search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi
[linux/fpc-iii.git] / drivers / char / tpm / tpm2-cmd.c
blobeff1f12d981ab275e07387864a876e1cfc35e2d9
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright (C) 2014, 2015 Intel Corporation
4 *
5 * Authors:
6 * Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
7 *
8 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
9 *
10 * This file contains TPM2 protocol implementations of the commands
11 * used by the kernel internally.
12 */
13
14 #include "tpm.h"
15 #include <crypto/hash_info.h>
16
17 static struct tpm2_hash tpm2_hash_map[] = {
18 {HASH_ALGO_SHA1, TPM_ALG_SHA1},
19 {HASH_ALGO_SHA256, TPM_ALG_SHA256},
20 {HASH_ALGO_SHA384, TPM_ALG_SHA384},
21 {HASH_ALGO_SHA512, TPM_ALG_SHA512},
22 {HASH_ALGO_SM3_256, TPM_ALG_SM3_256},
23 };
24
25 int tpm2_get_timeouts(struct tpm_chip *chip)
26 {
27 /* Fixed timeouts for TPM2 */
28 chip->timeout_a = msecs_to_jiffies(TPM2_TIMEOUT_A);
29 chip->timeout_b = msecs_to_jiffies(TPM2_TIMEOUT_B);
30 chip->timeout_c = msecs_to_jiffies(TPM2_TIMEOUT_C);
31 chip->timeout_d = msecs_to_jiffies(TPM2_TIMEOUT_D);
32
33 /* PTP spec timeouts */
34 chip->duration[TPM_SHORT] = msecs_to_jiffies(TPM2_DURATION_SHORT);
35 chip->duration[TPM_MEDIUM] = msecs_to_jiffies(TPM2_DURATION_MEDIUM);
36 chip->duration[TPM_LONG] = msecs_to_jiffies(TPM2_DURATION_LONG);
37
38 /* Key creation commands long timeouts */
39 chip->duration[TPM_LONG_LONG] =
40 msecs_to_jiffies(TPM2_DURATION_LONG_LONG);
41
42 chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS;
43
44 return 0;
45 }
46
47 /**
48 * tpm2_ordinal_duration_index() - returns an index to the chip duration table
49 * @ordinal: TPM command ordinal.
50 *
51 * The function returns an index to the chip duration table
52 * (enum tpm_duration), that describes the maximum amount of
53 * time the chip could take to return the result for a particular ordinal.
54 *
55 * The values of the MEDIUM, and LONG durations are taken
56 * from the PC Client Profile (PTP) specification (750, 2000 msec)
57 *
58 * LONG_LONG is for commands that generates keys which empirically takes
59 * a longer time on some systems.
60 *
61 * Return:
62 * * TPM_MEDIUM
63 * * TPM_LONG
64 * * TPM_LONG_LONG
65 * * TPM_UNDEFINED
66 */
67 static u8 tpm2_ordinal_duration_index(u32 ordinal)
68 {
69 switch (ordinal) {
70 /* Startup */
71 case TPM2_CC_STARTUP: /* 144 */
72 return TPM_MEDIUM;
73
74 case TPM2_CC_SELF_TEST: /* 143 */
75 return TPM_LONG;
76
77 case TPM2_CC_GET_RANDOM: /* 17B */
78 return TPM_LONG;
79
80 case TPM2_CC_SEQUENCE_UPDATE: /* 15C */
81 return TPM_MEDIUM;
82 case TPM2_CC_SEQUENCE_COMPLETE: /* 13E */
83 return TPM_MEDIUM;
84 case TPM2_CC_EVENT_SEQUENCE_COMPLETE: /* 185 */
85 return TPM_MEDIUM;
86 case TPM2_CC_HASH_SEQUENCE_START: /* 186 */
87 return TPM_MEDIUM;
88
89 case TPM2_CC_VERIFY_SIGNATURE: /* 177 */
90 return TPM_LONG;
91
92 case TPM2_CC_PCR_EXTEND: /* 182 */
93 return TPM_MEDIUM;
94
95 case TPM2_CC_HIERARCHY_CONTROL: /* 121 */
96 return TPM_LONG;
97 case TPM2_CC_HIERARCHY_CHANGE_AUTH: /* 129 */
98 return TPM_LONG;
99
100 case TPM2_CC_GET_CAPABILITY: /* 17A */
101 return TPM_MEDIUM;
102
103 case TPM2_CC_NV_READ: /* 14E */
104 return TPM_LONG;
105
106 case TPM2_CC_CREATE_PRIMARY: /* 131 */
107 return TPM_LONG_LONG;
108 case TPM2_CC_CREATE: /* 153 */
109 return TPM_LONG_LONG;
110 case TPM2_CC_CREATE_LOADED: /* 191 */
111 return TPM_LONG_LONG;
112
113 default:
114 return TPM_UNDEFINED;
115 }
116 }
117
118 /**
119 * tpm2_calc_ordinal_duration() - calculate the maximum command duration
120 * @chip: TPM chip to use.
121 * @ordinal: TPM command ordinal.
122 *
123 * The function returns the maximum amount of time the chip could take
124 * to return the result for a particular ordinal in jiffies.
125 *
126 * Return: A maximal duration time for an ordinal in jiffies.
127 */
128 unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
129 {
130 unsigned int index;
131
132 index = tpm2_ordinal_duration_index(ordinal);
133
134 if (index != TPM_UNDEFINED)
135 return chip->duration[index];
136 else
137 return msecs_to_jiffies(TPM2_DURATION_DEFAULT);
138 }
139
140
141 struct tpm2_pcr_read_out {
142 __be32 update_cnt;
143 __be32 pcr_selects_cnt;
144 __be16 hash_alg;
145 u8 pcr_select_size;
146 u8 pcr_select[TPM2_PCR_SELECT_MIN];
147 __be32 digests_cnt;
148 __be16 digest_size;
149 u8 digest[];
150 } __packed;
151
152 /**
153 * tpm2_pcr_read() - read a PCR value
154 * @chip: TPM chip to use.
155 * @pcr_idx: index of the PCR to read.
156 * @digest: PCR bank and buffer current PCR value is written to.
157 * @digest_size_ptr: pointer to variable that stores the digest size.
158 *
159 * Return: Same as with tpm_transmit_cmd.
160 */
161 int tpm2_pcr_read(struct tpm_chip *chip, u32 pcr_idx,
162 struct tpm_digest *digest, u16 *digest_size_ptr)
163 {
164 int i;
165 int rc;
166 struct tpm_buf buf;
167 struct tpm2_pcr_read_out *out;
168 u8 pcr_select[TPM2_PCR_SELECT_MIN] = {0};
169 u16 digest_size;
170 u16 expected_digest_size = 0;
171
172 if (pcr_idx >= TPM2_PLATFORM_PCR)
173 return -EINVAL;
174
175 if (!digest_size_ptr) {
176 for (i = 0; i < chip->nr_allocated_banks &&
177 chip->allocated_banks[i].alg_id != digest->alg_id; i++)
178 ;
179
180 if (i == chip->nr_allocated_banks)
181 return -EINVAL;
182
183 expected_digest_size = chip->allocated_banks[i].digest_size;
184 }
185
186 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_PCR_READ);
187 if (rc)
188 return rc;
189
190 pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7);
191
192 tpm_buf_append_u32(&buf, 1);
193 tpm_buf_append_u16(&buf, digest->alg_id);
194 tpm_buf_append_u8(&buf, TPM2_PCR_SELECT_MIN);
195 tpm_buf_append(&buf, (const unsigned char *)pcr_select,
196 sizeof(pcr_select));
197
198 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to read a pcr value");
199 if (rc)
200 goto out;
201
202 out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE];
203 digest_size = be16_to_cpu(out->digest_size);
204 if (digest_size > sizeof(digest->digest) ||
205 (!digest_size_ptr && digest_size != expected_digest_size)) {
206 rc = -EINVAL;
207 goto out;
208 }
209
210 if (digest_size_ptr)
211 *digest_size_ptr = digest_size;
212
213 memcpy(digest->digest, out->digest, digest_size);
214 out:
215 tpm_buf_destroy(&buf);
216 return rc;
217 }
218
219 struct tpm2_null_auth_area {
220 __be32 handle;
221 __be16 nonce_size;
222 u8 attributes;
223 __be16 auth_size;
224 } __packed;
225
226 /**
227 * tpm2_pcr_extend() - extend a PCR value
228 *
229 * @chip: TPM chip to use.
230 * @pcr_idx: index of the PCR.
231 * @digests: list of pcr banks and corresponding digest values to extend.
232 *
233 * Return: Same as with tpm_transmit_cmd.
234 */
235 int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx,
236 struct tpm_digest *digests)
237 {
238 struct tpm_buf buf;
239 struct tpm2_null_auth_area auth_area;
240 int rc;
241 int i;
242
243 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND);
244 if (rc)
245 return rc;
246
247 tpm_buf_append_u32(&buf, pcr_idx);
248
249 auth_area.handle = cpu_to_be32(TPM2_RS_PW);
250 auth_area.nonce_size = 0;
251 auth_area.attributes = 0;
252 auth_area.auth_size = 0;
253
254 tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area));
255 tpm_buf_append(&buf, (const unsigned char *)&auth_area,
256 sizeof(auth_area));
257 tpm_buf_append_u32(&buf, chip->nr_allocated_banks);
258
259 for (i = 0; i < chip->nr_allocated_banks; i++) {
260 tpm_buf_append_u16(&buf, digests[i].alg_id);
261 tpm_buf_append(&buf, (const unsigned char *)&digests[i].digest,
262 chip->allocated_banks[i].digest_size);
263 }
264
265 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting extend a PCR value");
266
267 tpm_buf_destroy(&buf);
268
269 return rc;
270 }
271
272 struct tpm2_get_random_out {
273 __be16 size;
274 u8 buffer[TPM_MAX_RNG_DATA];
275 } __packed;
276
277 /**
278 * tpm2_get_random() - get random bytes from the TPM RNG
279 *
280 * @chip: a &tpm_chip instance
281 * @dest: destination buffer
282 * @max: the max number of random bytes to pull
283 *
284 * Return:
285 * size of the buffer on success,
286 * -errno otherwise (positive TPM return codes are masked to -EIO)
287 */
288 int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max)
289 {
290 struct tpm2_get_random_out *out;
291 struct tpm_buf buf;
292 u32 recd;
293 u32 num_bytes = max;
294 int err;
295 int total = 0;
296 int retries = 5;
297 u8 *dest_ptr = dest;
298
299 if (!num_bytes || max > TPM_MAX_RNG_DATA)
300 return -EINVAL;
301
302 err = tpm_buf_init(&buf, 0, 0);
303 if (err)
304 return err;
305
306 do {
307 tpm_buf_reset(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_RANDOM);
308 tpm_buf_append_u16(&buf, num_bytes);
309 err = tpm_transmit_cmd(chip, &buf,
310 offsetof(struct tpm2_get_random_out,
311 buffer),
312 "attempting get random");
313 if (err) {
314 if (err > 0)
315 err = -EIO;
316 goto out;
317 }
318
319 out = (struct tpm2_get_random_out *)
320 &buf.data[TPM_HEADER_SIZE];
321 recd = min_t(u32, be16_to_cpu(out->size), num_bytes);
322 if (tpm_buf_length(&buf) <
323 TPM_HEADER_SIZE +
324 offsetof(struct tpm2_get_random_out, buffer) +
325 recd) {
326 err = -EFAULT;
327 goto out;
328 }
329 memcpy(dest_ptr, out->buffer, recd);
330
331 dest_ptr += recd;
332 total += recd;
333 num_bytes -= recd;
334 } while (retries-- && total < max);
335
336 tpm_buf_destroy(&buf);
337 return total ? total : -EIO;
338 out:
339 tpm_buf_destroy(&buf);
340 return err;
341 }
342
343 /**
344 * tpm2_flush_context() - execute a TPM2_FlushContext command
345 * @chip: TPM chip to use
346 * @handle: context handle
347 */
348 void tpm2_flush_context(struct tpm_chip *chip, u32 handle)
349 {
350 struct tpm_buf buf;
351 int rc;
352
353 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_FLUSH_CONTEXT);
354 if (rc) {
355 dev_warn(&chip->dev, "0x%08x was not flushed, out of memory\n",
356 handle);
357 return;
358 }
359
360 tpm_buf_append_u32(&buf, handle);
361
362 tpm_transmit_cmd(chip, &buf, 0, "flushing context");
363 tpm_buf_destroy(&buf);
364 }
365 EXPORT_SYMBOL_GPL(tpm2_flush_context);
366
367 struct tpm2_get_cap_out {
368 u8 more_data;
369 __be32 subcap_id;
370 __be32 property_cnt;
371 __be32 property_id;
372 __be32 value;
373 } __packed;
374
375 /**
376 * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property
377 * @chip: a &tpm_chip instance
378 * @property_id: property ID.
379 * @value: output variable.
380 * @desc: passed to tpm_transmit_cmd()
381 *
382 * Return:
383 * 0 on success,
384 * -errno or a TPM return code otherwise
385 */
386 ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, u32 *value,
387 const char *desc)
388 {
389 struct tpm2_get_cap_out *out;
390 struct tpm_buf buf;
391 int rc;
392
393 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
394 if (rc)
395 return rc;
396 tpm_buf_append_u32(&buf, TPM2_CAP_TPM_PROPERTIES);
397 tpm_buf_append_u32(&buf, property_id);
398 tpm_buf_append_u32(&buf, 1);
399 rc = tpm_transmit_cmd(chip, &buf, 0, NULL);
400 if (!rc) {
401 out = (struct tpm2_get_cap_out *)
402 &buf.data[TPM_HEADER_SIZE];
403 *value = be32_to_cpu(out->value);
404 }
405 tpm_buf_destroy(&buf);
406 return rc;
407 }
408 EXPORT_SYMBOL_GPL(tpm2_get_tpm_pt);
409
410 /**
411 * tpm2_shutdown() - send a TPM shutdown command
412 *
413 * Sends a TPM shutdown command. The shutdown command is used in call
414 * sites where the system is going down. If it fails, there is not much
415 * that can be done except print an error message.
416 *
417 * @chip: a &tpm_chip instance
418 * @shutdown_type: TPM_SU_CLEAR or TPM_SU_STATE.
419 */
420 void tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type)
421 {
422 struct tpm_buf buf;
423 int rc;
424
425 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_SHUTDOWN);
426 if (rc)
427 return;
428 tpm_buf_append_u16(&buf, shutdown_type);
429 tpm_transmit_cmd(chip, &buf, 0, "stopping the TPM");
430 tpm_buf_destroy(&buf);
431 }
432
433 /**
434 * tpm2_do_selftest() - ensure that all self tests have passed
435 *
436 * @chip: TPM chip to use
437 *
438 * Return: Same as with tpm_transmit_cmd.
439 *
440 * The TPM can either run all self tests synchronously and then return
441 * RC_SUCCESS once all tests were successful. Or it can choose to run the tests
442 * asynchronously and return RC_TESTING immediately while the self tests still
443 * execute in the background. This function handles both cases and waits until
444 * all tests have completed.
445 */
446 static int tpm2_do_selftest(struct tpm_chip *chip)
447 {
448 struct tpm_buf buf;
449 int full;
450 int rc;
451
452 for (full = 0; full < 2; full++) {
453 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_SELF_TEST);
454 if (rc)
455 return rc;
456
457 tpm_buf_append_u8(&buf, full);
458 rc = tpm_transmit_cmd(chip, &buf, 0,
459 "attempting the self test");
460 tpm_buf_destroy(&buf);
461
462 if (rc == TPM2_RC_TESTING)
463 rc = TPM2_RC_SUCCESS;
464 if (rc == TPM2_RC_INITIALIZE || rc == TPM2_RC_SUCCESS)
465 return rc;
466 }
467
468 return rc;
469 }
470
471 /**
472 * tpm2_probe() - probe for the TPM 2.0 protocol
473 * @chip: a &tpm_chip instance
474 *
475 * Send an idempotent TPM 2.0 command and see whether there is TPM2 chip in the
476 * other end based on the response tag. The flag TPM_CHIP_FLAG_TPM2 is set by
477 * this function if this is the case.
478 *
479 * Return:
480 * 0 on success,
481 * -errno otherwise
482 */
483 int tpm2_probe(struct tpm_chip *chip)
484 {
485 struct tpm_header *out;
486 struct tpm_buf buf;
487 int rc;
488
489 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
490 if (rc)
491 return rc;
492 tpm_buf_append_u32(&buf, TPM2_CAP_TPM_PROPERTIES);
493 tpm_buf_append_u32(&buf, TPM_PT_TOTAL_COMMANDS);
494 tpm_buf_append_u32(&buf, 1);
495 rc = tpm_transmit_cmd(chip, &buf, 0, NULL);
496 /* We ignore TPM return codes on purpose. */
497 if (rc >= 0) {
498 out = (struct tpm_header *)buf.data;
499 if (be16_to_cpu(out->tag) == TPM2_ST_NO_SESSIONS)
500 chip->flags |= TPM_CHIP_FLAG_TPM2;
501 }
502 tpm_buf_destroy(&buf);
503 return 0;
504 }
505 EXPORT_SYMBOL_GPL(tpm2_probe);
506
507 static int tpm2_init_bank_info(struct tpm_chip *chip, u32 bank_index)
508 {
509 struct tpm_bank_info *bank = chip->allocated_banks + bank_index;
510 struct tpm_digest digest = { .alg_id = bank->alg_id };
511 int i;
512
513 /*
514 * Avoid unnecessary PCR read operations to reduce overhead
515 * and obtain identifiers of the crypto subsystem.
516 */
517 for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) {
518 enum hash_algo crypto_algo = tpm2_hash_map[i].crypto_id;
519
520 if (bank->alg_id != tpm2_hash_map[i].tpm_id)
521 continue;
522
523 bank->digest_size = hash_digest_size[crypto_algo];
524 bank->crypto_id = crypto_algo;
525 return 0;
526 }
527
528 bank->crypto_id = HASH_ALGO__LAST;
529
530 return tpm2_pcr_read(chip, 0, &digest, &bank->digest_size);
531 }
532
533 struct tpm2_pcr_selection {
534 __be16 hash_alg;
535 u8 size_of_select;
536 u8 pcr_select[3];
537 } __packed;
538
539 ssize_t tpm2_get_pcr_allocation(struct tpm_chip *chip)
540 {
541 struct tpm2_pcr_selection pcr_selection;
542 struct tpm_buf buf;
543 void *marker;
544 void *end;
545 void *pcr_select_offset;
546 u32 sizeof_pcr_selection;
547 u32 nr_possible_banks;
548 u32 nr_alloc_banks = 0;
549 u16 hash_alg;
550 u32 rsp_len;
551 int rc;
552 int i = 0;
553
554 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
555 if (rc)
556 return rc;
557
558 tpm_buf_append_u32(&buf, TPM2_CAP_PCRS);
559 tpm_buf_append_u32(&buf, 0);
560 tpm_buf_append_u32(&buf, 1);
561
562 rc = tpm_transmit_cmd(chip, &buf, 9, "get tpm pcr allocation");
563 if (rc)
564 goto out;
565
566 nr_possible_banks = be32_to_cpup(
567 (__be32 *)&buf.data[TPM_HEADER_SIZE + 5]);
568
569 chip->allocated_banks = kcalloc(nr_possible_banks,
570 sizeof(*chip->allocated_banks),
571 GFP_KERNEL);
572 if (!chip->allocated_banks) {
573 rc = -ENOMEM;
574 goto out;
575 }
576
577 marker = &buf.data[TPM_HEADER_SIZE + 9];
578
579 rsp_len = be32_to_cpup((__be32 *)&buf.data[2]);
580 end = &buf.data[rsp_len];
581
582 for (i = 0; i < nr_possible_banks; i++) {
583 pcr_select_offset = marker +
584 offsetof(struct tpm2_pcr_selection, size_of_select);
585 if (pcr_select_offset >= end) {
586 rc = -EFAULT;
587 break;
588 }
589
590 memcpy(&pcr_selection, marker, sizeof(pcr_selection));
591 hash_alg = be16_to_cpu(pcr_selection.hash_alg);
592
593 pcr_select_offset = memchr_inv(pcr_selection.pcr_select, 0,
594 pcr_selection.size_of_select);
595 if (pcr_select_offset) {
596 chip->allocated_banks[nr_alloc_banks].alg_id = hash_alg;
597
598 rc = tpm2_init_bank_info(chip, nr_alloc_banks);
599 if (rc < 0)
600 break;
601
602 nr_alloc_banks++;
603 }
604
605 sizeof_pcr_selection = sizeof(pcr_selection.hash_alg) +
606 sizeof(pcr_selection.size_of_select) +
607 pcr_selection.size_of_select;
608 marker = marker + sizeof_pcr_selection;
609 }
610
611 chip->nr_allocated_banks = nr_alloc_banks;
612 out:
613 tpm_buf_destroy(&buf);
614
615 return rc;
616 }
617
618 int tpm2_get_cc_attrs_tbl(struct tpm_chip *chip)
619 {
620 struct tpm_buf buf;
621 u32 nr_commands;
622 __be32 *attrs;
623 u32 cc;
624 int i;
625 int rc;
626
627 rc = tpm2_get_tpm_pt(chip, TPM_PT_TOTAL_COMMANDS, &nr_commands, NULL);
628 if (rc)
629 goto out;
630
631 if (nr_commands > 0xFFFFF) {
632 rc = -EFAULT;
633 goto out;
634 }
635
636 chip->cc_attrs_tbl = devm_kcalloc(&chip->dev, 4, nr_commands,
637 GFP_KERNEL);
638 if (!chip->cc_attrs_tbl) {
639 rc = -ENOMEM;
640 goto out;
641 }
642
643 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
644 if (rc)
645 goto out;
646
647 tpm_buf_append_u32(&buf, TPM2_CAP_COMMANDS);
648 tpm_buf_append_u32(&buf, TPM2_CC_FIRST);
649 tpm_buf_append_u32(&buf, nr_commands);
650
651 rc = tpm_transmit_cmd(chip, &buf, 9 + 4 * nr_commands, NULL);
652 if (rc) {
653 tpm_buf_destroy(&buf);
654 goto out;
655 }
656
657 if (nr_commands !=
658 be32_to_cpup((__be32 *)&buf.data[TPM_HEADER_SIZE + 5])) {
659 tpm_buf_destroy(&buf);
660 goto out;
661 }
662
663 chip->nr_commands = nr_commands;
664
665 attrs = (__be32 *)&buf.data[TPM_HEADER_SIZE + 9];
666 for (i = 0; i < nr_commands; i++, attrs++) {
667 chip->cc_attrs_tbl[i] = be32_to_cpup(attrs);
668 cc = chip->cc_attrs_tbl[i] & 0xFFFF;
669
670 if (cc == TPM2_CC_CONTEXT_SAVE || cc == TPM2_CC_FLUSH_CONTEXT) {
671 chip->cc_attrs_tbl[i] &=
672 ~(GENMASK(2, 0) << TPM2_CC_ATTR_CHANDLES);
673 chip->cc_attrs_tbl[i] |= 1 << TPM2_CC_ATTR_CHANDLES;
674 }
675 }
676
677 tpm_buf_destroy(&buf);
678
679 out:
680 if (rc > 0)
681 rc = -ENODEV;
682 return rc;
683 }
684 EXPORT_SYMBOL_GPL(tpm2_get_cc_attrs_tbl);
685
686 /**
687 * tpm2_startup - turn on the TPM
688 * @chip: TPM chip to use
689 *
690 * Normally the firmware should start the TPM. This function is provided as a
691 * workaround if this does not happen. A legal case for this could be for
692 * example when a TPM emulator is used.
693 *
694 * Return: same as tpm_transmit_cmd()
695 */
696
697 static int tpm2_startup(struct tpm_chip *chip)
698 {
699 struct tpm_buf buf;
700 int rc;
701
702 dev_info(&chip->dev, "starting up the TPM manually\n");
703
704 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_STARTUP);
705 if (rc < 0)
706 return rc;
707
708 tpm_buf_append_u16(&buf, TPM2_SU_CLEAR);
709 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to start the TPM");
710 tpm_buf_destroy(&buf);
711
712 return rc;
713 }
714
715 /**
716 * tpm2_auto_startup - Perform the standard automatic TPM initialization
717 * sequence
718 * @chip: TPM chip to use
719 *
720 * Returns 0 on success, < 0 in case of fatal error.
721 */
722 int tpm2_auto_startup(struct tpm_chip *chip)
723 {
724 int rc;
725
726 rc = tpm2_get_timeouts(chip);
727 if (rc)
728 goto out;
729
730 rc = tpm2_do_selftest(chip);
731 if (rc && rc != TPM2_RC_INITIALIZE)
732 goto out;
733
734 if (rc == TPM2_RC_INITIALIZE) {
735 rc = tpm2_startup(chip);
736 if (rc)
737 goto out;
738
739 rc = tpm2_do_selftest(chip);
740 if (rc)
741 goto out;
742 }
743
744 rc = tpm2_get_cc_attrs_tbl(chip);
745
746 out:
747 if (rc > 0)
748 rc = -ENODEV;
749 return rc;
750 }
751
752 int tpm2_find_cc(struct tpm_chip *chip, u32 cc)
753 {
754 int i;
755
756 for (i = 0; i < chip->nr_commands; i++)
757 if (cc == (chip->cc_attrs_tbl[i] & GENMASK(15, 0)))
758 return i;
759
760 return -1;
761 }
Linux with added FPC-III support