#
d2e8071b |
|
20-Jun-2023 |
Ivan Orlov <ivan.orlov0322@gmail.com> |
tpm: make all 'class' structures const Now that the driver core allows for struct class to be in read-only memory, making all 'class' structures to be declared at build time placing them into read-only memory, instead of having to be dynamically allocated at load time. Cc: Peter Huewe <peterhuewe@gmx.de> Cc: Jason Gunthorpe <jgg@ziepe.ca> Cc: linux-integrity@vger.kernel.org Suggested-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Ivan Orlov <ivan.orlov0322@gmail.com> Acked-by: Jarkko Sakkinen <jarkko@kernel.org> Link: https://lore.kernel.org/r/20230620144642.584926-2-gregkh@linuxfoundation.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
#
0c8862de |
|
26-Apr-2023 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: Re-enable TPM chip boostrapping non-tpm_tis TPM drivers TPM chip bootstrapping was removed from tpm_chip_register(), and it was relocated to tpm_tis_core. This breaks all drivers which are not based on tpm_tis because the chip will not get properly initialized. Take the corrective steps: 1. Rename tpm_chip_startup() as tpm_chip_bootstrap() and make it one-shot. 2. Call tpm_chip_bootstrap() in tpm_chip_register(), which reverts the things as tehy used to be. Cc: Lino Sanfilippo <l.sanfilippo@kunbus.com> Fixes: 548eb516ec0f ("tpm, tpm_tis: startup chip before testing for interrupts") Reported-by: Pengfei Xu <pengfei.xu@intel.com> Link: https://lore.kernel.org/all/ZEjqhwHWBnxcaRV5@xpf.sh.intel.com/ Tested-by: Pengfei Xu <pengfei.xu@intel.com> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
|
#
a010eb88 |
|
13-Mar-2023 |
Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
tpm: fix up the tpm_class shutdown_pre pointer when created Do not wait until long after the struct class has been created to set the shutdown_pre pointer for the tpm_class, assign it right away. This is the only in-kernel offender that tries to modify the device->class pointer contents after it has been assigned to a device, so fix that up by doing the function pointer assignment before it is matched with the device. Because of this, the patch should go through the driver core tree to allow later changes to struct device to be possible. Cc: Peter Huewe <peterhuewe@gmx.de> Cc: Jarkko Sakkinen <jarkko@kernel.org> Cc: Jason Gunthorpe <jgg@ziepe.ca> Cc: linux-integrity@vger.kernel.org Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Link: https://lore.kernel.org/r/20230313181843.1207845-10-gregkh@linuxfoundation.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
#
548eb516 |
|
24-Nov-2022 |
Lino Sanfilippo <l.sanfilippo@kunbus.com> |
tpm, tpm_tis: startup chip before testing for interrupts In tpm_tis_gen_interrupt() a request for a property value is sent to the TPM to test if interrupts are generated. However after a power cycle the TPM responds with TPM_RC_INITIALIZE which indicates that the TPM is not yet properly initialized. Fix this by first starting the TPM up before the request is sent. For this the startup implementation is removed from tpm_chip_register() and put into the new function tpm_chip_startup() which is called before the interrupts are tested. Signed-off-by: Lino Sanfilippo <l.sanfilippo@kunbus.com> Tested-by: Jarkko Sakkinen <jarkko@kernel.org> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
|
#
f1324bbc |
|
27-Feb-2023 |
Mario Limonciello <mario.limonciello@amd.com> |
tpm: disable hwrng for fTPM on some AMD designs AMD has issued an advisory indicating that having fTPM enabled in BIOS can cause "stuttering" in the OS. This issue has been fixed in newer versions of the fTPM firmware, but it's up to system designers to decide whether to distribute it. This issue has existed for a while, but is more prevalent starting with kernel 6.1 because commit b006c439d58db ("hwrng: core - start hwrng kthread also for untrusted sources") started to use the fTPM for hwrng by default. However, all uses of /dev/hwrng result in unacceptable stuttering. So, simply disable registration of the defective hwrng when detecting these faulty fTPM versions. As this is caused by faulty firmware, it is plausible that such a problem could also be reproduced by other TPM interactions, but this hasn't been shown by any user's testing or reports. It is hypothesized to be triggered more frequently by the use of the RNG because userspace software will fetch random numbers regularly. Intentionally continue to register other TPM functionality so that users that rely upon PCR measurements or any storage of data will still have access to it. If it's found later that another TPM functionality is exacerbating this problem a module parameter it can be turned off entirely and a module parameter can be introduced to allow users who rely upon fTPM functionality to turn it on even though this problem is present. Link: https://www.amd.com/en/support/kb/faq/pa-410 Link: https://bugzilla.kernel.org/show_bug.cgi?id=216989 Link: https://lore.kernel.org/all/20230209153120.261904-1-Jason@zx2c4.com/ Fixes: b006c439d58d ("hwrng: core - start hwrng kthread also for untrusted sources") Cc: stable@vger.kernel.org Cc: Jarkko Sakkinen <jarkko@kernel.org> Cc: Thorsten Leemhuis <regressions@leemhuis.info> Cc: James Bottomley <James.Bottomley@hansenpartnership.com> Tested-by: reach622@mailcuk.com Tested-by: Bell <1138267643@qq.com> Co-developed-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Mario Limonciello <mario.limonciello@amd.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
|
#
5e3a3f27 |
|
03-Jun-2022 |
Stefan Mahnke-Hartmann <stefan.mahnke-hartmann@infineon.com> |
tpm: Add upgrade/reduced mode support for TPM1.2 modules In case a TPM in failure mode is detected, the TPM should be accessible through a transparent communication channel for analysing purposes (e.g. TPM_GetTestResult) or a field upgrade. Since a TPM in failure mode has similar reduced functionality as in field upgrade mode, the flag TPM_CHIP_FLAG_FIRMWARE_UPGRADE is also valid. As described in TCG TPM Main Part1 Design Principles, Revision 116, chapter 9.2.1. the TPM also allows an update function in case a TPM is in failure mode. If the TPM in failure mode is detected, the function tpm1_auto_startup() sets TPM_CHIP_FLAG_FIRMWARE_UPGRADE flag, which is used later during driver initialization/deinitialization to disable functionality which makes no sense or will fail in the current TPM state. The following functionality is affected: * Do not register TPM as a hwrng * Do not get pcr allocation * Do not register sysfs entries which provide information impossible to obtain in limited mode Signed-off-by: Stefan Mahnke-Hartmann <stefan.mahnke-hartmann@infineon.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
|
#
7e0438f8 |
|
02-Mar-2022 |
Lino Sanfilippo <LinoSanfilippo@gmx.de> |
tpm: fix reference counting for struct tpm_chip The following sequence of operations results in a refcount warning: 1. Open device /dev/tpmrm. 2. Remove module tpm_tis_spi. 3. Write a TPM command to the file descriptor opened at step 1. ------------[ cut here ]------------ WARNING: CPU: 3 PID: 1161 at lib/refcount.c:25 kobject_get+0xa0/0xa4 refcount_t: addition on 0; use-after-free. Modules linked in: tpm_tis_spi tpm_tis_core tpm mdio_bcm_unimac brcmfmac sha256_generic libsha256 sha256_arm hci_uart btbcm bluetooth cfg80211 vc4 brcmutil ecdh_generic ecc snd_soc_core crc32_arm_ce libaes raspberrypi_hwmon ac97_bus snd_pcm_dmaengine bcm2711_thermal snd_pcm snd_timer genet snd phy_generic soundcore [last unloaded: spi_bcm2835] CPU: 3 PID: 1161 Comm: hold_open Not tainted 5.10.0ls-main-dirty #2 Hardware name: BCM2711 [<c0410c3c>] (unwind_backtrace) from [<c040b580>] (show_stack+0x10/0x14) [<c040b580>] (show_stack) from [<c1092174>] (dump_stack+0xc4/0xd8) [<c1092174>] (dump_stack) from [<c0445a30>] (__warn+0x104/0x108) [<c0445a30>] (__warn) from [<c0445aa8>] (warn_slowpath_fmt+0x74/0xb8) [<c0445aa8>] (warn_slowpath_fmt) from [<c08435d0>] (kobject_get+0xa0/0xa4) [<c08435d0>] (kobject_get) from [<bf0a715c>] (tpm_try_get_ops+0x14/0x54 [tpm]) [<bf0a715c>] (tpm_try_get_ops [tpm]) from [<bf0a7d6c>] (tpm_common_write+0x38/0x60 [tpm]) [<bf0a7d6c>] (tpm_common_write [tpm]) from [<c05a7ac0>] (vfs_write+0xc4/0x3c0) [<c05a7ac0>] (vfs_write) from [<c05a7ee4>] (ksys_write+0x58/0xcc) [<c05a7ee4>] (ksys_write) from [<c04001a0>] (ret_fast_syscall+0x0/0x4c) Exception stack(0xc226bfa8 to 0xc226bff0) bfa0: 00000000 000105b4 00000003 beafe664 00000014 00000000 bfc0: 00000000 000105b4 000103f8 00000004 00000000 00000000 b6f9c000 beafe684 bfe0: 0000006c beafe648 0001056c b6eb6944 ---[ end trace d4b8409def9b8b1f ]--- The reason for this warning is the attempt to get the chip->dev reference in tpm_common_write() although the reference counter is already zero. Since commit 8979b02aaf1d ("tpm: Fix reference count to main device") the extra reference used to prevent a premature zero counter is never taken, because the required TPM_CHIP_FLAG_TPM2 flag is never set. Fix this by moving the TPM 2 character device handling from tpm_chip_alloc() to tpm_add_char_device() which is called at a later point in time when the flag has been set in case of TPM2. Commit fdc915f7f719 ("tpm: expose spaces via a device link /dev/tpmrm<n>") already introduced function tpm_devs_release() to release the extra reference but did not implement the required put on chip->devs that results in the call of this function. Fix this by putting chip->devs in tpm_chip_unregister(). Finally move the new implementation for the TPM 2 handling into a new function to avoid multiple checks for the TPM_CHIP_FLAG_TPM2 flag in the good case and error cases. Cc: stable@vger.kernel.org Fixes: fdc915f7f719 ("tpm: expose spaces via a device link /dev/tpmrm<n>") Fixes: 8979b02aaf1d ("tpm: Fix reference count to main device") Co-developed-by: Jason Gunthorpe <jgg@ziepe.ca> Signed-off-by: Jason Gunthorpe <jgg@ziepe.ca> Signed-off-by: Lino Sanfilippo <LinoSanfilippo@gmx.de> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jason Gunthorpe <jgg@nvidia.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
|
#
8c657a05 |
|
28-Jan-2021 |
Jarkko Sakkinen <jarkko@kernel.org> |
KEYS: trusted: Reserve TPM for seal and unseal operations When TPM 2.0 trusted keys code was moved to the trusted keys subsystem, the operations were unwrapped from tpm_try_get_ops() and tpm_put_ops(), which are used to take temporarily the ownership of the TPM chip. The ownership is only taken inside tpm_send(), but this is not sufficient, as in the key load TPM2_CC_LOAD, TPM2_CC_UNSEAL and TPM2_FLUSH_CONTEXT need to be done as a one single atom. Take the TPM chip ownership before sending anything with tpm_try_get_ops() and tpm_put_ops(), and use tpm_transmit_cmd() to send TPM commands instead of tpm_send(), reverting back to the old behaviour. Fixes: 2e19e10131a0 ("KEYS: trusted: Move TPM2 trusted keys code") Reported-by: "James E.J. Bottomley" <James.Bottomley@HansenPartnership.com> Cc: stable@vger.kernel.org Cc: David Howells <dhowells@redhat.com> Cc: Mimi Zohar <zohar@linux.ibm.com> Cc: Sumit Garg <sumit.garg@linaro.org> Acked-by Sumit Garg <sumit.garg@linaro.org> Tested-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
|
#
6c4e79d9 |
|
02-Jul-2020 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: Unify the mismatching TPM space buffer sizes The size of the buffers for storing context's and sessions can vary from arch to arch as PAGE_SIZE can be anything between 4 kB and 256 kB (the maximum for PPC64). Define a fixed buffer size set to 16 kB. This should be enough for most use with three handles (that is how many we allow at the moment). Parametrize the buffer size while doing this, so that it is easier to revisit this later on if required. Cc: stable@vger.kernel.org Reported-by: Stefan Berger <stefanb@linux.ibm.com> Fixes: 745b361e989a ("tpm: infrastructure for TPM spaces") Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
18b3670d |
|
12-Mar-2020 |
Stefan Berger <stefanb@linux.ibm.com> |
tpm: ibmvtpm: Add support for TPM2 Support TPM2 in the IBM vTPM driver. The hypervisor tells us what version of TPM is connected through the vio_device_id. In case a TPM2 device is found, we set the TPM_CHIP_FLAG_TPM2 flag and get the command codes attributes table. The driver does not need the timeouts and durations, though. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Acked-by: Nayna Jain <nayna@linux.ibm.com> Tested-by: Nayna Jain <nayna@linux.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
805fa88e |
|
02-Jan-2020 |
Matthew Garrett <matthewgarrett@google.com> |
tpm: Don't make log failures fatal If a TPM is in disabled state, it's reasonable for it to have an empty log. Bailing out of probe in this case means that the PPI interface isn't available, so there's no way to then enable the TPM from the OS. In general it seems reasonable to ignore log errors - they shouldn't interfere with any other TPM functionality. Signed-off-by: Matthew Garrett <matthewgarrett@google.com> Cc: stable@vger.kernel.org # 4.19.x Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
45477b3f |
|
11-Dec-2019 |
James Bottomley <James.Bottomley@HansenPartnership.com> |
security: keys: trusted: fix lost handle flush The original code, before it was moved into security/keys/trusted-keys had a flush after the blob unseal. Without that flush, the volatile handles increase in the TPM until it becomes unusable and the system either has to be rebooted or the TPM volatile area manually flushed. Fix by adding back the lost flush, which we now have to export because of the relocation of the trusted key code may cause the consumer to be modular. Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> Fixes: 2e19e10131a0 ("KEYS: trusted: Move TPM2 trusted keys code") Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
2e19e101 |
|
15-Oct-2019 |
Sumit Garg <sumit.garg@linaro.org> |
KEYS: trusted: Move TPM2 trusted keys code Move TPM2 trusted keys code to trusted keys subsystem. The reason being it's better to consolidate all the trusted keys code to a single location so that it can be maintained sanely. Also, utilize existing tpm_send() exported API which wraps the internal tpm_transmit_cmd() API. Suggested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Sumit Garg <sumit.garg@linaro.org> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
74edff2d |
|
15-Oct-2019 |
Sumit Garg <sumit.garg@linaro.org> |
tpm: Move tpm_buf code to include/linux/ Move tpm_buf code to common include/linux/tpm.h header so that it can be reused via other subsystems like trusted keys etc. Also rename trusted keys and asymmetric keys usage of TPM 1.x buffer implementation to tpm1_buf to avoid any compilation errors. Suggested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Sumit Garg <sumit.garg@linaro.org> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
44abdb37 |
|
11-Oct-2019 |
James Bottomley <James.Bottomley@HansenPartnership.com> |
tpm: use GFP_KERNEL instead of GFP_HIGHMEM for tpm_buf The current code uses GFP_HIGHMEM, which is wrong because GFP_HIGHMEM (on 32 bit systems) is memory ordinarily inaccessible to the kernel and should only be used for allocations affecting userspace. In order to make highmem visible to the kernel on 32 bit it has to be kmapped, which consumes valuable entries in the kmap region. Since the tpm_buf is only ever used in the kernel, switch to using a GFP_KERNEL allocation so as not to waste kmap space on 32 bits. Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
2e2ee5a2 |
|
20-Sep-2019 |
Stephen Boyd <swboyd@chromium.org> |
tpm: Add a flag to indicate TPM power is managed by firmware On some platforms, the TPM power is managed by firmware and therefore we don't need to stop the TPM on suspend when going to a light version of suspend such as S0ix ("freeze" suspend state). Add a chip flag, TPM_CHIP_FLAG_FIRMWARE_POWER_MANAGED, to indicate this so that certain platforms can probe for the usage of this light suspend and avoid touching the TPM state across suspend/resume. Cc: Andrey Pronin <apronin@chromium.org> Cc: Duncan Laurie <dlaurie@chromium.org> Cc: Jason Gunthorpe <jgg@ziepe.ca> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Guenter Roeck <groeck@chromium.org> Cc: Alexander Steffen <Alexander.Steffen@infineon.com> Cc: Heiko Stuebner <heiko@sntech.de> Tested-by: Heiko Stuebner <heiko@sntech.de> Reviewed-by: Heiko Stuebner <heiko@sntech.de> Signed-off-by: Stephen Boyd <swboyd@chromium.org> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
f2f5820e |
|
02-Sep-2019 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: Remove duplicate code from caps_show() in tpm-sysfs.c Replace existing TPM 1.x version structs with new structs that consolidate the common parts into a single struct so that code duplication is no longer needed in caps_show(). Cc: Peter Huewe <peterhuewe@gmx.de> Cc: Jason Gunthorpe <jgg@ziepe.ca> Cc: Alexey Klimov <aklimov@redhat.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Tested-by: Jerry Snitselaar <jsnitsel@redhat.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
fa4f99c0 |
|
10-Jul-2019 |
Nayna Jain <nayna@linux.ibm.com> |
tpm: tpm_ibm_vtpm: Fix unallocated banks The nr_allocated_banks and allocated banks are initialized as part of tpm_chip_register. Currently, this is done as part of auto startup function. However, some drivers, like the ibm vtpm driver, do not run auto startup during initialization. This results in uninitialized memory issue and causes a kernel panic during boot. This patch moves the pcr allocation outside the auto startup function into tpm_chip_register. This ensures that allocated banks are initialized in any case. Fixes: 879b589210a9 ("tpm: retrieve digest size of unknown algorithms with PCR read") Reported-by: Michal Suchanek <msuchanek@suse.de> Signed-off-by: Nayna Jain <nayna@linux.ibm.com> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> Tested-by: Sachin Sant <sachinp@linux.vnet.ibm.com> Tested-by: Michal Suchánek <msuchanek@suse.de> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
b886d83c |
|
01-Jun-2019 |
Thomas Gleixner <tglx@linutronix.de> |
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 Based on 1 normalized pattern(s): this program is free software you can redistribute it and or modify it under the terms of the gnu general public license as published by the free software foundation version 2 of the license extracted by the scancode license scanner the SPDX license identifier GPL-2.0-only has been chosen to replace the boilerplate/reference in 315 file(s). Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Allison Randal <allison@lohutok.net> Reviewed-by: Armijn Hemel <armijn@tjaldur.nl> Cc: linux-spdx@vger.kernel.org Link: https://lkml.kernel.org/r/20190531190115.503150771@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
#
0b6cf6b9 |
|
06-Feb-2019 |
Roberto Sassu <roberto.sassu@huawei.com> |
tpm: pass an array of tpm_extend_digest structures to tpm_pcr_extend() Currently, tpm_pcr_extend() accepts as an input only a SHA1 digest. This patch replaces the hash parameter of tpm_pcr_extend() with an array of tpm_digest structures, so that the caller can provide a digest for each PCR bank currently allocated in the TPM. tpm_pcr_extend() will not extend banks for which no digest was provided, as it happened before this patch, but instead it requires that callers provide the full set of digests. Since the number of digests will always be chip->nr_allocated_banks, the count parameter has been removed. Due to the API change, ima_pcr_extend() and pcrlock() have been modified. Since the number of allocated banks is not known in advance, the memory for the digests must be dynamically allocated. To avoid performance degradation and to avoid that a PCR extend is not done due to lack of memory, the array of tpm_digest structures is allocated by the users of the TPM driver at initialization time. Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Mimi Zohar <zohar@linux.ibm.com> (on x86 for TPM 1.2 & PTT TPM 2.0) Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
901615cb |
|
06-Feb-2019 |
Roberto Sassu <roberto.sassu@huawei.com> |
tpm: move tpm_chip definition to include/linux/tpm.h The tpm_chip structure contains the list of PCR banks currently allocated in the TPM. When support for crypto agility will be added to the TPM driver, users of the driver have to provide a digest for each allocated bank to tpm_pcr_extend(). With this patch, they can obtain the PCR bank algorithms directly from chip->allocated_banks. Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
879b5892 |
|
06-Feb-2019 |
Roberto Sassu <roberto.sassu@huawei.com> |
tpm: retrieve digest size of unknown algorithms with PCR read Currently, the TPM driver retrieves the digest size from a table mapping TPM algorithms identifiers to identifiers defined by the crypto subsystem. If the algorithm is not defined by the latter, the digest size can be retrieved from the output of the PCR read command. The patch modifies the definition of tpm_pcr_read() and tpm2_pcr_read() to pass the desired hash algorithm and obtain the digest size at TPM startup. Algorithms and corresponding digest sizes are stored in the new structure tpm_bank_info, member of tpm_chip, so that the information can be used by other kernel subsystems. tpm_bank_info contains: the TPM algorithm identifier, necessary to generate the event log as defined by Trusted Computing Group (TCG); the digest size, to pad/truncate a digest calculated with a different algorithm; the crypto subsystem identifier, to calculate the digest of event data. This patch also protects against data corruption that could happen in the bus, by checking that the digest size returned by the TPM during a PCR read matches the size of the algorithm passed to tpm2_pcr_read(). For the initial PCR read, when digest sizes are not yet available, this patch ensures that the amount of data copied from the output returned by the TPM does not exceed the size of the array data are copied to. Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Acked-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
aa042475 |
|
06-Feb-2019 |
Roberto Sassu <roberto.sassu@huawei.com> |
tpm: rename and export tpm2_digest and tpm2_algorithms Rename tpm2_* to tpm_* and move the definitions to include/linux/tpm.h so that these can be used by other kernel subsystems (e.g. IMA). Also, set the length of the digest array in tpm_digest to a new constant named TPM_MAX_DIGEST_SIZE, equal to SHA512_DIGEST_SIZE. Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Acked-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
bcfff838 |
|
06-Feb-2019 |
Roberto Sassu <roberto.sassu@huawei.com> |
tpm: dynamically allocate the allocated_banks array This patch renames active_banks (member of tpm_chip) to allocated_banks, stores the number of allocated PCR banks in nr_allocated_banks (new member of tpm_chip), and replaces the static array with a pointer to a dynamically allocated array. tpm2_get_pcr_allocation() determines if a PCR bank is allocated by checking the mask in the TPML_PCR_SELECTION structure returned by the TPM for TPM2_Get_Capability(). If a bank is not allocated, the TPM returns that bank in TPML_PCR_SELECTION, with all bits in the mask set to zero. In this case, the bank is not included in chip->allocated_banks, to avoid that TPM driver users unnecessarily calculate a digest for that bank. One PCR bank with algorithm set to SHA1 is always allocated for TPM 1.x. As a consequence of the introduction of nr_allocated_banks, tpm_pcr_extend() does not check anymore if the algorithm stored in tpm_chip is equal to zero. Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
47a6c28b |
|
04-Nov-2018 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: remove @flags from tpm_transmit() Remove @flags from tpm_transmit() API. It is no longer used for anything. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com> Tested-by: Alexander Steffen <Alexander.Steffen@infineon.com>
|
#
a3fbfae8 |
|
04-Nov-2018 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: take TPM chip power gating out of tpm_transmit() Call tpm_chip_start() and tpm_chip_stop() in * tpm_chip_register() * tpm_class_shutdown() * tpm_del_char_device() * tpm_pm_suspend() * tpm_try_get_ops() and tpm_put_ops() * tpm2_del_space() And remove these calls from tpm_transmit(). The core reason for this change is that in tpm_vtpm_proxy a locality change requires a virtual TPM command (a command made up just for that driver). The consequence of this is that this commit removes the remaining nested calls. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com> Tested-by: Alexander Steffen <Alexander.Steffen@infineon.com>
|
#
719b7d81 |
|
04-Nov-2018 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: introduce tpm_chip_start() and tpm_chip_stop() Encapsulate power gating and locality functionality to tpm_chip_start() and tpm_chip_stop() in order to clean up the branching mess in tpm_transmit(). Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com> Tested-by: Alexander Steffen <Alexander.Steffen@infineon.com>
|
#
2f257402 |
|
04-Nov-2018 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: remove TPM_TRANSMIT_UNLOCKED flag Added locking as part of tpm_try_get_ops() and tpm_put_ops() as they are anyway used in most of the call sites except in tpmrm_release() where we take the locks manually. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com> Tested-by: Alexander Steffen <Alexander.Steffen@infineon.com>
|
#
5faafbab |
|
03-Nov-2018 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: remove @space from tpm_transmit() Remove @space from tpm_transmit() API` in order to completely remove the bound between low-level transmission functionality and TPM spaces. The only real dependency existing is the amount of data saved before trying to send a command to the TPM. It doesn't really matter if we save always a bit more than needed so this commit changes the amount saved always to be the size of the TPM header and three handles. Cc: James Bottomley <James.Bottomley@HansenPartnership.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com> Tested-by: Alexander Steffen <Alexander.Steffen@infineon.com>
|
#
c3465a37 |
|
02-Nov-2018 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: move tpm_validate_commmand() to tpm2-space.c Move tpm_validate_command() to tpm2-space.c and make it part of the tpm2_prepare_space() flow. Make cc resolution as part of the TPM space functionality in order to detach it from rest of the tpm_transmit() flow. Cc: James Bottomley <James.Bottomley@HansenPartnership.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com> Tested-by: Alexander Steffen <Alexander.Steffen@infineon.com>
|
#
304ff672 |
|
04-Nov-2018 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: clean up tpm_try_transmit() error handling flow Move locking, locality handling and power management to tpm_transmit() in order to simplify the flow. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com> Tested-by: Alexander Steffen <Alexander.Steffen@infineon.com>
|
#
b34b77a9 |
|
06-Nov-2018 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: declare struct tpm_header Declare struct tpm_header that replaces struct tpm_input_header and struct tpm_output_header. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com> Tested-by: Alexander Steffen <Alexander.Steffen@infineon.com>
|
#
412eb585 |
|
26-Oct-2018 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: use tpm_buf in tpm_transmit_cmd() as the IO parameter Since we pass an initialized struct tpm_buf instance in every call site now, it is cleaner to pass that directly to the tpm_transmit_cmd() as the TPM command/response buffer. Fine-tune a little bit tpm_transmit() and tpm_transmit_cmd() comments while doing this. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com> Tested-by: Alexander Steffen <Alexander.Steffen@infineon.com>
|
#
95adc6b4 |
|
19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm: use u32 instead of int for PCR index The TPM specs defines PCR index as a positive number, and there is no reason to use a signed number. It is also a possible security issue as currently no functions check for a negative index, which may become a large number when converted to u32. Adjust the API to use u32 instead of int in all PCR related functions. Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
c82e5954 |
|
19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm1: reimplement tpm1_continue_selftest() using tpm_buf Reimplement tpm1_continue_selftest() using tpm_buf structure. This is the last command using the old tpm_cmd_t structure and now the structure can be removed. Cc: Nayna Jain <nayna@linux.vnet.ibm.com> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
cfddcb05 |
|
19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read() Rename tpm1_pcr_read_dev to tpm1_pcr_read() to match the counterpart tpm2_pcr_read(). Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
5e335b5e |
|
19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm1: implement tpm1_pcr_read_dev() using tpm_buf structure Implement tpm1_pcr_read_dev() using tpm_buf and remove now unneeded structures from tpm.h Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
7aee9c52 |
|
19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm: tpm1: rewrite tpm1_get_random() using tpm_buf structure 1. Use tpm_buf in tpm1_get_random() 2. Fix comment in tpm_get_random() so it is clear that the function is expected to return number of random bytes. Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
b03c4370 |
|
19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm: add tpm_auto_startup() into tpm-interface.c Add wrapper tpm_auto_startup() to tpm-interface.c instead of open coded decision between TPM 1.x and TPM 2.x in tpm-chip.c Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
9db7fe18 |
|
19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm: factor out tpm_startup function TPM manual startup is used only from within TPM 1.x or TPM 2.x code, hence remove tpm_startup() function from tpm-interface.c and add two static functions implementations tpm1_startup() and tpm2_startup() into to tpm1-cmd.c and tpm2-cmd.c respectively. Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
c82a330c |
|
19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c Factor out TPM 1.x suspend flow from tpm-interface.c into a new function tpm1_pm_suspend() in tpm1-cmd.c Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
d4a31756 |
|
19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm: move tpm 1.x selftest code from tpm-interface.c tpm1-cmd.c Move the tpm1 selftest code functions to tpm1-cmd.c and adjust callers to use the new function names. 1. tpm_pcr_read_dev() to tpm1_pcr_read_dev(). 2. tpm_continue_selftest() to tpm1_continue_selftest(). 3. tpm_do_selftest() to tpm1_do_selftest() Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
433d390f |
|
19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm: factor out tpm1_get_random into tpm1-cmd.c Factor out get random implementation from tpm-interface.c into tpm1_get_random function in tpm1-cmd.c. No functional changes. Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
f4d916b7 |
|
19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm: move tpm_getcap to tpm1-cmd.c 1. Move tpm_getcap to tpm1-cmd. Rename the function to tpm1_getcap. 2. Remove unused tpm_getcap_header with unused constant as this functionality is already implemented using tpm_buf construct. Fixes warning: drivers/char/tpm/tpm-interface.c:452:38: warning: ‘tpm_getcap_header’ defined but not used [-Wunused-const-variable=] static const struct tpm_input_header tpm_getcap_header = { ^~~~~~~~~~~~~~~~~ 3. Drop unused TPM_DIGEST_SIZE. It's already defined in include/linux/tpm.h Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
1ad6640c |
|
19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm: move tpm1_pcr_extend to tpm1-cmd.c Move tpm1_pcr_extend to tpm1-cmd.c and remove unused pcrextend_header structure and EXTEND_PCR_RESULT_SIZE and EXTEND_PCR_RESULT_BODY_SIZE defines. Fixes warning: drivers/char/tpm/tpm-interface.c:609:38: warning: ‘pcrextend_header’ defined but not used [-Wunused-const-variable=] static const struct tpm_input_header pcrextend_header = { ^~~~~~~~~~~~~~~~ Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Nayna Jain <nayna@linux.ibm.com> Tested-by: Nayna Jain <nayna@linux.ibm.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
70a3199a |
|
19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm: factor out tpm_get_timeouts() Factor out tpm_get_timeouts() into tpm2_get_timeouts() and tpm1_get_timeouts() Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
d856c00f |
|
19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm: add tpm_calc_ordinal_duration() wrapper Add convenient wrapper for ordinal duration computation to remove boiler plate if else statement over TPM2. if (chip->flags & TPM_CHIP_FLAG_TPM2) tpm2_calc_ordinal_duration(chip, ordinal); else tpm1_calc_ordinal_duration(chip, ordinal); Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
b2d6e6de |
|
19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm: factor out tpm 1.x duration calculation to tpm1-cmd.c Factor out TPM 1.x commands calculation into tpm1-cmd.c file. and change the prefix from tpm_ to tpm1_. No functional change is done here. Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
899102bc |
|
19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm2: add new tpm2 commands according to TCG 1.36 1. TPM2_CC_LAST has moved from 182 to 193 2. Convert tpm2_ordinal_duration from an array into a switch statement, as there are not so many commands that require special duration relative to a number of commands, the switch statement function is called tpm2_ordinal_duration_index(). 3. Fix kdoc comments for tpm2_calc_ordinal_duration(). Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
9e1b74a6 |
|
10-Sep-2018 |
Tadeusz Struk <tadeusz.struk@intel.com> |
tpm: add support for nonblocking operation Currently the TPM driver only supports blocking calls, which doesn't allow asynchronous IO operations to the TPM hardware. This patch changes it and adds support for nonblocking write and a new poll function to enable applications, which want to take advantage of this. Tested-by: Philip Tricca <philip.b.tricca@intel.com> Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off--by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
58bac8cc |
|
29-Jun-2018 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: replace TPM_TRANSMIT_RAW with TPM_TRANSMIT_NESTED As TPM_TRANSMIT_RAW always requires also not to take locks for obvious reasons (deadlock), this commit renames the flag as TPM_TRANSMIT_NESTED and prevents taking tpm_mutex when the flag is given to tpm_transmit(). Suggested-by: Tomas Winkler <tomas.winkler@intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
fc1d52b7 |
|
26-Jun-2018 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm: rename tpm_chip_find_get() to tpm_find_get_ops() Rename tpm_chip_find_get() to tpm_find_get_ops() to more closely match the tpm_put_ops() counter part. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
627448e8 |
|
28-Jun-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm: separate cmd_ready/go_idle from runtime_pm Fix tpm ptt initialization error: tpm tpm0: A TPM error (378) occurred get tpm pcr allocation. We cannot use go_idle cmd_ready commands via runtime_pm handles as with the introduction of localities this is no longer an optional feature, while runtime pm can be not enabled. Though cmd_ready/go_idle provides a power saving, it's also a part of TPM2 protocol and should be called explicitly. This patch exposes cmd_read/go_idle via tpm class ops and removes runtime pm support as it is not used by any driver. When calling from nested context always use both flags: TPM_TRANSMIT_UNLOCKED and TPM_TRANSMIT_RAW. Both are needed to resolve tpm spaces and locality request recursive calls to tpm_transmit(). TPM_TRANSMIT_RAW should never be used standalone as it will fail on double locking. While TPM_TRANSMIT_UNLOCKED standalone should be called from non-recursive locked contexts. New wrappers are added tpm_cmd_ready() and tpm_go_idle() to streamline tpm_try_transmit code. tpm_crb no longer needs own power saving functions and can drop using tpm_pm_suspend/resume. This patch cannot be really separated from the locality fix. Fixes: 888d867df441 (tpm: cmd_ready command can be issued only after granting locality) Cc: stable@vger.kernel.org Fixes: 888d867df441 (tpm: cmd_ready command can be issued only after granting locality) Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
ce63c05b |
|
26-Mar-2018 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: migrate tpm2_get_random() to use struct tpm_buf In order to make struct tpm_buf the first class object for constructing TPM commands, migrate tpm2_get_random() to use it. In addition, removed remaining references to struct tpm2_cmd. All of them use it to acquire the length of the response, which can be achieved by using tpm_buf_length(). Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Nayna Jain<nayna@linux.vnet.ibm.com>
|
#
424eaf91 |
|
15-May-2018 |
Nayna Jain <nayna@linux.vnet.ibm.com> |
tpm: reduce polling time to usecs for even finer granularity The TPM burstcount and status commands are supposed to return very quickly [2][3]. This patch further reduces the TPM poll sleep time to usecs in get_burstcount() and wait_for_tpm_stat() by calling usleep_range() directly. After this change, performance on a system[1] with a TPM 1.2 with an 8 byte burstcount for 1000 extends improved from ~10.7 sec to ~7 sec. [1] All tests are performed on an x86 based, locked down, single purpose closed system. It has Infineon TPM 1.2 using LPC Bus. [2] From the TCG Specification "TCG PC Client Specific TPM Interface Specification (TIS), Family 1.2": "NOTE : It takes roughly 330 ns per byte transfer on LPC. 256 bytes would take 84 us, which is a long time to stall the CPU. Chipsets may not be designed to post this much data to LPC; therefore, the CPU itself is stalled for much of this time. Sending 1 kB would take 350 μs. Therefore, even if the TPM_STS_x.burstCount field is a high value, software SHOULD be interruptible during this period." [3] From the TCG Specification 2.0, "TCG PC Client Platform TPM Profile (PTP) Specification": "It takes roughly 330 ns per byte transfer on LPC. 256 bytes would take 84 us. Chipsets may not be designed to post this much data to LPC; therefore, the CPU itself is stalled for much of this time. Sending 1 kB would take 350 us. Therefore, even if the TPM_STS_x.burstCount field is a high value, software should be interruptible during this period. For SPI, assuming 20MHz clock and 64-byte transfers, it would take about 120 usec to move 256B of data. Sending 1kB would take about 500 usec. If the transactions are done using 4 bytes at a time, then it would take about 1 msec. to transfer 1kB of data." Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com> Reviewed-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Acked-by: Jay Freyensee <why2jjj.linux@gmail.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
59f5a6b0 |
|
06-May-2018 |
Nayna Jain <nayna@linux.vnet.ibm.com> |
tpm: reduce poll sleep time in tpm_transmit() tpm_try_transmit currently checks TPM status every 5 msecs between send and recv. It does so in a loop for the maximum timeout as defined in the TPM Interface Specification. However, the TPM may return before 5 msecs. Thus the polling interval for each iteration can be reduced, which improves overall performance. This patch changes the polling sleep time from 5 msecs to 1 msec. Additionally, this patch renames TPM_POLL_SLEEP to TPM_TIMEOUT_POLL and moves it to tpm.h as an enum value. After this change, performance on a system[1] with a TPM 1.2 with an 8 byte burstcount for 1000 extends improved from ~14 sec to ~10.7 sec. [1] All tests are performed on an x86 based, locked down, single purpose closed system. It has Infineon TPM 1.2 using LPC Bus. Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com> Acked-by: Jay Freyensee <why2jjj.linux@gmail.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
75d647f5 |
|
11-Apr-2018 |
Thiebaud Weksteen <tweek@google.com> |
tpm: Move eventlog declarations to its own header Reduce the size of tpm.h by moving eventlog declarations to a separate header. Signed-off-by: Thiebaud Weksteen <tweek@google.com> Suggested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
9b01b535 |
|
11-Apr-2018 |
Thiebaud Weksteen <tweek@google.com> |
tpm: Move shared eventlog functions to common.c Functions and structures specific to TPM1 are renamed from tpm* to tpm1*. Signed-off-by: Thiebaud Weksteen <tweek@google.com> Suggested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
2be8ffed |
|
22-Mar-2018 |
James Bottomley <James.Bottomley@HansenPartnership.com> |
tpm: fix intermittent failure with self tests My Nuvoton 6xx in a Dell XPS-13 has been intermittently failing to work (necessitating a reboot). The problem seems to be that the TPM gets into a state where the partial self-test doesn't return TPM_RC_SUCCESS (meaning all tests have run to completion), but instead returns TPM_RC_TESTING (meaning some tests are still running in the background). There are various theories that resending the self-test command actually causes the tests to restart and thus triggers more TPM_RC_TESTING returns until the timeout is exceeded. There are several issues here: firstly being we shouldn't slow down the boot sequence waiting for the self test to complete once the TPM backgrounds them. It will actually make available all functions that have passed and if it gets a failure return TPM_RC_FAILURE to every subsequent command. So the fix is to kick off self tests once and if they return TPM_RC_TESTING log that as a backgrounded self test and continue on. In order to prevent other tpm users from seeing any TPM_RC_TESTING returns (which it might if they send a command that needs a TPM subsystem which is still under test), we loop in tpm_transmit_cmd until either a timeout or we don't get a TPM_RC_TESTING return. Finally, there have been observations of strange returns from a partial test. One Nuvoton is occasionally returning TPM_RC_COMMAND_CODE, so treat any unexpected return from a partial self test as an indication we need to run a full self test. [jarkko.sakkinen@linux.intel.com: cleaned up some klog messages and dropped tpm_transmit_check() helper function from James' original commit.] Fixes: 2482b1bba5122 ("tpm: Trigger only missing TPM 2.0 self tests") Cc: stable@vger.kernel.org Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkine@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkine@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkine@linux.intel.com>
|
#
e2fb992d |
|
21-Mar-2018 |
James Bottomley <James.Bottomley@HansenPartnership.com> |
tpm: add retry logic TPM2 can return TPM2_RC_RETRY to any command and when it does we get unexpected failures inside the kernel that surprise users (this is mostly observed in the trusted key handling code). The UEFI 2.6 spec has advice on how to handle this: The firmware SHALL not return TPM2_RC_RETRY prior to the completion of the call to ExitBootServices(). Implementer’s Note: the implementation of this function should check the return value in the TPM response and, if it is TPM2_RC_RETRY, resend the command. The implementation may abort if a sufficient number of retries has been done. So we follow that advice in our tpm_transmit() code using TPM2_DURATION_SHORT as the initial wait duration and TPM2_DURATION_LONG as the maximum wait time. This should fix all the in-kernel use cases and also means that user space TSS implementations don't have to have their own retry handling. Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> Cc: stable@vger.kernel.org Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
076d3564 |
|
10-Mar-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm2: add longer timeouts for creation commands. TPM2_CC_Create(0x153) and TPM2_CC_CreatePrimary (0x131) involve generation of crypto keys which can be a computationally intensive task. The timeout is set to 3min. Rather than increasing default timeout a new constant is added, to not stall for too long on regular commands failures. Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
62c09e12 |
|
05-Mar-2018 |
Winkler, Tomas <tomas.winkler@intel.com> |
tpm: fix buffer type in tpm_transmit_cmd 1. The buffer cannot be const as it is used both for send and receive. 2. Drop useless casting to u8 *, as this is already a type of 'buf' parameter, it has just masked the 'const' issue. Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
095531f8 |
|
30-Nov-2017 |
Javier Martinez Canillas <javierm@redhat.com> |
tpm: return a TPM_RC_COMMAND_CODE response if command is not implemented According to the TPM Library Specification, a TPM device must do a command header validation before processing and return a TPM_RC_COMMAND_CODE code if the command is not implemented. So user-space will expect to handle that response as an error. But if the in-kernel resource manager is used (/dev/tpmrm?), an -EINVAL errno code is returned instead if the command isn't implemented. This confuses userspace since it doesn't expect that error value. This also isn't consistent with the behavior when not using TPM spaces and accessing the TPM directly (/dev/tpm?). In this case, the command is sent to the TPM even when not implemented and the TPM responds with an error. Instead of returning an -EINVAL errno code when the tpm_validate_command() function fails, synthesize a TPM command response so user-space can get a TPM_RC_COMMAND_CODE as expected when a chip doesn't implement the command. The TPM only sets 12 of the 32 bits in the TPM_RC response, so the TSS and TAB specifications define that higher layers in the stack should use some of the unused 20 bits to specify from which level of the stack the error is coming from. Since the TPM_RC_COMMAND_CODE response code is sent by the kernel resource manager, set the error level to the TAB/RM layer so user-space is aware of this. Suggested-by: Jason Gunthorpe <jgg@ziepe.ca> Signed-off-by: Javier Martinez Canillas <javierm@redhat.com> Reviewed-by: William Roberts <william.c.roberts@intel.com> Reviewed-by: Philip Tricca <philip.b.tricca@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
6e592a06 |
|
17-Nov-2017 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm: Move Linux RNG connection to hwrng The tpm-rng.c approach is completely inconsistent with how the kernel handles hotplug. Instead manage a hwrng device for each TPM. This will cause the kernel to read entropy from the TPM when it is plugged in, and allow access to the TPM rng via /dev/hwrng. Signed-off-by: Jason Gunthorpe <jgg@ziepe.ca> Tested-by: PrasannaKumar Muralidharan <prasannatsmkumar@gmail.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
aad887f6 |
|
05-Nov-2017 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: use struct tpm_chip for tpm_chip_find_get() Device number (the character device index) is not a stable identifier for a TPM chip. That is the reason why every call site passes TPM_ANY_NUM to tpm_chip_find_get(). This commit changes the API in a way that instead a struct tpm_chip instance is given and NULL means the default chip. In addition, this commit refines the documentation to be up to date with the implementation. Suggested-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> (@chip_num -> @chip part) Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jason Gunthorpe <jgg@ziepe.ca> Tested-by: PrasannaKumar Muralidharan <prasannatsmkumar@gmail.com>
|
#
58cc1e4f |
|
20-Sep-2017 |
Thiebaud Weksteen <tweek@google.com> |
tpm: parse TPM event logs based on EFI table If we are not able to retrieve the TPM event logs from the ACPI table, check the EFI configuration table (Linux-specific GUID). The format version of the log is now returned by the provider function. Signed-off-by: Thiebaud Weksteen <tweek@google.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Javier Martinez Canillas <javierm@redhat.com> Tested-by: Javier Martinez Canillas <javierm@redhat.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
fd3ec366 |
|
20-Sep-2017 |
Thiebaud Weksteen <tweek@google.com> |
tpm: move tpm_eventlog.h outside of drivers folder The generic definitions of data structures in tpm_eventlog.h are required by other part of the kernel (namely, the EFI stub). Signed-off-by: Thiebaud Weksteen <tweek@google.com> Reviewed-by: Javier Martinez Canillas <javierm@redhat.com> Tested-by: Javier Martinez Canillas <javierm@redhat.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
5ef924d9 |
|
17-Oct-2017 |
Nayna Jain <nayna@linux.vnet.ibm.com> |
tpm: use tpm_msleep() value as max delay Currently, tpm_msleep() uses delay_msec as the minimum value in usleep_range. However, that is the maximum time we want to wait. The function is modified to use the delay_msec as the maximum value, not the minimum value. After this change, performance on a TPM 1.2 with an 8 byte burstcount for 1000 extends improved from ~9sec to ~8sec. Fixes: 3b9af007869("tpm: replace msleep() with usleep_range() in TPM 1.2/ 2.0 generic drivers") Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com> Acked-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
87cdfdd1 |
|
17-Oct-2017 |
Nayna Jain <nayna@linux.vnet.ibm.com> |
tpm: move wait_for_tpm_stat() to respective driver files The function wait_for_tpm_stat() is currently defined in tpm-interface file. It is a hardware specific function used only by tpm_tis and xen-tpmfront, so it is removed from tpm-interface.c and defined in respective driver files. Suggested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
2d56c718 |
|
26-Sep-2017 |
Ruben Roy <rubenroy2005@gmail.com> |
tpm: fix duplicate inline declaration specifier This commit fixes the duplicate inline declaration specifier in tpm2_rc_value which caused a warning Signed-off-by: Ruben Roy <rubenroy2005@gmail.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
da379f3c |
|
20-Jun-2017 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: migrate pubek_show to struct tpm_buf Migrated pubek_show to struct tpm_buf and cleaned up its implementation. Previously the output parameter structure was declared but left completely unused. Now it is used to refer different fields of the output. We can move it to tpm-sysfs.c as it does not have any use outside of that file. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
9f3fc7bc |
|
14-Aug-2017 |
Hamza Attak <hamza@hpe.com> |
tpm: replace msleep() with usleep_range() in TPM 1.2/2.0 generic drivers The patch simply replaces all msleep function calls with usleep_range calls in the generic drivers. Tested with an Infineon TPM 1.2, using the generic tpm-tis module, for a thousand PCR extends, we see results going from 1m57s unpatched to 40s with the new patch. We obtain similar results when using the original and patched tpm_infineon driver, which is also part of the patch. Similarly with a STM TPM 2.0, using the CRB driver, it takes about 20ms per extend unpatched and around 7ms with the new patch. Note that the PCR consistency is untouched with this patch, each TPM has been tested with 10 million extends and the aggregated PCR value is continuously verified to be correct. As an extension of this work, this could potentially and easily be applied to other vendor's drivers. Still, these changes are not included in the proposed patch as they are untested. Signed-off-by: Hamza Attak <hamza@hpe.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
|
#
b5d0ebc9 |
|
26-Jun-2017 |
Enric Balletbo i Serra <enric.balletbo@collabora.com> |
tpm: do not suspend/resume if power stays on The suspend/resume behavior of the TPM can be controlled by setting "powered-while-suspended" in the DTS. This is useful for the cases when hardware does not power-off the TPM. Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Signed-off-by: Enric Balletbo i Serra <enric.balletbo@collabora.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
|
#
19cbe4f6 |
|
21-Jun-2017 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: consolidate the TPM startup code Consolidated all the "manual" TPM startup code to a single function in order to make code flows a bit cleaner and migrate to tpm_buf. Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
|
#
5e572cab |
|
18-Jun-2017 |
Azhar Shaikh <azhar.shaikh@intel.com> |
tpm: Enable CLKRUN protocol for Braswell systems To overcome a hardware limitation on Intel Braswell systems, disable CLKRUN protocol during TPM transactions and re-enable once the transaction is completed. Signed-off-by: Azhar Shaikh <azhar.shaikh@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
|
#
85ab3bf3 |
|
24-May-2017 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm: Introduce flag TPM_TRANSMIT_RAW Introduce the flag TPM_TRANSMIT_RAW that allows us to transmit a command without recursing into the requesting of locality. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
8816188f |
|
24-May-2017 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: remove struct tpm_pcrextend_in Removed struct tpm_pcrextend_in as it is not used for anything anymore. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Peter Huewe <peterhuewe@gmx.de>
|
#
124bdcf4 |
|
07-May-2017 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: fix byte order related arithmetic inconsistency in tpm_getcap() You should not do arithmetic with __be32 or __le32 types because sometimes it results incorrect results. Calculations must be done only with integers that are in in the CPU byte order. This commit migrates tpm_getcap() to struct tpm_buf in order to sort out these issues. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
|
#
06e93279 |
|
03-May-2017 |
Roberto Sassu <roberto.sassu@huawei.com> |
tpm: move endianness conversion of TPM_TAG_RQU_COMMAND to tpm_input_header In the long term, TPM 1.2 functions in the driver interface will be modified to use tpm_buf_init(). However, tag and ordinals cannot be passed directly to tpm_buf_init(), because this function performs CPU native to big-endian conversion of these arguments. Since TPM_TAG_RQU_COMMAND and TPM_ORD_ are already converted, passing them to the function will undo the previous conversion. This patch moves the conversion of TPM_TAG_RQU_COMMAND from the tpm.h header file in the driver directory to the tpm_input_header declarations in the driver interface and tpm-sysfs.c. Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
877c57d0 |
|
24-Mar-2017 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm_crb: request and relinquish locality 0 This commit adds support for requesting and relinquishing locality 0 in tpm_crb for the course of command transmission. In order to achieve this, two new callbacks are added to struct tpm_class_ops: - request_locality - relinquish_locality With CRB interface you first set either requestAccess or relinquish bit from TPM_LOC_CTRL_x register and then wait for locAssigned and tpmRegValidSts bits to be set in the TPM_LOC_STATE_x register. The reason why were are doing this is to make sure that the driver will work properly with Intel TXT that uses locality 2. There's no explicit guarantee that it would relinquish this locality. In more general sense this commit enables tpm_crb to be a well behaving citizen in a multi locality environment. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Tested-by: Jerry Snitselaar <jsnitsel@redhat.com>
|
#
4d57856a |
|
31-Jan-2017 |
James Bottomley <James.Bottomley@HansenPartnership.com> |
tpm2: add session handle context saving and restoring to the space code Sessions are different from transient objects in that their handles may not be virtualized (because they're used for some hmac calculations). Additionally when a session is context saved, a vestigial memory remains in the TPM and if it is also flushed, that will be lost and the session context will refuse to load next time, so the code is updated to flush only transient objects after a context save. Add a separate array (chip->session_tbl) to save and restore sessions by handle. Use the failure of a context save or load to signal that the session has been flushed from the TPM and we can remove its memory from chip->session_tbl. Sessions are also isolated during each instance of a tpm space. This means that spaces shouldn't be able to see each other's sessions and is enforced by ensuring that a space user may only refer to sessions handles that are present in their own chip->session_tbl. Finally when a space is closed, all the sessions belonging to it should be flushed so the handles may be re-used by other spaces. Note that if we get a session save or load error, all sessions are effectively flushed. Even though we restore the session buffer, all the old sessions will refuse to load after the flush and they'll be purged from our session memory. This means that while transient context handling is still soft in the face of errors, session handling is hard (any failure of the model means all sessions are lost). Fixes-from: Colin Ian King <colin.king@canonical.com> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
fdc915f7 |
|
03-Jan-2017 |
James Bottomley <James.Bottomley@HansenPartnership.com> |
tpm: expose spaces via a device link /dev/tpmrm<n> Currently the tpm spaces are not exposed to userspace. Make this exposure via a separate device, which can now be opened multiple times because each read/write transaction goes separately via the space. Concurrency is protected by the chip->tpm_mutex for each read/write transaction separately. The TPM is cleared of all transient objects by the time the mutex is dropped, so there should be no interference between the kernel and userspace. Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
745b361e |
|
06-Jan-2017 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: infrastructure for TPM spaces Added an ability to virtualize TPM commands into an isolated context that we call a TPM space because the word context is already heavily used in the TPM specification. Both the handle areas and bodies (where necessary) are virtualized. The mechanism works by adding a new parameter struct tpm_space to the tpm_transmit() function. This new structure contains the list of virtual handles and a buffer of page size (currently) for backing storage. When tpm_transmit() is called with a struct tpm_space instance it will execute the following sequence: 1. Take locks. 2. Load transient objects from the backing storage by using ContextLoad and map virtual handles to physical handles. 3. Perform the transaction. 4. Save transient objects to backing storage by using ContextSave and map resulting physical handle to virtual handle if there is such. This commit does not implement virtualization support for hmac and policy sessions. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: James Bottomley <James.Bottomley@HansenPartnership.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com>
|
#
58472f5c |
|
10-Nov-2016 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: validate TPM 2.0 commands Check for every TPM 2.0 command that the command code is supported and the command buffer has at least the length that can contain the header and the handle area. For ContextSave and FlushContext we mark the body to be part of the handle area. This gives validation for these commands at zero cost, including the body of the command. The more important reason for this is that we can virtualize these commands in the same way as you would virtualize the handle area of a command. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: James Bottomley <James.Bottomley@HansenPartnership.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com>
|
#
9aa36b39 |
|
26-Nov-2016 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: export tpm2_flush_context_cmd Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: James Bottomley <James.Bottomley@HansenPartnership.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com>
|
#
61841be6 |
|
15-Feb-2017 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: declare tpm2_get_pcr_allocation() as static There's no need to export tpm2_get_pcr_alloation() because it is only a helper function for tpm2_auto_startup(). For the same reason it does not make much sense to maintain documentation for it. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
a118cf2a |
|
31-Jan-2017 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm: fix the type of owned field in cap_t In cap_t the size of the type bool is assumed to be one byte. This commit sorts out the issue by changing the type to u8. Fixes: c659af78eb7b ("tpm: Check size of response before accessing data") Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
4d23cc32 |
|
23-Jan-2017 |
Nayna Jain <nayna@linux.vnet.ibm.com> |
tpm: add securityfs support for TPM 2.0 firmware event log Unlike the device driver support for TPM 1.2, the TPM 2.0 does not support the securityfs pseudo files for displaying the firmware event log. This patch enables support for providing the TPM 2.0 event log in binary form. TPM 2.0 event log supports a crypto agile format that records multiple digests, which is different from TPM 1.2. This patch enables the tpm_bios_log_setup for TPM 2.0 and adds the event log parser which understand the TPM 2.0 crypto agile format. Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Kenneth Goldman <kgold@linux.vnet.ibm.com> Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
c1f92b4b |
|
30-Jan-2017 |
Nayna Jain <nayna@linux.vnet.ibm.com> |
tpm: enhance TPM 2.0 PCR extend to support multiple banks The current TPM 2.0 device driver extends only the SHA1 PCR bank but the TCG Specification[1] recommends extending all active PCR banks, to prevent malicious users from setting unused PCR banks with fake measurements and quoting them. The existing in-kernel interface(tpm_pcr_extend()) expects only a SHA1 digest. To extend all active PCR banks with differing digest sizes, the SHA1 digest is padded with trailing 0's as needed. This patch reuses the defined digest sizes from the crypto subsystem, adding a dependency on CRYPTO_HASH_INFO module. [1] TPM 2.0 Specification referred here is "TCG PC Client Specific Platform Firmware Profile for TPM 2.0" Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Kenneth Goldman <kgold@linux.vnet.ibm.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
1db15344 |
|
30-Jan-2017 |
Nayna Jain <nayna@linux.vnet.ibm.com> |
tpm: implement TPM 2.0 capability to get active PCR banks This patch implements the TPM 2.0 capability TPM_CAP_PCRS to retrieve the active PCR banks from the TPM. This is needed to enable extending all active banks as recommended by TPM 2.0 TCG Specification. Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Kenneth Goldman <kgold@linux.vnet.ibm.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
7d761119 |
|
25-Jan-2017 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: fix RC value check in tpm2_seal_trusted The error code handling is broken as any error code that has the same bits set as TPM_RC_HASH passes. Implemented tpm2_rc_value() helper to parse the error value from FMT0 and FMT1 error codes so that these types of mistakes are prevented in the future. Fixes: 5ca4c20cfd37 ("keys, trusted: select hash algorithm for TPM2 chips") Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
|
#
1d191553 |
|
25-Jan-2017 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: remove tpm_read_index and tpm_write_index from tpm.h These are non-generic functions and do not belong to tpm.h. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
|
#
c659af78 |
|
19-Jan-2017 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm: Check size of response before accessing data Make sure that we have not received less bytes than what is indicated in the header of the TPM response. Also, check the number of bytes in the response before accessing its data. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkine@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkine@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkine@linux.intel.com>
|
#
748935ee |
|
14-Nov-2016 |
Nayna Jain <nayna@linux.vnet.ibm.com> |
tpm: have event log use the tpm_chip Move the backing memory for the event log into tpm_chip and push the tpm_chip into read_log. This optimizes read_log processing by only doing it once and prepares things for the next patches in the series which require the tpm_chip to locate the event log via ACPI and OF handles instead of searching. This is straightfoward except for the issue of passing a kref through i_private with securityfs. Since securityfs_remove does not have any removal fencing like sysfs we use the inode lock to safely get a kref on the tpm_chip. Suggested-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
cd9b7631 |
|
14-Nov-2016 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: replace dynamically allocated bios_dir with a static array This commit is based on a commit by Nayna Jain. Replaced dynamically allocated bios_dir with a static array as the size is always constant. Suggested-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
1a277e67 |
|
26-Oct-2016 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm: Get rid of TPM_CHIP_FLAG_REGISTERED This is no longer necessary, all calls to tpm_chip_unregister happen in remove() callbacks. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
d1d253cf |
|
26-Oct-2016 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm tis: Do not print timeout messages twice The tis driver does a tpm_get_timeouts out side of tpm_chip_register, and tpm_get_timeouts can print a message, resulting in two prints, eg: tpm tpm0: [Hardware Error]: Adjusting reported timeouts: A 10000->750000us B 10000->2000000us C 10000->750000us D 10000->750000us Keep track and prevent tpm_get_timeouts from running a second time, and clarify the purpose of the call in tpm_tis_core to only be connected to irq testing. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
84fda152 |
|
19-Sep-2016 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: sanitize constant expressions Use cpu_to_b32 at the time it is needed in enum tpm_capabilities and enum tpm_sub_capabilities in order to be consistent with the other enums in drivats/char/tpm/tpm.h. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
eb5854e7 |
|
12-Jun-2016 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: replace tpm_gen_interrupt() with tpm_tis_gen_interrupt() Since tpm_gen_interrupt() is only used in tpm_tis_core.c this commit replaces it with an internal tpm_tis_gen_interrupt(). The semantics also changed in a way that on a system error the driver initialization is failed. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
|
#
d4abd956 |
|
25-Jun-2016 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: remove unnecessary externs from tpm.h Removed unnecessary externs from tpm.h. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
|
#
d4816edf |
|
16-Aug-2016 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: fix a race condition in tpm2_unseal_trusted() Unseal and load operations should be done as an atomic operation. This commit introduces unlocked tpm_transmit() so that tpm2_unseal_trusted() can do the locking by itself. Fixes: 0fe5480303a1 ("keys, trusted: seal/unseal with TPM 2.0 chips") Cc: stable@vger.kernel.org Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
|
#
cae8b441 |
|
12-Jul-2016 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm: Factor out common startup code The TCG standard startup sequence (get timeouts, tpm startup, etc) for TPM and TPM2 chips is being open coded in many drivers, move it into the core code. tpm_tis and tpm_crb are used as the basis for the core code implementation and the easy drivers are converted. In the process several small drivers bugs relating to error handling this flow are fixed. For now the flag TPM_OPS_AUTO_STARTUP is optional to allow a staged driver roll out, but ultimately all drivers should use this flow and the flag removed. Some drivers still do not implement the startup sequence at all and will need to be tested with it enabled. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Tested-by: Andrew Zamansky <andrew.zamansky@nuvoton.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
d2efee6e |
|
04-May-2016 |
Christophe Ricard <christophe.ricard@gmail.com> |
tpm: Add include guards in tpm.h Add missing include guards in tpm.h Signed-off-by: Peter Huewe <peter.huewe@infineon.com> Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
2f9f5377 |
|
18-Apr-2016 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm: Introduce TPM_CHIP_FLAG_VIRTUAL Introduce TPM_CHIP_FLAG_VIRTUAL to be used when the chip device has no parent device. Prevent sysfs entries requiring a parent device from being created. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
062807f2 |
|
18-Apr-2016 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm: Remove all uses of drvdata from the TPM Core The final thing preventing this was the way the sysfs files were attached to the pdev. Follow the approach developed for ppi and move the sysfs files to the chip->dev with symlinks from the pdev for compatibility. Everything in the core now sanely uses container_of to get the chip. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
9e0d39d8 |
|
31-Mar-2016 |
Christophe Ricard <christophe.ricard@gmail.com> |
tpm: Remove useless priv field in struct tpm_vendor_specific Remove useless priv field in struct tpm_vendor_specific and take benefit of chip->dev.driver_data. As priv is the latest field available in struct tpm_vendor_specific, remove any reference to that structure. Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
af782f33 |
|
31-Mar-2016 |
Christophe Ricard <christophe.ricard@gmail.com> |
tpm: Move tpm_vendor_specific data related with PTP specification to tpm_chip Move tpm_vendor_specific data related to TCG PTP specification to tpm_chip. Move all fields directly linked with well known TCG concepts and used in TPM drivers (tpm_i2c_atmel, tpm_i2c_infineon, tpm_i2c_nuvoton, tpm_tis and xen-tpmfront) as well as in TPM core files (tpm-sysfs, tpm-interface and tpm2-cmd) in tpm_chip. Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
56671c89 |
|
31-Mar-2016 |
Christophe Ricard <christophe.ricard@gmail.com> |
tpm: drop 'locality' from struct tpm_vendor_specific Dropped the field 'locality' from struct tpm_vendor_specific migrated it to the private structures of st33zp24, tpm_i2c_infineon and tpm_tis. Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
6e599f6f |
|
31-Mar-2016 |
Christophe Ricard <christophe.ricard@gmail.com> |
tpm: drop 'read_queue' from struct tpm_vendor_specific Dropped the field 'read_queue' from struct tpm_vendor_specific and make it available to the various private structures in the drivers. Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
570a3609 |
|
31-Mar-2016 |
Christophe Ricard <christophe.ricard@gmail.com> |
tpm: drop 'irq' from struct tpm_vendor_specific Dropped the field 'irq' from struct tpm_vendor_specific and make it available to the various private structures in the drivers using irqs. A dedicated flag TPM_CHIP_FLAG_IRQ is added for the upper layers. In st33zp24, struct st33zp24_dev declaration is moved to st33zp24.h in order to make accessible irq from other phy's(i2c, spi). In tpm_i2c_nuvoton, chip->vendor.priv is not directly allocated. We can access irq field from priv_data in a cleaner way. Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
4eea703c |
|
31-Mar-2016 |
Christophe Ricard <christophe.ricard@gmail.com> |
tpm: drop 'iobase' from struct tpm_vendor_specific Dropped the field 'iobase' from struct tpm_vendor_specific and migrated it to the private structures of tpm_atmel and tpm_tis. Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
003d305d |
|
23-Mar-2016 |
Christophe Ricard <christophe.ricard@gmail.com> |
tpm: drop list from struct tpm_vendor_specific Dropped list from struct tpm_vendor_specific as it is not used in any place. It is initialized in tpm_i2c_infineon but not used at all in the code. Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
c5b65fa1 |
|
23-Mar-2016 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: drop the field 'time_expired' from struct tpm_chip Removed the field because it is not used for anything. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
|
#
ee177984 |
|
23-Mar-2016 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: drop 'base' from struct tpm_vendor_specific Dropped the field 'base' from struct tpm_vendor_specific and migrated it to the private structures of tpm_atmel and tpm_nsc. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
|
#
d4956524 |
|
22-Mar-2016 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: drop manufacturer_id from struct tpm_vendor_specific Dropped manufacturer_id from struct tpm_vendor_specific and redeclared it in the private struct priv_data that tpm_tis uses because the field is only used tpm_tis. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
|
#
23d06ff7 |
|
22-Mar-2016 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: drop tpm_atmel specific fields from tpm_vendor_specific Introduced a private struct tpm_atmel_priv that contains the variables have_region and region_size that were previously located in struct tpm_vendor_specific. These fields were only used by tpm_atmel. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
|
#
ec5fd99d |
|
21-Mar-2016 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: drop int_queue from tpm_vendor_specific Drop field int_queue from tpm_vendor_specific as it is used only by tpm_tis. Probably all of the fields should be eventually dropped and moved to the private structures of different drivers but it is better to do this one step at a time in order not to break anything. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
|
#
15516788 |
|
29-Feb-2016 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm: Replace device number bitmap with IDR Replace the device number bitmap with IDR. Extend the number of devices we can create to 64k. Since an IDR allows us to associate a pointer with an ID, we use this now to rewrite tpm_chip_find_get() to simply look up the chip pointer by the given device ID. Protect the IDR calls with a mutex. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
3897cd9c |
|
11-Feb-2016 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm: Split out the devm stuff from tpmm_chip_alloc tpm_chip_alloc becomes a typical subsystem allocate call. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
4e26195f |
|
12-Feb-2016 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm: Provide strong locking for device removal Add a read/write semaphore around the ops function pointers so ops can be set to null when the driver un-registers. Previously the tpm core expected module locking to be enough to ensure that tpm_unregister could not be called during certain times, however that hasn't been sufficient for a long time. Introduce a read/write semaphore around 'ops' so the core can set it to null when unregistering. This provides a strong fence around the driver callbacks, guaranteeing to the driver that no callbacks are running or will run again. For now the ops_lock is placed very high in the call stack, it could be pushed down and made more granular in future if necessary. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
3635e2ec |
|
28-Feb-2016 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm: Get rid of devname Now that we have a proper struct device just use dev_name() to access this value instead of keeping two copies. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
8cfffc9d |
|
28-Feb-2016 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm: Get rid of chip->pdev This is a hold over from before the struct device conversion. - All prints should be using &chip->dev, which is the Linux standard. This changes prints to use tpm0 as the device name, not the PnP/etc ID. - The few places involving sysfs/modules that really do need the parent just use chip->dev.parent instead - We no longer need to get_device(pdev) in any places since it is no longer used by any of the code. The kref on the parent is held by the device core during device_add and dropped in device_del Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
#
55a889c2 |
|
07-Jan-2016 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm_crb: Use the common ACPI definition of struct acpi_tpm2 include/acpi/actbl2.h is the proper place for these definitions and the needed TPM2 ones have been there since commit 413d4a6defe0 ("ACPICA: Update TPM2 ACPI table") This also drops a couple of le32_to_cpu's for members of this table, the existing swapping was not done consistently, and the standard used by other Linux callers of acpi_get_table is unswapped. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Tested-by: Wilck, Martin <martin.wilck@ts.fujitsu.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
#
5ca4c20c |
|
05-Nov-2015 |
Jarkko Sakkinen <jarkko@kernel.org> |
keys, trusted: select hash algorithm for TPM2 chips Added 'hash=' option for selecting the hash algorithm for add_key() syscall and documentation for it. Added entry for sm3-256 to the following tables in order to support TPM_ALG_SM3_256: * hash_algo_name * hash_digest_size Includes support for the following hash algorithms: * sha1 * sha256 * sha384 * sha512 * sm3-256 Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Colin Ian King <colin.king@canonical.com> Reviewed-by: James Morris <james.l.morris@oracle.com> Reviewed-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
#
7ab4032f |
|
25-Nov-2015 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm_tis: Get rid of the duplicate IRQ probing code The new code that works directly in tpm_tis_send is able to handle IRQ probing duties as well, so just use it for everything. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Martin Wilck <Martin.Wilck@ts.fujitsu.com> Tested-by: Scot Doyle <lkml14@scotdoyle.com> Signed-off--by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
#
954650ef |
|
29-May-2015 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: seal/unseal for TPM 2.0 Added tpm_trusted_seal() and tpm_trusted_unseal() API for sealing trusted keys. This patch implements basic sealing and unsealing functionality for TPM 2.0: * Seal with a parent key using a 20 byte auth value. * Unseal with a parent key using a 20 byte auth value. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
a74f8b36 |
|
10-Oct-2015 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: introduce tpm_buf This patch introduces struct tpm_buf that provides a string buffer for constructing TPM commands. This allows to construct variable sized TPM commands. For the buffer a page is allocated and mapped, which limits maximum size to PAGE_SIZE. Variable sized TPM commands are needed in order to add algorithmic agility. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Peter Huewe <peterhuewe@gmx.de> Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
9b774d5c |
|
14-Apr-2015 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: move the PPI attributes to character device directory. Moved PPI attributes to the character device directory. This aligns with the sysfs guidelines and makes them race free because they are created atomically with the character device as part of device_register().The character device and the sysfs attributes appear at the same time to the user space. As part of this change we enable PPI attributes also for TPM 2.0 devices. In order to retain backwards compatibility with TPM 1.x devices, a symlink is created to the platform device directory. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jason Gunthorpe <jason.gunthorpe@obsidianresearch.com> Tested-by: Mimi Zohar <zohar@linux.vnet.ibm.com> (on TPM 1.2) Tested-by: Chris J Arges <chris.j.arges@canonical.com> Tested-by: Colin Ian King <colin.king@canonical.com> Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
399235dc |
|
28-Sep-2015 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm, tpm_tis: fix tpm_tis ACPI detection issue with TPM 2.0 Both for FIFO and CRB interface TCG has decided to use the same HID MSFT0101. They can be differentiated by looking at the start method from TPM2 ACPI table. This patches makes necessary fixes to tpm_tis and tpm_crb modules in order to correctly detect, which module should be used. For MSFT0101 we must use struct acpi_driver because struct pnp_driver has a 7 character limitation. It turned out that the root cause in b371616b8 was not correct for https://bugzilla.kernel.org/show_bug.cgi?id=98181. v2: * One fixup was missing from v1: is_tpm2_fifo -> is_fifo v3: * Use pnp_driver for existing HIDs and acpi_driver only for MSFT0101 in order ensure backwards compatibility. v4: * Check for FIFO before doing *anything* in crb_acpi_add(). * There was return immediately after acpi_bus_unregister_driver() in cleanup_tis(). This caused pnp_unregister_driver() not to be called. Cc: stable@kernel.org Reported-by: Michael Saunders <mick.saunders@gmail.com> Reported-by: Michael Marley <michael@michaelmarley.com> Reported-by: Jethro Beekman <kernel@jbeekman.nl> Reported-by: Matthew Garrett <mjg59@srcf.ucam.org> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Michael Marley <michael@michaelmarley.com> Tested-by: Mimi Zohar <zohar@linux.vnet.ibm.com> (on TPM 1.2) Reviewed-by: Peter Huewe <peterhuewe@gmx.de> Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
4d5f2051 |
|
04-Feb-2015 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm, tpm_tis: fix TPM 2.0 probing If during transmission system error was returned, the logic was to incorrectly deduce that chip is a TPM 1.x chip. This patch fixes this issue. Also, this patch changes probing so that message tag is used as the measure for TPM 2.x, which should be much more stable. A separate function called tpm2_probe() is encapsulated because it can be used with any chipset. Fixes: aec04cbdf723 ("tpm: TPM 2.0 FIFO Interface") Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Peter Huewe <peterhuewe@gmx.de> Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
74d6b3ce |
|
28-Jan-2015 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: fix suspend/resume paths for TPM 2.0 Fixed suspend/resume paths for TPM 2.0 and consolidated all the associated code to the tpm_pm_suspend() and tpm_pm_resume() functions. Resume path should be handled by the firmware, i.e. Startup(CLEAR) for hibernate and Startup(STATE) for suspend. There might be some non-PC embedded devices in the future where Startup() is not the handled by the FW but fixing the code for those IMHO should be postponed until there is hardware available to test the fixes although extra Startup in the driver code is essentially a NOP. Added Shutdown(CLEAR) to the remove paths of TIS and CRB drivers. Changed tpm2_shutdown() to a void function because there isn't much you can do except print an error message if this fails with a system error. Fixes: aec04cbdf723 ("tpm: TPM 2.0 FIFO Interface") Fixes: 30fc8d138e91 ("tpm: TPM 2.0 CRB Interface") [phuewe: both did send TPM_Shutdown on resume which 'disables' the TPM and did not send TPM2_Shutdown on teardown which leads some TPM2.0 to believe there was an attack (no TPM2_Shutdown = no orderly shutdown = attack)] Reported-by: Peter Hüwe <PeterHuewe@gmx.de> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Scot Doyle <lkml14@scotdoyle.com> Reviewed-by: Peter Huewe <peterhuewe@gmx.de> Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
3b09825d |
|
17-Jan-2015 |
Bruno E O Meneguele <bmeneguele@gmail.com> |
char/tpm: fixed white spaces coding style issues Fixed some coding style issues reported by checkpatch. Signed-off-by: Bruno E O Meneguele <bmeneguele@gmail.com> [phuewe: ported to latest code] Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
7a1d7e6d |
|
12-Dec-2014 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: TPM 2.0 baseline support TPM 2.0 devices are separated by adding a field 'flags' to struct tpm_chip and defining a flag TPM_CHIP_FLAG_TPM2 for tagging them. This patch adds the following internal functions: - tpm2_get_random() - tpm2_get_tpm_pt() - tpm2_pcr_extend() - tpm2_pcr_read() - tpm2_startup() Additionally, the following exported functions are implemented for implementing TPM 2.0 device drivers: - tpm2_do_selftest() - tpm2_calc_ordinal_durations() - tpm2_gen_interrupt() The existing functions that are exported for the use for existing subsystems have been changed to check the flags field in struct tpm_chip and use appropriate TPM 2.0 counterpart if TPM_CHIP_FLAG_TPM2 is est. The code for tpm2_calc_ordinal_duration() and tpm2_startup() were originally written by Will Arthur. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Will Arthur <will.c.arthur@intel.com> Reviewed-by: Jasob Gunthorpe <jason.gunthorpe@obsidianresearch.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Peter Huewe <peterhuewe@gmx.de> Tested-by: Peter Huewe <peterhuewe@gmx.de> [phuewe: Fixed copy paste error * 2] Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
313d21ee |
|
12-Dec-2014 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: device class for tpm Added own device class for TPM. Uses MISC_MAJOR:TPM_MINOR for the first character device in order to retain backwards compatibility. Added tpm_dev_release() back attached to the character device. I've been running this code now for a while on my laptop (Lenovo T430S) TrouSerS works perfectly without modifications. I don't believe it breaks anything significantly. The sysfs attributes that have been placed under the wrong place and are against sysfs-rules.txt should be probably left to stagnate under platform device directory and start defining new sysfs attributes to the char device directory. Guidelines for future TPM sysfs attributes should be probably along the lines of - Single flat set of mandatory sysfs attributes. For example, current PPI interface is way way too rich when you only want to use it to clear and activate the TPM. - Define sysfs attribute if and only if there's no way to get the value from ring-3. No attributes for TPM properties. It's just unnecessary maintenance hurdle that we don't want. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jasob Gunthorpe <jason.gunthorpe@obsidianresearch.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Tested-by: Scot Doyle <lkml14@scotdoyle.com> Tested-by: Peter Huewe <peterhuewe@gmx.de> Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
71ed848f |
|
12-Dec-2014 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: rename chip->dev to chip->pdev Rename chip->dev to chip->pdev to make it explicit that this not the character device but actually represents the platform device. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jasob Gunthorpe <jason.gunthorpe@obsidianresearch.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Peter Huewe <peterhuewe@gmx.de> Tested-by: Scot Doyle <lkml14@scotdoyle.com> Tested-by: Peter Huewe <peterhuewe@gmx.de> Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
0dc55365 |
|
12-Dec-2014 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: fix raciness of PPI interface lookup Traversal of the ACPI device tree was not done right. PPI interface should be looked up only from the ACPI device that is the platform device for the TPM. This could cause problems with systems with two TPM chips such as 4th gen Intel systems. In addition, added the missing license and copyright platter to the tpm_ppi.c. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jasob Gunthorpe <jason.gunthorpe@obsidianresearch.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Tested-by: Scot Doyle <lkml14@scotdoyle.com> Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
afb5abc2 |
|
12-Dec-2014 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: two-phase chip management functions tpm_register_hardware() and tpm_remove_hardware() are called often before initializing the device. The problem is that the device might not be fully initialized when it comes visible to the user space. This patch resolves the issue by diving initialization into two parts: - tpmm_chip_alloc() creates struct tpm_chip. - tpm_chip_register() sets up the character device and sysfs attributes. The framework takes care of freeing struct tpm_chip by using the devres API. The broken release callback has been wiped. ACPI drivers do not ever get this callback. Regards to Jason Gunthorpe for carefully reviewing this part of the code. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jasob Gunthorpe <jason.gunthorpe@obsidianresearch.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Tested-by: Scot Doyle <lkml14@scotdoyle.com> Tested-by: Peter Huewe <peterhuewe@gmx.de> [phuewe: update to upstream changes] Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
87155b73 |
|
12-Dec-2014 |
Jarkko Sakkinen <jarkko@kernel.org> |
tpm: merge duplicate transmit_cmd() functions Merged transmit_cmd() functions in tpm-interface.c and tpm-sysfs.c. Added "tpm_" prefix for consistency sake. Changed cmd parameter as opaque. This enables to use separate command structures for TPM1 and TPM2 commands in future. Loose coupling works fine here. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jasob Gunthorpe <jason.gunthorpe@obsidianresearch.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Peter Huewe <peterhuewe@gmx.de> Tested-by: Scot Doyle <lkml14@scotdoyle.com> Tested-by: Peter Huewe <peterhuewe@gmx.de> Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
e3302e0d |
|
26-Nov-2013 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm: Make tpm-dev allocate a per-file structure This consolidates everything that is only used within tpm-dev.c into tpm-dev.c and out of the publicly visible struct tpm_chip. The per-file allocation lays the ground work for someday fixing the strange forced O_EXCL behaviour of the current code. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com> Reviewed-by: Ashley Lai <adlai@linux.vnet.ibm.com> Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
5f82e9f0 |
|
26-Nov-2013 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm: Use the ops structure instead of a copy in tpm_vendor_specific This builds on the last commit to use the ops structure in the core and reduce the size of tpm_vendor_specific. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com> Reviewed-by: Ashley Lai <adlai@linux.vnet.ibm.com> Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
01ad1fa7 |
|
26-Nov-2013 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm: Create a tpm_class_ops structure and use it in the drivers This replaces the static initialization of a tpm_vendor_specific structure in the drivers with the standard Linux idiom of providing a const structure of function pointers. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com> Reviewed-by: Ashley Lai <adlai@linux.vnet.ibm.com> [phuewe: did apply manually due to commit 191ffc6bde3 tpm/tpm_i2c_atmel: fix coccinelle warnings] Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
1e3b73a9 |
|
26-Nov-2013 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm: Pull all driver sysfs code into tpm-sysfs.c The tpm core now sets up and controls all sysfs attributes, instead of having each driver have a unique take on it. All drivers now now have a uniform set of attributes, and no sysfs related entry points are exported from the tpm core module. This also uses the new method used to declare sysfs attributes with DEVICE_ATTR_RO and 'struct attribute *' Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> [phuewe: had to apply the tpm_i2c_atmel part manually due to commit 191ffc6bde3fc tpm/tpm_i2c_atmel: fix coccinelle warnings] Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
000a07b0 |
|
26-Nov-2013 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm: Move sysfs functions from tpm-interface to tpm-sysfs CLASS-sysfs.c is a common idiom for linux subsystems. This is the first step to pulling all the sysfs support code from the drivers into tpm-sysfs. This is a plain text copy from tpm-interface with support changes to make it compile. _tpm_pcr_read is made non-static and is called tpm_pcr_read_dev. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
afdba32e |
|
26-Nov-2013 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm: Pull everything related to /dev/tpmX into tpm-dev.c CLASS-dev.c is a common idiom for Linux subsystems This pulls all the code related to the miscdev into tpm-dev.c and makes it static. The identical file_operation structs in the drivers are purged and the tpm common code unconditionally creates the miscdev. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com> Reviewed-by: Ashley Lai <adlai@linux.vnet.ibm.com> [phuewe: tpm_dev_release is now used only in this file, thus the EXPORT_SYMBOL can be dropped and the function be marked as static. It has no other in-kernel users] Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
e907481b |
|
17-Sep-2013 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm: Remove tpm_show_caps_1_2 The version of the TPM should not depend on the bus it is connected through. 1.1, 1.2 and soon 2.0 TPMS will be all be able to use the same bus interfaces. Make tpm_show_caps try the 1.2 capability first. If that fails then fall back to the 1.1 capability. This effectively auto-detects what interface the TPM supports at run-time. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com> Reviewed-by: Peter Huewe <peterhuewe@gmx.de> Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
6aff1fdc |
|
22-Sep-2013 |
Jason Gunthorpe <jgg@ziepe.ca> |
tpm: Store devname in the tpm_chip Just put the memory directly in the chip structure, rather than in a 2nd dedicated kmalloc. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com> Reviewed-by: Peter Huewe <peterhuewe@gmx.de> Signed-off-by: Peter Huewe <peterhuewe@gmx.de> Acked-by: Ashley Lai <adlai@linux.vnet.ibm.com>
|
#
e2fa3d79 |
|
27-May-2013 |
Peter Huewe <peterhuewe@gmx.de> |
tpm: fix regression caused by section type conflict of tpm_dev_release() in ppc builds The 8119807 commit reintroduced a regression (error: __ksymtab_tpm_dev_release causes a section type conflict) that was fixed by commit cbb2ed4. Fix it for good by adding the prototype to tpm.h so sparse doesn't complain about it anymore. Reported-by: Tony Camuso <tcamuso@redhat.com> Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
#
1c16c963 |
|
21-May-2013 |
Mimi Zohar <zohar@linux.vnet.ibm.com> |
tpm: move TPM_DIGEST_SIZE defintion IMA requires access to TPM_DIGEST_SIZE definition. This patch moves the definition to <linux/tpm.h>. Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
|
#
32d33b29 |
|
17-Mar-2013 |
Duncan Laurie <dlaurie@chromium.org> |
TPM: Retry SaveState command in suspend path If the TPM has already been sent a SaveState command before the driver is loaded it may have problems sending that same command again later. This issue is seen with the Chromebook Pixel due to a firmware bug in the legacy mode boot path which is sending the SaveState command before booting the kernel. More information is available at http://crbug.com/203524 This change introduces a retry of the SaveState command in the suspend path in order to work around this issue. A future firmware update should fix this but this is also a trivial workaround in the driver that has no effect on systems that do not show this problem. When this does happen the TPM responds with a non-fatal TPM_RETRY code that is defined in the specification: The TPM is too busy to respond to the command immediately, but the command could be resubmitted at a later time. The TPM MAY return TPM_RETRY for any command at any time. It can take several seconds before the TPM will respond again. I measured a typical time between 3 and 4 seconds and the timeout is set at a safe 5 seconds. It is also possible to reproduce this with commands via /dev/tpm0. The bug linked above has a python script attached which can be used to test for this problem. I tested a variety of TPMs from Infineon, Nuvoton, Atmel, and STMicro but was only able to reproduce this with LPC and I2C TPMs from Infineon. The TPM specification only loosely defines this behavior: TPM Main Level 2 Part 3 v1.2 r116, section 3.3. TPM_SaveState: The TPM MAY declare all preserved values invalid in response to any command other than TPM_Init. TCG PC Client BIOS Spec 1.21 section 8.3.1. After issuing a TPM_SaveState command, the OS SHOULD NOT issue TPM commands before transitioning to S3 without issuing another TPM_SaveState command. TCG PC Client TIS 1.21, section 4. Power Management: The TPM_SaveState command allows a Static OS to indicate to the TPM that the platform may enter a low power state where the TPM will be required to enter into the D3 power state. The use of the term "may" is significant in that there is no requirement for the platform to actually enter the low power state after sending the TPM_SaveState command. The software may, in fact, send subsequent commands after sending the TPM_SaveState command. Change-Id: I52b41e826412688e5b6c8ddd3bb16409939704e9 Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
|
#
78f09cc2 |
|
22-Jan-2013 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm: Fix cancellation of TPM commands (interrupt mode) Support cancellation of TPM commands when driver is used in interrupt mode. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
|
#
1f866057 |
|
22-Jan-2013 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm: Fix cancellation of TPM commands (polling mode) On one of my machines the cancellation of TPM commands does not work. The reason is that by writing into sysfs 'cancel' the tpm_tis_ready call causes the status flag TPM_STS_VALID to be set in the statusregister. However, the TIS driver seems to wait for TPM_STS_COMMAND_READY. Once a 2nd time sysfs 'cancel' is written to, the TPM_STS_COMMAND_READY flag also gets set, resulting in TPM_STS_VALID|TPM_STS_COMMAND_READY to be read from the status register. This patch now converts req_canceled into a function to enable more complex comparisons against possible cancellation status codes. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
|
#
3e3a5e90 |
|
22-Jan-2013 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm: Store TPM vendor ID Store the TPM vendor ID for later use. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
|
#
775585e4 |
|
05-Dec-2012 |
Kent Yoder <key@linux.vnet.ibm.com> |
tpm: rename vendor data to priv and provide an accessor "data" was too generic a name for what's being used as a generic private pointer by vendor-specific code. Rename it to "priv" and provide a #define for users. Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
|
#
348df8db |
|
21-Nov-2012 |
Jason Gunthorpe <jgg@ziepe.ca> |
TPM: Switch to __packed instead of __attribute__((packed)) This seems to be preferred these days. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Peter Huewe <peterhuewe@gmx.de> Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
|
#
c584af19 |
|
21-Nov-2012 |
Jason Gunthorpe <jgg@ziepe.ca> |
TPM: Issue TPM_STARTUP at driver load if the TPM has not been started The TPM will respond to TPM_GET_CAP with TPM_ERR_INVALID_POSTINIT if TPM_STARTUP has not been issued. Detect this and automatically issue TPM_STARTUP. This is for embedded applications where the kernel is the first thing to touch the TPM. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Tested-by: Peter Huewe <peter.huewe@infineon.com> Reviewed-by: Peter Huewe <peter.huewe@infineon.com> Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
|
#
1631cfb7 |
|
09-Oct-2012 |
Gang Wei <gang.wei@intel.com> |
driver/char/tpm: fix regression causesd by ppi This patch try to fix the S3 regression https://lkml.org/lkml/2012/10/5/433, which includes below line: [ 1554.684638] sysfs: cannot create duplicate filename '/devices/pnp0/00:0c/ppi' The root cause is that ppi sysfs teardown code is MIA, so while S3 resume, the ppi kobject will be created again upon existing one. To make the tear down code simple, change the ppi subfolder creation from using kobject_create_and_add to just using a named ppi attribute_group. Then ppi sysfs teardown could be done with a simple sysfs_remove_group call. Adjusted the name & return type for ppi sysfs init function. Reported-by: Ben Guthro <ben@guthro.net> Signed-off-by: Gang Wei <gang.wei@intel.com> Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
|
#
f84fdff0 |
|
22-Aug-2012 |
Xiaoyan Zhang <xiaoyan.zhang@intel.com> |
driver: add PPI support in tpm driver The Physical Presence Interface enables the OS and the BIOS to cooperate and provides a simple and straightforward platform user experience for administering the TPM without sacrificing security. V2: separate the patch out in a separate source file, add #ifdef CONFIG_ACPI so it compiles out on ppc, use standard error instead of ACPI error as return code of show/store fns. V3: move #ifdef CONFIG_ACPI from .c file to .h file. V4: move tpm_ppi code from tpm module to tpm_bios module. V5: modify sys_add_ppi() so that ppi_attr_grp doesn't need to be exported Signed-off-by: Xiaoyan Zhang <xiaoyan.zhang@intel.com> Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
|
#
c5df3926 |
|
14-Aug-2012 |
Ashley Lai <adlai@linux.vnet.ibm.com> |
drivers/char/tpm: Add securityfs support for event log This patch retrieves the event log data from the device tree during file open. The event log data will then displayed through securityfs. Signed-off-by: Ashley Lai <adlai@us.ibm.com> Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
|
#
132f7629 |
|
22-Aug-2012 |
Ashley Lai <adlai@linux.vnet.ibm.com> |
drivers/char/tpm: Add new device driver to support IBM vTPM This patch adds a new device driver to support IBM virtual TPM (vTPM) for PPC64. IBM vTPM is supported through the adjunct partition with firmware release 740 or higher. With vTPM support, each lpar is able to have its own vTPM without the physical TPM hardware. This driver provides TPM functionalities by communicating with the vTPM adjunct partition through Hypervisor calls (Hcalls) and Command/Response Queue (CRQ) commands. Signed-off-by: Ashley Lai <adlai@us.ibm.com> Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
|
#
41ab999c |
|
07-Jun-2012 |
Kent Yoder <key@linux.vnet.ibm.com> |
tpm: Move tpm_get_random api into the TPM device driver Move the tpm_get_random api from the trusted keys code into the TPM device driver itself so that other callers can make use of it. Also, change the api slightly so that the number of bytes read is returned in the call, since the TPM command can potentially return fewer bytes than requested. Acked-by: David Safford <safford@linux.vnet.ibm.com> Reviewed-by: H. Peter Anvin <hpa@linux.intel.com> Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
|
#
035e2ce8 |
|
06-Jul-2012 |
Rafael J. Wysocki <rjw@rjwysocki.net> |
PM / TPM: Drop unused pm_message_t argument from tpm_pm_suspend() The tpm_pm_suspend()'s second argument of type pm_message_t is not used, so remove it. Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl>
|
#
4e401fb0 |
|
19-Jan-2012 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm_tis: Only probe iTPMs Detect iTPMs through the vendor ID on the hardware interface and only probe the device if the manufacturer is found to be Intel. This obsoletes a previously added delay necessary for some TPMs but not iTPMs. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
|
#
be405411 |
|
17-Jan-2012 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm: fix (ACPI S3) suspend regression This patch fixes an (ACPI S3) suspend regression introduced in commit 68d6e6713fcb ("tpm: Introduce function to poll for result of self test") and occurring with an Infineon TPM and tpm_tis and tpm_infineon drivers active. The suspend problem occurred if the TPM was disabled and/or deactivated and therefore the TPM_PCRRead checking the result of the (asynchronous) self test returned an error code which then caused the tpm_tis driver to become inactive and this then seemed to have negatively influenced the suspend support by the tpm_infineon driver... Besides that the tpm_tis drive may stay active even if the TPM is disabled and/or deactivated. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Tested-by: Rafael J. Wysocki <rjw@sisk.pl> Acked-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
#
b9e3238a |
|
01-Nov-2011 |
Rajiv Andrade <srajiv@linux.vnet.ibm.com> |
TPM: fix transmit_cmd error logic It's incorrect to assume that buffers returned by the TPM 10 bytes long are always error reports. This patches parses the error field in its header instead. The error report is now being printed using dev_err() instead of dev_dbg(), making it easier for users to provide more detailed bug reports. Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
|
#
fd048866 |
|
16-Sep-2011 |
Rajiv Andrade <srajiv@linux.vnet.ibm.com> |
TPM: Export wait_for_stat for other vendor specific drivers Moved wait_for_stat to tpm.c so that other drivers can use it. Also renamed it to avoid future namespace conflicts. Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
|
#
68d6e671 |
|
10-Nov-2011 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm: Introduce function to poll for result of self test This patch introduces a function that runs the TPM_ContinueSelfTest() function and then polls the TPM to check whether it finished the selftest and can receive new commands. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
#
d97c6ade |
|
10-Nov-2011 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm: Cleanup tpm_continue_selftest Cleanup the tpm_continue_selftest function. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
#
2b30a90f |
|
10-Nov-2011 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm: Have tpm_get_timeouts return an error code Have the tpm_get_timeouts function return an error code. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
#
a7b66822 |
|
29-Mar-2011 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm_tis: Fix the probing for interrupts This patch fixes several aspects of the probing for interrupts. This patch reads the TPM's timeouts before probing for the interrupts. The tpm_get_timeouts() function is invoked in polling mode and gets the proper timeouts from the TPM so that we don't need to fall back to 2 minutes timeouts for short duration commands while the interrupt probing is happening. This patch introduces a variable probed_irq into the vendor structure that gets the irq number if an interrupt is received while the the tpm_gen_interrupt() function is run in polling mode during interrupt probing. Previously some parts of tpm_gen_interrupt() were run in polling mode, then the irq variable was set in the interrupt handler when an interrupt was received and execution of tpm_gen_interrupt() ended up switching over to interrupt mode. tpm_gen_interrupt() execution ended up on an event queue where it eventually timed out since the probing handler doesn't wake any queues. Before calling into free_irq() clear all interrupt flags that may have been set by the TPM. The reason is that free_irq() will call into the probing interrupt handler and may otherwise fool us into thinking that a real interrupt happened (because we see the flags as being set) while the TPM's interrupt line is not even connected to anything on the motherboard. This solves a problem on one machine I did testing on (Thinkpad T60). If a TPM claims to use a specifc interrupt, the probing is done as well to verify that the interrupt is actually working. If a TPM indicates that it does not use a specific interrupt (returns '0'), probe all interrupts from 3 to 15. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
|
#
62592101 |
|
29-Mar-2011 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm_tis: Add timeouts sysfs entry Display the TPM's interface timeouts in a 'timeouts' sysfs entry. Display the entries as having been adjusted when they were scaled due to their values being reported in milliseconds rather than microseconds. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
|
#
04ab2293 |
|
29-Mar-2011 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm_tis: Introduce durations sysfs entry Display the TPM's command timeouts in a 'durations' sysfs entry. Display the entries as having been adjusted when they were scaled due to their values being reported in milliseconds rather than microseconds. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Tested-by: Guillaume Chazarain <guichaz@gmail.com> Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
|
#
e5871372 |
|
20-Feb-2011 |
Linus Torvalds <torvalds@linux-foundation.org> |
Revert "tpm_tis: Use timeouts returned from TPM" This reverts commit 9b29050f8f75916f974a2d231ae5d3cd59792296. It has caused hibernate regressions, for example Juri Sladby's report: "I'm unable to hibernate 2.6.37.1 unless I rmmod tpm_tis: [10974.074587] Suspending console(s) (use no_console_suspend to debug) [10974.103073] tpm_tis 00:0c: Operation Timed out [10974.103089] legacy_suspend(): pnp_bus_suspend+0x0/0xa0 returns -62 [10974.103095] PM: Device 00:0c failed to freeze: error -62" and Rafael points out that some of the new conditionals in that commit seem to make no sense. This commit needs more work and testing, let's revert it for now. Reported-by: Norbert Preining <preining@logic.at> Reported-and-requested-by: Jiri Slaby <jirislaby@gmail.com> Cc: Stefan Berger <stefanb@linux.vnet.ibm.com> Cc: Guillaume Chazarain <guichaz@gmail.com> Cc: Rajiv Andrade <srajiv@linux.vnet.ibm.com> Acked-by: Rafael J. Wysocki <rjw@sisk.pl> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
#
9b29050f |
|
11-Jan-2011 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm_tis: Use timeouts returned from TPM The current TPM TIS driver in git discards the timeout values returned from the TPM. The check of the response packet needs to consider that the return_code field is 0 on success and the size of the expected packet is equivalent to the header size + u32 length indicator for the TPM_GetCapability() result + 3 timeout indicators of type u32. I am also adding a sysfs entry 'timeouts' showing the timeouts that are being used. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Tested-by: Guillaume Chazarain <guichaz@gmail.com> Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
|
#
a0e39349 |
|
23-Nov-2010 |
Mimi Zohar <zohar@linux.vnet.ibm.com> |
tpm: add module_put wrapper For readability, define a tpm_chip_put() wrapper to call module_put(). Replace existing module_put() calls with the wrapper. (Change based on trusted/encrypted patchset review by David Howells.) Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: David Safford <safford@watson.ibm.com> Acked-by: David Howells <dhowells@redhat.com> Acked-by: Serge E. Hallyn <serge.hallyn@canonical.com> Signed-off-by: James Morris <jmorris@namei.org>
|
#
02a077c5 |
|
14-Jun-2010 |
Rajiv Andrade <srajiv@linux.vnet.ibm.com> |
TPM: ReadPubEK output struct fix This patch adds a missing element of the ReadPubEK command output, that prevents future overflow of this buffer when copying the TPM output result into it. Prevents a kernel panic in case the user tries to read the pubek from sysfs. Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
|
#
659aaf2b |
|
02-Feb-2009 |
Rajiv Andrade <srajiv@linux.vnet.ibm.com> |
TPM: integrity interface This patch adds internal kernel support for: - reading/extending a pcr value - looking up the tpm_chip for a given chip number Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com> Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
|
#
08837438 |
|
02-Feb-2009 |
Rajiv Andrade <srajiv@linux.vnet.ibm.com> |
TPM: sysfs functions consolidation According to Dave Hansen's comments on the tpm_show_*, some of these functions present a pattern when allocating data[] memory space and also when setting its content. A new function was created so that this pattern could be consolidated. Also, replaced the data[] command vectors and its indexes by meaningful structures as pointed out by Matt Helsley too. Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
|
#
253115b7 |
|
10-Oct-2008 |
Rajiv Andrade <srajiv@linux.vnet.ibm.com> |
The tpm_dev_release function is only called for platform devices, not pnp devices, so we implemented the .remove function for pnp ones. Since it's code is very similar to the one inside tpm_dev_release, we've created a helper function tpm_dev_vendor_release, which is called by both. Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com> Cc: "Serge E. Hallyn" <serue@us.ibm.com> Cc: Bjorn Helgaas <bjorn.helgaas@hp.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: James Morris <jmorris@namei.org>
|
#
dc36d32c |
|
10-Oct-2008 |
Rajiv Andrade <srajiv@linux.vnet.ibm.com> |
Renames num_open to is_open, as only one process can open the file at a time. Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com> Cc: "Serge E. Hallyn" <serue@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: James Morris <jmorris@namei.org>
|
#
5bd91f18 |
|
06-Feb-2008 |
Richard MUSIL <richard.musil@st.com> |
tpm.c: fix crash during device removal The clean up procedure now uses platform device "release" callback to handle memory clean up. For this purpose "release" function callback was added to struct tpm_vendor_specific, so hw device driver provider can get called when it is safe to remove all allocated resources. This is supposed to fix a bug in device removal, where device while in receive function (waiting on timeout) was prone to segfault, if the tpm_chip struct was unallocated before the timeout expired (in tpm_remove_hardware). Acked-by: Marcel Selhorst <tpm@selhorst.net> Cc: <stable@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
#
8e81cc13 |
|
22-Aug-2007 |
Kent Yoder <shpedoikal@gmail.com> |
tpmdd maintainers Fix up the maintainers info in the tpm drivers. Kylene will be out for some time, so copying the sourceforge list is the best way to get some attention. Cc: Marcel Selhorst <tpm@selhorst.net> Cc: Kylene Jo Hall <kjhall@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
#
d081d470 |
|
08-May-2007 |
Matthias Kaehlcke <matthias.kaehlcke@gmail.com> |
use mutex instead of semaphore in TPM driver The TPM driver uses two semaphores as mutexes. Use the mutex API instead of the (binary) semaphores. Signed-off-by: Matthias Kaehlcke <matthias.kaehlcke@gmail.com> Cc: Kylene Hall <kjhall@us.ibm.com> Cc: Marcel Selhorst <tpm@selhorst.net> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
#
6473d160 |
|
06-Mar-2007 |
Jean Delvare <khali@linux-fr.org> |
PCI: Cleanup the includes of <linux/pci.h> I noticed that many source files include <linux/pci.h> while they do not appear to need it. Here is an attempt to clean it all up. In order to find all possibly affected files, I searched for all files including <linux/pci.h> but without any other occurence of "pci" or "PCI". I removed the include statement from all of these, then I compiled an allmodconfig kernel on both i386 and x86_64 and fixed the false positives manually. My tests covered 66% of the affected files, so there could be false positives remaining. Untested files are: arch/alpha/kernel/err_common.c arch/alpha/kernel/err_ev6.c arch/alpha/kernel/err_ev7.c arch/ia64/sn/kernel/huberror.c arch/ia64/sn/kernel/xpnet.c arch/m68knommu/kernel/dma.c arch/mips/lib/iomap.c arch/powerpc/platforms/pseries/ras.c arch/ppc/8260_io/enet.c arch/ppc/8260_io/fcc_enet.c arch/ppc/8xx_io/enet.c arch/ppc/syslib/ppc4xx_sgdma.c arch/sh64/mach-cayman/iomap.c arch/xtensa/kernel/xtensa_ksyms.c arch/xtensa/platform-iss/setup.c drivers/i2c/busses/i2c-at91.c drivers/i2c/busses/i2c-mpc.c drivers/media/video/saa711x.c drivers/misc/hdpuftrs/hdpu_cpustate.c drivers/misc/hdpuftrs/hdpu_nexus.c drivers/net/au1000_eth.c drivers/net/fec_8xx/fec_main.c drivers/net/fec_8xx/fec_mii.c drivers/net/fs_enet/fs_enet-main.c drivers/net/fs_enet/mac-fcc.c drivers/net/fs_enet/mac-fec.c drivers/net/fs_enet/mac-scc.c drivers/net/fs_enet/mii-bitbang.c drivers/net/fs_enet/mii-fec.c drivers/net/ibm_emac/ibm_emac_core.c drivers/net/lasi_82596.c drivers/parisc/hppb.c drivers/sbus/sbus.c drivers/video/g364fb.c drivers/video/platinumfb.c drivers/video/stifb.c drivers/video/valkyriefb.c include/asm-arm/arch-ixp4xx/dma.h sound/oss/au1550_ac97.c I would welcome test reports for these files. I am fine with removing the untested files from the patch if the general opinion is that these changes aren't safe. The tested part would still be nice to have. Note that this patch depends on another header fixup patch I submitted to LKML yesterday: [PATCH] scatterlist.h needs types.h http://lkml.org/lkml/2007/3/01/141 Signed-off-by: Jean Delvare <khali@linux-fr.org> Cc: Badari Pulavarty <pbadari@us.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
|
#
914e2637 |
|
18-Oct-2006 |
Al Viro <viro@zeniv.linux.org.uk> |
[PATCH] severing fs.h, radix-tree.h -> sched.h Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
#
bb53a761 |
|
15-May-2006 |
Daniel Walker <dwalker@mvista.com> |
[PATCH] tpm_register_hardware gcc 4.1 warning fix drivers/char/tpm/tpm.c: In function 'tpm_register_hardware': drivers/char/tpm/tpm.c:1157: warning: assignment from incompatible pointer type Signed-off-by: Daniel Walker <dwalker@mvista.com> Acked-by: Kylene Hall <kjhall@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
36b20020 |
|
22-Apr-2006 |
Kylene Jo Hall <kjhall@us.ibm.com> |
[PATCH] tpm: msecs_to_jiffies cleanups The timeout and duration values used in the tpm driver are not exposed to userspace. This patch converts the storage units to jiffies with msecs_to_jiffies. They were always being used in jiffies so this simplifies things removing the need for calculation all over the place. The change necessitated a type change in the tpm_chip struct to hold jiffies. Signed-off-by: Kylie Hall <kjhall@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
27084efe |
|
22-Apr-2006 |
Leendert van Doorn <leendert@watson.ibm.com> |
[PATCH] tpm: driver for next generation TPM chips The driver for the next generation of TPM chips version 1.2 including support for interrupts. The Trusted Computing Group has written the TPM Interface Specification (TIS) which defines a common interface for all manufacturer's 1.2 TPM's thus the name tpm_tis. Signed-off-by: Leendert van Doorn <leendert@watson.ibm.com> Signed-off-by: Kylene Hall <kjhall@us.ibm.com> Cc: Greg KH <greg@kroah.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
08e96e48 |
|
22-Apr-2006 |
Kylene Jo Hall <kjhall@us.ibm.com> |
[PATCH] tpm: new 1.2 sysfs files Many of the sysfs files were calling the TPM_GetCapability command with array. Since for 1.2 more sysfs files of this type are coming I am generalizing the array so there can be one array and the unique parts can be filled in just before the command is called. This updated version of the patch breaks the multi-value sysfs file into separate files pointed out by Greg. It also addresses the code redundancy and ugliness in the tpm_show_* functions pointed out on another patch by Dave Hansen. Signed-off-by: Kylene Hall <kjhall@us.ibm.com> Cc: Greg KH <greg@kroah.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
9e18ee19 |
|
22-Apr-2006 |
Kylene Jo Hall <kjhall@us.ibm.com> |
[PATCH] tpm: command duration update With the TPM 1.2 Specification, each command is classified as short, medium or long and the chip tells you the maximum amount of time for a response to each class of command. This patch provides and array of the classifications and a function to determine how long the response should be waited for. Also, it uses that information in the command processing to determine how long to poll for. The function is exported so the 1.2 driver can use the functionality to determine how long to wait for a DataAvailable interrupt if interrupts are being used. Signed-off-by: Kylene Hall <kjhall@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
e0dd03ca |
|
22-Apr-2006 |
Kylene Jo Hall <kjhall@us.ibm.com> |
[PATCH] tpm: return chip from tpm_register_hardware Changes in the 1.2 TPM Specification make it necessary to update some fields of the chip structure in the initialization function after it is registered with tpm.c thus tpm_register_hardware was modified to return a pointer to the structure. This patch makes that change and the associated changes in tpm_atmel and tpm_nsc. The changes to tpm_infineon will be coming in a patch from Marcel Selhorst. Signed-off-by: Kylene Hall <kjhall@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
90dda520 |
|
22-Apr-2006 |
Kylene Jo Hall <kjhall@us.ibm.com> |
[PATCH] tpm: chip struct update To assist with chip management and better support the possibility of having multiple TPMs in the system of the same kind, the struct tpm_vendor_specific member of the tpm_chip was changed from a pointer to an instance. This patch changes that declaration and fixes up all accesses to the structure member except in tpm_infineon which is coming in a patch from Marcel Selhorst. Signed-off-by: Kylene Hall <kjhall@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
276ad0c1 |
|
25-Mar-2006 |
Andrew Morton <akpm@osdl.org> |
[PATCH] tpm: sparc32 build fix In file included from drivers/char/tpm/tpm_nsc.c:23: drivers/char/tpm/tpm.h: In function `tpm_read_index': drivers/char/tpm/tpm.h:92: warning: implicit declaration of function `outb' drivers/char/tpm/tpm.h:93: warning: implicit declaration of function `inb' Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
55a82ab3 |
|
08-Jan-2006 |
Kylene Jo Hall <kjhall@us.ibm.com> |
[PATCH] tpm: add bios measurement log According to the TCG specifications measurements or hashes of the BIOS code and data are extended into TPM PCRS and a log is kept in an ACPI table of these extensions for later validation if desired. This patch exports the values in the ACPI table through a security-fs seq_file. Signed-off-by: Seiji Munetoh <munetoh@jp.ibm.com> Signed-off-by: Stefan Berger <stefanb@us.ibm.com> Signed-off-by: Reiner Sailer <sailer@us.ibm.com> Signed-off-by: Kylene Hall <kjhall@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
09e12f9f |
|
13-Nov-2005 |
Kylene Jo Hall <kjhall@us.ibm.com> |
[PATCH] tpm: locking fix Use schedule_work() to avoid down()-in-timer-handler problem. Signed-off-by: Kylene Hall <kjhall@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
ad5ea3cc |
|
13-Nov-2005 |
Kylene Jo Hall <kjhall@us.ibm.com> |
[PATCH] tpm: updates for new hardware This is the patch to support TPMs on power ppc hardware. It has been reworked as requested to remove the need for messing with the io page mask by just using ioremap. Signed-off-by: Kylene Hall <kjhall@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
733482e4 |
|
08-Nov-2005 |
Olaf Hering <olh@suse.de> |
[PATCH] changing CONFIG_LOCALVERSION rebuilds too much, for no good reason This patch removes almost all inclusions of linux/version.h. The 3 #defines are unused in most of the touched files. A few drivers use the simple KERNEL_VERSION(a,b,c) macro, which is unfortunatly in linux/version.h. There are also lots of #ifdef for long obsolete kernels, this was not touched. In a few places, the linux/version.h include was move to where the LINUX_VERSION_CODE was used. quilt vi `find * -type f -name "*.[ch]"|xargs grep -El '(UTS_RELEASE|LINUX_VERSION_CODE|KERNEL_VERSION|linux/version.h)'|grep -Ev '(/(boot|coda|drm)/|~$)'` search pattern: /UTS_RELEASE\|LINUX_VERSION_CODE\|KERNEL_VERSION\|linux\/\(utsname\|version\).h Signed-off-by: Olaf Hering <olh@suse.de> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
bbc5b212 |
|
01-Nov-2005 |
Al Viro <viro@ftp.linux.org.uk> |
[PATCH] missing platform_device.h includes Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
ce2c87d4 |
|
30-Oct-2005 |
Kylene Jo Hall <kjhall@us.ibm.com> |
[PATCH] tpm: change from pci_dev to dev power management functions This patch is in support of moving away from the lpc bus pci_dev. The power management prototypes used by platform drivers is different but the functionality remains the same. Signed-off-by: Kylene Hall <kjhall@us.ibm.com Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
e659a3fe |
|
30-Oct-2005 |
Kylene Jo Hall <kjhall@us.ibm.com> |
[PATCH] tpm: remove pci dependency Since the tpm does not have it's own pci id we have been consuming the lpc bus. This is not correct and causes problems to support non lpc bus chips. This patch removes the dependency on pci_dev from tpm.c The subsequent patches will stop the supported chips from registering as pci drivers. Signed-off-by: Kylene Hall <kjhall@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
b4ed3e3c |
|
30-Oct-2005 |
Kylene Jo Hall <kjhall@us.ibm.com> |
[PATCH] tpm: add status function to allow non-lpc bus chips This patch is in preparation of supporting chips that are not necessarily on the lpc bus and thus are not accessed with inb's and outb's. The patch replaces the call to get the chip's status in the tpm.c file with a vendor specific status function. The patch also defines the function for each of the current supported devices. Signed-off-by: Kylene Hall <kjhall@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
daacdfa6 |
|
25-Jun-2005 |
Kylene Jo Hall <kjhall@us.ibm.com> |
[PATCH] tpm: Support new National TPMs This patch is work to support new National TPMs that problems were reported with on Thinkpad T43 and Thinkcentre S51. Thanks to Jens and Gang for their debugging work on these issues. Signed-off-by: Kylene Hall <kjhall@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
e1a23c66 |
|
23-Jun-2005 |
Kylene Hall <kjhall@us.ibm.com> |
[PATCH] tpm: replace odd LPC init function Realized the tpm_lpc_init function isn't really necessary. Replaced it with vendor specific logic to find out the address the BIOS mapped the TPM to. This patch removes the tpm_lpc_init function, enums associated with it and calls to it. The patch also implements the replacement functionality. Signed-off-by: Kylene Hall <kjhall@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
d9e5b6bf |
|
23-Jun-2005 |
Kylene Hall <kjhall@us.ibm.com> |
[PATCH] tpm: add cancel function This patch provides the logic to check if an operation has been canceled while waiting for the response to arrive. Signed-off-by: Kylene Hall <kjhall@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
6659ca2a |
|
23-Jun-2005 |
Kylene Hall <kjhall@us.ibm.com> |
[PATCH] tpm: sysfs owernship changes In the current driver all sysfs files end up owned by the base driver module rather than the module that actually owns the device this is a problem if the module is unloaded and the file is open. This patch fixes all that and lumps the files into an attribute_group. Signed-off-by: Kylene Hall <kjhall@us.ibm.com> Signed-off-by: Yani Ioannou <yani.ioannou@gmail.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
fe3fd483 |
|
23-Jun-2005 |
Kylene Hall <kjhall@us.ibm.com> |
[PATCH] tpm: fix timer initialization Fix the timer to be inited and modified properly. This work depends on the fixing of the msleep stuff which in patch 1 of this set. Signed-of-by: Kylene Hall <kjhall@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
3122a88a |
|
23-Jun-2005 |
Kylene Hall <kjhall@us.ibm.com> |
[PATCH] tpm: Fix concerns with TPM driver -- use enums Convert #defines to named enums where that preference has been indicated by other kernel developers. Signed-off-by: Kylene Hall <kjhall@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
700d8bdc |
|
23-Jun-2005 |
Nishanth Aravamudan <nacc@us.ibm.com> |
[PATCH] char/tpm: use msleep(), clean-up timers, The TPM driver unnecessarily uses timers when it simply needs to maintain a maximum delay via time_before(). msleep() is used instead of schedule_timeout() to guarantee the task delays as expected. While compile-testing, I found a typo in the driver, using tpm_chp instead of tpm_chip. Remove the now unused timer callback function and change TPM_TIMEOUT's units to milliseconds. Patch is compile-tested. Signed-off-by: Nishanth Aravamudan <nacc@us.ibm.com> Acked-by: Kylene Hall <kjhall@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
4fd416c1 |
|
16-Apr-2005 |
Pavel Machek <pavel@ucw.cz> |
[PATCH] Fix u32 vs. pm_message_t in drivers/char Here are fixes for drivers/char. Signed-off-by: Pavel Machek <pavel@suse.cz> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
#
1da177e4 |
|
16-Apr-2005 |
Linus Torvalds <torvalds@ppc970.osdl.org> |
Linux-2.6.12-rc2 Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip!
|