1
// SPDX-License-Identifier: GPL-2.0-only
2
/*
3
 * Copyright (C) 2004 IBM Corporation
4
 * Copyright (C) 2014 Intel Corporation
5
 *
6
 * Authors:
7
 * Leendert van Doorn <[email protected]>
8
 * Dave Safford <[email protected]>
9
 * Reiner Sailer <[email protected]>
10
 * Kylene Hall <[email protected]>
11
 *
12
 * Maintained by: <[email protected]>
13
 *
14
 * Device driver for TCG/TCPA TPM (trusted platform module).
15
 * Specifications at www.trustedcomputinggroup.org
16
 *
17
 * Note, the TPM chip is not interrupt driven (only polling)
18
 * and can have very long timeouts (minutes!). Hence the unusual
19
 * calls to msleep.
20
 */
21

22
#include <linux/poll.h>
23
#include <linux/slab.h>
24
#include <linux/mutex.h>
25
#include <linux/spinlock.h>
26
#include <linux/suspend.h>
27
#include <linux/freezer.h>
28
#include <linux/tpm_eventlog.h>
29

30
#include "tpm.h"
31

32
/*
33
 * Bug workaround - some TPM's don't flush the most
34
 * recently changed pcr on suspend, so force the flush
35
 * with an extend to the selected _unused_ non-volatile pcr.
36
 */
37
static u32 tpm_suspend_pcr;
38
module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644);
39
MODULE_PARM_DESC(suspend_pcr,
40
		 "PCR to use for dummy writes to facilitate flush on suspend.");
41

42
/**
43
 * tpm_calc_ordinal_duration() - calculate the maximum command duration
44
 * @chip:    TPM chip to use.
45
 * @ordinal: TPM command ordinal.
46
 *
47
 * The function returns the maximum amount of time the chip could take
48
 * to return the result for a particular ordinal in jiffies.
49
 *
50
 * Return: A maximal duration time for an ordinal in jiffies.
51
 */
52
unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
53
{
54
	if (chip->flags & TPM_CHIP_FLAG_TPM2)
55
		return tpm2_calc_ordinal_duration(ordinal);
56
	else
57
		return tpm1_calc_ordinal_duration(chip, ordinal);
58
}
59
EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration);
60

61
static void tpm_chip_cancel(struct tpm_chip *chip)
62
{
63
	if (!chip->ops->cancel)
64
		return;
65

66
	chip->ops->cancel(chip);
67
}
68

69
static u8 tpm_chip_status(struct tpm_chip *chip)
70
{
71
	if (!chip->ops->status)
72
		return 0;
73

74
	return chip->ops->status(chip);
75
}
76

77
static bool tpm_chip_req_canceled(struct tpm_chip *chip, u8 status)
78
{
79
	if (!chip->ops->req_canceled)
80
		return false;
81

82
	return chip->ops->req_canceled(chip, status);
83
}
84

85
static bool tpm_transmit_completed(u8 status, struct tpm_chip *chip)
86
{
87
	u8 status_masked = status & chip->ops->req_complete_mask;
88

89
	return status_masked == chip->ops->req_complete_val;
90
}
91

92
static ssize_t tpm_try_transmit(struct tpm_chip *chip, void *buf, size_t bufsiz)
93
{
94
	struct tpm_header *header = buf;
95
	int rc;
96
	ssize_t len = 0;
97
	u32 count, ordinal;
98
	unsigned long stop;
99

100
	if (bufsiz < TPM_HEADER_SIZE)
101
		return -EINVAL;
102

103
	if (bufsiz > TPM_BUFSIZE)
104
		bufsiz = TPM_BUFSIZE;
105

106
	count = be32_to_cpu(header->length);
107
	ordinal = be32_to_cpu(header->ordinal);
108
	if (count == 0)
109
		return -ENODATA;
110
	if (count > bufsiz) {
111
		dev_err(&chip->dev,
112
			"invalid count value %x %zx\n", count, bufsiz);
113
		return -E2BIG;
114
	}
115

116
	rc = chip->ops->send(chip, buf, bufsiz, count);
117
	if (rc < 0) {
118
		if (rc != -EPIPE)
119
			dev_err(&chip->dev,
120
				"%s: send(): error %d\n", __func__, rc);
121
		return rc;
122
	}
123

124
	/*
125
	 * Synchronous devices return the response directly during the send()
126
	 * call in the same buffer.
127
	 */
128
	if (chip->flags & TPM_CHIP_FLAG_SYNC) {
129
		len = rc;
130
		rc = 0;
131
		goto out_sync;
132
	}
133

134
	/*
135
	 * A sanity check. send() of asynchronous devices should just return
136
	 * zero on success e.g. not the command length.
137
	 */
138
	if (rc > 0) {
139
		dev_warn(&chip->dev,
140
			 "%s: send(): invalid value %d\n", __func__, rc);
141
		rc = 0;
142
	}
143

144
	if (chip->flags & TPM_CHIP_FLAG_IRQ)
145
		goto out_recv;
146

147
	stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal);
148
	do {
149
		u8 status = tpm_chip_status(chip);
150
		if (tpm_transmit_completed(status, chip))
151
			goto out_recv;
152

153
		if (tpm_chip_req_canceled(chip, status)) {
154
			dev_err(&chip->dev, "Operation Canceled\n");
155
			return -ECANCELED;
156
		}
157

158
		tpm_msleep(TPM_TIMEOUT_POLL);
159
		rmb();
160
	} while (time_before(jiffies, stop));
161

162
	/*
163
	 * Check for completion one more time, just in case the device reported
164
	 * it while the driver was sleeping in the busy loop above.
165
	 */
166
	if (tpm_transmit_completed(tpm_chip_status(chip), chip))
167
		goto out_recv;
168

169
	tpm_chip_cancel(chip);
170
	dev_err(&chip->dev, "Operation Timed out\n");
171
	return -ETIME;
172

173
out_recv:
174
	len = chip->ops->recv(chip, buf, bufsiz);
175
	if (len < 0) {
176
		rc = len;
177
		dev_err(&chip->dev, "tpm_transmit: tpm_recv: error %d\n", rc);
178
		return rc;
179
	}
180
out_sync:
181
	if (len < TPM_HEADER_SIZE || len != be32_to_cpu(header->length))
182
		rc = -EFAULT;
183

184
	return rc ? rc : len;
185
}
186

187
/**
188
 * tpm_transmit - Internal kernel interface to transmit TPM commands.
189
 * @chip:	a TPM chip to use
190
 * @buf:	a TPM command buffer
191
 * @bufsiz:	length of the TPM command buffer
192
 *
193
 * A wrapper around tpm_try_transmit() that handles TPM2_RC_RETRY returns from
194
 * the TPM and retransmits the command after a delay up to a maximum wait of
195
 * TPM2_DURATION_LONG.
196
 *
197
 * Note that TPM 1.x never returns TPM2_RC_RETRY so the retry logic is TPM 2.0
198
 * only.
199
 *
200
 * Return:
201
 * * The response length	- OK
202
 * * -errno			- A system error
203
 */
204
ssize_t tpm_transmit(struct tpm_chip *chip, u8 *buf, size_t bufsiz)
205
{
206
	struct tpm_header *header = (struct tpm_header *)buf;
207
	/* space for header and handles */
208
	u8 save[TPM_HEADER_SIZE + 3*sizeof(u32)];
209
	unsigned int delay_msec = TPM2_DURATION_SHORT;
210
	u32 rc = 0;
211
	ssize_t ret;
212
	const size_t save_size = min(sizeof(save), bufsiz);
213
	/* the command code is where the return code will be */
214
	u32 cc = be32_to_cpu(header->return_code);
215

216
	/*
217
	 * Subtlety here: if we have a space, the handles will be
218
	 * transformed, so when we restore the header we also have to
219
	 * restore the handles.
220
	 */
221
	memcpy(save, buf, save_size);
222

223
	for (;;) {
224
		ret = tpm_try_transmit(chip, buf, bufsiz);
225
		if (ret < 0)
226
			break;
227
		rc = be32_to_cpu(header->return_code);
228
		if (rc != TPM2_RC_RETRY && rc != TPM2_RC_TESTING)
229
			break;
230
		/*
231
		 * return immediately if self test returns test
232
		 * still running to shorten boot time.
233
		 */
234
		if (rc == TPM2_RC_TESTING && cc == TPM2_CC_SELF_TEST)
235
			break;
236

237
		if (delay_msec > TPM2_DURATION_LONG) {
238
			if (rc == TPM2_RC_RETRY)
239
				dev_err(&chip->dev, "in retry loop\n");
240
			else
241
				dev_err(&chip->dev,
242
					"self test is still running\n");
243
			break;
244
		}
245
		tpm_msleep(delay_msec);
246
		delay_msec *= 2;
247
		memcpy(buf, save, save_size);
248
	}
249
	return ret;
250
}
251

252
/**
253
 * tpm_transmit_cmd - send a tpm command to the device
254
 * @chip:			a TPM chip to use
255
 * @buf:			a TPM command buffer
256
 * @min_rsp_body_length:	minimum expected length of response body
257
 * @desc:			command description used in the error message
258
 *
259
 * Return:
260
 * * 0		- OK
261
 * * -errno	- A system error
262
 * * TPM_RC	- A TPM error
263
 */
264
ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_buf *buf,
265
			 size_t min_rsp_body_length, const char *desc)
266
{
267
	const struct tpm_header *header = (struct tpm_header *)buf->data;
268
	int err;
269
	ssize_t len;
270

271
	len = tpm_transmit(chip, buf->data, PAGE_SIZE);
272
	if (len <  0)
273
		return len;
274

275
	err = be32_to_cpu(header->return_code);
276
	if (err != 0 && err != TPM_ERR_DISABLED && err != TPM_ERR_DEACTIVATED
277
	    && err != TPM2_RC_TESTING && desc)
278
		dev_err(&chip->dev, "A TPM error (%d) occurred %s\n", err,
279
			desc);
280
	if (err)
281
		return err;
282

283
	if (len < min_rsp_body_length + TPM_HEADER_SIZE)
284
		return -EFAULT;
285

286
	buf->length = len;
287
	return 0;
288
}
289
EXPORT_SYMBOL_GPL(tpm_transmit_cmd);
290

291
int tpm_get_timeouts(struct tpm_chip *chip)
292
{
293
	if (chip->flags & TPM_CHIP_FLAG_HAVE_TIMEOUTS)
294
		return 0;
295

296
	if (chip->flags & TPM_CHIP_FLAG_TPM2)
297
		return tpm2_get_timeouts(chip);
298
	else
299
		return tpm1_get_timeouts(chip);
300
}
301
EXPORT_SYMBOL_GPL(tpm_get_timeouts);
302

303
/**
304
 * tpm_is_tpm2 - do we a have a TPM2 chip?
305
 * @chip:	a &struct tpm_chip instance, %NULL for the default chip
306
 *
307
 * Return:
308
 * 1 if we have a TPM2 chip.
309
 * 0 if we don't have a TPM2 chip.
310
 * A negative number for system errors (errno).
311
 */
312
int tpm_is_tpm2(struct tpm_chip *chip)
313
{
314
	int rc;
315

316
	if (!chip)
317
		return -ENODEV;
318

319
	rc = tpm_try_get_ops(chip);
320
	if (rc)
321
		return rc;
322

323
	rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0;
324

325
	tpm_put_ops(chip);
326

327
	return rc;
328
}
329
EXPORT_SYMBOL_GPL(tpm_is_tpm2);
330

331
/**
332
 * tpm_pcr_read - read a PCR value from SHA1 bank
333
 * @chip:	a &struct tpm_chip instance, %NULL for the default chip
334
 * @pcr_idx:	the PCR to be retrieved
335
 * @digest:	the PCR bank and buffer current PCR value is written to
336
 *
337
 * Return: same as with tpm_transmit_cmd()
338
 */
339
int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx,
340
		 struct tpm_digest *digest)
341
{
342
	int rc;
343

344
	if (!chip)
345
		return -ENODEV;
346

347
	rc = tpm_try_get_ops(chip);
348
	if (rc)
349
		return rc;
350

351
	if (chip->flags & TPM_CHIP_FLAG_TPM2)
352
		rc = tpm2_pcr_read(chip, pcr_idx, digest, NULL);
353
	else
354
		rc = tpm1_pcr_read(chip, pcr_idx, digest->digest);
355

356
	tpm_put_ops(chip);
357
	return rc;
358
}
359
EXPORT_SYMBOL_GPL(tpm_pcr_read);
360

361
/**
362
 * tpm_pcr_extend - extend a PCR value in SHA1 bank.
363
 * @chip:	a &struct tpm_chip instance, %NULL for the default chip
364
 * @pcr_idx:	the PCR to be retrieved
365
 * @digests:	array of tpm_digest structures used to extend PCRs
366
 *
367
 * Note: callers must pass a digest for every allocated PCR bank, in the same
368
 * order of the banks in chip->allocated_banks.
369
 *
370
 * Return: same as with tpm_transmit_cmd()
371
 */
372
int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx,
373
		   struct tpm_digest *digests)
374
{
375
	int rc;
376
	int i;
377

378
	if (!chip)
379
		return -ENODEV;
380

381
	rc = tpm_try_get_ops(chip);
382
	if (rc)
383
		return rc;
384

385
	for (i = 0; i < chip->nr_allocated_banks; i++) {
386
		if (digests[i].alg_id != chip->allocated_banks[i].alg_id) {
387
			rc = -EINVAL;
388
			goto out;
389
		}
390
	}
391

392
	if (chip->flags & TPM_CHIP_FLAG_TPM2) {
393
		rc = tpm2_pcr_extend(chip, pcr_idx, digests);
394
		goto out;
395
	}
396

397
	rc = tpm1_pcr_extend(chip, pcr_idx, digests[0].digest,
398
			     "attempting extend a PCR value");
399

400
out:
401
	tpm_put_ops(chip);
402
	return rc;
403
}
404
EXPORT_SYMBOL_GPL(tpm_pcr_extend);
405

406
int tpm_auto_startup(struct tpm_chip *chip)
407
{
408
	int rc;
409

410
	if (!(chip->ops->flags & TPM_OPS_AUTO_STARTUP))
411
		return 0;
412

413
	if (chip->flags & TPM_CHIP_FLAG_TPM2)
414
		rc = tpm2_auto_startup(chip);
415
	else
416
		rc = tpm1_auto_startup(chip);
417

418
	return rc;
419
}
420

421
/*
422
 * We are about to suspend. Save the TPM state
423
 * so that it can be restored.
424
 */
425
int tpm_pm_suspend(struct device *dev)
426
{
427
	struct tpm_chip *chip = dev_get_drvdata(dev);
428
	int rc = 0;
429

430
	if (!chip)
431
		return -ENODEV;
432

433
	rc = tpm_try_get_ops(chip);
434
	if (rc) {
435
		/* Can be safely set out of locks, as no action cannot race: */
436
		chip->flags |= TPM_CHIP_FLAG_SUSPENDED;
437
		goto out;
438
	}
439

440
	if (chip->flags & TPM_CHIP_FLAG_ALWAYS_POWERED)
441
		goto suspended;
442

443
	if ((chip->flags & TPM_CHIP_FLAG_FIRMWARE_POWER_MANAGED) &&
444
	    !pm_suspend_via_firmware())
445
		goto suspended;
446

447
	if (chip->flags & TPM_CHIP_FLAG_TPM2) {
448
		tpm2_end_auth_session(chip);
449
		tpm2_shutdown(chip, TPM2_SU_STATE);
450
		goto suspended;
451
	}
452

453
	rc = tpm1_pm_suspend(chip, tpm_suspend_pcr);
454

455
suspended:
456
	chip->flags |= TPM_CHIP_FLAG_SUSPENDED;
457
	tpm_put_ops(chip);
458

459
out:
460
	if (rc)
461
		dev_err(dev, "Ignoring error %d while suspending\n", rc);
462
	return 0;
463
}
464
EXPORT_SYMBOL_GPL(tpm_pm_suspend);
465

466
/*
467
 * Resume from a power safe. The BIOS already restored
468
 * the TPM state.
469
 */
470
int tpm_pm_resume(struct device *dev)
471
{
472
	struct tpm_chip *chip = dev_get_drvdata(dev);
473

474
	if (chip == NULL)
475
		return -ENODEV;
476

477
	chip->flags &= ~TPM_CHIP_FLAG_SUSPENDED;
478

479
	/*
480
	 * Guarantee that SUSPENDED is written last, so that hwrng does not
481
	 * activate before the chip has been fully resumed.
482
	 */
483
	wmb();
484

485
	return 0;
486
}
487
EXPORT_SYMBOL_GPL(tpm_pm_resume);
488

489
/**
490
 * tpm_get_random() - get random bytes from the TPM's RNG
491
 * @chip:	a &struct tpm_chip instance, %NULL for the default chip
492
 * @out:	destination buffer for the random bytes
493
 * @max:	the max number of bytes to write to @out
494
 *
495
 * Return: number of random bytes read or a negative error value.
496
 */
497
int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max)
498
{
499
	int rc;
500

501
	if (!out || max > TPM_MAX_RNG_DATA)
502
		return -EINVAL;
503

504
	if (!chip)
505
		return -ENODEV;
506

507
	rc = tpm_try_get_ops(chip);
508
	if (rc)
509
		return rc;
510

511
	if (chip->flags & TPM_CHIP_FLAG_TPM2)
512
		rc = tpm2_get_random(chip, out, max);
513
	else
514
		rc = tpm1_get_random(chip, out, max);
515

516
	tpm_put_ops(chip);
517
	return rc;
518
}
519
EXPORT_SYMBOL_GPL(tpm_get_random);
520

521
static int __init tpm_init(void)
522
{
523
	int rc;
524

525
	rc = class_register(&tpm_class);
526
	if (rc) {
527
		pr_err("couldn't create tpm class\n");
528
		return rc;
529
	}
530

531
	rc = class_register(&tpmrm_class);
532
	if (rc) {
533
		pr_err("couldn't create tpmrm class\n");
534
		goto out_destroy_tpm_class;
535
	}
536

537
	rc = alloc_chrdev_region(&tpm_devt, 0, 2*TPM_NUM_DEVICES, "tpm");
538
	if (rc < 0) {
539
		pr_err("tpm: failed to allocate char dev region\n");
540
		goto out_destroy_tpmrm_class;
541
	}
542

543
	rc = tpm_dev_common_init();
544
	if (rc) {
545
		pr_err("tpm: failed to allocate char dev region\n");
546
		goto out_unreg_chrdev;
547
	}
548

549
	return 0;
550

551
out_unreg_chrdev:
552
	unregister_chrdev_region(tpm_devt, 2 * TPM_NUM_DEVICES);
553
out_destroy_tpmrm_class:
554
	class_unregister(&tpmrm_class);
555
out_destroy_tpm_class:
556
	class_unregister(&tpm_class);
557

558
	return rc;
559
}
560

561
static void __exit tpm_exit(void)
562
{
563
	idr_destroy(&dev_nums_idr);
564
	class_unregister(&tpm_class);
565
	class_unregister(&tpmrm_class);
566
	unregister_chrdev_region(tpm_devt, 2*TPM_NUM_DEVICES);
567
	tpm_dev_common_exit();
568
}
569

570
subsys_initcall(tpm_init);
571
module_exit(tpm_exit);
572

573
MODULE_AUTHOR("Leendert van Doorn <[email protected]>");
574
MODULE_DESCRIPTION("TPM Driver");
575
MODULE_VERSION("2.0");
576
MODULE_LICENSE("GPL");
577

578