1 /* SPDX-License-Identifier: GPL-2.0-only */
3 * Copyright (C) 2004,2007,2008 IBM Corporation
6 * Leendert van Doorn <leendert@watson.ibm.com>
7 * Dave Safford <safford@watson.ibm.com>
8 * Reiner Sailer <sailer@watson.ibm.com>
9 * Kylene Hall <kjhall@us.ibm.com>
10 * Debora Velarde <dvelarde@us.ibm.com>
12 * Maintained by: <tpmdd_devel@lists.sourceforge.net>
14 * Device driver for TCG/TCPA TPM (trusted platform module).
15 * Specifications at www.trustedcomputinggroup.org
17 #ifndef __LINUX_TPM_H__
18 #define __LINUX_TPM_H__
20 #include <linux/hw_random.h>
21 #include <linux/acpi.h>
22 #include <linux/cdev.h>
24 #include <linux/highmem.h>
25 #include <crypto/hash_info.h>
27 #define TPM_DIGEST_SIZE 20 /* Max TPM v1.2 PCR size */
28 #define TPM_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE
31 struct trusted_key_payload
;
32 struct trusted_key_options
;
35 TPM_ALG_ERROR
= 0x0000,
36 TPM_ALG_SHA1
= 0x0004,
37 TPM_ALG_KEYEDHASH
= 0x0008,
38 TPM_ALG_SHA256
= 0x000B,
39 TPM_ALG_SHA384
= 0x000C,
40 TPM_ALG_SHA512
= 0x000D,
41 TPM_ALG_NULL
= 0x0010,
42 TPM_ALG_SM3_256
= 0x0012,
47 u8 digest
[TPM_MAX_DIGEST_SIZE
];
50 struct tpm_bank_info
{
57 TPM_OPS_AUTO_STARTUP
= BIT(0),
60 struct tpm_class_ops
{
62 const u8 req_complete_mask
;
63 const u8 req_complete_val
;
64 bool (*req_canceled
)(struct tpm_chip
*chip
, u8 status
);
65 int (*recv
) (struct tpm_chip
*chip
, u8
*buf
, size_t len
);
66 int (*send
) (struct tpm_chip
*chip
, u8
*buf
, size_t len
);
67 void (*cancel
) (struct tpm_chip
*chip
);
68 u8 (*status
) (struct tpm_chip
*chip
);
69 void (*update_timeouts
)(struct tpm_chip
*chip
,
70 unsigned long *timeout_cap
);
71 void (*update_durations
)(struct tpm_chip
*chip
,
72 unsigned long *duration_cap
);
73 int (*go_idle
)(struct tpm_chip
*chip
);
74 int (*cmd_ready
)(struct tpm_chip
*chip
);
75 int (*request_locality
)(struct tpm_chip
*chip
, int loc
);
76 int (*relinquish_locality
)(struct tpm_chip
*chip
, int loc
);
77 void (*clk_enable
)(struct tpm_chip
*chip
, bool value
);
80 #define TPM_NUM_EVENT_LOG_FILES 3
82 /* Indexes the duration array */
89 TPM_NUM_DURATIONS
= TPM_UNDEFINED
,
92 #define TPM_PPI_VERSION_LEN 3
101 struct tpm_bios_log
{
102 void *bios_event_log
;
103 void *bios_event_log_end
;
106 struct tpm_chip_seqops
{
107 struct tpm_chip
*chip
;
108 const struct seq_operations
*seqops
;
117 /* A driver callback under ops cannot be run unless ops_sem is held
118 * (sometimes implicitly, eg for the sysfs code). ops becomes null
119 * when the driver is unregistered, see tpm_try_get_ops.
121 struct rw_semaphore ops_sem
;
122 const struct tpm_class_ops
*ops
;
124 struct tpm_bios_log log
;
125 struct tpm_chip_seqops bin_log_seqops
;
126 struct tpm_chip_seqops ascii_log_seqops
;
130 int dev_num
; /* /dev/tpm# */
131 unsigned long is_open
; /* only one allowed */
136 struct mutex tpm_mutex
; /* tpm is processing */
138 unsigned long timeout_a
; /* jiffies */
139 unsigned long timeout_b
; /* jiffies */
140 unsigned long timeout_c
; /* jiffies */
141 unsigned long timeout_d
; /* jiffies */
142 bool timeout_adjusted
;
143 unsigned long duration
[TPM_NUM_DURATIONS
]; /* jiffies */
144 bool duration_adjusted
;
146 struct dentry
*bios_dir
[TPM_NUM_EVENT_LOG_FILES
];
148 const struct attribute_group
*groups
[3];
149 unsigned int groups_cnt
;
151 u32 nr_allocated_banks
;
152 struct tpm_bank_info
*allocated_banks
;
154 acpi_handle acpi_dev_handle
;
155 char ppi_version
[TPM_PPI_VERSION_LEN
+ 1];
156 #endif /* CONFIG_ACPI */
158 struct tpm_space work_space
;
163 /* active locality */
167 #define TPM_HEADER_SIZE 10
170 TPM2_PLATFORM_PCR
= 24,
171 TPM2_PCR_SELECT_MIN
= ((TPM2_PLATFORM_PCR
+ 7) / 8),
175 TPM2_TIMEOUT_A
= 750,
176 TPM2_TIMEOUT_B
= 2000,
177 TPM2_TIMEOUT_C
= 200,
179 TPM2_DURATION_SHORT
= 20,
180 TPM2_DURATION_MEDIUM
= 750,
181 TPM2_DURATION_LONG
= 2000,
182 TPM2_DURATION_LONG_LONG
= 300000,
183 TPM2_DURATION_DEFAULT
= 120000,
186 enum tpm2_structures
{
187 TPM2_ST_NO_SESSIONS
= 0x8001,
188 TPM2_ST_SESSIONS
= 0x8002,
191 /* Indicates from what layer of the software stack the error comes from */
192 #define TSS2_RC_LAYER_SHIFT 16
193 #define TSS2_RESMGR_TPM_RC_LAYER (11 << TSS2_RC_LAYER_SHIFT)
195 enum tpm2_return_codes
{
196 TPM2_RC_SUCCESS
= 0x0000,
197 TPM2_RC_HASH
= 0x0083, /* RC_FMT1 */
198 TPM2_RC_HANDLE
= 0x008B,
199 TPM2_RC_INITIALIZE
= 0x0100, /* RC_VER1 */
200 TPM2_RC_FAILURE
= 0x0101,
201 TPM2_RC_DISABLED
= 0x0120,
202 TPM2_RC_COMMAND_CODE
= 0x0143,
203 TPM2_RC_TESTING
= 0x090A, /* RC_WARN */
204 TPM2_RC_REFERENCE_H0
= 0x0910,
205 TPM2_RC_RETRY
= 0x0922,
208 enum tpm2_command_codes
{
209 TPM2_CC_FIRST
= 0x011F,
210 TPM2_CC_HIERARCHY_CONTROL
= 0x0121,
211 TPM2_CC_HIERARCHY_CHANGE_AUTH
= 0x0129,
212 TPM2_CC_CREATE_PRIMARY
= 0x0131,
213 TPM2_CC_SEQUENCE_COMPLETE
= 0x013E,
214 TPM2_CC_SELF_TEST
= 0x0143,
215 TPM2_CC_STARTUP
= 0x0144,
216 TPM2_CC_SHUTDOWN
= 0x0145,
217 TPM2_CC_NV_READ
= 0x014E,
218 TPM2_CC_CREATE
= 0x0153,
219 TPM2_CC_LOAD
= 0x0157,
220 TPM2_CC_SEQUENCE_UPDATE
= 0x015C,
221 TPM2_CC_UNSEAL
= 0x015E,
222 TPM2_CC_CONTEXT_LOAD
= 0x0161,
223 TPM2_CC_CONTEXT_SAVE
= 0x0162,
224 TPM2_CC_FLUSH_CONTEXT
= 0x0165,
225 TPM2_CC_VERIFY_SIGNATURE
= 0x0177,
226 TPM2_CC_GET_CAPABILITY
= 0x017A,
227 TPM2_CC_GET_RANDOM
= 0x017B,
228 TPM2_CC_PCR_READ
= 0x017E,
229 TPM2_CC_PCR_EXTEND
= 0x0182,
230 TPM2_CC_EVENT_SEQUENCE_COMPLETE
= 0x0185,
231 TPM2_CC_HASH_SEQUENCE_START
= 0x0186,
232 TPM2_CC_CREATE_LOADED
= 0x0191,
233 TPM2_CC_LAST
= 0x0193, /* Spec 1.36 */
236 enum tpm2_permanent_handles
{
237 TPM2_RS_PW
= 0x40000009,
240 enum tpm2_capabilities
{
241 TPM2_CAP_HANDLES
= 1,
242 TPM2_CAP_COMMANDS
= 2,
244 TPM2_CAP_TPM_PROPERTIES
= 6,
247 enum tpm2_properties
{
248 TPM_PT_TOTAL_COMMANDS
= 0x0129,
251 enum tpm2_startup_types
{
252 TPM2_SU_CLEAR
= 0x0000,
253 TPM2_SU_STATE
= 0x0001,
257 TPM2_CC_ATTR_CHANDLES
= 25,
258 TPM2_CC_ATTR_RHANDLE
= 28,
261 #define TPM_VID_INTEL 0x8086
262 #define TPM_VID_WINBOND 0x1050
263 #define TPM_VID_STM 0x104A
265 enum tpm_chip_flags
{
266 TPM_CHIP_FLAG_TPM2
= BIT(1),
267 TPM_CHIP_FLAG_IRQ
= BIT(2),
268 TPM_CHIP_FLAG_VIRTUAL
= BIT(3),
269 TPM_CHIP_FLAG_HAVE_TIMEOUTS
= BIT(4),
270 TPM_CHIP_FLAG_ALWAYS_POWERED
= BIT(5),
271 TPM_CHIP_FLAG_FIRMWARE_POWER_MANAGED
= BIT(6),
274 #define to_tpm_chip(d) container_of(d, struct tpm_chip, dev)
285 /* A string buffer type for constructing TPM commands. This is based on the
286 * ideas of string buffer code in security/keys/trusted.h but is heap based
287 * in order to keep the stack usage minimal.
291 TPM_BUF_OVERFLOW
= BIT(0),
299 enum tpm2_object_attributes
{
300 TPM2_OA_USER_WITH_AUTH
= BIT(6),
303 enum tpm2_session_attributes
{
304 TPM2_SA_CONTINUE_SESSION
= BIT(0),
308 unsigned int crypto_id
;
312 static inline void tpm_buf_reset(struct tpm_buf
*buf
, u16 tag
, u32 ordinal
)
314 struct tpm_header
*head
= (struct tpm_header
*)buf
->data
;
316 head
->tag
= cpu_to_be16(tag
);
317 head
->length
= cpu_to_be32(sizeof(*head
));
318 head
->ordinal
= cpu_to_be32(ordinal
);
321 static inline int tpm_buf_init(struct tpm_buf
*buf
, u16 tag
, u32 ordinal
)
323 buf
->data
= (u8
*)__get_free_page(GFP_KERNEL
);
328 tpm_buf_reset(buf
, tag
, ordinal
);
332 static inline void tpm_buf_destroy(struct tpm_buf
*buf
)
334 free_page((unsigned long)buf
->data
);
337 static inline u32
tpm_buf_length(struct tpm_buf
*buf
)
339 struct tpm_header
*head
= (struct tpm_header
*)buf
->data
;
341 return be32_to_cpu(head
->length
);
344 static inline u16
tpm_buf_tag(struct tpm_buf
*buf
)
346 struct tpm_header
*head
= (struct tpm_header
*)buf
->data
;
348 return be16_to_cpu(head
->tag
);
351 static inline void tpm_buf_append(struct tpm_buf
*buf
,
352 const unsigned char *new_data
,
353 unsigned int new_len
)
355 struct tpm_header
*head
= (struct tpm_header
*)buf
->data
;
356 u32 len
= tpm_buf_length(buf
);
358 /* Return silently if overflow has already happened. */
359 if (buf
->flags
& TPM_BUF_OVERFLOW
)
362 if ((len
+ new_len
) > PAGE_SIZE
) {
363 WARN(1, "tpm_buf: overflow\n");
364 buf
->flags
|= TPM_BUF_OVERFLOW
;
368 memcpy(&buf
->data
[len
], new_data
, new_len
);
369 head
->length
= cpu_to_be32(len
+ new_len
);
372 static inline void tpm_buf_append_u8(struct tpm_buf
*buf
, const u8 value
)
374 tpm_buf_append(buf
, &value
, 1);
377 static inline void tpm_buf_append_u16(struct tpm_buf
*buf
, const u16 value
)
379 __be16 value2
= cpu_to_be16(value
);
381 tpm_buf_append(buf
, (u8
*) &value2
, 2);
384 static inline void tpm_buf_append_u32(struct tpm_buf
*buf
, const u32 value
)
386 __be32 value2
= cpu_to_be32(value
);
388 tpm_buf_append(buf
, (u8
*) &value2
, 4);
391 static inline u32
tpm2_rc_value(u32 rc
)
393 return (rc
& BIT(7)) ? rc
& 0xff : rc
;
396 #if defined(CONFIG_TCG_TPM) || defined(CONFIG_TCG_TPM_MODULE)
398 extern int tpm_is_tpm2(struct tpm_chip
*chip
);
399 extern int tpm_pcr_read(struct tpm_chip
*chip
, u32 pcr_idx
,
400 struct tpm_digest
*digest
);
401 extern int tpm_pcr_extend(struct tpm_chip
*chip
, u32 pcr_idx
,
402 struct tpm_digest
*digests
);
403 extern int tpm_send(struct tpm_chip
*chip
, void *cmd
, size_t buflen
);
404 extern int tpm_get_random(struct tpm_chip
*chip
, u8
*data
, size_t max
);
405 extern struct tpm_chip
*tpm_default_chip(void);
406 void tpm2_flush_context(struct tpm_chip
*chip
, u32 handle
);
408 static inline int tpm_is_tpm2(struct tpm_chip
*chip
)
413 static inline int tpm_pcr_read(struct tpm_chip
*chip
, int pcr_idx
,
414 struct tpm_digest
*digest
)
419 static inline int tpm_pcr_extend(struct tpm_chip
*chip
, u32 pcr_idx
,
420 struct tpm_digest
*digests
)
425 static inline int tpm_send(struct tpm_chip
*chip
, void *cmd
, size_t buflen
)
429 static inline int tpm_get_random(struct tpm_chip
*chip
, u8
*data
, size_t max
)
434 static inline struct tpm_chip
*tpm_default_chip(void)