crypto_algo; 536 return 0; 537 } 538 539 bank->crypto_id = HASH_ALGO__LAST; 540 541 return tpm2_pcr_read(chip, 0, &digest, &bank->digest_size); 542 } 543 544 struct tpm2_pcr_selection { 545 __be16 hash_alg; 546 u8 size_of_select; 547 u8 pcr_select[3]; 548 } __packed; 549 550 ssize_t tpm2_get_pcr_allocation(struct tpm_chip *chip) 551 { 552 struct tpm2_pcr_selection pcr_selection; 553 struct tpm_buf buf; 554 void *marker; 555 void *end; 556 void *pcr_select_offset; 557 u32 sizeof_pcr_selection; 558 u32 nr_possible_banks; 559 u32 nr_alloc_banks = 0; 560 u16 hash_alg; 561 u32 rsp_len; 562 int rc; 563 int i = 0; 564 565 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 566 if (rc) 567 return rc; 568 569 tpm_buf_append_u32(&buf, TPM2_CAP_PCRS); 570 tpm_buf_append_u32(&buf, 0); 571 tpm_buf_append_u32(&buf, 1); 572 573 rc = tpm_transmit_cmd(chip, &buf, 9, "get tpm pcr allocation"); 574 if (rc) 575 goto out; 576 577 nr_possible_banks = be32_to_cpup( 578 (__be32 *)&buf.data[TPM_HEADER_SIZE + 5]); 579 if (nr_possible_banks > TPM2_MAX_PCR_BANKS) { 580 pr_err("tpm: out of bank capacity: %u > %u\n", 581 nr_possible_banks, TPM2_MAX_PCR_BANKS); 582 rc = -ENOMEM; 583 goto out; 584 } 585 586 marker = &buf.data[TPM_HEADER_SIZE + 9]; 587 588 rsp_len = be32_to_cpup((__be32 *)&buf.data[2]); 589 end = &buf.data[rsp_len]; 590 591 for (i = 0; i < nr_possible_banks; i++) { 592 pcr_select_offset = marker + 593 offsetof(struct tpm2_pcr_selection, size_of_select); 594 if (pcr_select_offset >= end) { 595 rc = -EFAULT; 596 break; 597 } 598 599 memcpy(&pcr_selection, marker, sizeof(pcr_selection)); 600 hash_alg = be16_to_cpu(pcr_selection.hash_alg); 601 602 pcr_select_offset = memchr_inv(pcr_selection.pcr_select, 0, 603 pcr_selection.size_of_select); 604 if (pcr_select_offset) { 605 chip->allocated_banks[nr_alloc_banks].alg_id = hash_alg; 606 607 rc = tpm2_init_bank_info(chip, nr_alloc_banks); 608 if (rc < 0) 609 break; 610 611 nr_alloc_banks++; 612 } 613 614 sizeof_pcr_selection = sizeof(pcr_selection.hash_alg) + 615 sizeof(pcr_selection.size_of_select) + 616 pcr_selection.size_of_select; 617 marker = marker + sizeof_pcr_selection; 618 } 619 620 chip->nr_allocated_banks = nr_alloc_banks; 621 out: 622 tpm_buf_destroy(&buf); 623 624 return rc; 625 } 626 627 int tpm2_get_cc_attrs_tbl(struct tpm_chip *chip) 628 { 629 struct tpm_buf buf; 630 u32 nr_commands; 631 __be32 *attrs; 632 u32 cc; 633 int i; 634 int rc; 635 636 rc = tpm2_get_tpm_pt(chip, TPM_PT_TOTAL_COMMANDS, &nr_commands, NULL); 637 if (rc) 638 goto out; 639 640 if (nr_commands > 0xFFFFF) { 641 rc = -EFAULT; 642 goto out; 643 } 644 645 chip->cc_attrs_tbl = devm_kcalloc(&chip->dev, 4, nr_commands, 646 GFP_KERNEL); 647 if (!chip->cc_attrs_tbl) { 648 rc = -ENOMEM; 649 goto out; 650 } 651 652 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 653 if (rc) 654 goto out; 655 656 tpm_buf_append_u32(&buf, TPM2_CAP_COMMANDS); 657 tpm_buf_append_u32(&buf, TPM2_CC_FIRST); 658 tpm_buf_append_u32(&buf, nr_commands); 659 660 rc = tpm_transmit_cmd(chip, &buf, 9 + 4 * nr_commands, NULL); 661 if (rc) { 662 tpm_buf_destroy(&buf); 663 goto out; 664 } 665 666 if (nr_commands != 667 be32_to_cpup((__be32 *)&buf.data[TPM_HEADER_SIZE + 5])) { 668 rc = -EFAULT; 669 tpm_buf_destroy(&buf); 670 goto out; 671 } 672 673 chip->nr_commands = nr_commands; 674 675 attrs = (__be32 *)&buf.data[TPM_HEADER_SIZE + 9]; 676 for (i = 0; i < nr_commands; i++, attrs++) { 677 chip->cc_attrs_tbl[i] = be32_to_cpup(attrs); 678 cc = chip->cc_attrs_tbl[i] & 0xFFFF; 679 680 if (cc == TPM2_CC_CONTEXT_SAVE || cc == TPM2_CC_FLUSH_CONTEXT) { 681 chip->cc_attrs_tbl[i] &= 682 ~(GENMASK(2, 0) << TPM2_CC_ATTR_CHANDLES); 683 chip->cc_attrs_tbl[i] |= 1 << TPM2_CC_ATTR_CHANDLES; 684 } 685 } 686 687 tpm_buf_destroy(&buf); 688 689 out: 690 if (rc > 0) 691 rc = -ENODEV; 692 return rc; 693 } 694 EXPORT_SYMBOL_GPL(tpm2_get_cc_attrs_tbl); 695 696 /** 697 * tpm2_startup - turn on the TPM 698 * @chip: TPM chip to use 699 * 700 * Normally the firmware should start the TPM. This function is provided as a 701 * workaround if this does not happen. A legal case for this could be for 702 * example when a TPM emulator is used. 703 * 704 * Return: same as tpm_transmit_cmd() 705 */ 706 707 static int tpm2_startup(struct tpm_chip *chip) 708 { 709 struct tpm_buf buf; 710 int rc; 711 712 dev_info(&chip->dev, "starting up the TPM manually\n"); 713 714 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_STARTUP); 715 if (rc < 0) 716 return rc; 717 718 tpm_buf_append_u16(&buf, TPM2_SU_CLEAR); 719 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to start the TPM"); 720 tpm_buf_destroy(&buf); 721 722 return rc; 723 } 724 725 /** 726 * tpm2_auto_startup - Perform the standard automatic TPM initialization 727 * sequence 728 * @chip: TPM chip to use 729 * 730 * Returns 0 on success, < 0 in case of fatal error. 731 */ 732 int tpm2_auto_startup(struct tpm_chip *chip) 733 { 734 int rc; 735 736 rc = tpm2_get_timeouts(chip); 737 if (rc) 738 goto out; 739 740 rc = tpm2_do_selftest(chip); 741 if (rc && rc != TPM2_RC_INITIALIZE) 742 goto out; 743 744 if (rc == TPM2_RC_INITIALIZE) { 745 rc = tpm2_startup(chip); 746 if (rc) 747 goto out; 748 749 rc = tpm2_do_selftest(chip); 750 if (rc) 751 goto out; 752 } 753 754 rc = tpm2_get_cc_attrs_tbl(chip); 755 if (rc == TPM2_RC_FAILURE || (rc < 0 && rc != -ENOMEM)) { 756 dev_info(&chip->dev, 757 "TPM in field failure mode, requires firmware upgrade\n"); 758 chip->flags |= TPM_CHIP_FLAG_FIRMWARE_UPGRADE; 759 rc = 0; 760 } 761 762 if (rc) 763 goto out; 764 765 rc = tpm2_sessions_init(chip); 766 767 out: 768 /* 769 * Infineon TPM in field upgrade mode will return no data for the number 770 * of supported commands. 771 */ 772 if (rc == TPM2_RC_UPGRADE || rc == -ENODATA) { 773 dev_info(&chip->dev, "TPM in field upgrade mode, requires firmware upgrade\n"); 774 chip->flags |= TPM_CHIP_FLAG_FIRMWARE_UPGRADE; 775 rc = 0; 776 } 777 778 if (rc > 0) 779 rc = -ENODEV; 780 return rc; 781 } 782 783 int tpm2_find_cc(struct tpm_chip *chip, u32 cc) 784 { 785 u32 cc_mask; 786 int i; 787 788 cc_mask = 1 << TPM2_CC_ATTR_VENDOR | GENMASK(15, 0); 789 for (i = 0; i < chip->nr_commands; i++) 790 if (cc == (chip->cc_attrs_tbl[i] & cc_mask)) 791 return i; 792 793 return -1; 794 } 795