2 * Copyright (C) 2004 IBM Corporation
5 * Leendert van Doorn <leendert@watson.ibm.com>
6 * Dave Safford <safford@watson.ibm.com>
7 * Reiner Sailer <sailer@watson.ibm.com>
8 * Kylene Hall <kjhall@us.ibm.com>
10 * Maintained by: <tpmdd_devel@lists.sourceforge.net>
12 * Device driver for TCG/TCPA TPM (trusted platform module).
13 * Specifications at www.trustedcomputinggroup.org
15 * This program is free software; you can redistribute it and/or
16 * modify it under the terms of the GNU General Public License as
17 * published by the Free Software Foundation, version 2 of the
20 * Note, the TPM chip is not interrupt driven (only polling)
21 * and can have very long timeouts (minutes!). Hence the unusual
26 #include <linux/sched.h>
27 #include <linux/poll.h>
28 #include <linux/spinlock.h>
31 #define TPM_MINOR 224 /* officially assigned */
33 #define TPM_BUFSIZE 2048
35 /* PCI configuration addresses */
36 #define PCI_GEN_PMCON_1 0xA0
37 #define PCI_GEN1_DEC 0xE4
38 #define PCI_LPC_EN 0xE6
39 #define PCI_GEN2_DEC 0xEC
41 static LIST_HEAD(tpm_chip_list);
42 static DEFINE_SPINLOCK(driver_lock);
43 static int dev_mask[32];
45 static void user_reader_timeout(unsigned long ptr)
47 struct tpm_chip *chip = (struct tpm_chip *) ptr;
49 down(&chip->buffer_mutex);
50 atomic_set(&chip->data_pending, 0);
51 memset(chip->data_buffer, 0, TPM_BUFSIZE);
52 up(&chip->buffer_mutex);
56 * Initialize the LPC bus and enable the TPM ports
58 int tpm_lpc_bus_init(struct pci_dev *pci_dev, u16 base)
63 switch (pci_dev->vendor) {
64 case PCI_VENDOR_ID_INTEL:
65 switch (pci_dev->device) {
66 case PCI_DEVICE_ID_INTEL_82801CA_12:
67 case PCI_DEVICE_ID_INTEL_82801DB_12:
71 /* init ICH (enable LPC) */
72 pci_read_config_dword(pci_dev, PCI_GEN1_DEC, &lpcenable);
73 lpcenable |= 0x20000000;
74 pci_write_config_dword(pci_dev, PCI_GEN1_DEC, lpcenable);
77 pci_read_config_dword(pci_dev, PCI_GEN1_DEC,
79 if ((lpcenable & 0x20000000) == 0) {
80 dev_err(&pci_dev->dev,
81 "cannot enable LPC\n");
86 /* initialize TPM registers */
87 pci_read_config_dword(pci_dev, PCI_GEN2_DEC, &tmp);
90 tmp = (tmp & 0xFFFF0000) | (base & 0xFFF0);
93 (tmp & 0xFFFF0000) | (base & 0xFFF0) |
96 pci_write_config_dword(pci_dev, PCI_GEN2_DEC, tmp);
99 pci_read_config_dword(pci_dev, PCI_GEN_PMCON_1,
101 tmp |= 0x00000004; /* enable CLKRUN */
102 pci_write_config_dword(pci_dev, PCI_GEN_PMCON_1,
105 tpm_write_index(0x0D, 0x55); /* unlock 4F */
106 tpm_write_index(0x0A, 0x00); /* int disable */
107 tpm_write_index(0x08, base); /* base addr lo */
108 tpm_write_index(0x09, (base & 0xFF00) >> 8); /* base addr hi */
109 tpm_write_index(0x0D, 0xAA); /* lock 4F */
111 case PCI_VENDOR_ID_AMD:
119 EXPORT_SYMBOL_GPL(tpm_lpc_bus_init);
122 * Internal kernel interface to transmit TPM commands
124 static ssize_t tpm_transmit(struct tpm_chip *chip, const char *buf,
132 native_size = (__force __be32 *) (buf + 2);
133 count = be32_to_cpu(*native_size);
137 if (count > bufsiz) {
138 dev_err(&chip->pci_dev->dev,
139 "invalid count value %x %zx \n", count, bufsiz);
143 down(&chip->tpm_mutex);
145 if ((len = chip->vendor->send(chip, (u8 *) buf, count)) < 0) {
146 dev_err(&chip->pci_dev->dev,
147 "tpm_transmit: tpm_send: error %zd\n", len);
151 stop = jiffies + 2 * 60 * HZ;
153 u8 status = inb(chip->vendor->base + 1);
154 if ((status & chip->vendor->req_complete_mask) ==
155 chip->vendor->req_complete_val) {
158 msleep(TPM_TIMEOUT); /* CHECK */
160 } while (time_before(jiffies, stop));
163 chip->vendor->cancel(chip);
164 dev_err(&chip->pci_dev->dev, "Time expired\n");
165 up(&chip->tpm_mutex);
169 len = chip->vendor->recv(chip, (u8 *) buf, bufsiz);
171 dev_err(&chip->pci_dev->dev,
172 "tpm_transmit: tpm_recv: error %zd\n", len);
173 up(&chip->tpm_mutex);
177 #define TPM_DIGEST_SIZE 20
178 #define CAP_PCR_RESULT_SIZE 18
179 static u8 cap_pcr[] = {
180 0, 193, /* TPM_TAG_RQU_COMMAND */
181 0, 0, 0, 22, /* length */
182 0, 0, 0, 101, /* TPM_ORD_GetCapability */
188 #define READ_PCR_RESULT_SIZE 30
189 static u8 pcrread[] = {
190 0, 193, /* TPM_TAG_RQU_COMMAND */
191 0, 0, 0, 14, /* length */
192 0, 0, 0, 21, /* TPM_ORD_PcrRead */
193 0, 0, 0, 0 /* PCR index */
196 static ssize_t show_pcrs(struct device *dev, struct device_attribute *attr, char *buf)
198 u8 data[READ_PCR_RESULT_SIZE];
200 int i, j, index, num_pcrs;
203 struct tpm_chip *chip =
204 pci_get_drvdata(container_of(dev, struct pci_dev, dev));
208 memcpy(data, cap_pcr, sizeof(cap_pcr));
209 if ((len = tpm_transmit(chip, data, sizeof(data)))
210 < CAP_PCR_RESULT_SIZE)
213 num_pcrs = be32_to_cpu(*((__force __be32 *) (data + 14)));
215 for (i = 0; i < num_pcrs; i++) {
216 memcpy(data, pcrread, sizeof(pcrread));
217 index = cpu_to_be32(i);
218 memcpy(data + 10, &index, 4);
219 if ((len = tpm_transmit(chip, data, sizeof(data)))
220 < READ_PCR_RESULT_SIZE)
222 str += sprintf(str, "PCR-%02d: ", i);
223 for (j = 0; j < TPM_DIGEST_SIZE; j++)
224 str += sprintf(str, "%02X ", *(data + 10 + j));
225 str += sprintf(str, "\n");
230 static DEVICE_ATTR(pcrs, S_IRUGO, show_pcrs, NULL);
232 #define READ_PUBEK_RESULT_SIZE 314
233 static u8 readpubek[] = {
234 0, 193, /* TPM_TAG_RQU_COMMAND */
235 0, 0, 0, 30, /* length */
236 0, 0, 0, 124, /* TPM_ORD_ReadPubek */
239 static ssize_t show_pubek(struct device *dev, struct device_attribute *attr, char *buf)
241 u8 data[READ_PUBEK_RESULT_SIZE];
247 struct tpm_chip *chip =
248 pci_get_drvdata(container_of(dev, struct pci_dev, dev));
252 memcpy(data, readpubek, sizeof(readpubek));
253 memset(data + sizeof(readpubek), 0, 20); /* zero nonce */
255 if ((len = tpm_transmit(chip, data, sizeof(data))) <
256 READ_PUBEK_RESULT_SIZE)
260 ignore header 10 bytes
261 algorithm 32 bits (1 == RSA )
264 parameters (RSA 12->bytes: keybit, #primes, expbit)
267 ignore checksum 20 bytes
270 native_val = (__force __be32 *) (data + 34);
274 "Algorithm: %02X %02X %02X %02X\nEncscheme: %02X %02X\n"
275 "Sigscheme: %02X %02X\nParameters: %02X %02X %02X %02X"
276 " %02X %02X %02X %02X %02X %02X %02X %02X\n"
277 "Modulus length: %d\nModulus: \n",
278 data[10], data[11], data[12], data[13], data[14],
279 data[15], data[16], data[17], data[22], data[23],
280 data[24], data[25], data[26], data[27], data[28],
281 data[29], data[30], data[31], data[32], data[33],
282 be32_to_cpu(*native_val)
285 for (i = 0; i < 256; i++) {
286 str += sprintf(str, "%02X ", data[i + 39]);
287 if ((i + 1) % 16 == 0)
288 str += sprintf(str, "\n");
293 static DEVICE_ATTR(pubek, S_IRUGO, show_pubek, NULL);
295 #define CAP_VER_RESULT_SIZE 18
296 static u8 cap_version[] = {
297 0, 193, /* TPM_TAG_RQU_COMMAND */
298 0, 0, 0, 18, /* length */
299 0, 0, 0, 101, /* TPM_ORD_GetCapability */
304 #define CAP_MANUFACTURER_RESULT_SIZE 18
305 static u8 cap_manufacturer[] = {
306 0, 193, /* TPM_TAG_RQU_COMMAND */
307 0, 0, 0, 22, /* length */
308 0, 0, 0, 101, /* TPM_ORD_GetCapability */
314 static ssize_t show_caps(struct device *dev, struct device_attribute *attr, char *buf)
316 u8 data[READ_PUBEK_RESULT_SIZE];
320 struct tpm_chip *chip =
321 pci_get_drvdata(container_of(dev, struct pci_dev, dev));
325 memcpy(data, cap_manufacturer, sizeof(cap_manufacturer));
327 if ((len = tpm_transmit(chip, data, sizeof(data))) <
328 CAP_MANUFACTURER_RESULT_SIZE)
331 str += sprintf(str, "Manufacturer: 0x%x\n",
332 be32_to_cpu(*(data + 14)));
334 memcpy(data, cap_version, sizeof(cap_version));
336 if ((len = tpm_transmit(chip, data, sizeof(data))) <
341 sprintf(str, "TCG version: %d.%d\nFirmware version: %d.%d\n",
342 (int) data[14], (int) data[15], (int) data[16],
348 static DEVICE_ATTR(caps, S_IRUGO, show_caps, NULL);
351 * Device file system interface to the TPM
353 int tpm_open(struct inode *inode, struct file *file)
355 int rc = 0, minor = iminor(inode);
356 struct tpm_chip *chip = NULL, *pos;
358 spin_lock(&driver_lock);
360 list_for_each_entry(pos, &tpm_chip_list, list) {
361 if (pos->vendor->miscdev.minor == minor) {
372 if (chip->num_opens) {
373 dev_dbg(&chip->pci_dev->dev,
374 "Another process owns this TPM\n");
380 pci_dev_get(chip->pci_dev);
382 spin_unlock(&driver_lock);
384 chip->data_buffer = kmalloc(TPM_BUFSIZE * sizeof(u8), GFP_KERNEL);
385 if (chip->data_buffer == NULL) {
387 pci_dev_put(chip->pci_dev);
391 atomic_set(&chip->data_pending, 0);
393 file->private_data = chip;
397 spin_unlock(&driver_lock);
401 EXPORT_SYMBOL_GPL(tpm_open);
403 int tpm_release(struct inode *inode, struct file *file)
405 struct tpm_chip *chip = file->private_data;
407 file->private_data = NULL;
409 spin_lock(&driver_lock);
411 spin_unlock(&driver_lock);
413 down(&chip->timer_manipulation_mutex);
414 if (timer_pending(&chip->user_read_timer))
415 del_singleshot_timer_sync(&chip->user_read_timer);
416 else if (timer_pending(&chip->device_timer))
417 del_singleshot_timer_sync(&chip->device_timer);
418 up(&chip->timer_manipulation_mutex);
420 kfree(chip->data_buffer);
421 atomic_set(&chip->data_pending, 0);
423 pci_dev_put(chip->pci_dev);
427 EXPORT_SYMBOL_GPL(tpm_release);
429 ssize_t tpm_write(struct file * file, const char __user * buf,
430 size_t size, loff_t * off)
432 struct tpm_chip *chip = file->private_data;
433 int in_size = size, out_size;
435 /* cannot perform a write until the read has cleared
436 either via tpm_read or a user_read_timer timeout */
437 while (atomic_read(&chip->data_pending) != 0)
440 down(&chip->buffer_mutex);
442 if (in_size > TPM_BUFSIZE)
443 in_size = TPM_BUFSIZE;
446 (chip->data_buffer, (void __user *) buf, in_size)) {
447 up(&chip->buffer_mutex);
451 /* atomic tpm command send and result receive */
452 out_size = tpm_transmit(chip, chip->data_buffer, TPM_BUFSIZE);
454 atomic_set(&chip->data_pending, out_size);
455 up(&chip->buffer_mutex);
457 /* Set a timeout by which the reader must come claim the result */
458 down(&chip->timer_manipulation_mutex);
459 init_timer(&chip->user_read_timer);
460 chip->user_read_timer.function = user_reader_timeout;
461 chip->user_read_timer.data = (unsigned long) chip;
462 chip->user_read_timer.expires = jiffies + (60 * HZ);
463 add_timer(&chip->user_read_timer);
464 up(&chip->timer_manipulation_mutex);
469 EXPORT_SYMBOL_GPL(tpm_write);
471 ssize_t tpm_read(struct file * file, char __user * buf,
472 size_t size, loff_t * off)
474 struct tpm_chip *chip = file->private_data;
475 int ret_size = -ENODATA;
477 if (atomic_read(&chip->data_pending) != 0) { /* Result available */
478 down(&chip->timer_manipulation_mutex);
479 del_singleshot_timer_sync(&chip->user_read_timer);
480 up(&chip->timer_manipulation_mutex);
482 down(&chip->buffer_mutex);
484 ret_size = atomic_read(&chip->data_pending);
485 atomic_set(&chip->data_pending, 0);
487 if (ret_size == 0) /* timeout just occurred */
489 else if (ret_size > 0) { /* relay data */
493 if (copy_to_user((void __user *) buf,
494 chip->data_buffer, ret_size)) {
498 up(&chip->buffer_mutex);
504 EXPORT_SYMBOL_GPL(tpm_read);
506 void __devexit tpm_remove(struct pci_dev *pci_dev)
508 struct tpm_chip *chip = pci_get_drvdata(pci_dev);
511 dev_err(&pci_dev->dev, "No device data found\n");
515 spin_lock(&driver_lock);
517 list_del(&chip->list);
519 spin_unlock(&driver_lock);
521 pci_set_drvdata(pci_dev, NULL);
522 misc_deregister(&chip->vendor->miscdev);
524 device_remove_file(&pci_dev->dev, &dev_attr_pubek);
525 device_remove_file(&pci_dev->dev, &dev_attr_pcrs);
526 device_remove_file(&pci_dev->dev, &dev_attr_caps);
528 pci_disable_device(pci_dev);
530 dev_mask[chip->dev_num / 32] &= !(1 << (chip->dev_num % 32));
534 pci_dev_put(pci_dev);
537 EXPORT_SYMBOL_GPL(tpm_remove);
539 static u8 savestate[] = {
540 0, 193, /* TPM_TAG_RQU_COMMAND */
541 0, 0, 0, 10, /* blob length (in bytes) */
542 0, 0, 0, 152 /* TPM_ORD_SaveState */
546 * We are about to suspend. Save the TPM state
547 * so that it can be restored.
549 int tpm_pm_suspend(struct pci_dev *pci_dev, pm_message_t pm_state)
551 struct tpm_chip *chip = pci_get_drvdata(pci_dev);
555 tpm_transmit(chip, savestate, sizeof(savestate));
559 EXPORT_SYMBOL_GPL(tpm_pm_suspend);
562 * Resume from a power safe. The BIOS already restored
565 int tpm_pm_resume(struct pci_dev *pci_dev)
567 struct tpm_chip *chip = pci_get_drvdata(pci_dev);
572 spin_lock(&driver_lock);
573 tpm_lpc_bus_init(pci_dev, chip->vendor->base);
574 spin_unlock(&driver_lock);
579 EXPORT_SYMBOL_GPL(tpm_pm_resume);
582 * Called from tpm_<specific>.c probe function only for devices
583 * the driver has determined it should claim. Prior to calling
584 * this function the specific probe function has called pci_enable_device
585 * upon errant exit from this function specific probe function should call
588 int tpm_register_hardware(struct pci_dev *pci_dev,
589 struct tpm_vendor_specific *entry)
592 struct tpm_chip *chip;
595 /* Driver specific per-device data */
596 chip = kmalloc(sizeof(*chip), GFP_KERNEL);
600 memset(chip, 0, sizeof(struct tpm_chip));
602 init_MUTEX(&chip->buffer_mutex);
603 init_MUTEX(&chip->tpm_mutex);
604 init_MUTEX(&chip->timer_manipulation_mutex);
605 INIT_LIST_HEAD(&chip->list);
607 chip->vendor = entry;
611 for (i = 0; i < 32; i++)
612 for (j = 0; j < 8; j++)
613 if ((dev_mask[i] & (1 << j)) == 0) {
614 chip->dev_num = i * 32 + j;
615 dev_mask[i] |= 1 << j;
616 goto dev_num_search_complete;
619 dev_num_search_complete:
620 if (chip->dev_num < 0) {
621 dev_err(&pci_dev->dev,
622 "No available tpm device numbers\n");
625 } else if (chip->dev_num == 0)
626 chip->vendor->miscdev.minor = TPM_MINOR;
628 chip->vendor->miscdev.minor = MISC_DYNAMIC_MINOR;
630 snprintf(devname, sizeof(devname), "%s%d", "tpm", chip->dev_num);
631 chip->vendor->miscdev.name = devname;
633 chip->vendor->miscdev.dev = &(pci_dev->dev);
634 chip->pci_dev = pci_dev_get(pci_dev);
636 if (misc_register(&chip->vendor->miscdev)) {
637 dev_err(&chip->pci_dev->dev,
638 "unable to misc_register %s, minor %d\n",
639 chip->vendor->miscdev.name,
640 chip->vendor->miscdev.minor);
641 pci_dev_put(pci_dev);
643 dev_mask[i] &= !(1 << j);
647 pci_set_drvdata(pci_dev, chip);
649 list_add(&chip->list, &tpm_chip_list);
651 device_create_file(&pci_dev->dev, &dev_attr_pubek);
652 device_create_file(&pci_dev->dev, &dev_attr_pcrs);
653 device_create_file(&pci_dev->dev, &dev_attr_caps);
658 EXPORT_SYMBOL_GPL(tpm_register_hardware);
660 static int __init init_tpm(void)
665 static void __exit cleanup_tpm(void)
670 module_init(init_tpm);
671 module_exit(cleanup_tpm);
673 MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)");
674 MODULE_DESCRIPTION("TPM Driver");
675 MODULE_VERSION("2.0");
676 MODULE_LICENSE("GPL");
git.openpandora.org / pandora-kernel.git / blob