Gitiles
Code Review Sign In
192.168.1.100 / T800 / 0b39b87cb0cd96fd68f16a6d004c85c06a954fb2 / . / src / kernel / linux / v4.19 / drivers / char / tpm / tpm-chip.c
blob: 0b01eb7b14e536052381f953c5c2582ca936f5d9 [file] [log] [blame]
xjb04a4022021-11-25 15:01:52 +0800[diff] [blame]1/*
2 * Copyright (C) 2004 IBM Corporation
3 * Copyright (C) 2014 Intel Corporation
4 *
5 * Authors:
6 * Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
7 * Leendert van Doorn <leendert@watson.ibm.com>
8 * Dave Safford <safford@watson.ibm.com>
9 * Reiner Sailer <sailer@watson.ibm.com>
10 * Kylene Hall <kjhall@us.ibm.com>
11 *
12 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
13 *
14 * TPM chip management routines.
15 *
16 * This program is free software; you can redistribute it and/or
17 * modify it under the terms of the GNU General Public License as
18 * published by the Free Software Foundation, version 2 of the
19 * License.
20 *
21 */
22
23#include <linux/poll.h>
24#include <linux/slab.h>
25#include <linux/mutex.h>
26#include <linux/spinlock.h>
27#include <linux/freezer.h>
28#include <linux/major.h>
29#include <linux/tpm_eventlog.h>
30#include <linux/hw_random.h>
31#include "tpm.h"
32
33DEFINE_IDR(dev_nums_idr);
34static DEFINE_MUTEX(idr_lock);
35
36struct class *tpm_class;
37struct class *tpmrm_class;
38dev_t tpm_devt;
39
40/**
41 * tpm_try_get_ops() - Get a ref to the tpm_chip
42 * @chip: Chip to ref
43 *
44 * The caller must already have some kind of locking to ensure that chip is
45 * valid. This function will lock the chip so that the ops member can be
46 * accessed safely. The locking prevents tpm_chip_unregister from
47 * completing, so it should not be held for long periods.
48 *
49 * Returns -ERRNO if the chip could not be got.
50 */
51int tpm_try_get_ops(struct tpm_chip *chip)
52{
53 int rc = -EIO;
54
55 get_device(&chip->dev);
56
57 down_read(&chip->ops_sem);
58 if (!chip->ops)
59 goto out_lock;
60
61 return 0;
62out_lock:
63 up_read(&chip->ops_sem);
64 put_device(&chip->dev);
65 return rc;
66}
67EXPORT_SYMBOL_GPL(tpm_try_get_ops);
68
69/**
70 * tpm_put_ops() - Release a ref to the tpm_chip
71 * @chip: Chip to put
72 *
73 * This is the opposite pair to tpm_try_get_ops(). After this returns chip may
74 * be kfree'd.
75 */
76void tpm_put_ops(struct tpm_chip *chip)
77{
78 up_read(&chip->ops_sem);
79 put_device(&chip->dev);
80}
81EXPORT_SYMBOL_GPL(tpm_put_ops);
82
83/**
84 * tpm_default_chip() - find a TPM chip and get a reference to it
85 */
86struct tpm_chip *tpm_default_chip(void)
87{
88 struct tpm_chip *chip, *res = NULL;
89 int chip_num = 0;
90 int chip_prev;
91
92 mutex_lock(&idr_lock);
93
94 do {
95 chip_prev = chip_num;
96 chip = idr_get_next(&dev_nums_idr, &chip_num);
97 if (chip) {
98 get_device(&chip->dev);
99 res = chip;
100 break;
101 }
102 } while (chip_prev != chip_num);
103
104 mutex_unlock(&idr_lock);
105
106 return res;
107}
108EXPORT_SYMBOL_GPL(tpm_default_chip);
109
110/**
111 * tpm_find_get_ops() - find and reserve a TPM chip
112 * @chip: a &struct tpm_chip instance, %NULL for the default chip
113 *
114 * Finds a TPM chip and reserves its class device and operations. The chip must
115 * be released with tpm_put_ops() after use.
116 * This function is for internal use only. It supports existing TPM callers
117 * by accepting NULL, but those callers should be converted to pass in a chip
118 * directly.
119 *
120 * Return:
121 * A reserved &struct tpm_chip instance.
122 * %NULL if a chip is not found.
123 * %NULL if the chip is not available.
124 */
125struct tpm_chip *tpm_find_get_ops(struct tpm_chip *chip)
126{
127 int rc;
128
129 if (chip) {
130 if (!tpm_try_get_ops(chip))
131 return chip;
132 return NULL;
133 }
134
135 chip = tpm_default_chip();
136 if (!chip)
137 return NULL;
138 rc = tpm_try_get_ops(chip);
139 /* release additional reference we got from tpm_default_chip() */
140 put_device(&chip->dev);
141 if (rc)
142 return NULL;
143 return chip;
144}
145
146/**
147 * tpm_dev_release() - free chip memory and the device number
148 * @dev: the character device for the TPM chip
149 *
150 * This is used as the release function for the character device.
151 */
152static void tpm_dev_release(struct device *dev)
153{
154 struct tpm_chip *chip = container_of(dev, struct tpm_chip, dev);
155
156 mutex_lock(&idr_lock);
157 idr_remove(&dev_nums_idr, chip->dev_num);
158 mutex_unlock(&idr_lock);
159
160 kfree(chip->log.bios_event_log);
161 kfree(chip->work_space.context_buf);
162 kfree(chip->work_space.session_buf);
163 kfree(chip);
164}
165
166static void tpm_devs_release(struct device *dev)
167{
168 struct tpm_chip *chip = container_of(dev, struct tpm_chip, devs);
169
170 /* release the master device reference */
171 put_device(&chip->dev);
172}
173
174/**
175 * tpm_class_shutdown() - prepare the TPM device for loss of power.
176 * @dev: device to which the chip is associated.
177 *
178 * Issues a TPM2_Shutdown command prior to loss of power, as required by the
179 * TPM 2.0 spec.
180 * Then, calls bus- and device- specific shutdown code.
181 *
182 * XXX: This codepath relies on the fact that sysfs is not enabled for
183 * TPM2: sysfs uses an implicit lock on chip->ops, so this could race if TPM2
184 * has sysfs support enabled before TPM sysfs's implicit locking is fixed.
185 */
186static int tpm_class_shutdown(struct device *dev)
187{
188 struct tpm_chip *chip = container_of(dev, struct tpm_chip, dev);
189
190 down_write(&chip->ops_sem);
191 if (chip->flags & TPM_CHIP_FLAG_TPM2) {
192 tpm2_shutdown(chip, TPM2_SU_CLEAR);
193 chip->ops = NULL;
194 }
195 chip->ops = NULL;
196 up_write(&chip->ops_sem);
197
198 return 0;
199}
200
201/**
202 * tpm_chip_alloc() - allocate a new struct tpm_chip instance
203 * @pdev: device to which the chip is associated
204 * At this point pdev mst be initialized, but does not have to
205 * be registered
206 * @ops: struct tpm_class_ops instance
207 *
208 * Allocates a new struct tpm_chip instance and assigns a free
209 * device number for it. Must be paired with put_device(&chip->dev).
210 */
211struct tpm_chip *tpm_chip_alloc(struct device *pdev,
212 const struct tpm_class_ops *ops)
213{
214 struct tpm_chip *chip;
215 int rc;
216
217 chip = kzalloc(sizeof(*chip), GFP_KERNEL);
218 if (chip == NULL)
219 return ERR_PTR(-ENOMEM);
220
221 mutex_init(&chip->tpm_mutex);
222 init_rwsem(&chip->ops_sem);
223
224 chip->ops = ops;
225
226 mutex_lock(&idr_lock);
227 rc = idr_alloc(&dev_nums_idr, NULL, 0, TPM_NUM_DEVICES, GFP_KERNEL);
228 mutex_unlock(&idr_lock);
229 if (rc < 0) {
230 dev_err(pdev, "No available tpm device numbers\n");
231 kfree(chip);
232 return ERR_PTR(rc);
233 }
234 chip->dev_num = rc;
235
236 device_initialize(&chip->dev);
237 device_initialize(&chip->devs);
238
239 chip->dev.class = tpm_class;
240 chip->dev.class->shutdown_pre = tpm_class_shutdown;
241 chip->dev.release = tpm_dev_release;
242 chip->dev.parent = pdev;
243 chip->dev.groups = chip->groups;
244
245 chip->devs.parent = pdev;
246 chip->devs.class = tpmrm_class;
247 chip->devs.release = tpm_devs_release;
248 /* get extra reference on main device to hold on
249 * behalf of devs. This holds the chip structure
250 * while cdevs is in use. The corresponding put
251 * is in the tpm_devs_release (TPM2 only)
252 */
253 if (chip->flags & TPM_CHIP_FLAG_TPM2)
254 get_device(&chip->dev);
255
256 if (chip->dev_num == 0)
257 chip->dev.devt = MKDEV(MISC_MAJOR, TPM_MINOR);
258 else
259 chip->dev.devt = MKDEV(MAJOR(tpm_devt), chip->dev_num);
260
261 chip->devs.devt =
262 MKDEV(MAJOR(tpm_devt), chip->dev_num + TPM_NUM_DEVICES);
263
264 rc = dev_set_name(&chip->dev, "tpm%d", chip->dev_num);
265 if (rc)
266 goto out;
267 rc = dev_set_name(&chip->devs, "tpmrm%d", chip->dev_num);
268 if (rc)
269 goto out;
270
271 if (!pdev)
272 chip->flags |= TPM_CHIP_FLAG_VIRTUAL;
273
274 cdev_init(&chip->cdev, &tpm_fops);
275 cdev_init(&chip->cdevs, &tpmrm_fops);
276 chip->cdev.owner = THIS_MODULE;
277 chip->cdevs.owner = THIS_MODULE;
278
279 chip->work_space.context_buf = kzalloc(PAGE_SIZE, GFP_KERNEL);
280 if (!chip->work_space.context_buf) {
281 rc = -ENOMEM;
282 goto out;
283 }
284 chip->work_space.session_buf = kzalloc(PAGE_SIZE, GFP_KERNEL);
285 if (!chip->work_space.session_buf) {
286 rc = -ENOMEM;
287 goto out;
288 }
289
290 chip->locality = -1;
291 return chip;
292
293out:
294 put_device(&chip->devs);
295 put_device(&chip->dev);
296 return ERR_PTR(rc);
297}
298EXPORT_SYMBOL_GPL(tpm_chip_alloc);
299
300/**
301 * tpmm_chip_alloc() - allocate a new struct tpm_chip instance
302 * @pdev: parent device to which the chip is associated
303 * @ops: struct tpm_class_ops instance
304 *
305 * Same as tpm_chip_alloc except devm is used to do the put_device
306 */
307struct tpm_chip *tpmm_chip_alloc(struct device *pdev,
308 const struct tpm_class_ops *ops)
309{
310 struct tpm_chip *chip;
311 int rc;
312
313 chip = tpm_chip_alloc(pdev, ops);
314 if (IS_ERR(chip))
315 return chip;
316
317 rc = devm_add_action_or_reset(pdev,
318 (void (*)(void *)) put_device,
319 &chip->dev);
320 if (rc)
321 return ERR_PTR(rc);
322
323 dev_set_drvdata(pdev, chip);
324
325 return chip;
326}
327EXPORT_SYMBOL_GPL(tpmm_chip_alloc);
328
329static int tpm_add_char_device(struct tpm_chip *chip)
330{
331 int rc;
332
333 rc = cdev_device_add(&chip->cdev, &chip->dev);
334 if (rc) {
335 dev_err(&chip->dev,
336 "unable to cdev_device_add() %s, major %d, minor %d, err=%d\n",
337 dev_name(&chip->dev), MAJOR(chip->dev.devt),
338 MINOR(chip->dev.devt), rc);
339 return rc;
340 }
341
342 if (chip->flags & TPM_CHIP_FLAG_TPM2) {
343 rc = cdev_device_add(&chip->cdevs, &chip->devs);
344 if (rc) {
345 dev_err(&chip->devs,
346 "unable to cdev_device_add() %s, major %d, minor %d, err=%d\n",
347 dev_name(&chip->devs), MAJOR(chip->devs.devt),
348 MINOR(chip->devs.devt), rc);
349 return rc;
350 }
351 }
352
353 /* Make the chip available. */
354 mutex_lock(&idr_lock);
355 idr_replace(&dev_nums_idr, chip, chip->dev_num);
356 mutex_unlock(&idr_lock);
357
358 return rc;
359}
360
361static void tpm_del_char_device(struct tpm_chip *chip)
362{
363 cdev_device_del(&chip->cdev, &chip->dev);
364
365 /* Make the chip unavailable. */
366 mutex_lock(&idr_lock);
367 idr_replace(&dev_nums_idr, NULL, chip->dev_num);
368 mutex_unlock(&idr_lock);
369
370 /* Make the driver uncallable. */
371 down_write(&chip->ops_sem);
372 if (chip->flags & TPM_CHIP_FLAG_TPM2)
373 tpm2_shutdown(chip, TPM2_SU_CLEAR);
374 chip->ops = NULL;
375 up_write(&chip->ops_sem);
376}
377
378static void tpm_del_legacy_sysfs(struct tpm_chip *chip)
379{
380 struct attribute **i;
381
382 if (chip->flags & (TPM_CHIP_FLAG_TPM2 | TPM_CHIP_FLAG_VIRTUAL))
383 return;
384
385 sysfs_remove_link(&chip->dev.parent->kobj, "ppi");
386
387 for (i = chip->groups[0]->attrs; *i != NULL; ++i)
388 sysfs_remove_link(&chip->dev.parent->kobj, (*i)->name);
389}
390
391/* For compatibility with legacy sysfs paths we provide symlinks from the
392 * parent dev directory to selected names within the tpm chip directory. Old
393 * kernel versions created these files directly under the parent.
394 */
395static int tpm_add_legacy_sysfs(struct tpm_chip *chip)
396{
397 struct attribute **i;
398 int rc;
399
400 if (chip->flags & (TPM_CHIP_FLAG_TPM2 | TPM_CHIP_FLAG_VIRTUAL))
401 return 0;
402
403 rc = __compat_only_sysfs_link_entry_to_kobj(
404 &chip->dev.parent->kobj, &chip->dev.kobj, "ppi");
405 if (rc && rc != -ENOENT)
406 return rc;
407
408 /* All the names from tpm-sysfs */
409 for (i = chip->groups[0]->attrs; *i != NULL; ++i) {
410 rc = __compat_only_sysfs_link_entry_to_kobj(
411 &chip->dev.parent->kobj, &chip->dev.kobj, (*i)->name);
412 if (rc) {
413 tpm_del_legacy_sysfs(chip);
414 return rc;
415 }
416 }
417
418 return 0;
419}
420
421static int tpm_hwrng_read(struct hwrng *rng, void *data, size_t max, bool wait)
422{
423 struct tpm_chip *chip = container_of(rng, struct tpm_chip, hwrng);
424
425 return tpm_get_random(chip, data, max);
426}
427
428static int tpm_add_hwrng(struct tpm_chip *chip)
429{
430 if (!IS_ENABLED(CONFIG_HW_RANDOM_TPM))
431 return 0;
432
433 snprintf(chip->hwrng_name, sizeof(chip->hwrng_name),
434 "tpm-rng-%d", chip->dev_num);
435 chip->hwrng.name = chip->hwrng_name;
436 chip->hwrng.read = tpm_hwrng_read;
437 return hwrng_register(&chip->hwrng);
438}
439
440/*
441 * tpm_chip_register() - create a character device for the TPM chip
442 * @chip: TPM chip to use.
443 *
444 * Creates a character device for the TPM chip and adds sysfs attributes for
445 * the device. As the last step this function adds the chip to the list of TPM
446 * chips available for in-kernel use.
447 *
448 * This function should be only called after the chip initialization is
449 * complete.
450 */
451int tpm_chip_register(struct tpm_chip *chip)
452{
453 int rc;
454
455 if (chip->ops->flags & TPM_OPS_AUTO_STARTUP) {
456 if (chip->flags & TPM_CHIP_FLAG_TPM2)
457 rc = tpm2_auto_startup(chip);
458 else
459 rc = tpm1_auto_startup(chip);
460 if (rc)
461 return rc;
462 }
463
464 tpm_sysfs_add_device(chip);
465
466 rc = tpm_bios_log_setup(chip);
467 if (rc != 0 && rc != -ENODEV)
468 return rc;
469
470 tpm_add_ppi(chip);
471
472 rc = tpm_add_hwrng(chip);
473 if (rc)
474 goto out_ppi;
475
476 rc = tpm_add_char_device(chip);
477 if (rc)
478 goto out_hwrng;
479
480 rc = tpm_add_legacy_sysfs(chip);
481 if (rc) {
482 tpm_chip_unregister(chip);
483 return rc;
484 }
485
486 return 0;
487
488out_hwrng:
489 if (IS_ENABLED(CONFIG_HW_RANDOM_TPM))
490 hwrng_unregister(&chip->hwrng);
491out_ppi:
492 tpm_bios_log_teardown(chip);
493
494 return rc;
495}
496EXPORT_SYMBOL_GPL(tpm_chip_register);
497
498/*
499 * tpm_chip_unregister() - release the TPM driver
500 * @chip: TPM chip to use.
501 *
502 * Takes the chip first away from the list of available TPM chips and then
503 * cleans up all the resources reserved by tpm_chip_register().
504 *
505 * Once this function returns the driver call backs in 'op's will not be
506 * running and will no longer start.
507 *
508 * NOTE: This function should be only called before deinitializing chip
509 * resources.
510 */
511void tpm_chip_unregister(struct tpm_chip *chip)
512{
513 tpm_del_legacy_sysfs(chip);
514 if (IS_ENABLED(CONFIG_HW_RANDOM_TPM))
515 hwrng_unregister(&chip->hwrng);
516 tpm_bios_log_teardown(chip);
517 if (chip->flags & TPM_CHIP_FLAG_TPM2)
518 cdev_device_del(&chip->cdevs, &chip->devs);
519 tpm_del_char_device(chip);
520}
521EXPORT_SYMBOL_GPL(tpm_chip_unregister);