/** * tpm1_calc_ordinal_duration() - calculate the maximum command duration * @chip: TPM chip to use. * @ordinal: TPM command ordinal. * * The function returns the maximum amount of time the chip could take * to return the result for a particular ordinal in jiffies. * * Return: A maximal duration time for an ordinal in jiffies.
*/ unsignedlong tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
{ int duration_idx = TPM_UNDEFINED; int duration = 0;
/* * We only have a duration table for protected commands, where the upper * 16 bits are 0. For the few other ordinals the fallback will be used.
*/ if (ordinal < TPM_MAX_ORDINAL)
duration_idx = tpm1_ordinal_duration[ordinal];
/** * tpm1_startup() - turn on the TPM * @chip: TPM chip to use * * Normally the firmware should start the TPM. This function is provided as a * workaround if this does not happen. A legal case for this could be for * example when a TPM emulator is used. * * Return: same as tpm_transmit_cmd()
*/ staticint tpm1_startup(struct tpm_chip *chip)
{ struct tpm_buf buf; int rc;
dev_info(&chip->dev, "starting up the TPM manually\n");
/* * Provide ability for vendor overrides of timeout values in case * of misreporting.
*/ if (chip->ops->update_timeouts)
chip->ops->update_timeouts(chip, timeout_eff);
if (!chip->timeout_adjusted) { /* Restore default if chip reported 0 */ unsignedint i;
for (i = 0; i < ARRAY_SIZE(timeout_eff); i++) { if (timeout_eff[i]) continue;
rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_DURATION, &cap, "attempting to determine the durations", sizeof(cap.duration)); if (rc) return rc;
chip->duration[TPM_SHORT] =
usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_short));
chip->duration[TPM_MEDIUM] =
usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_medium));
chip->duration[TPM_LONG] =
usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_long));
chip->duration[TPM_LONG_LONG] = 0; /* not used under 1.2 */
/* * Provide the ability for vendor overrides of duration values in case * of misreporting.
*/ if (chip->ops->update_durations)
chip->ops->update_durations(chip, durations);
/* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above * value wrong and apparently reports msecs rather than usecs. So we * fix up the resulting too-small TPM_SHORT value to make things work. * We also scale the TPM_MEDIUM and -_LONG values by 1000.
*/ if (chip->duration[TPM_SHORT] < (HZ / 100)) {
chip->duration[TPM_SHORT] = HZ;
chip->duration[TPM_MEDIUM] *= 1000;
chip->duration[TPM_LONG] *= 1000;
chip->duration_adjusted = true;
dev_info(&chip->dev, "Adjusting TPM timeout parameters.");
}
/** * tpm1_get_random() - get random bytes from the TPM's RNG * @chip: a &struct tpm_chip instance * @dest: destination buffer for the random bytes * @max: the maximum number of bytes to write to @dest * * Return: * * number of bytes read * * -errno (positive TPM return codes are masked to -EIO)
*/ int tpm1_get_random(struct tpm_chip *chip, u8 *dest, size_t max)
{ struct tpm1_get_random_out *out;
u32 num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA); struct tpm_buf buf;
u32 total = 0; int retries = 5;
u32 recd; int rc;
rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_RANDOM); if (rc) return rc;
do {
tpm_buf_append_u32(&buf, num_bytes);
rc = tpm_transmit_cmd(chip, &buf, sizeof(out->rng_data_len), "attempting get random"); if (rc) { if (rc > 0)
rc = -EIO; goto out;
}
out = (struct tpm1_get_random_out *)&buf.data[TPM_HEADER_SIZE];
#define TPM_ORD_CONTINUE_SELFTEST 83 /** * tpm1_continue_selftest() - run TPM's selftest * @chip: TPM chip to use * * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing * a TPM error code.
*/ staticint tpm1_continue_selftest(struct tpm_chip *chip)
{ struct tpm_buf buf; int rc;
rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_CONTINUE_SELFTEST); if (rc) return rc;
/** * tpm1_do_selftest - have the TPM continue its selftest and wait until it * can receive further commands * @chip: TPM chip to use * * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing * a TPM error code.
*/ int tpm1_do_selftest(struct tpm_chip *chip)
{ int rc; unsignedint loops; unsignedint delay_msec = 100; unsignedlong duration;
u8 dummy[TPM_DIGEST_SIZE];
rc = tpm1_continue_selftest(chip); if (rc == TPM_ERR_INVALID_POSTINIT) {
chip->flags |= TPM_CHIP_FLAG_ALWAYS_POWERED;
dev_info(&chip->dev, "TPM not ready (%d)\n", rc);
} /* This may fail if there was no TPM driver during a suspend/resume * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST)
*/ if (rc) return rc;
do { /* Attempt to read a PCR value */
rc = tpm1_pcr_read(chip, 0, dummy);
/* Some buggy TPMs will not respond to tpm_tis_ready() for * around 300ms while the self test is ongoing, keep trying * until the self test duration expires.
*/ if (rc == -ETIME) {
dev_info(&chip->dev, HW_ERR "TPM command timed out during continue self test");
tpm_msleep(delay_msec); continue;
}
if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) {
dev_info(&chip->dev, "TPM is disabled/deactivated (0x%X)\n",
rc); /* TPM is disabled and/or deactivated; driver can * proceed and TPM does handle commands for * suspend/resume correctly
*/ return 0;
} if (rc != TPM_WARN_DOING_SELFTEST) return rc;
tpm_msleep(delay_msec);
} while (--loops > 0);
return rc;
}
EXPORT_SYMBOL_GPL(tpm1_do_selftest);
/** * tpm1_auto_startup - Perform the standard automatic TPM initialization * sequence * @chip: TPM chip to use * * Returns 0 on success, < 0 in case of fatal error.
*/ int tpm1_auto_startup(struct tpm_chip *chip)
{ int rc;
rc = tpm1_get_timeouts(chip); if (rc) goto out;
rc = tpm1_do_selftest(chip); if (rc == TPM_ERR_FAILEDSELFTEST) {
dev_warn(&chip->dev, "TPM self test failed, switching to the firmware upgrade mode\n"); /* A TPM in this state possibly allows or needs a firmware upgrade */
chip->flags |= TPM_CHIP_FLAG_FIRMWARE_UPGRADE; return 0;
} elseif (rc) {
dev_err(&chip->dev, "TPM self test failed\n"); goto out;
}
/** * tpm1_pm_suspend() - pm suspend handler * @chip: TPM chip to use. * @tpm_suspend_pcr: flush pcr for buggy TPM chips. * * The functions saves the TPM state to be restored on resume. * * Return: * * 0 on success, * * < 0 on error.
*/ int tpm1_pm_suspend(struct tpm_chip *chip, u32 tpm_suspend_pcr)
{
u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 }; struct tpm_buf buf; unsignedinttry; int rc;
/* for buggy tpm, flush pcrs with extend to selected dummy */ if (tpm_suspend_pcr)
rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash, "extending dummy pcr before suspend");
rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_SAVESTATE); if (rc) return rc; /* now do the actual savestate */ for (try = 0; try < TPM_RETRY; try++) {
rc = tpm_transmit_cmd(chip, &buf, 0, NULL); /* * If the TPM indicates that it is too busy to respond to * this command then retry before giving up. It can take * several seconds for this TPM to be ready. * * This can happen if the TPM has already been sent the * SaveState command before the driver has loaded. TCG 1.2 * specification states that any communication after SaveState * may cause the TPM to invalidate previously saved state.
*/ if (rc != TPM_WARN_RETRY) break;
tpm_msleep(TPM_TIMEOUT_RETRY);
if (rc)
dev_err(&chip->dev, "Error (%d) sending savestate before suspend\n",
rc); elseif (try > 0)
dev_warn(&chip->dev, "TPM savestate took %dms\n", try * TPM_TIMEOUT_RETRY);
tpm_buf_destroy(&buf);
return rc;
}
/** * tpm1_get_pcr_allocation() - initialize the allocated bank * @chip: TPM chip to use. * * The function initializes the SHA1 allocated bank to extend PCR * * Return: * * 0 on success, * * < 0 on error.
*/ int tpm1_get_pcr_allocation(struct tpm_chip *chip)
{
chip->allocated_banks = kcalloc(1, sizeof(*chip->allocated_banks),
GFP_KERNEL); if (!chip->allocated_banks) return -ENOMEM;
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung und die Messung sind noch experimentell.
