search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'for-linus' of git://oss.sgi.com/xfs/xfs
[linux/fpc-iii.git] / drivers / char / tpm / tpm.c
blob05ad4a17a28f238ecc197e67051f60a50faad769
1 /*
2 * Copyright (C) 2004 IBM Corporation
3 *
4 * Authors:
5 * Leendert van Doorn <leendert@watson.ibm.com>
6 * Dave Safford <safford@watson.ibm.com>
7 * Reiner Sailer <sailer@watson.ibm.com>
8 * Kylene Hall <kjhall@us.ibm.com>
9 *
10 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
11 *
12 * Device driver for TCG/TCPA TPM (trusted platform module).
13 * Specifications at www.trustedcomputinggroup.org
14 *
15 * This program is free software; you can redistribute it and/or
16 * modify it under the terms of the GNU General Public License as
17 * published by the Free Software Foundation, version 2 of the
18 * License.
19 *
20 * Note, the TPM chip is not interrupt driven (only polling)
21 * and can have very long timeouts (minutes!). Hence the unusual
22 * calls to msleep.
23 *
24 */
25
26 #include <linux/poll.h>
27 #include <linux/slab.h>
28 #include <linux/mutex.h>
29 #include <linux/spinlock.h>
30
31 #include "tpm.h"
32
33 enum tpm_const {
34 TPM_MINOR = 224, /* officially assigned */
35 TPM_BUFSIZE = 4096,
36 TPM_NUM_DEVICES = 256,
37 };
38
39 enum tpm_duration {
40 TPM_SHORT = 0,
41 TPM_MEDIUM = 1,
42 TPM_LONG = 2,
43 TPM_UNDEFINED,
44 };
45
46 #define TPM_MAX_ORDINAL 243
47 #define TPM_MAX_PROTECTED_ORDINAL 12
48 #define TPM_PROTECTED_ORDINAL_MASK 0xFF
49
50 static LIST_HEAD(tpm_chip_list);
51 static DEFINE_SPINLOCK(driver_lock);
52 static DECLARE_BITMAP(dev_mask, TPM_NUM_DEVICES);
53
54 /*
55 * Array with one entry per ordinal defining the maximum amount
56 * of time the chip could take to return the result. The ordinal
57 * designation of short, medium or long is defined in a table in
58 * TCG Specification TPM Main Part 2 TPM Structures Section 17. The
59 * values of the SHORT, MEDIUM, and LONG durations are retrieved
60 * from the chip during initialization with a call to tpm_get_timeouts.
61 */
62 static const u8 tpm_protected_ordinal_duration[TPM_MAX_PROTECTED_ORDINAL] = {
63 TPM_UNDEFINED, /* 0 */
64 TPM_UNDEFINED,
65 TPM_UNDEFINED,
66 TPM_UNDEFINED,
67 TPM_UNDEFINED,
68 TPM_UNDEFINED, /* 5 */
69 TPM_UNDEFINED,
70 TPM_UNDEFINED,
71 TPM_UNDEFINED,
72 TPM_UNDEFINED,
73 TPM_SHORT, /* 10 */
74 TPM_SHORT,
75 };
76
77 static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = {
78 TPM_UNDEFINED, /* 0 */
79 TPM_UNDEFINED,
80 TPM_UNDEFINED,
81 TPM_UNDEFINED,
82 TPM_UNDEFINED,
83 TPM_UNDEFINED, /* 5 */
84 TPM_UNDEFINED,
85 TPM_UNDEFINED,
86 TPM_UNDEFINED,
87 TPM_UNDEFINED,
88 TPM_SHORT, /* 10 */
89 TPM_SHORT,
90 TPM_MEDIUM,
91 TPM_LONG,
92 TPM_LONG,
93 TPM_MEDIUM, /* 15 */
94 TPM_SHORT,
95 TPM_SHORT,
96 TPM_MEDIUM,
97 TPM_LONG,
98 TPM_SHORT, /* 20 */
99 TPM_SHORT,
100 TPM_MEDIUM,
101 TPM_MEDIUM,
102 TPM_MEDIUM,
103 TPM_SHORT, /* 25 */
104 TPM_SHORT,
105 TPM_MEDIUM,
106 TPM_SHORT,
107 TPM_SHORT,
108 TPM_MEDIUM, /* 30 */
109 TPM_LONG,
110 TPM_MEDIUM,
111 TPM_SHORT,
112 TPM_SHORT,
113 TPM_SHORT, /* 35 */
114 TPM_MEDIUM,
115 TPM_MEDIUM,
116 TPM_UNDEFINED,
117 TPM_UNDEFINED,
118 TPM_MEDIUM, /* 40 */
119 TPM_LONG,
120 TPM_MEDIUM,
121 TPM_SHORT,
122 TPM_SHORT,
123 TPM_SHORT, /* 45 */
124 TPM_SHORT,
125 TPM_SHORT,
126 TPM_SHORT,
127 TPM_LONG,
128 TPM_MEDIUM, /* 50 */
129 TPM_MEDIUM,
130 TPM_UNDEFINED,
131 TPM_UNDEFINED,
132 TPM_UNDEFINED,
133 TPM_UNDEFINED, /* 55 */
134 TPM_UNDEFINED,
135 TPM_UNDEFINED,
136 TPM_UNDEFINED,
137 TPM_UNDEFINED,
138 TPM_MEDIUM, /* 60 */
139 TPM_MEDIUM,
140 TPM_MEDIUM,
141 TPM_SHORT,
142 TPM_SHORT,
143 TPM_MEDIUM, /* 65 */
144 TPM_UNDEFINED,
145 TPM_UNDEFINED,
146 TPM_UNDEFINED,
147 TPM_UNDEFINED,
148 TPM_SHORT, /* 70 */
149 TPM_SHORT,
150 TPM_UNDEFINED,
151 TPM_UNDEFINED,
152 TPM_UNDEFINED,
153 TPM_UNDEFINED, /* 75 */
154 TPM_UNDEFINED,
155 TPM_UNDEFINED,
156 TPM_UNDEFINED,
157 TPM_UNDEFINED,
158 TPM_LONG, /* 80 */
159 TPM_UNDEFINED,
160 TPM_MEDIUM,
161 TPM_LONG,
162 TPM_SHORT,
163 TPM_UNDEFINED, /* 85 */
164 TPM_UNDEFINED,
165 TPM_UNDEFINED,
166 TPM_UNDEFINED,
167 TPM_UNDEFINED,
168 TPM_SHORT, /* 90 */
169 TPM_SHORT,
170 TPM_SHORT,
171 TPM_SHORT,
172 TPM_SHORT,
173 TPM_UNDEFINED, /* 95 */
174 TPM_UNDEFINED,
175 TPM_UNDEFINED,
176 TPM_UNDEFINED,
177 TPM_UNDEFINED,
178 TPM_MEDIUM, /* 100 */
179 TPM_SHORT,
180 TPM_SHORT,
181 TPM_UNDEFINED,
182 TPM_UNDEFINED,
183 TPM_UNDEFINED, /* 105 */
184 TPM_UNDEFINED,
185 TPM_UNDEFINED,
186 TPM_UNDEFINED,
187 TPM_UNDEFINED,
188 TPM_SHORT, /* 110 */
189 TPM_SHORT,
190 TPM_SHORT,
191 TPM_SHORT,
192 TPM_SHORT,
193 TPM_SHORT, /* 115 */
194 TPM_SHORT,
195 TPM_SHORT,
196 TPM_UNDEFINED,
197 TPM_UNDEFINED,
198 TPM_LONG, /* 120 */
199 TPM_LONG,
200 TPM_MEDIUM,
201 TPM_UNDEFINED,
202 TPM_SHORT,
203 TPM_SHORT, /* 125 */
204 TPM_SHORT,
205 TPM_LONG,
206 TPM_SHORT,
207 TPM_SHORT,
208 TPM_SHORT, /* 130 */
209 TPM_MEDIUM,
210 TPM_UNDEFINED,
211 TPM_SHORT,
212 TPM_MEDIUM,
213 TPM_UNDEFINED, /* 135 */
214 TPM_UNDEFINED,
215 TPM_UNDEFINED,
216 TPM_UNDEFINED,
217 TPM_UNDEFINED,
218 TPM_SHORT, /* 140 */
219 TPM_SHORT,
220 TPM_UNDEFINED,
221 TPM_UNDEFINED,
222 TPM_UNDEFINED,
223 TPM_UNDEFINED, /* 145 */
224 TPM_UNDEFINED,
225 TPM_UNDEFINED,
226 TPM_UNDEFINED,
227 TPM_UNDEFINED,
228 TPM_SHORT, /* 150 */
229 TPM_MEDIUM,
230 TPM_MEDIUM,
231 TPM_SHORT,
232 TPM_SHORT,
233 TPM_UNDEFINED, /* 155 */
234 TPM_UNDEFINED,
235 TPM_UNDEFINED,
236 TPM_UNDEFINED,
237 TPM_UNDEFINED,
238 TPM_SHORT, /* 160 */
239 TPM_SHORT,
240 TPM_SHORT,
241 TPM_SHORT,
242 TPM_UNDEFINED,
243 TPM_UNDEFINED, /* 165 */
244 TPM_UNDEFINED,
245 TPM_UNDEFINED,
246 TPM_UNDEFINED,
247 TPM_UNDEFINED,
248 TPM_LONG, /* 170 */
249 TPM_UNDEFINED,
250 TPM_UNDEFINED,
251 TPM_UNDEFINED,
252 TPM_UNDEFINED,
253 TPM_UNDEFINED, /* 175 */
254 TPM_UNDEFINED,
255 TPM_UNDEFINED,
256 TPM_UNDEFINED,
257 TPM_UNDEFINED,
258 TPM_MEDIUM, /* 180 */
259 TPM_SHORT,
260 TPM_MEDIUM,
261 TPM_MEDIUM,
262 TPM_MEDIUM,
263 TPM_MEDIUM, /* 185 */
264 TPM_SHORT,
265 TPM_UNDEFINED,
266 TPM_UNDEFINED,
267 TPM_UNDEFINED,
268 TPM_UNDEFINED, /* 190 */
269 TPM_UNDEFINED,
270 TPM_UNDEFINED,
271 TPM_UNDEFINED,
272 TPM_UNDEFINED,
273 TPM_UNDEFINED, /* 195 */
274 TPM_UNDEFINED,
275 TPM_UNDEFINED,
276 TPM_UNDEFINED,
277 TPM_UNDEFINED,
278 TPM_SHORT, /* 200 */
279 TPM_UNDEFINED,
280 TPM_UNDEFINED,
281 TPM_UNDEFINED,
282 TPM_SHORT,
283 TPM_SHORT, /* 205 */
284 TPM_SHORT,
285 TPM_SHORT,
286 TPM_SHORT,
287 TPM_SHORT,
288 TPM_MEDIUM, /* 210 */
289 TPM_UNDEFINED,
290 TPM_MEDIUM,
291 TPM_MEDIUM,
292 TPM_MEDIUM,
293 TPM_UNDEFINED, /* 215 */
294 TPM_MEDIUM,
295 TPM_UNDEFINED,
296 TPM_UNDEFINED,
297 TPM_SHORT,
298 TPM_SHORT, /* 220 */
299 TPM_SHORT,
300 TPM_SHORT,
301 TPM_SHORT,
302 TPM_SHORT,
303 TPM_UNDEFINED, /* 225 */
304 TPM_UNDEFINED,
305 TPM_UNDEFINED,
306 TPM_UNDEFINED,
307 TPM_UNDEFINED,
308 TPM_SHORT, /* 230 */
309 TPM_LONG,
310 TPM_MEDIUM,
311 TPM_UNDEFINED,
312 TPM_UNDEFINED,
313 TPM_UNDEFINED, /* 235 */
314 TPM_UNDEFINED,
315 TPM_UNDEFINED,
316 TPM_UNDEFINED,
317 TPM_UNDEFINED,
318 TPM_SHORT, /* 240 */
319 TPM_UNDEFINED,
320 TPM_MEDIUM,
321 };
322
323 static void user_reader_timeout(unsigned long ptr)
324 {
325 struct tpm_chip *chip = (struct tpm_chip *) ptr;
326
327 schedule_work(&chip->work);
328 }
329
330 static void timeout_work(struct work_struct *work)
331 {
332 struct tpm_chip *chip = container_of(work, struct tpm_chip, work);
333
334 mutex_lock(&chip->buffer_mutex);
335 atomic_set(&chip->data_pending, 0);
336 memset(chip->data_buffer, 0, TPM_BUFSIZE);
337 mutex_unlock(&chip->buffer_mutex);
338 }
339
340 /*
341 * Returns max number of jiffies to wait
342 */
343 unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip,
344 u32 ordinal)
345 {
346 int duration_idx = TPM_UNDEFINED;
347 int duration = 0;
348
349 if (ordinal < TPM_MAX_ORDINAL)
350 duration_idx = tpm_ordinal_duration[ordinal];
351 else if ((ordinal & TPM_PROTECTED_ORDINAL_MASK) <
352 TPM_MAX_PROTECTED_ORDINAL)
353 duration_idx =
354 tpm_protected_ordinal_duration[ordinal &
355 TPM_PROTECTED_ORDINAL_MASK];
356
357 if (duration_idx != TPM_UNDEFINED)
358 duration = chip->vendor.duration[duration_idx];
359 if (duration <= 0)
360 return 2 * 60 * HZ;
361 else
362 return duration;
363 }
364 EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration);
365
366 /*
367 * Internal kernel interface to transmit TPM commands
368 */
369 static ssize_t tpm_transmit(struct tpm_chip *chip, const char *buf,
370 size_t bufsiz)
371 {
372 ssize_t rc;
373 u32 count, ordinal;
374 unsigned long stop;
375
376 count = be32_to_cpu(*((__be32 *) (buf + 2)));
377 ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
378 if (count == 0)
379 return -ENODATA;
380 if (count > bufsiz) {
381 dev_err(chip->dev,
382 "invalid count value %x %zx \n", count, bufsiz);
383 return -E2BIG;
384 }
385
386 mutex_lock(&chip->tpm_mutex);
387
388 if ((rc = chip->vendor.send(chip, (u8 *) buf, count)) < 0) {
389 dev_err(chip->dev,
390 "tpm_transmit: tpm_send: error %zd\n", rc);
391 goto out;
392 }
393
394 if (chip->vendor.irq)
395 goto out_recv;
396
397 stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal);
398 do {
399 u8 status = chip->vendor.status(chip);
400 if ((status & chip->vendor.req_complete_mask) ==
401 chip->vendor.req_complete_val)
402 goto out_recv;
403
404 if ((status == chip->vendor.req_canceled)) {
405 dev_err(chip->dev, "Operation Canceled\n");
406 rc = -ECANCELED;
407 goto out;
408 }
409
410 msleep(TPM_TIMEOUT); /* CHECK */
411 rmb();
412 } while (time_before(jiffies, stop));
413
414 chip->vendor.cancel(chip);
415 dev_err(chip->dev, "Operation Timed out\n");
416 rc = -ETIME;
417 goto out;
418
419 out_recv:
420 rc = chip->vendor.recv(chip, (u8 *) buf, bufsiz);
421 if (rc < 0)
422 dev_err(chip->dev,
423 "tpm_transmit: tpm_recv: error %zd\n", rc);
424 out:
425 mutex_unlock(&chip->tpm_mutex);
426 return rc;
427 }
428
429 #define TPM_DIGEST_SIZE 20
430 #define TPM_ERROR_SIZE 10
431 #define TPM_RET_CODE_IDX 6
432
433 enum tpm_capabilities {
434 TPM_CAP_FLAG = cpu_to_be32(4),
435 TPM_CAP_PROP = cpu_to_be32(5),
436 CAP_VERSION_1_1 = cpu_to_be32(0x06),
437 CAP_VERSION_1_2 = cpu_to_be32(0x1A)
438 };
439
440 enum tpm_sub_capabilities {
441 TPM_CAP_PROP_PCR = cpu_to_be32(0x101),
442 TPM_CAP_PROP_MANUFACTURER = cpu_to_be32(0x103),
443 TPM_CAP_FLAG_PERM = cpu_to_be32(0x108),
444 TPM_CAP_FLAG_VOL = cpu_to_be32(0x109),
445 TPM_CAP_PROP_OWNER = cpu_to_be32(0x111),
446 TPM_CAP_PROP_TIS_TIMEOUT = cpu_to_be32(0x115),
447 TPM_CAP_PROP_TIS_DURATION = cpu_to_be32(0x120),
448
449 };
450
451 static ssize_t transmit_cmd(struct tpm_chip *chip, struct tpm_cmd_t *cmd,
452 int len, const char *desc)
453 {
454 int err;
455
456 len = tpm_transmit(chip,(u8 *) cmd, len);
457 if (len < 0)
458 return len;
459 if (len == TPM_ERROR_SIZE) {
460 err = be32_to_cpu(cmd->header.out.return_code);
461 dev_dbg(chip->dev, "A TPM error (%d) occurred %s\n", err, desc);
462 return err;
463 }
464 return 0;
465 }
466
467 #define TPM_INTERNAL_RESULT_SIZE 200
468 #define TPM_TAG_RQU_COMMAND cpu_to_be16(193)
469 #define TPM_ORD_GET_CAP cpu_to_be32(101)
470
471 static const struct tpm_input_header tpm_getcap_header = {
472 .tag = TPM_TAG_RQU_COMMAND,
473 .length = cpu_to_be32(22),
474 .ordinal = TPM_ORD_GET_CAP
475 };
476
477 ssize_t tpm_getcap(struct device *dev, __be32 subcap_id, cap_t *cap,
478 const char *desc)
479 {
480 struct tpm_cmd_t tpm_cmd;
481 int rc;
482 struct tpm_chip *chip = dev_get_drvdata(dev);
483
484 tpm_cmd.header.in = tpm_getcap_header;
485 if (subcap_id == CAP_VERSION_1_1 || subcap_id == CAP_VERSION_1_2) {
486 tpm_cmd.params.getcap_in.cap = subcap_id;
487 /*subcap field not necessary */
488 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(0);
489 tpm_cmd.header.in.length -= cpu_to_be32(sizeof(__be32));
490 } else {
491 if (subcap_id == TPM_CAP_FLAG_PERM ||
492 subcap_id == TPM_CAP_FLAG_VOL)
493 tpm_cmd.params.getcap_in.cap = TPM_CAP_FLAG;
494 else
495 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
496 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
497 tpm_cmd.params.getcap_in.subcap = subcap_id;
498 }
499 rc = transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, desc);
500 if (!rc)
501 *cap = tpm_cmd.params.getcap_out.cap;
502 return rc;
503 }
504
505 void tpm_gen_interrupt(struct tpm_chip *chip)
506 {
507 struct tpm_cmd_t tpm_cmd;
508 ssize_t rc;
509
510 tpm_cmd.header.in = tpm_getcap_header;
511 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
512 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
513 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT;
514
515 rc = transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE,
516 "attempting to determine the timeouts");
517 }
518 EXPORT_SYMBOL_GPL(tpm_gen_interrupt);
519
520 void tpm_get_timeouts(struct tpm_chip *chip)
521 {
522 struct tpm_cmd_t tpm_cmd;
523 struct timeout_t *timeout_cap;
524 struct duration_t *duration_cap;
525 ssize_t rc;
526 u32 timeout;
527
528 tpm_cmd.header.in = tpm_getcap_header;
529 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
530 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
531 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT;
532
533 rc = transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE,
534 "attempting to determine the timeouts");
535 if (rc)
536 goto duration;
537
538 if (be32_to_cpu(tpm_cmd.header.out.length)
539 != 4 * sizeof(u32))
540 goto duration;
541
542 timeout_cap = &tpm_cmd.params.getcap_out.cap.timeout;
543 /* Don't overwrite default if value is 0 */
544 timeout = be32_to_cpu(timeout_cap->a);
545 if (timeout)
546 chip->vendor.timeout_a = usecs_to_jiffies(timeout);
547 timeout = be32_to_cpu(timeout_cap->b);
548 if (timeout)
549 chip->vendor.timeout_b = usecs_to_jiffies(timeout);
550 timeout = be32_to_cpu(timeout_cap->c);
551 if (timeout)
552 chip->vendor.timeout_c = usecs_to_jiffies(timeout);
553 timeout = be32_to_cpu(timeout_cap->d);
554 if (timeout)
555 chip->vendor.timeout_d = usecs_to_jiffies(timeout);
556
557 duration:
558 tpm_cmd.header.in = tpm_getcap_header;
559 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
560 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
561 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_DURATION;
562
563 rc = transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE,
564 "attempting to determine the durations");
565 if (rc)
566 return;
567
568 if (be32_to_cpu(tpm_cmd.header.out.return_code)
569 != 3 * sizeof(u32))
570 return;
571 duration_cap = &tpm_cmd.params.getcap_out.cap.duration;
572 chip->vendor.duration[TPM_SHORT] =
573 usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_short));
574 /* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above
575 * value wrong and apparently reports msecs rather than usecs. So we
576 * fix up the resulting too-small TPM_SHORT value to make things work.
577 */
578 if (chip->vendor.duration[TPM_SHORT] < (HZ/100))
579 chip->vendor.duration[TPM_SHORT] = HZ;
580
581 chip->vendor.duration[TPM_MEDIUM] =
582 usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_medium));
583 chip->vendor.duration[TPM_LONG] =
584 usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_long));
585 }
586 EXPORT_SYMBOL_GPL(tpm_get_timeouts);
587
588 void tpm_continue_selftest(struct tpm_chip *chip)
589 {
590 u8 data[] = {
591 0, 193, /* TPM_TAG_RQU_COMMAND */
592 0, 0, 0, 10, /* length */
593 0, 0, 0, 83, /* TPM_ORD_GetCapability */
594 };
595
596 tpm_transmit(chip, data, sizeof(data));
597 }
598 EXPORT_SYMBOL_GPL(tpm_continue_selftest);
599
600 ssize_t tpm_show_enabled(struct device * dev, struct device_attribute * attr,
601 char *buf)
602 {
603 cap_t cap;
604 ssize_t rc;
605
606 rc = tpm_getcap(dev, TPM_CAP_FLAG_PERM, &cap,
607 "attempting to determine the permanent enabled state");
608 if (rc)
609 return 0;
610
611 rc = sprintf(buf, "%d\n", !cap.perm_flags.disable);
612 return rc;
613 }
614 EXPORT_SYMBOL_GPL(tpm_show_enabled);
615
616 ssize_t tpm_show_active(struct device * dev, struct device_attribute * attr,
617 char *buf)
618 {
619 cap_t cap;
620 ssize_t rc;
621
622 rc = tpm_getcap(dev, TPM_CAP_FLAG_PERM, &cap,
623 "attempting to determine the permanent active state");
624 if (rc)
625 return 0;
626
627 rc = sprintf(buf, "%d\n", !cap.perm_flags.deactivated);
628 return rc;
629 }
630 EXPORT_SYMBOL_GPL(tpm_show_active);
631
632 ssize_t tpm_show_owned(struct device * dev, struct device_attribute * attr,
633 char *buf)
634 {
635 cap_t cap;
636 ssize_t rc;
637
638 rc = tpm_getcap(dev, TPM_CAP_PROP_OWNER, &cap,
639 "attempting to determine the owner state");
640 if (rc)
641 return 0;
642
643 rc = sprintf(buf, "%d\n", cap.owned);
644 return rc;
645 }
646 EXPORT_SYMBOL_GPL(tpm_show_owned);
647
648 ssize_t tpm_show_temp_deactivated(struct device * dev,
649 struct device_attribute * attr, char *buf)
650 {
651 cap_t cap;
652 ssize_t rc;
653
654 rc = tpm_getcap(dev, TPM_CAP_FLAG_VOL, &cap,
655 "attempting to determine the temporary state");
656 if (rc)
657 return 0;
658
659 rc = sprintf(buf, "%d\n", cap.stclear_flags.deactivated);
660 return rc;
661 }
662 EXPORT_SYMBOL_GPL(tpm_show_temp_deactivated);
663
664 /*
665 * tpm_chip_find_get - return tpm_chip for given chip number
666 */
667 static struct tpm_chip *tpm_chip_find_get(int chip_num)
668 {
669 struct tpm_chip *pos, *chip = NULL;
670
671 rcu_read_lock();
672 list_for_each_entry_rcu(pos, &tpm_chip_list, list) {
673 if (chip_num != TPM_ANY_NUM && chip_num != pos->dev_num)
674 continue;
675
676 if (try_module_get(pos->dev->driver->owner)) {
677 chip = pos;
678 break;
679 }
680 }
681 rcu_read_unlock();
682 return chip;
683 }
684
685 #define TPM_ORDINAL_PCRREAD cpu_to_be32(21)
686 #define READ_PCR_RESULT_SIZE 30
687 static struct tpm_input_header pcrread_header = {
688 .tag = TPM_TAG_RQU_COMMAND,
689 .length = cpu_to_be32(14),
690 .ordinal = TPM_ORDINAL_PCRREAD
691 };
692
693 int __tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
694 {
695 int rc;
696 struct tpm_cmd_t cmd;
697
698 cmd.header.in = pcrread_header;
699 cmd.params.pcrread_in.pcr_idx = cpu_to_be32(pcr_idx);
700 rc = transmit_cmd(chip, &cmd, READ_PCR_RESULT_SIZE,
701 "attempting to read a pcr value");
702
703 if (rc == 0)
704 memcpy(res_buf, cmd.params.pcrread_out.pcr_result,
705 TPM_DIGEST_SIZE);
706 return rc;
707 }
708
709 /**
710 * tpm_pcr_read - read a pcr value
711 * @chip_num: tpm idx # or ANY
712 * @pcr_idx: pcr idx to retrieve
713 * @res_buf: TPM_PCR value
714 * size of res_buf is 20 bytes (or NULL if you don't care)
715 *
716 * The TPM driver should be built-in, but for whatever reason it
717 * isn't, protect against the chip disappearing, by incrementing
718 * the module usage count.
719 */
720 int tpm_pcr_read(u32 chip_num, int pcr_idx, u8 *res_buf)
721 {
722 struct tpm_chip *chip;
723 int rc;
724
725 chip = tpm_chip_find_get(chip_num);
726 if (chip == NULL)
727 return -ENODEV;
728 rc = __tpm_pcr_read(chip, pcr_idx, res_buf);
729 module_put(chip->dev->driver->owner);
730 return rc;
731 }
732 EXPORT_SYMBOL_GPL(tpm_pcr_read);
733
734 /**
735 * tpm_pcr_extend - extend pcr value with hash
736 * @chip_num: tpm idx # or AN&
737 * @pcr_idx: pcr idx to extend
738 * @hash: hash value used to extend pcr value
739 *
740 * The TPM driver should be built-in, but for whatever reason it
741 * isn't, protect against the chip disappearing, by incrementing
742 * the module usage count.
743 */
744 #define TPM_ORD_PCR_EXTEND cpu_to_be32(20)
745 #define EXTEND_PCR_RESULT_SIZE 34
746 static struct tpm_input_header pcrextend_header = {
747 .tag = TPM_TAG_RQU_COMMAND,
748 .length = cpu_to_be32(34),
749 .ordinal = TPM_ORD_PCR_EXTEND
750 };
751
752 int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
753 {
754 struct tpm_cmd_t cmd;
755 int rc;
756 struct tpm_chip *chip;
757
758 chip = tpm_chip_find_get(chip_num);
759 if (chip == NULL)
760 return -ENODEV;
761
762 cmd.header.in = pcrextend_header;
763 cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
764 memcpy(cmd.params.pcrextend_in.hash, hash, TPM_DIGEST_SIZE);
765 rc = transmit_cmd(chip, &cmd, EXTEND_PCR_RESULT_SIZE,
766 "attempting extend a PCR value");
767
768 module_put(chip->dev->driver->owner);
769 return rc;
770 }
771 EXPORT_SYMBOL_GPL(tpm_pcr_extend);
772
773 ssize_t tpm_show_pcrs(struct device *dev, struct device_attribute *attr,
774 char *buf)
775 {
776 cap_t cap;
777 u8 digest[TPM_DIGEST_SIZE];
778 ssize_t rc;
779 int i, j, num_pcrs;
780 char *str = buf;
781 struct tpm_chip *chip = dev_get_drvdata(dev);
782
783 rc = tpm_getcap(dev, TPM_CAP_PROP_PCR, &cap,
784 "attempting to determine the number of PCRS");
785 if (rc)
786 return 0;
787
788 num_pcrs = be32_to_cpu(cap.num_pcrs);
789 for (i = 0; i < num_pcrs; i++) {
790 rc = __tpm_pcr_read(chip, i, digest);
791 if (rc)
792 break;
793 str += sprintf(str, "PCR-%02d: ", i);
794 for (j = 0; j < TPM_DIGEST_SIZE; j++)
795 str += sprintf(str, "%02X ", digest[j]);
796 str += sprintf(str, "\n");
797 }
798 return str - buf;
799 }
800 EXPORT_SYMBOL_GPL(tpm_show_pcrs);
801
802 #define READ_PUBEK_RESULT_SIZE 314
803 #define TPM_ORD_READPUBEK cpu_to_be32(124)
804 struct tpm_input_header tpm_readpubek_header = {
805 .tag = TPM_TAG_RQU_COMMAND,
806 .length = cpu_to_be32(30),
807 .ordinal = TPM_ORD_READPUBEK
808 };
809
810 ssize_t tpm_show_pubek(struct device *dev, struct device_attribute *attr,
811 char *buf)
812 {
813 u8 *data;
814 struct tpm_cmd_t tpm_cmd;
815 ssize_t err;
816 int i, rc;
817 char *str = buf;
818
819 struct tpm_chip *chip = dev_get_drvdata(dev);
820
821 tpm_cmd.header.in = tpm_readpubek_header;
822 err = transmit_cmd(chip, &tpm_cmd, READ_PUBEK_RESULT_SIZE,
823 "attempting to read the PUBEK");
824 if (err)
825 goto out;
826
827 /*
828 ignore header 10 bytes
829 algorithm 32 bits (1 == RSA )
830 encscheme 16 bits
831 sigscheme 16 bits
832 parameters (RSA 12->bytes: keybit, #primes, expbit)
833 keylenbytes 32 bits
834 256 byte modulus
835 ignore checksum 20 bytes
836 */
837 data = tpm_cmd.params.readpubek_out_buffer;
838 str +=
839 sprintf(str,
840 "Algorithm: %02X %02X %02X %02X\nEncscheme: %02X %02X\n"
841 "Sigscheme: %02X %02X\nParameters: %02X %02X %02X %02X"
842 " %02X %02X %02X %02X %02X %02X %02X %02X\n"
843 "Modulus length: %d\nModulus: \n",
844 data[10], data[11], data[12], data[13], data[14],
845 data[15], data[16], data[17], data[22], data[23],
846 data[24], data[25], data[26], data[27], data[28],
847 data[29], data[30], data[31], data[32], data[33],
848 be32_to_cpu(*((__be32 *) (data + 34))));
849
850 for (i = 0; i < 256; i++) {
851 str += sprintf(str, "%02X ", data[i + 38]);
852 if ((i + 1) % 16 == 0)
853 str += sprintf(str, "\n");
854 }
855 out:
856 rc = str - buf;
857 return rc;
858 }
859 EXPORT_SYMBOL_GPL(tpm_show_pubek);
860
861
862 ssize_t tpm_show_caps(struct device *dev, struct device_attribute *attr,
863 char *buf)
864 {
865 cap_t cap;
866 ssize_t rc;
867 char *str = buf;
868
869 rc = tpm_getcap(dev, TPM_CAP_PROP_MANUFACTURER, &cap,
870 "attempting to determine the manufacturer");
871 if (rc)
872 return 0;
873 str += sprintf(str, "Manufacturer: 0x%x\n",
874 be32_to_cpu(cap.manufacturer_id));
875
876 rc = tpm_getcap(dev, CAP_VERSION_1_1, &cap,
877 "attempting to determine the 1.1 version");
878 if (rc)
879 return 0;
880 str += sprintf(str,
881 "TCG version: %d.%d\nFirmware version: %d.%d\n",
882 cap.tpm_version.Major, cap.tpm_version.Minor,
883 cap.tpm_version.revMajor, cap.tpm_version.revMinor);
884 return str - buf;
885 }
886 EXPORT_SYMBOL_GPL(tpm_show_caps);
887
888 ssize_t tpm_show_caps_1_2(struct device * dev,
889 struct device_attribute * attr, char *buf)
890 {
891 cap_t cap;
892 ssize_t rc;
893 char *str = buf;
894
895 rc = tpm_getcap(dev, TPM_CAP_PROP_MANUFACTURER, &cap,
896 "attempting to determine the manufacturer");
897 if (rc)
898 return 0;
899 str += sprintf(str, "Manufacturer: 0x%x\n",
900 be32_to_cpu(cap.manufacturer_id));
901 rc = tpm_getcap(dev, CAP_VERSION_1_2, &cap,
902 "attempting to determine the 1.2 version");
903 if (rc)
904 return 0;
905 str += sprintf(str,
906 "TCG version: %d.%d\nFirmware version: %d.%d\n",
907 cap.tpm_version_1_2.Major, cap.tpm_version_1_2.Minor,
908 cap.tpm_version_1_2.revMajor,
909 cap.tpm_version_1_2.revMinor);
910 return str - buf;
911 }
912 EXPORT_SYMBOL_GPL(tpm_show_caps_1_2);
913
914 ssize_t tpm_store_cancel(struct device *dev, struct device_attribute *attr,
915 const char *buf, size_t count)
916 {
917 struct tpm_chip *chip = dev_get_drvdata(dev);
918 if (chip == NULL)
919 return 0;
920
921 chip->vendor.cancel(chip);
922 return count;
923 }
924 EXPORT_SYMBOL_GPL(tpm_store_cancel);
925
926 /*
927 * Device file system interface to the TPM
928 *
929 * It's assured that the chip will be opened just once,
930 * by the check of is_open variable, which is protected
931 * by driver_lock.
932 */
933 int tpm_open(struct inode *inode, struct file *file)
934 {
935 int minor = iminor(inode);
936 struct tpm_chip *chip = NULL, *pos;
937
938 rcu_read_lock();
939 list_for_each_entry_rcu(pos, &tpm_chip_list, list) {
940 if (pos->vendor.miscdev.minor == minor) {
941 chip = pos;
942 get_device(chip->dev);
943 break;
944 }
945 }
946 rcu_read_unlock();
947
948 if (!chip)
949 return -ENODEV;
950
951 if (test_and_set_bit(0, &chip->is_open)) {
952 dev_dbg(chip->dev, "Another process owns this TPM\n");
953 put_device(chip->dev);
954 return -EBUSY;
955 }
956
957 chip->data_buffer = kmalloc(TPM_BUFSIZE * sizeof(u8), GFP_KERNEL);
958 if (chip->data_buffer == NULL) {
959 clear_bit(0, &chip->is_open);
960 put_device(chip->dev);
961 return -ENOMEM;
962 }
963
964 atomic_set(&chip->data_pending, 0);
965
966 file->private_data = chip;
967 return 0;
968 }
969 EXPORT_SYMBOL_GPL(tpm_open);
970
971 /*
972 * Called on file close
973 */
974 int tpm_release(struct inode *inode, struct file *file)
975 {
976 struct tpm_chip *chip = file->private_data;
977
978 del_singleshot_timer_sync(&chip->user_read_timer);
979 flush_scheduled_work();
980 file->private_data = NULL;
981 atomic_set(&chip->data_pending, 0);
982 kfree(chip->data_buffer);
983 clear_bit(0, &chip->is_open);
984 put_device(chip->dev);
985 return 0;
986 }
987 EXPORT_SYMBOL_GPL(tpm_release);
988
989 ssize_t tpm_write(struct file *file, const char __user *buf,
990 size_t size, loff_t *off)
991 {
992 struct tpm_chip *chip = file->private_data;
993 size_t in_size = size, out_size;
994
995 /* cannot perform a write until the read has cleared
996 either via tpm_read or a user_read_timer timeout */
997 while (atomic_read(&chip->data_pending) != 0)
998 msleep(TPM_TIMEOUT);
999
1000 mutex_lock(&chip->buffer_mutex);
1001
1002 if (in_size > TPM_BUFSIZE)
1003 in_size = TPM_BUFSIZE;
1004
1005 if (copy_from_user
1006 (chip->data_buffer, (void __user *) buf, in_size)) {
1007 mutex_unlock(&chip->buffer_mutex);
1008 return -EFAULT;
1009 }
1010
1011 /* atomic tpm command send and result receive */
1012 out_size = tpm_transmit(chip, chip->data_buffer, TPM_BUFSIZE);
1013
1014 atomic_set(&chip->data_pending, out_size);
1015 mutex_unlock(&chip->buffer_mutex);
1016
1017 /* Set a timeout by which the reader must come claim the result */
1018 mod_timer(&chip->user_read_timer, jiffies + (60 * HZ));
1019
1020 return in_size;
1021 }
1022 EXPORT_SYMBOL_GPL(tpm_write);
1023
1024 ssize_t tpm_read(struct file *file, char __user *buf,
1025 size_t size, loff_t *off)
1026 {
1027 struct tpm_chip *chip = file->private_data;
1028 ssize_t ret_size;
1029
1030 del_singleshot_timer_sync(&chip->user_read_timer);
1031 flush_scheduled_work();
1032 ret_size = atomic_read(&chip->data_pending);
1033 atomic_set(&chip->data_pending, 0);
1034 if (ret_size > 0) { /* relay data */
1035 if (size < ret_size)
1036 ret_size = size;
1037
1038 mutex_lock(&chip->buffer_mutex);
1039 if (copy_to_user(buf, chip->data_buffer, ret_size))
1040 ret_size = -EFAULT;
1041 mutex_unlock(&chip->buffer_mutex);
1042 }
1043
1044 return ret_size;
1045 }
1046 EXPORT_SYMBOL_GPL(tpm_read);
1047
1048 void tpm_remove_hardware(struct device *dev)
1049 {
1050 struct tpm_chip *chip = dev_get_drvdata(dev);
1051
1052 if (chip == NULL) {
1053 dev_err(dev, "No device data found\n");
1054 return;
1055 }
1056
1057 spin_lock(&driver_lock);
1058 list_del_rcu(&chip->list);
1059 spin_unlock(&driver_lock);
1060 synchronize_rcu();
1061
1062 misc_deregister(&chip->vendor.miscdev);
1063 sysfs_remove_group(&dev->kobj, chip->vendor.attr_group);
1064 tpm_bios_log_teardown(chip->bios_dir);
1065
1066 /* write it this way to be explicit (chip->dev == dev) */
1067 put_device(chip->dev);
1068 }
1069 EXPORT_SYMBOL_GPL(tpm_remove_hardware);
1070
1071 #define TPM_ORD_SAVESTATE cpu_to_be32(152)
1072 #define SAVESTATE_RESULT_SIZE 10
1073
1074 static struct tpm_input_header savestate_header = {
1075 .tag = TPM_TAG_RQU_COMMAND,
1076 .length = cpu_to_be32(10),
1077 .ordinal = TPM_ORD_SAVESTATE
1078 };
1079
1080 /* Bug workaround - some TPM's don't flush the most
1081 * recently changed pcr on suspend, so force the flush
1082 * with an extend to the selected _unused_ non-volatile pcr.
1083 */
1084 static int tpm_suspend_pcr;
1085 static int __init tpm_suspend_setup(char *str)
1086 {
1087 get_option(&str, &tpm_suspend_pcr);
1088 return 1;
1089 }
1090 __setup("tpm_suspend_pcr=", tpm_suspend_setup);
1091
1092 /*
1093 * We are about to suspend. Save the TPM state
1094 * so that it can be restored.
1095 */
1096 int tpm_pm_suspend(struct device *dev, pm_message_t pm_state)
1097 {
1098 struct tpm_chip *chip = dev_get_drvdata(dev);
1099 struct tpm_cmd_t cmd;
1100 int rc;
1101
1102 u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 };
1103
1104 if (chip == NULL)
1105 return -ENODEV;
1106
1107 /* for buggy tpm, flush pcrs with extend to selected dummy */
1108 if (tpm_suspend_pcr) {
1109 cmd.header.in = pcrextend_header;
1110 cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(tpm_suspend_pcr);
1111 memcpy(cmd.params.pcrextend_in.hash, dummy_hash,
1112 TPM_DIGEST_SIZE);
1113 rc = transmit_cmd(chip, &cmd, EXTEND_PCR_RESULT_SIZE,
1114 "extending dummy pcr before suspend");
1115 }
1116
1117 /* now do the actual savestate */
1118 cmd.header.in = savestate_header;
1119 rc = transmit_cmd(chip, &cmd, SAVESTATE_RESULT_SIZE,
1120 "sending savestate before suspend");
1121 return rc;
1122 }
1123 EXPORT_SYMBOL_GPL(tpm_pm_suspend);
1124
1125 /*
1126 * Resume from a power safe. The BIOS already restored
1127 * the TPM state.
1128 */
1129 int tpm_pm_resume(struct device *dev)
1130 {
1131 struct tpm_chip *chip = dev_get_drvdata(dev);
1132
1133 if (chip == NULL)
1134 return -ENODEV;
1135
1136 return 0;
1137 }
1138 EXPORT_SYMBOL_GPL(tpm_pm_resume);
1139
1140 /* In case vendor provided release function, call it too.*/
1141
1142 void tpm_dev_vendor_release(struct tpm_chip *chip)
1143 {
1144 if (chip->vendor.release)
1145 chip->vendor.release(chip->dev);
1146
1147 clear_bit(chip->dev_num, dev_mask);
1148 kfree(chip->vendor.miscdev.name);
1149 }
1150 EXPORT_SYMBOL_GPL(tpm_dev_vendor_release);
1151
1152
1153 /*
1154 * Once all references to platform device are down to 0,
1155 * release all allocated structures.
1156 */
1157 void tpm_dev_release(struct device *dev)
1158 {
1159 struct tpm_chip *chip = dev_get_drvdata(dev);
1160
1161 tpm_dev_vendor_release(chip);
1162
1163 chip->release(dev);
1164 kfree(chip);
1165 }
1166 EXPORT_SYMBOL_GPL(tpm_dev_release);
1167
1168 /*
1169 * Called from tpm_<specific>.c probe function only for devices
1170 * the driver has determined it should claim. Prior to calling
1171 * this function the specific probe function has called pci_enable_device
1172 * upon errant exit from this function specific probe function should call
1173 * pci_disable_device
1174 */
1175 struct tpm_chip *tpm_register_hardware(struct device *dev,
1176 const struct tpm_vendor_specific *entry)
1177 {
1178 #define DEVNAME_SIZE 7
1179
1180 char *devname;
1181 struct tpm_chip *chip;
1182
1183 /* Driver specific per-device data */
1184 chip = kzalloc(sizeof(*chip), GFP_KERNEL);
1185 devname = kmalloc(DEVNAME_SIZE, GFP_KERNEL);
1186
1187 if (chip == NULL || devname == NULL)
1188 goto out_free;
1189
1190 mutex_init(&chip->buffer_mutex);
1191 mutex_init(&chip->tpm_mutex);
1192 INIT_LIST_HEAD(&chip->list);
1193
1194 INIT_WORK(&chip->work, timeout_work);
1195
1196 setup_timer(&chip->user_read_timer, user_reader_timeout,
1197 (unsigned long)chip);
1198
1199 memcpy(&chip->vendor, entry, sizeof(struct tpm_vendor_specific));
1200
1201 chip->dev_num = find_first_zero_bit(dev_mask, TPM_NUM_DEVICES);
1202
1203 if (chip->dev_num >= TPM_NUM_DEVICES) {
1204 dev_err(dev, "No available tpm device numbers\n");
1205 goto out_free;
1206 } else if (chip->dev_num == 0)
1207 chip->vendor.miscdev.minor = TPM_MINOR;
1208 else
1209 chip->vendor.miscdev.minor = MISC_DYNAMIC_MINOR;
1210
1211 set_bit(chip->dev_num, dev_mask);
1212
1213 scnprintf(devname, DEVNAME_SIZE, "%s%d", "tpm", chip->dev_num);
1214 chip->vendor.miscdev.name = devname;
1215
1216 chip->vendor.miscdev.parent = dev;
1217 chip->dev = get_device(dev);
1218 chip->release = dev->release;
1219 dev->release = tpm_dev_release;
1220 dev_set_drvdata(dev, chip);
1221
1222 if (misc_register(&chip->vendor.miscdev)) {
1223 dev_err(chip->dev,
1224 "unable to misc_register %s, minor %d\n",
1225 chip->vendor.miscdev.name,
1226 chip->vendor.miscdev.minor);
1227 put_device(chip->dev);
1228 return NULL;
1229 }
1230
1231 if (sysfs_create_group(&dev->kobj, chip->vendor.attr_group)) {
1232 misc_deregister(&chip->vendor.miscdev);
1233 put_device(chip->dev);
1234
1235 return NULL;
1236 }
1237
1238 chip->bios_dir = tpm_bios_log_setup(devname);
1239
1240 /* Make chip available */
1241 spin_lock(&driver_lock);
1242 list_add_rcu(&chip->list, &tpm_chip_list);
1243 spin_unlock(&driver_lock);
1244
1245 return chip;
1246
1247 out_free:
1248 kfree(chip);
1249 kfree(devname);
1250 return NULL;
1251 }
1252 EXPORT_SYMBOL_GPL(tpm_register_hardware);
1253
1254 MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)");
1255 MODULE_DESCRIPTION("TPM Driver");
1256 MODULE_VERSION("2.0");
1257 MODULE_LICENSE("GPL");
Linux with added FPC-III support