1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2014, 2015 Intel Corporation 4 * 5 * Authors: 6 * Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> 7 * 8 * Maintained by: <tpmdd-devel@lists.sourceforge.net> 9 * 10 * This file contains TPM2 protocol implementations of the commands 11 * used by the kernel internally. 12 */ 13 14 #include "linux/dev_printk.h" 15 #include "linux/tpm.h" 16 #include "tpm.h" 17 #include <crypto/hash_info.h> 18 #include <linux/unaligned.h> 19 20 static bool disable_pcr_integrity; 21 module_param(disable_pcr_integrity, bool, 0444); 22 MODULE_PARM_DESC(disable_pcr_integrity, "Disable integrity protection of TPM2_PCR_Extend"); 23 24 static const struct tpm2_hash tpm2_hash_map[] = { 25 {HASH_ALGO_SHA1, TPM_ALG_SHA1}, 26 {HASH_ALGO_SHA256, TPM_ALG_SHA256}, 27 {HASH_ALGO_SHA384, TPM_ALG_SHA384}, 28 {HASH_ALGO_SHA512, TPM_ALG_SHA512}, 29 {HASH_ALGO_SM3_256, TPM_ALG_SM3_256}, 30 }; 31 32 int tpm2_find_hash_alg(unsigned int crypto_id) 33 { 34 int i; 35 36 for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) 37 if (crypto_id == tpm2_hash_map[i].crypto_id) 38 return tpm2_hash_map[i].tpm_id; 39 40 return -EINVAL; 41 } 42 EXPORT_SYMBOL_GPL(tpm2_find_hash_alg); 43 44 int tpm2_get_timeouts(struct tpm_chip *chip) 45 { 46 chip->timeout_a = msecs_to_jiffies(TPM2_TIMEOUT_A); 47 chip->timeout_b = msecs_to_jiffies(TPM2_TIMEOUT_B); 48 chip->timeout_c = msecs_to_jiffies(TPM2_TIMEOUT_C); 49 chip->timeout_d = msecs_to_jiffies(TPM2_TIMEOUT_D); 50 chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS; 51 return 0; 52 } 53 54 /* 55 * Contains the maximum durations in milliseconds for TPM2 commands. 56 */ 57 static const struct { 58 unsigned long ordinal; 59 unsigned long duration; 60 } tpm2_ordinal_duration_map[] = { 61 {TPM2_CC_STARTUP, 750}, 62 {TPM2_CC_SELF_TEST, 3000}, 63 {TPM2_CC_GET_RANDOM, 2000}, 64 {TPM2_CC_SEQUENCE_UPDATE, 750}, 65 {TPM2_CC_SEQUENCE_COMPLETE, 750}, 66 {TPM2_CC_EVENT_SEQUENCE_COMPLETE, 750}, 67 {TPM2_CC_HASH_SEQUENCE_START, 750}, 68 {TPM2_CC_VERIFY_SIGNATURE, 30000}, 69 {TPM2_CC_PCR_EXTEND, 750}, 70 {TPM2_CC_HIERARCHY_CONTROL, 2000}, 71 {TPM2_CC_HIERARCHY_CHANGE_AUTH, 2000}, 72 {TPM2_CC_GET_CAPABILITY, 750}, 73 {TPM2_CC_NV_READ, 2000}, 74 {TPM2_CC_CREATE_PRIMARY, 30000}, 75 {TPM2_CC_CREATE, 30000}, 76 {TPM2_CC_CREATE_LOADED, 30000}, 77 }; 78 79 /** 80 * tpm2_calc_ordinal_duration() - Calculate the maximum command duration 81 * @ordinal: TPM command ordinal. 82 * 83 * Returns the maximum amount of time the chip is expected by kernel to 84 * take in jiffies. 85 */ 86 unsigned long tpm2_calc_ordinal_duration(u32 ordinal) 87 { 88 int i; 89 90 for (i = 0; i < ARRAY_SIZE(tpm2_ordinal_duration_map); i++) 91 if (ordinal == tpm2_ordinal_duration_map[i].ordinal) 92 return msecs_to_jiffies(tpm2_ordinal_duration_map[i].duration); 93 94 return msecs_to_jiffies(TPM2_DURATION_DEFAULT); 95 } 96 97 struct tpm2_pcr_read_out { 98 __be32 update_cnt; 99 __be32 pcr_selects_cnt; 100 __be16 hash_alg; 101 u8 pcr_select_size; 102 u8 pcr_select[TPM2_PCR_SELECT_MIN]; 103 __be32 digests_cnt; 104 __be16 digest_size; 105 u8 digest[]; 106 } __packed; 107 108 /** 109 * tpm2_pcr_read() - read a PCR value 110 * @chip: TPM chip to use. 111 * @pcr_idx: index of the PCR to read. 112 * @digest: PCR bank and buffer current PCR value is written to. 113 * @digest_size_ptr: pointer to variable that stores the digest size. 114 * 115 * Return: Same as with tpm_transmit_cmd. 116 */ 117 int tpm2_pcr_read(struct tpm_chip *chip, u32 pcr_idx, 118 struct tpm_digest *digest, u16 *digest_size_ptr) 119 { 120 int i; 121 int rc; 122 struct tpm_buf buf; 123 struct tpm2_pcr_read_out *out; 124 u8 pcr_select[TPM2_PCR_SELECT_MIN] = {0}; 125 u16 digest_size; 126 u16 expected_digest_size = 0; 127 128 if (pcr_idx >= TPM2_PLATFORM_PCR) 129 return -EINVAL; 130 131 if (!digest_size_ptr) { 132 for (i = 0; i < chip->nr_allocated_banks && 133 chip->allocated_banks[i].alg_id != digest->alg_id; i++) 134 ; 135 136 if (i == chip->nr_allocated_banks) 137 return -EINVAL; 138 139 expected_digest_size = chip->allocated_banks[i].digest_size; 140 } 141 142 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_PCR_READ); 143 if (rc) 144 return rc; 145 146 pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7); 147 148 tpm_buf_append_u32(&buf, 1); 149 tpm_buf_append_u16(&buf, digest->alg_id); 150 tpm_buf_append_u8(&buf, TPM2_PCR_SELECT_MIN); 151 tpm_buf_append(&buf, (const unsigned char *)pcr_select, 152 sizeof(pcr_select)); 153 154 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to read a pcr value"); 155 if (rc) 156 goto out; 157 158 out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE]; 159 digest_size = be16_to_cpu(out->digest_size); 160 if (digest_size > sizeof(digest->digest) || 161 (!digest_size_ptr && digest_size != expected_digest_size)) { 162 rc = -EINVAL; 163 goto out; 164 } 165 166 if (digest_size_ptr) 167 *digest_size_ptr = digest_size; 168 169 memcpy(digest->digest, out->digest, digest_size); 170 out: 171 tpm_buf_destroy(&buf); 172 return rc; 173 } 174 175 /** 176 * tpm2_pcr_extend() - extend a PCR value 177 * 178 * @chip: TPM chip to use. 179 * @pcr_idx: index of the PCR. 180 * @digests: list of pcr banks and corresponding digest values to extend. 181 * 182 * Return: Same as with tpm_transmit_cmd. 183 */ 184 int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, 185 struct tpm_digest *digests) 186 { 187 struct tpm_buf buf; 188 int rc; 189 int i; 190 191 if (!disable_pcr_integrity) { 192 rc = tpm2_start_auth_session(chip); 193 if (rc) 194 return rc; 195 } 196 197 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND); 198 if (rc) { 199 if (!disable_pcr_integrity) 200 tpm2_end_auth_session(chip); 201 return rc; 202 } 203 204 if (!disable_pcr_integrity) { 205 rc = tpm_buf_append_name(chip, &buf, pcr_idx, NULL); 206 if (rc) { 207 tpm_buf_destroy(&buf); 208 return rc; 209 } 210 tpm_buf_append_hmac_session(chip, &buf, 0, NULL, 0); 211 } else { 212 tpm_buf_append_handle(chip, &buf, pcr_idx); 213 tpm_buf_append_auth(chip, &buf, NULL, 0); 214 } 215 216 tpm_buf_append_u32(&buf, chip->nr_allocated_banks); 217 218 for (i = 0; i < chip->nr_allocated_banks; i++) { 219 tpm_buf_append_u16(&buf, digests[i].alg_id); 220 tpm_buf_append(&buf, (const unsigned char *)&digests[i].digest, 221 chip->allocated_banks[i].digest_size); 222 } 223 224 if (!disable_pcr_integrity) { 225 rc = tpm_buf_fill_hmac_session(chip, &buf); 226 if (rc) { 227 tpm_buf_destroy(&buf); 228 return rc; 229 } 230 } 231 232 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting extend a PCR value"); 233 if (!disable_pcr_integrity) 234 rc = tpm_buf_check_hmac_response(chip, &buf, rc); 235 236 tpm_buf_destroy(&buf); 237 238 return rc; 239 } 240 241 struct tpm2_get_random_out { 242 __be16 size; 243 u8 buffer[TPM_MAX_RNG_DATA]; 244 } __packed; 245 246 /** 247 * tpm2_get_random() - get random bytes from the TPM RNG 248 * 249 * @chip: a &tpm_chip instance 250 * @dest: destination buffer 251 * @max: the max number of random bytes to pull 252 * 253 * Return: 254 * size of the buffer on success, 255 * -errno otherwise (positive TPM return codes are masked to -EIO) 256 */ 257 int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max) 258 { 259 struct tpm2_get_random_out *out; 260 struct tpm_header *head; 261 struct tpm_buf buf; 262 u32 recd; 263 u32 num_bytes = max; 264 int err; 265 int total = 0; 266 int retries = 5; 267 u8 *dest_ptr = dest; 268 off_t offset; 269 270 if (!num_bytes || max > TPM_MAX_RNG_DATA) 271 return -EINVAL; 272 273 err = tpm2_start_auth_session(chip); 274 if (err) 275 return err; 276 277 err = tpm_buf_init(&buf, 0, 0); 278 if (err) { 279 tpm2_end_auth_session(chip); 280 return err; 281 } 282 283 do { 284 tpm_buf_reset(&buf, TPM2_ST_SESSIONS, TPM2_CC_GET_RANDOM); 285 if (tpm2_chip_auth(chip)) { 286 tpm_buf_append_hmac_session(chip, &buf, 287 TPM2_SA_ENCRYPT | 288 TPM2_SA_CONTINUE_SESSION, 289 NULL, 0); 290 } else { 291 offset = buf.handles * 4 + TPM_HEADER_SIZE; 292 head = (struct tpm_header *)buf.data; 293 if (tpm_buf_length(&buf) == offset) 294 head->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS); 295 } 296 tpm_buf_append_u16(&buf, num_bytes); 297 err = tpm_buf_fill_hmac_session(chip, &buf); 298 if (err) 299 goto out; 300 301 err = tpm_transmit_cmd(chip, &buf, 302 offsetof(struct tpm2_get_random_out, 303 buffer), 304 "attempting get random"); 305 err = tpm_buf_check_hmac_response(chip, &buf, err); 306 if (err) { 307 if (err > 0) 308 err = -EIO; 309 goto out; 310 } 311 312 head = (struct tpm_header *)buf.data; 313 offset = TPM_HEADER_SIZE; 314 /* Skip the parameter size field: */ 315 if (be16_to_cpu(head->tag) == TPM2_ST_SESSIONS) 316 offset += 4; 317 318 out = (struct tpm2_get_random_out *)&buf.data[offset]; 319 recd = min_t(u32, be16_to_cpu(out->size), num_bytes); 320 if (tpm_buf_length(&buf) < 321 TPM_HEADER_SIZE + 322 offsetof(struct tpm2_get_random_out, buffer) + 323 recd) { 324 err = -EFAULT; 325 goto out; 326 } 327 memcpy(dest_ptr, out->buffer, recd); 328 329 dest_ptr += recd; 330 total += recd; 331 num_bytes -= recd; 332 } while (retries-- && total < max); 333 334 tpm_buf_destroy(&buf); 335 336 return total ? total : -EIO; 337 out: 338 tpm_buf_destroy(&buf); 339 tpm2_end_auth_session(chip); 340 return err; 341 } 342 343 /** 344 * tpm2_flush_context() - execute a TPM2_FlushContext command 345 * @chip: TPM chip to use 346 * @handle: context handle 347 */ 348 void tpm2_flush_context(struct tpm_chip *chip, u32 handle) 349 { 350 struct tpm_buf buf; 351 int rc; 352 353 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_FLUSH_CONTEXT); 354 if (rc) { 355 dev_warn(&chip->dev, "0x%08x was not flushed, out of memory\n", 356 handle); 357 return; 358 } 359 360 tpm_buf_append_u32(&buf, handle); 361 362 tpm_transmit_cmd(chip, &buf, 0, "flushing context"); 363 tpm_buf_destroy(&buf); 364 } 365 EXPORT_SYMBOL_GPL(tpm2_flush_context); 366 367 struct tpm2_get_cap_out { 368 u8 more_data; 369 __be32 subcap_id; 370 __be32 property_cnt; 371 __be32 property_id; 372 __be32 value; 373 } __packed; 374 375 /** 376 * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property 377 * @chip: a &tpm_chip instance 378 * @property_id: property ID. 379 * @value: output variable. 380 * @desc: passed to tpm_transmit_cmd() 381 * 382 * Return: 383 * 0 on success, 384 * -errno or a TPM return code otherwise 385 */ 386 ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, u32 *value, 387 const char *desc) 388 { 389 struct tpm2_get_cap_out *out; 390 struct tpm_buf buf; 391 int rc; 392 393 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 394 if (rc) 395 return rc; 396 tpm_buf_append_u32(&buf, TPM2_CAP_TPM_PROPERTIES); 397 tpm_buf_append_u32(&buf, property_id); 398 tpm_buf_append_u32(&buf, 1); 399 rc = tpm_transmit_cmd(chip, &buf, 0, NULL); 400 if (!rc) { 401 out = (struct tpm2_get_cap_out *) 402 &buf.data[TPM_HEADER_SIZE]; 403 /* 404 * To prevent failing boot up of some systems, Infineon TPM2.0 405 * returns SUCCESS on TPM2_Startup in field upgrade mode. Also 406 * the TPM2_Getcapability command returns a zero length list 407 * in field upgrade mode. 408 */ 409 if (be32_to_cpu(out->property_cnt) > 0) 410 *value = be32_to_cpu(out->value); 411 else 412 rc = -ENODATA; 413 } 414 tpm_buf_destroy(&buf); 415 return rc; 416 } 417 EXPORT_SYMBOL_GPL(tpm2_get_tpm_pt); 418 419 /** 420 * tpm2_shutdown() - send a TPM shutdown command 421 * 422 * Sends a TPM shutdown command. The shutdown command is used in call 423 * sites where the system is going down. If it fails, there is not much 424 * that can be done except print an error message. 425 * 426 * @chip: a &tpm_chip instance 427 * @shutdown_type: TPM_SU_CLEAR or TPM_SU_STATE. 428 */ 429 void tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type) 430 { 431 struct tpm_buf buf; 432 int rc; 433 434 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_SHUTDOWN); 435 if (rc) 436 return; 437 tpm_buf_append_u16(&buf, shutdown_type); 438 tpm_transmit_cmd(chip, &buf, 0, "stopping the TPM"); 439 tpm_buf_destroy(&buf); 440 } 441 442 /** 443 * tpm2_do_selftest() - ensure that all self tests have passed 444 * 445 * @chip: TPM chip to use 446 * 447 * Return: Same as with tpm_transmit_cmd. 448 * 449 * The TPM can either run all self tests synchronously and then return 450 * RC_SUCCESS once all tests were successful. Or it can choose to run the tests 451 * asynchronously and return RC_TESTING immediately while the self tests still 452 * execute in the background. This function handles both cases and waits until 453 * all tests have completed. 454 */ 455 static int tpm2_do_selftest(struct tpm_chip *chip) 456 { 457 struct tpm_buf buf; 458 int full; 459 int rc; 460 461 for (full = 0; full < 2; full++) { 462 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_SELF_TEST); 463 if (rc) 464 return rc; 465 466 tpm_buf_append_u8(&buf, full); 467 rc = tpm_transmit_cmd(chip, &buf, 0, 468 "attempting the self test"); 469 tpm_buf_destroy(&buf); 470 471 if (rc == TPM2_RC_TESTING) 472 rc = TPM2_RC_SUCCESS; 473 if (rc == TPM2_RC_INITIALIZE || rc == TPM2_RC_SUCCESS) 474 return rc; 475 } 476 477 return rc; 478 } 479 480 /** 481 * tpm2_probe() - probe for the TPM 2.0 protocol 482 * @chip: a &tpm_chip instance 483 * 484 * Send an idempotent TPM 2.0 command and see whether there is TPM2 chip in the 485 * other end based on the response tag. The flag TPM_CHIP_FLAG_TPM2 is set by 486 * this function if this is the case. 487 * 488 * Return: 489 * 0 on success, 490 * -errno otherwise 491 */ 492 int tpm2_probe(struct tpm_chip *chip) 493 { 494 struct tpm_header *out; 495 struct tpm_buf buf; 496 int rc; 497 498 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 499 if (rc) 500 return rc; 501 tpm_buf_append_u32(&buf, TPM2_CAP_TPM_PROPERTIES); 502 tpm_buf_append_u32(&buf, TPM_PT_TOTAL_COMMANDS); 503 tpm_buf_append_u32(&buf, 1); 504 rc = tpm_transmit_cmd(chip, &buf, 0, NULL); 505 /* We ignore TPM return codes on purpose. */ 506 if (rc >= 0) { 507 out = (struct tpm_header *)buf.data; 508 if (be16_to_cpu(out->tag) == TPM2_ST_NO_SESSIONS) 509 chip->flags |= TPM_CHIP_FLAG_TPM2; 510 } 511 tpm_buf_destroy(&buf); 512 return 0; 513 } 514 EXPORT_SYMBOL_GPL(tpm2_probe); 515 516 static int tpm2_init_bank_info(struct tpm_chip *chip, u32 bank_index) 517 { 518 struct tpm_bank_info *bank = chip->allocated_banks + bank_index; 519 struct tpm_digest digest = { .alg_id = bank->alg_id }; 520 int i; 521 522 /* 523 * Avoid unnecessary PCR read operations to reduce overhead 524 * and obtain identifiers of the crypto subsystem. 525 */ 526 for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) { 527 enum hash_algo crypto_algo = tpm2_hash_map[i].crypto_id; 528 529 if (bank->alg_id != tpm2_hash_map[i].tpm_id) 530 continue; 531 532 bank->digest_size = hash_digest_size[crypto_algo]; 533 bank->crypto_id = crypto_algo; 534 return 0; 535 } 536 537 bank->crypto_id = HASH_ALGO__LAST; 538 539 return tpm2_pcr_read(chip, 0, &digest, &bank->digest_size); 540 } 541 542 struct tpm2_pcr_selection { 543 __be16 hash_alg; 544 u8 size_of_select; 545 u8 pcr_select[3]; 546 } __packed; 547 548 ssize_t tpm2_get_pcr_allocation(struct tpm_chip *chip) 549 { 550 struct tpm2_pcr_selection pcr_selection; 551 struct tpm_buf buf; 552 void *marker; 553 void *end; 554 void *pcr_select_offset; 555 u32 sizeof_pcr_selection; 556 u32 nr_possible_banks; 557 u32 nr_alloc_banks = 0; 558 u16 hash_alg; 559 u32 rsp_len; 560 int rc; 561 int i = 0; 562 563 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 564 if (rc) 565 return rc; 566 567 tpm_buf_append_u32(&buf, TPM2_CAP_PCRS); 568 tpm_buf_append_u32(&buf, 0); 569 tpm_buf_append_u32(&buf, 1); 570 571 rc = tpm_transmit_cmd(chip, &buf, 9, "get tpm pcr allocation"); 572 if (rc) 573 goto out; 574 575 nr_possible_banks = be32_to_cpup( 576 (__be32 *)&buf.data[TPM_HEADER_SIZE + 5]); 577 if (nr_possible_banks > TPM2_MAX_PCR_BANKS) { 578 pr_err("tpm: out of bank capacity: %u > %u\n", 579 nr_possible_banks, TPM2_MAX_PCR_BANKS); 580 rc = -ENOMEM; 581 goto out; 582 } 583 584 marker = &buf.data[TPM_HEADER_SIZE + 9]; 585 586 rsp_len = be32_to_cpup((__be32 *)&buf.data[2]); 587 end = &buf.data[rsp_len]; 588 589 for (i = 0; i < nr_possible_banks; i++) { 590 pcr_select_offset = marker + 591 offsetof(struct tpm2_pcr_selection, size_of_select); 592 if (pcr_select_offset >= end) { 593 rc = -EFAULT; 594 break; 595 } 596 597 memcpy(&pcr_selection, marker, sizeof(pcr_selection)); 598 hash_alg = be16_to_cpu(pcr_selection.hash_alg); 599 600 pcr_select_offset = memchr_inv(pcr_selection.pcr_select, 0, 601 pcr_selection.size_of_select); 602 if (pcr_select_offset) { 603 chip->allocated_banks[nr_alloc_banks].alg_id = hash_alg; 604 605 rc = tpm2_init_bank_info(chip, nr_alloc_banks); 606 if (rc < 0) 607 break; 608 609 nr_alloc_banks++; 610 } 611 612 sizeof_pcr_selection = sizeof(pcr_selection.hash_alg) + 613 sizeof(pcr_selection.size_of_select) + 614 pcr_selection.size_of_select; 615 marker = marker + sizeof_pcr_selection; 616 } 617 618 chip->nr_allocated_banks = nr_alloc_banks; 619 out: 620 tpm_buf_destroy(&buf); 621 622 return rc; 623 } 624 625 int tpm2_get_cc_attrs_tbl(struct tpm_chip *chip) 626 { 627 struct tpm_buf buf; 628 u32 nr_commands; 629 __be32 *attrs; 630 u32 cc; 631 int i; 632 int rc; 633 634 rc = tpm2_get_tpm_pt(chip, TPM_PT_TOTAL_COMMANDS, &nr_commands, NULL); 635 if (rc) 636 goto out; 637 638 if (nr_commands > 0xFFFFF) { 639 rc = -EFAULT; 640 goto out; 641 } 642 643 chip->cc_attrs_tbl = devm_kcalloc(&chip->dev, 4, nr_commands, 644 GFP_KERNEL); 645 if (!chip->cc_attrs_tbl) { 646 rc = -ENOMEM; 647 goto out; 648 } 649 650 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 651 if (rc) 652 goto out; 653 654 tpm_buf_append_u32(&buf, TPM2_CAP_COMMANDS); 655 tpm_buf_append_u32(&buf, TPM2_CC_FIRST); 656 tpm_buf_append_u32(&buf, nr_commands); 657 658 rc = tpm_transmit_cmd(chip, &buf, 9 + 4 * nr_commands, NULL); 659 if (rc) { 660 tpm_buf_destroy(&buf); 661 goto out; 662 } 663 664 if (nr_commands != 665 be32_to_cpup((__be32 *)&buf.data[TPM_HEADER_SIZE + 5])) { 666 rc = -EFAULT; 667 tpm_buf_destroy(&buf); 668 goto out; 669 } 670 671 chip->nr_commands = nr_commands; 672 673 attrs = (__be32 *)&buf.data[TPM_HEADER_SIZE + 9]; 674 for (i = 0; i < nr_commands; i++, attrs++) { 675 chip->cc_attrs_tbl[i] = be32_to_cpup(attrs); 676 cc = chip->cc_attrs_tbl[i] & 0xFFFF; 677 678 if (cc == TPM2_CC_CONTEXT_SAVE || cc == TPM2_CC_FLUSH_CONTEXT) { 679 chip->cc_attrs_tbl[i] &= 680 ~(GENMASK(2, 0) << TPM2_CC_ATTR_CHANDLES); 681 chip->cc_attrs_tbl[i] |= 1 << TPM2_CC_ATTR_CHANDLES; 682 } 683 } 684 685 tpm_buf_destroy(&buf); 686 687 out: 688 if (rc > 0) 689 rc = -ENODEV; 690 return rc; 691 } 692 EXPORT_SYMBOL_GPL(tpm2_get_cc_attrs_tbl); 693 694 /** 695 * tpm2_startup - turn on the TPM 696 * @chip: TPM chip to use 697 * 698 * Normally the firmware should start the TPM. This function is provided as a 699 * workaround if this does not happen. A legal case for this could be for 700 * example when a TPM emulator is used. 701 * 702 * Return: same as tpm_transmit_cmd() 703 */ 704 705 static int tpm2_startup(struct tpm_chip *chip) 706 { 707 struct tpm_buf buf; 708 int rc; 709 710 dev_info(&chip->dev, "starting up the TPM manually\n"); 711 712 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_STARTUP); 713 if (rc < 0) 714 return rc; 715 716 tpm_buf_append_u16(&buf, TPM2_SU_CLEAR); 717 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to start the TPM"); 718 tpm_buf_destroy(&buf); 719 720 return rc; 721 } 722 723 /** 724 * tpm2_auto_startup - Perform the standard automatic TPM initialization 725 * sequence 726 * @chip: TPM chip to use 727 * 728 * Returns 0 on success, < 0 in case of fatal error. 729 */ 730 int tpm2_auto_startup(struct tpm_chip *chip) 731 { 732 int rc; 733 734 rc = tpm2_get_timeouts(chip); 735 if (rc) 736 goto out; 737 738 rc = tpm2_do_selftest(chip); 739 if (rc && rc != TPM2_RC_INITIALIZE) 740 goto out; 741 742 if (rc == TPM2_RC_INITIALIZE) { 743 rc = tpm2_startup(chip); 744 if (rc) 745 goto out; 746 747 rc = tpm2_do_selftest(chip); 748 if (rc) 749 goto out; 750 } 751 752 rc = tpm2_get_cc_attrs_tbl(chip); 753 if (rc == TPM2_RC_FAILURE || (rc < 0 && rc != -ENOMEM)) { 754 dev_info(&chip->dev, 755 "TPM in field failure mode, requires firmware upgrade\n"); 756 chip->flags |= TPM_CHIP_FLAG_FIRMWARE_UPGRADE; 757 rc = 0; 758 } 759 760 if (rc) 761 goto out; 762 763 rc = tpm2_sessions_init(chip); 764 765 out: 766 /* 767 * Infineon TPM in field upgrade mode will return no data for the number 768 * of supported commands. 769 */ 770 if (rc == TPM2_RC_UPGRADE || rc == -ENODATA) { 771 dev_info(&chip->dev, "TPM in field upgrade mode, requires firmware upgrade\n"); 772 chip->flags |= TPM_CHIP_FLAG_FIRMWARE_UPGRADE; 773 rc = 0; 774 } 775 776 if (rc > 0) 777 rc = -ENODEV; 778 return rc; 779 } 780 781 int tpm2_find_cc(struct tpm_chip *chip, u32 cc) 782 { 783 u32 cc_mask; 784 int i; 785 786 cc_mask = 1 << TPM2_CC_ATTR_VENDOR | GENMASK(15, 0); 787 for (i = 0; i < chip->nr_commands; i++) 788 if (cc == (chip->cc_attrs_tbl[i] & cc_mask)) 789 return i; 790 791 return -1; 792 } 793