1 /* SPDX-License-Identifier: GPL-2.0-only */
3 * Copyright (C) 2004,2007,2008 IBM Corporation
6 * Leendert van Doorn <leendert@watson.ibm.com>
7 * Dave Safford <safford@watson.ibm.com>
8 * Reiner Sailer <sailer@watson.ibm.com>
9 * Kylene Hall <kjhall@us.ibm.com>
10 * Debora Velarde <dvelarde@us.ibm.com>
12 * Maintained by: <tpmdd_devel@lists.sourceforge.net>
14 * Device driver for TCG/TCPA TPM (trusted platform module).
15 * Specifications at www.trustedcomputinggroup.org
17 #ifndef __LINUX_TPM_H__
18 #define __LINUX_TPM_H__
20 #include <linux/hw_random.h>
21 #include <linux/acpi.h>
22 #include <linux/cdev.h>
24 #include <linux/highmem.h>
25 #include <crypto/hash_info.h>
27 #define TPM_DIGEST_SIZE 20 /* Max TPM v1.2 PCR size */
28 #define TPM_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE
31 struct trusted_key_payload
;
32 struct trusted_key_options
;
34 /* if you add a new hash to this, increment TPM_MAX_HASHES below */
36 TPM_ALG_ERROR
= 0x0000,
37 TPM_ALG_SHA1
= 0x0004,
38 TPM_ALG_KEYEDHASH
= 0x0008,
39 TPM_ALG_SHA256
= 0x000B,
40 TPM_ALG_SHA384
= 0x000C,
41 TPM_ALG_SHA512
= 0x000D,
42 TPM_ALG_NULL
= 0x0010,
43 TPM_ALG_SM3_256
= 0x0012,
47 * maximum number of hashing algorithms a TPM can have. This is
48 * basically a count of every hash in tpm_algorithms above
50 #define TPM_MAX_HASHES 5
54 u8 digest
[TPM_MAX_DIGEST_SIZE
];
57 struct tpm_bank_info
{
64 TPM_OPS_AUTO_STARTUP
= BIT(0),
67 struct tpm_class_ops
{
69 const u8 req_complete_mask
;
70 const u8 req_complete_val
;
71 bool (*req_canceled
)(struct tpm_chip
*chip
, u8 status
);
72 int (*recv
) (struct tpm_chip
*chip
, u8
*buf
, size_t len
);
73 int (*send
) (struct tpm_chip
*chip
, u8
*buf
, size_t len
);
74 void (*cancel
) (struct tpm_chip
*chip
);
75 u8 (*status
) (struct tpm_chip
*chip
);
76 void (*update_timeouts
)(struct tpm_chip
*chip
,
77 unsigned long *timeout_cap
);
78 void (*update_durations
)(struct tpm_chip
*chip
,
79 unsigned long *duration_cap
);
80 int (*go_idle
)(struct tpm_chip
*chip
);
81 int (*cmd_ready
)(struct tpm_chip
*chip
);
82 int (*request_locality
)(struct tpm_chip
*chip
, int loc
);
83 int (*relinquish_locality
)(struct tpm_chip
*chip
, int loc
);
84 void (*clk_enable
)(struct tpm_chip
*chip
, bool value
);
87 #define TPM_NUM_EVENT_LOG_FILES 3
89 /* Indexes the duration array */
96 TPM_NUM_DURATIONS
= TPM_UNDEFINED
,
99 #define TPM_PPI_VERSION_LEN 3
109 struct tpm_bios_log
{
110 void *bios_event_log
;
111 void *bios_event_log_end
;
114 struct tpm_chip_seqops
{
115 struct tpm_chip
*chip
;
116 const struct seq_operations
*seqops
;
125 /* A driver callback under ops cannot be run unless ops_sem is held
126 * (sometimes implicitly, eg for the sysfs code). ops becomes null
127 * when the driver is unregistered, see tpm_try_get_ops.
129 struct rw_semaphore ops_sem
;
130 const struct tpm_class_ops
*ops
;
132 struct tpm_bios_log log
;
133 struct tpm_chip_seqops bin_log_seqops
;
134 struct tpm_chip_seqops ascii_log_seqops
;
138 int dev_num
; /* /dev/tpm# */
139 unsigned long is_open
; /* only one allowed */
144 struct mutex tpm_mutex
; /* tpm is processing */
146 unsigned long timeout_a
; /* jiffies */
147 unsigned long timeout_b
; /* jiffies */
148 unsigned long timeout_c
; /* jiffies */
149 unsigned long timeout_d
; /* jiffies */
150 bool timeout_adjusted
;
151 unsigned long duration
[TPM_NUM_DURATIONS
]; /* jiffies */
152 bool duration_adjusted
;
154 struct dentry
*bios_dir
[TPM_NUM_EVENT_LOG_FILES
];
156 const struct attribute_group
*groups
[3 + TPM_MAX_HASHES
];
157 unsigned int groups_cnt
;
159 u32 nr_allocated_banks
;
160 struct tpm_bank_info
*allocated_banks
;
162 acpi_handle acpi_dev_handle
;
163 char ppi_version
[TPM_PPI_VERSION_LEN
+ 1];
164 #endif /* CONFIG_ACPI */
166 struct tpm_space work_space
;
171 /* active locality */
175 #define TPM_HEADER_SIZE 10
178 TPM2_PLATFORM_PCR
= 24,
179 TPM2_PCR_SELECT_MIN
= ((TPM2_PLATFORM_PCR
+ 7) / 8),
183 TPM2_TIMEOUT_A
= 750,
184 TPM2_TIMEOUT_B
= 2000,
185 TPM2_TIMEOUT_C
= 200,
187 TPM2_DURATION_SHORT
= 20,
188 TPM2_DURATION_MEDIUM
= 750,
189 TPM2_DURATION_LONG
= 2000,
190 TPM2_DURATION_LONG_LONG
= 300000,
191 TPM2_DURATION_DEFAULT
= 120000,
194 enum tpm2_structures
{
195 TPM2_ST_NO_SESSIONS
= 0x8001,
196 TPM2_ST_SESSIONS
= 0x8002,
199 /* Indicates from what layer of the software stack the error comes from */
200 #define TSS2_RC_LAYER_SHIFT 16
201 #define TSS2_RESMGR_TPM_RC_LAYER (11 << TSS2_RC_LAYER_SHIFT)
203 enum tpm2_return_codes
{
204 TPM2_RC_SUCCESS
= 0x0000,
205 TPM2_RC_HASH
= 0x0083, /* RC_FMT1 */
206 TPM2_RC_HANDLE
= 0x008B,
207 TPM2_RC_INITIALIZE
= 0x0100, /* RC_VER1 */
208 TPM2_RC_FAILURE
= 0x0101,
209 TPM2_RC_DISABLED
= 0x0120,
210 TPM2_RC_COMMAND_CODE
= 0x0143,
211 TPM2_RC_TESTING
= 0x090A, /* RC_WARN */
212 TPM2_RC_REFERENCE_H0
= 0x0910,
213 TPM2_RC_RETRY
= 0x0922,
216 enum tpm2_command_codes
{
217 TPM2_CC_FIRST
= 0x011F,
218 TPM2_CC_HIERARCHY_CONTROL
= 0x0121,
219 TPM2_CC_HIERARCHY_CHANGE_AUTH
= 0x0129,
220 TPM2_CC_CREATE_PRIMARY
= 0x0131,
221 TPM2_CC_SEQUENCE_COMPLETE
= 0x013E,
222 TPM2_CC_SELF_TEST
= 0x0143,
223 TPM2_CC_STARTUP
= 0x0144,
224 TPM2_CC_SHUTDOWN
= 0x0145,
225 TPM2_CC_NV_READ
= 0x014E,
226 TPM2_CC_CREATE
= 0x0153,
227 TPM2_CC_LOAD
= 0x0157,
228 TPM2_CC_SEQUENCE_UPDATE
= 0x015C,
229 TPM2_CC_UNSEAL
= 0x015E,
230 TPM2_CC_CONTEXT_LOAD
= 0x0161,
231 TPM2_CC_CONTEXT_SAVE
= 0x0162,
232 TPM2_CC_FLUSH_CONTEXT
= 0x0165,
233 TPM2_CC_VERIFY_SIGNATURE
= 0x0177,
234 TPM2_CC_GET_CAPABILITY
= 0x017A,
235 TPM2_CC_GET_RANDOM
= 0x017B,
236 TPM2_CC_PCR_READ
= 0x017E,
237 TPM2_CC_PCR_EXTEND
= 0x0182,
238 TPM2_CC_EVENT_SEQUENCE_COMPLETE
= 0x0185,
239 TPM2_CC_HASH_SEQUENCE_START
= 0x0186,
240 TPM2_CC_CREATE_LOADED
= 0x0191,
241 TPM2_CC_LAST
= 0x0193, /* Spec 1.36 */
244 enum tpm2_permanent_handles
{
245 TPM2_RS_PW
= 0x40000009,
248 enum tpm2_capabilities
{
249 TPM2_CAP_HANDLES
= 1,
250 TPM2_CAP_COMMANDS
= 2,
252 TPM2_CAP_TPM_PROPERTIES
= 6,
255 enum tpm2_properties
{
256 TPM_PT_TOTAL_COMMANDS
= 0x0129,
259 enum tpm2_startup_types
{
260 TPM2_SU_CLEAR
= 0x0000,
261 TPM2_SU_STATE
= 0x0001,
265 TPM2_CC_ATTR_CHANDLES
= 25,
266 TPM2_CC_ATTR_RHANDLE
= 28,
269 #define TPM_VID_INTEL 0x8086
270 #define TPM_VID_WINBOND 0x1050
271 #define TPM_VID_STM 0x104A
273 enum tpm_chip_flags
{
274 TPM_CHIP_FLAG_TPM2
= BIT(1),
275 TPM_CHIP_FLAG_IRQ
= BIT(2),
276 TPM_CHIP_FLAG_VIRTUAL
= BIT(3),
277 TPM_CHIP_FLAG_HAVE_TIMEOUTS
= BIT(4),
278 TPM_CHIP_FLAG_ALWAYS_POWERED
= BIT(5),
279 TPM_CHIP_FLAG_FIRMWARE_POWER_MANAGED
= BIT(6),
282 #define to_tpm_chip(d) container_of(d, struct tpm_chip, dev)
293 /* A string buffer type for constructing TPM commands. This is based on the
294 * ideas of string buffer code in security/keys/trusted.h but is heap based
295 * in order to keep the stack usage minimal.
299 TPM_BUF_OVERFLOW
= BIT(0),
307 enum tpm2_object_attributes
{
308 TPM2_OA_FIXED_TPM
= BIT(1),
309 TPM2_OA_FIXED_PARENT
= BIT(4),
310 TPM2_OA_USER_WITH_AUTH
= BIT(6),
313 enum tpm2_session_attributes
{
314 TPM2_SA_CONTINUE_SESSION
= BIT(0),
318 unsigned int crypto_id
;
322 static inline void tpm_buf_reset(struct tpm_buf
*buf
, u16 tag
, u32 ordinal
)
324 struct tpm_header
*head
= (struct tpm_header
*)buf
->data
;
326 head
->tag
= cpu_to_be16(tag
);
327 head
->length
= cpu_to_be32(sizeof(*head
));
328 head
->ordinal
= cpu_to_be32(ordinal
);
331 static inline int tpm_buf_init(struct tpm_buf
*buf
, u16 tag
, u32 ordinal
)
333 buf
->data
= (u8
*)__get_free_page(GFP_KERNEL
);
338 tpm_buf_reset(buf
, tag
, ordinal
);
342 static inline void tpm_buf_destroy(struct tpm_buf
*buf
)
344 free_page((unsigned long)buf
->data
);
347 static inline u32
tpm_buf_length(struct tpm_buf
*buf
)
349 struct tpm_header
*head
= (struct tpm_header
*)buf
->data
;
351 return be32_to_cpu(head
->length
);
354 static inline u16
tpm_buf_tag(struct tpm_buf
*buf
)
356 struct tpm_header
*head
= (struct tpm_header
*)buf
->data
;
358 return be16_to_cpu(head
->tag
);
361 static inline void tpm_buf_append(struct tpm_buf
*buf
,
362 const unsigned char *new_data
,
363 unsigned int new_len
)
365 struct tpm_header
*head
= (struct tpm_header
*)buf
->data
;
366 u32 len
= tpm_buf_length(buf
);
368 /* Return silently if overflow has already happened. */
369 if (buf
->flags
& TPM_BUF_OVERFLOW
)
372 if ((len
+ new_len
) > PAGE_SIZE
) {
373 WARN(1, "tpm_buf: overflow\n");
374 buf
->flags
|= TPM_BUF_OVERFLOW
;
378 memcpy(&buf
->data
[len
], new_data
, new_len
);
379 head
->length
= cpu_to_be32(len
+ new_len
);
382 static inline void tpm_buf_append_u8(struct tpm_buf
*buf
, const u8 value
)
384 tpm_buf_append(buf
, &value
, 1);
387 static inline void tpm_buf_append_u16(struct tpm_buf
*buf
, const u16 value
)
389 __be16 value2
= cpu_to_be16(value
);
391 tpm_buf_append(buf
, (u8
*) &value2
, 2);
394 static inline void tpm_buf_append_u32(struct tpm_buf
*buf
, const u32 value
)
396 __be32 value2
= cpu_to_be32(value
);
398 tpm_buf_append(buf
, (u8
*) &value2
, 4);
401 static inline u32
tpm2_rc_value(u32 rc
)
403 return (rc
& BIT(7)) ? rc
& 0xff : rc
;
406 #if defined(CONFIG_TCG_TPM) || defined(CONFIG_TCG_TPM_MODULE)
408 extern int tpm_is_tpm2(struct tpm_chip
*chip
);
409 extern __must_check
int tpm_try_get_ops(struct tpm_chip
*chip
);
410 extern void tpm_put_ops(struct tpm_chip
*chip
);
411 extern ssize_t
tpm_transmit_cmd(struct tpm_chip
*chip
, struct tpm_buf
*buf
,
412 size_t min_rsp_body_length
, const char *desc
);
413 extern int tpm_pcr_read(struct tpm_chip
*chip
, u32 pcr_idx
,
414 struct tpm_digest
*digest
);
415 extern int tpm_pcr_extend(struct tpm_chip
*chip
, u32 pcr_idx
,
416 struct tpm_digest
*digests
);
417 extern int tpm_send(struct tpm_chip
*chip
, void *cmd
, size_t buflen
);
418 extern int tpm_get_random(struct tpm_chip
*chip
, u8
*data
, size_t max
);
419 extern struct tpm_chip
*tpm_default_chip(void);
420 void tpm2_flush_context(struct tpm_chip
*chip
, u32 handle
);
422 static inline int tpm_is_tpm2(struct tpm_chip
*chip
)
426 static inline int tpm_pcr_read(struct tpm_chip
*chip
, int pcr_idx
,
427 struct tpm_digest
*digest
)
432 static inline int tpm_pcr_extend(struct tpm_chip
*chip
, u32 pcr_idx
,
433 struct tpm_digest
*digests
)
438 static inline int tpm_send(struct tpm_chip
*chip
, void *cmd
, size_t buflen
)
442 static inline int tpm_get_random(struct tpm_chip
*chip
, u8
*data
, size_t max
)
447 static inline struct tpm_chip
*tpm_default_chip(void)