linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands
@ 2018-10-19 18:22 Tomas Winkler
  2018-10-19 18:22 ` [PATCH v7 01/21] tpm: tpm_i2c_nuvoton: use correct command duration for TPM 2.x Tomas Winkler
                   ` (21 more replies)
  0 siblings, 22 replies; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:22 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

This patch series provides initial separation of tpm 1.x and tpm 2.x
commands, in foresight that the tpm 1.x chips will eventually phase out
and can be compiled out for modern systems.
 A new file is added tpm1-cmd.c that contains tpm 1.x specific commands.
In addition, tpm 1.x commands are now implemented using tpm_buf
structure and instead of tpm_cmd_t construct. The latter is now removed.

Note: my tpm 1.x HW availability is limited hence some more testing is needed.

This series also contains two trivial cleanups and addition of new
commands by TCG spec 1.36, now supported on new Intet's platforms.

V6: 1. Dropping tpm: move pcr extend code to tpm2-cmd.c and rebasing code over that change
    2. Trivial fixes in kdoc and header
V7: 1. Add backportable patch for nuvoton duration calculation
    2. Rebase durations patches over it.
    3. Fix notorious typo tmp->tpm


Tomas Winkler (21):
  tpm: tpm_i2c_nuvoton: use correct command duration for TPM 2.x
  tpm2: add new tpm2 commands according to TCG 1.36
  tpm: sort objects in the Makefile
  tpm: factor out tpm 1.x duration calculation to tpm1-cmd.c
  tpm: add tpm_calc_ordinal_duration() wrapper
  tpm: factor out tpm_get_timeouts()
  tpm: move tpm1_pcr_extend to tpm1-cmd.c
  tpm: move tpm_getcap to tpm1-cmd.c
  tpm: factor out tpm1_get_random into tpm1-cmd.c
  tpm: move tpm 1.x selftest code from tpm-interface.c tpm1-cmd.c
  tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c
  tpm: factor out tpm_startup function
  tpm: add tpm_auto_startup() into tpm-interface.c
  tpm: tpm-interface.c drop unused macros
  tpm: tpm-space.c remove unneeded semicolon
  tpm: tpm1: rewrite tpm1_get_random() using tpm_buf structure
  tpm1: implement tpm1_pcr_read_dev() using tpm_buf structure
  tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read()
  tpm1: reimplement SAVESTATE using tpm_buf
  tpm1: reimplement tpm1_continue_selftest() using tpm_buf
  tpm: use u32 instead of int for PCR index

 drivers/char/tpm/Makefile            |  16 +-
 drivers/char/tpm/st33zp24/st33zp24.c |   2 +-
 drivers/char/tpm/tpm-chip.c          |  11 +-
 drivers/char/tpm/tpm-interface.c     | 817 +++--------------------------------
 drivers/char/tpm/tpm-sysfs.c         |  52 +--
 drivers/char/tpm/tpm.h               |  97 ++---
 drivers/char/tpm/tpm1-cmd.c          | 781 +++++++++++++++++++++++++++++++++
 drivers/char/tpm/tpm2-cmd.c          | 301 +++++++------
 drivers/char/tpm/tpm2-space.c        |   2 +-
 drivers/char/tpm/tpm_i2c_nuvoton.c   |  11 +-
 drivers/char/tpm/tpm_tis_core.c      |  10 +-
 include/linux/tpm.h                  |  11 +-
 security/integrity/ima/ima_crypto.c  |   5 +-
 13 files changed, 1082 insertions(+), 1034 deletions(-)
 create mode 100644 drivers/char/tpm/tpm1-cmd.c

-- 
2.14.4


^ permalink raw reply	[flat|nested] 39+ messages in thread

* [PATCH v7 01/21] tpm: tpm_i2c_nuvoton: use correct command duration for TPM 2.x
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
@ 2018-10-19 18:22 ` Tomas Winkler
  2018-10-20  0:51   ` Jarkko Sakkinen
  2018-10-19 18:22 ` [PATCH v7 02/21] tpm2: add new tpm2 commands according to TCG 1.36 Tomas Winkler
                   ` (20 subsequent siblings)
  21 siblings, 1 reply; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:22 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler, stable

tpm_i2c_nuvoton calculated commands duration using TPM 1.x
values via tpm_calc_ordinal_duration() also for TPM 2.x chips.
Call tpm2_calc_ordinal_duration() for retrieving ordinal
duration for TPM 2.X chips.

Cc: stable@vger.kernel.org
Cc: Nayna Jain <nayna@linux.vnet.ibm.com>
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Nayna Jain <nayna@linux.ibm.com>
Tested-by: Nayna Jain <nayna@linux.ibm.com> (For TPM 2.0)
---
V7: new in the series.

 drivers/char/tpm/tpm_i2c_nuvoton.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/drivers/char/tpm/tpm_i2c_nuvoton.c b/drivers/char/tpm/tpm_i2c_nuvoton.c
index caa86b19c76d..f74f451baf6a 100644
--- a/drivers/char/tpm/tpm_i2c_nuvoton.c
+++ b/drivers/char/tpm/tpm_i2c_nuvoton.c
@@ -369,6 +369,7 @@ static int i2c_nuvoton_send(struct tpm_chip *chip, u8 *buf, size_t len)
 	struct device *dev = chip->dev.parent;
 	struct i2c_client *client = to_i2c_client(dev);
 	u32 ordinal;
+	unsigned long duration;
 	size_t count = 0;
 	int burst_count, bytes2write, retries, rc = -EIO;
 
@@ -455,10 +456,12 @@ static int i2c_nuvoton_send(struct tpm_chip *chip, u8 *buf, size_t len)
 		return rc;
 	}
 	ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
-	rc = i2c_nuvoton_wait_for_data_avail(chip,
-					     tpm_calc_ordinal_duration(chip,
-								       ordinal),
-					     &priv->read_queue);
+	if (chip->flags & TPM_CHIP_FLAG_TPM2)
+		duration = tpm2_calc_ordinal_duration(chip, ordinal);
+	else
+		duration = tpm_calc_ordinal_duration(chip, ordinal);
+
+	rc = i2c_nuvoton_wait_for_data_avail(chip, duration, &priv->read_queue);
 	if (rc) {
 		dev_err(dev, "%s() timeout command duration\n", __func__);
 		i2c_nuvoton_ready(chip);
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 02/21] tpm2: add new tpm2 commands according to TCG 1.36
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
  2018-10-19 18:22 ` [PATCH v7 01/21] tpm: tpm_i2c_nuvoton: use correct command duration for TPM 2.x Tomas Winkler
@ 2018-10-19 18:22 ` Tomas Winkler
  2018-10-20  0:53   ` Jarkko Sakkinen
  2018-10-19 18:22 ` [PATCH v7 03/21] tpm: sort objects in the Makefile Tomas Winkler
                   ` (19 subsequent siblings)
  21 siblings, 1 reply; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:22 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

1. TPM2_CC_LAST has moved from 182 to 193
2. Convert tpm2_ordinal_duration from an array into a switch statement,
   as there are not so many commands that require special duration
   relative to a number of commands, the switch statement function
   is called tpm2_ordinal_duration_index().
3. Fix kdoc comments for tpm2_calc_ordinal_duration().


Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
V2-V3: Rebase.
V4: 1. Fix kdoc
    2. Rename tpm2_ordinal_duration() to tpm2_ordinal_duration_index()
    3. Move the two functions close to each other in the file.
V5: Adjust the kdoc to the new standard.
V6: Remove redundant comma in the kdoc.
V7: Resend.

 drivers/char/tpm/tpm.h      |  41 +++++---
 drivers/char/tpm/tpm2-cmd.c | 241 +++++++++++++++++---------------------------
 2 files changed, 118 insertions(+), 164 deletions(-)

diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index f20dc8ece348..0f08518b525d 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -134,22 +134,31 @@ enum tpm2_algorithms {
 };
 
 enum tpm2_command_codes {
-	TPM2_CC_FIRST		= 0x011F,
-	TPM2_CC_CREATE_PRIMARY  = 0x0131,
-	TPM2_CC_SELF_TEST	= 0x0143,
-	TPM2_CC_STARTUP		= 0x0144,
-	TPM2_CC_SHUTDOWN	= 0x0145,
-	TPM2_CC_CREATE		= 0x0153,
-	TPM2_CC_LOAD		= 0x0157,
-	TPM2_CC_UNSEAL		= 0x015E,
-	TPM2_CC_CONTEXT_LOAD	= 0x0161,
-	TPM2_CC_CONTEXT_SAVE	= 0x0162,
-	TPM2_CC_FLUSH_CONTEXT	= 0x0165,
-	TPM2_CC_GET_CAPABILITY	= 0x017A,
-	TPM2_CC_GET_RANDOM	= 0x017B,
-	TPM2_CC_PCR_READ	= 0x017E,
-	TPM2_CC_PCR_EXTEND	= 0x0182,
-	TPM2_CC_LAST		= 0x018F,
+	TPM2_CC_FIRST		        = 0x011F,
+	TPM2_CC_HIERARCHY_CONTROL       = 0x0121,
+	TPM2_CC_HIERARCHY_CHANGE_AUTH   = 0x0129,
+	TPM2_CC_CREATE_PRIMARY          = 0x0131,
+	TPM2_CC_SEQUENCE_COMPLETE       = 0x013E,
+	TPM2_CC_SELF_TEST	        = 0x0143,
+	TPM2_CC_STARTUP		        = 0x0144,
+	TPM2_CC_SHUTDOWN	        = 0x0145,
+	TPM2_CC_NV_READ                 = 0x014E,
+	TPM2_CC_CREATE		        = 0x0153,
+	TPM2_CC_LOAD		        = 0x0157,
+	TPM2_CC_SEQUENCE_UPDATE         = 0x015C,
+	TPM2_CC_UNSEAL		        = 0x015E,
+	TPM2_CC_CONTEXT_LOAD	        = 0x0161,
+	TPM2_CC_CONTEXT_SAVE	        = 0x0162,
+	TPM2_CC_FLUSH_CONTEXT	        = 0x0165,
+	TPM2_CC_VERIFY_SIGNATURE        = 0x0177,
+	TPM2_CC_GET_CAPABILITY	        = 0x017A,
+	TPM2_CC_GET_RANDOM	        = 0x017B,
+	TPM2_CC_PCR_READ	        = 0x017E,
+	TPM2_CC_PCR_EXTEND	        = 0x0182,
+	TPM2_CC_EVENT_SEQUENCE_COMPLETE = 0x0185,
+	TPM2_CC_HASH_SEQUENCE_START     = 0x0186,
+	TPM2_CC_CREATE_LOADED           = 0x0191,
+	TPM2_CC_LAST		        = 0x0193, /* Spec 1.36 */
 };
 
 enum tpm2_permanent_handles {
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index 3acf4fd4e5a5..d26b439976bc 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -40,129 +40,100 @@ static struct tpm2_hash tpm2_hash_map[] = {
 	{HASH_ALGO_SM3_256, TPM2_ALG_SM3_256},
 };
 
-/*
- * Array with one entry per ordinal defining the maximum amount
- * of time the chip could take to return the result. The values
- * of the SHORT, MEDIUM, and LONG durations are taken from the
- * PC Client Profile (PTP) specification.
- * LONG_LONG is for commands that generates keys which empirically
- * takes longer time on some systems.
+/**
+ * tpm2_ordinal_duration_index() - returns an index to the chip duration table
+ * @ordinal: TPM command ordinal.
+ *
+ * The function returns an index to the chip duration table
+ * (enum tpm_duration), that describes the maximum amount of
+ * time the chip could take to return the result for a  particular ordinal.
+ *
+ * The values of the MEDIUM, and LONG durations are taken
+ * from the PC Client Profile (PTP) specification (750, 2000 msec)
+ *
+ * LONG_LONG is for commands that generates keys which empirically takes
+ * a longer time on some systems.
+ *
+ * Return:
+ * * TPM_MEDIUM
+ * * TPM_LONG
+ * * TPM_LONG_LONG
+ * * TPM_UNDEFINED
  */
-static const u8 tpm2_ordinal_duration[TPM2_CC_LAST - TPM2_CC_FIRST + 1] = {
-	TPM_UNDEFINED,		/* 11F */
-	TPM_UNDEFINED,		/* 120 */
-	TPM_LONG,		/* 121 */
-	TPM_UNDEFINED,		/* 122 */
-	TPM_UNDEFINED,		/* 123 */
-	TPM_UNDEFINED,		/* 124 */
-	TPM_UNDEFINED,		/* 125 */
-	TPM_UNDEFINED,		/* 126 */
-	TPM_UNDEFINED,		/* 127 */
-	TPM_UNDEFINED,		/* 128 */
-	TPM_LONG,		/* 129 */
-	TPM_UNDEFINED,		/* 12a */
-	TPM_UNDEFINED,		/* 12b */
-	TPM_UNDEFINED,		/* 12c */
-	TPM_UNDEFINED,		/* 12d */
-	TPM_UNDEFINED,		/* 12e */
-	TPM_UNDEFINED,		/* 12f */
-	TPM_UNDEFINED,		/* 130 */
-	TPM_LONG_LONG,		/* 131 */
-	TPM_UNDEFINED,		/* 132 */
-	TPM_UNDEFINED,		/* 133 */
-	TPM_UNDEFINED,		/* 134 */
-	TPM_UNDEFINED,		/* 135 */
-	TPM_UNDEFINED,		/* 136 */
-	TPM_UNDEFINED,		/* 137 */
-	TPM_UNDEFINED,		/* 138 */
-	TPM_UNDEFINED,		/* 139 */
-	TPM_UNDEFINED,		/* 13a */
-	TPM_UNDEFINED,		/* 13b */
-	TPM_UNDEFINED,		/* 13c */
-	TPM_UNDEFINED,		/* 13d */
-	TPM_MEDIUM,		/* 13e */
-	TPM_UNDEFINED,		/* 13f */
-	TPM_UNDEFINED,		/* 140 */
-	TPM_UNDEFINED,		/* 141 */
-	TPM_UNDEFINED,		/* 142 */
-	TPM_LONG,		/* 143 */
-	TPM_MEDIUM,		/* 144 */
-	TPM_UNDEFINED,		/* 145 */
-	TPM_UNDEFINED,		/* 146 */
-	TPM_UNDEFINED,		/* 147 */
-	TPM_UNDEFINED,		/* 148 */
-	TPM_UNDEFINED,		/* 149 */
-	TPM_UNDEFINED,		/* 14a */
-	TPM_UNDEFINED,		/* 14b */
-	TPM_UNDEFINED,		/* 14c */
-	TPM_UNDEFINED,		/* 14d */
-	TPM_LONG,		/* 14e */
-	TPM_UNDEFINED,		/* 14f */
-	TPM_UNDEFINED,		/* 150 */
-	TPM_UNDEFINED,		/* 151 */
-	TPM_UNDEFINED,		/* 152 */
-	TPM_LONG_LONG,		/* 153 */
-	TPM_UNDEFINED,		/* 154 */
-	TPM_UNDEFINED,		/* 155 */
-	TPM_UNDEFINED,		/* 156 */
-	TPM_UNDEFINED,		/* 157 */
-	TPM_UNDEFINED,		/* 158 */
-	TPM_UNDEFINED,		/* 159 */
-	TPM_UNDEFINED,		/* 15a */
-	TPM_UNDEFINED,		/* 15b */
-	TPM_MEDIUM,		/* 15c */
-	TPM_UNDEFINED,		/* 15d */
-	TPM_UNDEFINED,		/* 15e */
-	TPM_UNDEFINED,		/* 15f */
-	TPM_UNDEFINED,		/* 160 */
-	TPM_UNDEFINED,		/* 161 */
-	TPM_UNDEFINED,		/* 162 */
-	TPM_UNDEFINED,		/* 163 */
-	TPM_UNDEFINED,		/* 164 */
-	TPM_UNDEFINED,		/* 165 */
-	TPM_UNDEFINED,		/* 166 */
-	TPM_UNDEFINED,		/* 167 */
-	TPM_UNDEFINED,		/* 168 */
-	TPM_UNDEFINED,		/* 169 */
-	TPM_UNDEFINED,		/* 16a */
-	TPM_UNDEFINED,		/* 16b */
-	TPM_UNDEFINED,		/* 16c */
-	TPM_UNDEFINED,		/* 16d */
-	TPM_UNDEFINED,		/* 16e */
-	TPM_UNDEFINED,		/* 16f */
-	TPM_UNDEFINED,		/* 170 */
-	TPM_UNDEFINED,		/* 171 */
-	TPM_UNDEFINED,		/* 172 */
-	TPM_UNDEFINED,		/* 173 */
-	TPM_UNDEFINED,		/* 174 */
-	TPM_UNDEFINED,		/* 175 */
-	TPM_UNDEFINED,		/* 176 */
-	TPM_LONG,		/* 177 */
-	TPM_UNDEFINED,		/* 178 */
-	TPM_UNDEFINED,		/* 179 */
-	TPM_MEDIUM,		/* 17a */
-	TPM_LONG,		/* 17b */
-	TPM_UNDEFINED,		/* 17c */
-	TPM_UNDEFINED,		/* 17d */
-	TPM_UNDEFINED,		/* 17e */
-	TPM_UNDEFINED,		/* 17f */
-	TPM_UNDEFINED,		/* 180 */
-	TPM_UNDEFINED,		/* 181 */
-	TPM_MEDIUM,		/* 182 */
-	TPM_UNDEFINED,		/* 183 */
-	TPM_UNDEFINED,		/* 184 */
-	TPM_MEDIUM,		/* 185 */
-	TPM_MEDIUM,		/* 186 */
-	TPM_UNDEFINED,		/* 187 */
-	TPM_UNDEFINED,		/* 188 */
-	TPM_UNDEFINED,		/* 189 */
-	TPM_UNDEFINED,		/* 18a */
-	TPM_UNDEFINED,		/* 18b */
-	TPM_UNDEFINED,		/* 18c */
-	TPM_UNDEFINED,		/* 18d */
-	TPM_UNDEFINED,		/* 18e */
-	TPM_UNDEFINED		/* 18f */
-};
+static u8 tpm2_ordinal_duration_index(u32 ordinal)
+{
+	switch (ordinal) {
+	/* Startup */
+	case TPM2_CC_STARTUP:                 /* 144 */
+		return TPM_MEDIUM;
+
+	case TPM2_CC_SELF_TEST:               /* 143 */
+		return TPM_LONG;
+
+	case TPM2_CC_GET_RANDOM:              /* 17B */
+		return TPM_LONG;
+
+	case TPM2_CC_SEQUENCE_UPDATE:         /* 15C */
+		return TPM_MEDIUM;
+	case TPM2_CC_SEQUENCE_COMPLETE:       /* 13E */
+		return TPM_MEDIUM;
+	case TPM2_CC_EVENT_SEQUENCE_COMPLETE: /* 185 */
+		return TPM_MEDIUM;
+	case TPM2_CC_HASH_SEQUENCE_START:     /* 186 */
+		return TPM_MEDIUM;
+
+	case TPM2_CC_VERIFY_SIGNATURE:        /* 177 */
+		return TPM_LONG;
+
+	case TPM2_CC_PCR_EXTEND:              /* 182 */
+		return TPM_MEDIUM;
+
+	case TPM2_CC_HIERARCHY_CONTROL:       /* 121 */
+		return TPM_LONG;
+	case TPM2_CC_HIERARCHY_CHANGE_AUTH:   /* 129 */
+		return TPM_LONG;
+
+	case TPM2_CC_GET_CAPABILITY:          /* 17A */
+		return TPM_MEDIUM;
+
+	case TPM2_CC_NV_READ:                 /* 14E */
+		return TPM_LONG;
+
+	case TPM2_CC_CREATE_PRIMARY:          /* 131 */
+		return TPM_LONG_LONG;
+	case TPM2_CC_CREATE:                  /* 153 */
+		return TPM_LONG_LONG;
+	case TPM2_CC_CREATE_LOADED:           /* 191 */
+		return TPM_LONG_LONG;
+
+	default:
+		return TPM_UNDEFINED;
+	}
+}
+
+/**
+ * tpm2_calc_ordinal_duration() - calculate the maximum command duration
+ * @chip:    TPM chip to use.
+ * @ordinal: TPM command ordinal.
+ *
+ * The function returns the maximum amount of time the chip could take
+ * to return the result for a particular ordinal in jiffies.
+ *
+ * Return: A maximal duration time for an ordinal in jiffies.
+ */
+unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
+{
+	unsigned int index;
+
+	index = tpm2_ordinal_duration_index(ordinal);
+
+	if (index != TPM_UNDEFINED)
+		return chip->duration[index];
+	else
+		return msecs_to_jiffies(TPM2_DURATION_DEFAULT);
+}
+EXPORT_SYMBOL_GPL(tpm2_calc_ordinal_duration);
+
 
 struct tpm2_pcr_read_out {
 	__be32	update_cnt;
@@ -748,32 +719,6 @@ void tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type)
 	tpm_buf_destroy(&buf);
 }
 
-/*
- * tpm2_calc_ordinal_duration() - maximum duration for a command
- *
- * @chip:	TPM chip to use.
- * @ordinal:	command code number.
- *
- * Return: maximum duration for a command
- */
-unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
-{
-	int index = TPM_UNDEFINED;
-	int duration = 0;
-
-	if (ordinal >= TPM2_CC_FIRST && ordinal <= TPM2_CC_LAST)
-		index = tpm2_ordinal_duration[ordinal - TPM2_CC_FIRST];
-
-	if (index != TPM_UNDEFINED)
-		duration = chip->duration[index];
-
-	if (duration <= 0)
-		duration = msecs_to_jiffies(TPM2_DURATION_DEFAULT);
-
-	return duration;
-}
-EXPORT_SYMBOL_GPL(tpm2_calc_ordinal_duration);
-
 /**
  * tpm2_do_selftest() - ensure that all self tests have passed
  *
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 03/21] tpm: sort objects in the Makefile
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
  2018-10-19 18:22 ` [PATCH v7 01/21] tpm: tpm_i2c_nuvoton: use correct command duration for TPM 2.x Tomas Winkler
  2018-10-19 18:22 ` [PATCH v7 02/21] tpm2: add new tpm2 commands according to TCG 1.36 Tomas Winkler
@ 2018-10-19 18:22 ` Tomas Winkler
  2018-10-19 18:22 ` [PATCH v7 04/21] tpm: factor out tpm 1.x duration calculation to tpm1-cmd.c Tomas Winkler
                   ` (18 subsequent siblings)
  21 siblings, 0 replies; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:22 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

Make the tpm Makefile a bit more in order by putting
objects in one column.

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
V2: 1. back to tpm-y notation
    2. Partially sort files alphanumerically.
V3: Rebase
V4: Remove redunant sentence in commit message.
V5-7: Resend

 drivers/char/tpm/Makefile | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/drivers/char/tpm/Makefile b/drivers/char/tpm/Makefile
index 4e9c33ca1f8f..efc785053627 100644
--- a/drivers/char/tpm/Makefile
+++ b/drivers/char/tpm/Makefile
@@ -3,9 +3,18 @@
 # Makefile for the kernel tpm device drivers.
 #
 obj-$(CONFIG_TCG_TPM) += tpm.o
-tpm-y := tpm-interface.o tpm-dev.o tpm-sysfs.o tpm-chip.o tpm2-cmd.o \
-	 tpm-dev-common.o tpmrm-dev.o eventlog/common.o eventlog/tpm1.o \
-	 eventlog/tpm2.o tpm2-space.o
+tpm-y := tpm-chip.o
+tpm-y += tpm-dev-common.o
+tpm-y += tpm-dev.o
+tpm-y += tpm-interface.o
+tpm-y += tpm2-cmd.o
+tpm-y += tpmrm-dev.o
+tpm-y += tpm2-space.o
+tpm-y += tpm-sysfs.o
+tpm-y += eventlog/common.o
+tpm-y += eventlog/tpm1.o
+tpm-y += eventlog/tpm2.o
+
 tpm-$(CONFIG_ACPI) += tpm_ppi.o eventlog/acpi.o
 tpm-$(CONFIG_EFI) += eventlog/efi.o
 tpm-$(CONFIG_OF) += eventlog/of.o
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 04/21] tpm: factor out tpm 1.x duration calculation to tpm1-cmd.c
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (2 preceding siblings ...)
  2018-10-19 18:22 ` [PATCH v7 03/21] tpm: sort objects in the Makefile Tomas Winkler
@ 2018-10-19 18:22 ` Tomas Winkler
  2018-10-20  0:56   ` Jarkko Sakkinen
  2018-10-19 18:22 ` [PATCH v7 05/21] tpm: add tpm_calc_ordinal_duration() wrapper Tomas Winkler
                   ` (17 subsequent siblings)
  21 siblings, 1 reply; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:22 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

Factor out TPM 1.x commands calculation into tpm1-cmd.c file.
and change the prefix from tpm_ to tpm1_.
No functional change is done here.

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
V2-V3: Rebase
V4: 1. Remove the licence statement it's already covered by SPDX.
    2. Add kdoc to tpm1_calc_ordinal_duration().
V5: Adjust the kdoc to the new standard.
V6: Resend.
V7: Rebase over nuvoton patch

 drivers/char/tpm/Makefile            |   1 +
 drivers/char/tpm/st33zp24/st33zp24.c |   2 +-
 drivers/char/tpm/tpm-interface.c     | 284 +-------------------------------
 drivers/char/tpm/tpm.h               |   2 +-
 drivers/char/tpm/tpm1-cmd.c          | 310 +++++++++++++++++++++++++++++++++++
 drivers/char/tpm/tpm_i2c_nuvoton.c   |   5 +-
 drivers/char/tpm/tpm_tis_core.c      |   2 +-
 drivers/char/tpm/xen-tpmfront.c      |   2 +-
 8 files changed, 320 insertions(+), 288 deletions(-)
 create mode 100644 drivers/char/tpm/tpm1-cmd.c

diff --git a/drivers/char/tpm/Makefile b/drivers/char/tpm/Makefile
index efc785053627..a01c4cab902a 100644
--- a/drivers/char/tpm/Makefile
+++ b/drivers/char/tpm/Makefile
@@ -7,6 +7,7 @@ tpm-y := tpm-chip.o
 tpm-y += tpm-dev-common.o
 tpm-y += tpm-dev.o
 tpm-y += tpm-interface.o
+tpm-y += tpm1-cmd.o
 tpm-y += tpm2-cmd.o
 tpm-y += tpmrm-dev.o
 tpm-y += tpm2-space.o
diff --git a/drivers/char/tpm/st33zp24/st33zp24.c b/drivers/char/tpm/st33zp24/st33zp24.c
index abd675bec88c..16be974955ea 100644
--- a/drivers/char/tpm/st33zp24/st33zp24.c
+++ b/drivers/char/tpm/st33zp24/st33zp24.c
@@ -430,7 +430,7 @@ static int st33zp24_send(struct tpm_chip *chip, unsigned char *buf,
 		ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
 
 		ret = wait_for_stat(chip, TPM_STS_DATA_AVAIL | TPM_STS_VALID,
-				tpm_calc_ordinal_duration(chip, ordinal),
+				tpm1_calc_ordinal_duration(chip, ordinal),
 				&tpm_dev->read_queue, false);
 		if (ret < 0)
 			goto out_err;
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 95db630dd722..21c6ed2a6bc1 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -33,7 +33,6 @@
 
 #include "tpm.h"
 
-#define TPM_MAX_ORDINAL 243
 #define TSC_MAX_ORDINAL 12
 #define TPM_PROTECTED_COMMAND 0x00
 #define TPM_CONNECTION_COMMAND 0x40
@@ -48,285 +47,6 @@ module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644);
 MODULE_PARM_DESC(suspend_pcr,
 		 "PCR to use for dummy writes to facilitate flush on suspend.");
 
-/*
- * Array with one entry per ordinal defining the maximum amount
- * of time the chip could take to return the result.  The ordinal
- * designation of short, medium or long is defined in a table in
- * TCG Specification TPM Main Part 2 TPM Structures Section 17. The
- * values of the SHORT, MEDIUM, and LONG durations are retrieved
- * from the chip during initialization with a call to tpm_get_timeouts.
- */
-static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = {
-	TPM_UNDEFINED,		/* 0 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,		/* 5 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_SHORT,		/* 10 */
-	TPM_SHORT,
-	TPM_MEDIUM,
-	TPM_LONG,
-	TPM_LONG,
-	TPM_MEDIUM,		/* 15 */
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_MEDIUM,
-	TPM_LONG,
-	TPM_SHORT,		/* 20 */
-	TPM_SHORT,
-	TPM_MEDIUM,
-	TPM_MEDIUM,
-	TPM_MEDIUM,
-	TPM_SHORT,		/* 25 */
-	TPM_SHORT,
-	TPM_MEDIUM,
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_MEDIUM,		/* 30 */
-	TPM_LONG,
-	TPM_MEDIUM,
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_SHORT,		/* 35 */
-	TPM_MEDIUM,
-	TPM_MEDIUM,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_MEDIUM,		/* 40 */
-	TPM_LONG,
-	TPM_MEDIUM,
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_SHORT,		/* 45 */
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_LONG,
-	TPM_MEDIUM,		/* 50 */
-	TPM_MEDIUM,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,		/* 55 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_MEDIUM,		/* 60 */
-	TPM_MEDIUM,
-	TPM_MEDIUM,
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_MEDIUM,		/* 65 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_SHORT,		/* 70 */
-	TPM_SHORT,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,		/* 75 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_LONG,		/* 80 */
-	TPM_UNDEFINED,
-	TPM_MEDIUM,
-	TPM_LONG,
-	TPM_SHORT,
-	TPM_UNDEFINED,		/* 85 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_SHORT,		/* 90 */
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_UNDEFINED,		/* 95 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_MEDIUM,		/* 100 */
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,		/* 105 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_SHORT,		/* 110 */
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_SHORT,		/* 115 */
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_LONG,		/* 120 */
-	TPM_LONG,
-	TPM_MEDIUM,
-	TPM_UNDEFINED,
-	TPM_SHORT,
-	TPM_SHORT,		/* 125 */
-	TPM_SHORT,
-	TPM_LONG,
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_SHORT,		/* 130 */
-	TPM_MEDIUM,
-	TPM_UNDEFINED,
-	TPM_SHORT,
-	TPM_MEDIUM,
-	TPM_UNDEFINED,		/* 135 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_SHORT,		/* 140 */
-	TPM_SHORT,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,		/* 145 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_SHORT,		/* 150 */
-	TPM_MEDIUM,
-	TPM_MEDIUM,
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_UNDEFINED,		/* 155 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_SHORT,		/* 160 */
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,		/* 165 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_LONG,		/* 170 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,		/* 175 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_MEDIUM,		/* 180 */
-	TPM_SHORT,
-	TPM_MEDIUM,
-	TPM_MEDIUM,
-	TPM_MEDIUM,
-	TPM_MEDIUM,		/* 185 */
-	TPM_SHORT,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,		/* 190 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,		/* 195 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_SHORT,		/* 200 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_SHORT,
-	TPM_SHORT,		/* 205 */
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_MEDIUM,		/* 210 */
-	TPM_UNDEFINED,
-	TPM_MEDIUM,
-	TPM_MEDIUM,
-	TPM_MEDIUM,
-	TPM_UNDEFINED,		/* 215 */
-	TPM_MEDIUM,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_SHORT,
-	TPM_SHORT,		/* 220 */
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_SHORT,
-	TPM_UNDEFINED,		/* 225 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_SHORT,		/* 230 */
-	TPM_LONG,
-	TPM_MEDIUM,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,		/* 235 */
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_UNDEFINED,
-	TPM_SHORT,		/* 240 */
-	TPM_UNDEFINED,
-	TPM_MEDIUM,
-};
-
-/*
- * Returns max number of jiffies to wait
- */
-unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip,
-					   u32 ordinal)
-{
-	int duration_idx = TPM_UNDEFINED;
-	int duration = 0;
-
-	/*
-	 * We only have a duration table for protected commands, where the upper
-	 * 16 bits are 0. For the few other ordinals the fallback will be used.
-	 */
-	if (ordinal < TPM_MAX_ORDINAL)
-		duration_idx = tpm_ordinal_duration[ordinal];
-
-	if (duration_idx != TPM_UNDEFINED)
-		duration = chip->duration[duration_idx];
-	if (duration <= 0)
-		return 2 * 60 * HZ;
-	else
-		return duration;
-}
-EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration);
-
 static int tpm_validate_command(struct tpm_chip *chip,
 				 struct tpm_space *space,
 				 const u8 *cmd,
@@ -505,7 +225,7 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip,
 	if (chip->flags & TPM_CHIP_FLAG_TPM2)
 		stop = jiffies + tpm2_calc_ordinal_duration(chip, ordinal);
 	else
-		stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal);
+		stop = jiffies + tpm1_calc_ordinal_duration(chip, ordinal);
 	do {
 		u8 status = chip->ops->status(chip);
 		if ((status & chip->ops->req_complete_mask) ==
@@ -1087,7 +807,7 @@ int tpm_do_selftest(struct tpm_chip *chip)
 	unsigned long duration;
 	u8 dummy[TPM_DIGEST_SIZE];
 
-	duration = tpm_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST);
+	duration = tpm1_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST);
 
 	loops = jiffies_to_msecs(duration) / delay_msec;
 
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 0f08518b525d..c59d2c20c339 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -546,7 +546,7 @@ ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
 int tpm_get_timeouts(struct tpm_chip *);
 int tpm1_auto_startup(struct tpm_chip *chip);
 int tpm_do_selftest(struct tpm_chip *chip);
-unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
+unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
 int tpm_pm_suspend(struct device *dev);
 int tpm_pm_resume(struct device *dev);
 
diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
new file mode 100644
index 000000000000..991260134659
--- /dev/null
+++ b/drivers/char/tpm/tpm1-cmd.c
@@ -0,0 +1,310 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) 2004 IBM Corporation
+ * Copyright (C) 2014 Intel Corporation
+ *
+ * Authors:
+ * Leendert van Doorn <leendert@watson.ibm.com>
+ * Dave Safford <safford@watson.ibm.com>
+ * Reiner Sailer <sailer@watson.ibm.com>
+ * Kylene Hall <kjhall@us.ibm.com>
+ *
+ * Device driver for TCG/TCPA TPM (trusted platform module).
+ * Specifications at www.trustedcomputinggroup.org
+ */
+
+#include <linux/poll.h>
+#include <linux/slab.h>
+#include <linux/mutex.h>
+#include <linux/spinlock.h>
+#include <linux/freezer.h>
+#include <linux/tpm_eventlog.h>
+
+#include "tpm.h"
+
+#define TPM_MAX_ORDINAL 243
+
+/*
+ * Array with one entry per ordinal defining the maximum amount
+ * of time the chip could take to return the result.  The ordinal
+ * designation of short, medium or long is defined in a table in
+ * TCG Specification TPM Main Part 2 TPM Structures Section 17. The
+ * values of the SHORT, MEDIUM, and LONG durations are retrieved
+ * from the chip during initialization with a call to tpm_get_timeouts.
+ */
+static const u8 tpm1_ordinal_duration[TPM_MAX_ORDINAL] = {
+	TPM_UNDEFINED,		/* 0 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 5 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 10 */
+	TPM_SHORT,
+	TPM_MEDIUM,
+	TPM_LONG,
+	TPM_LONG,
+	TPM_MEDIUM,		/* 15 */
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_MEDIUM,
+	TPM_LONG,
+	TPM_SHORT,		/* 20 */
+	TPM_SHORT,
+	TPM_MEDIUM,
+	TPM_MEDIUM,
+	TPM_MEDIUM,
+	TPM_SHORT,		/* 25 */
+	TPM_SHORT,
+	TPM_MEDIUM,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_MEDIUM,		/* 30 */
+	TPM_LONG,
+	TPM_MEDIUM,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,		/* 35 */
+	TPM_MEDIUM,
+	TPM_MEDIUM,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_MEDIUM,		/* 40 */
+	TPM_LONG,
+	TPM_MEDIUM,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,		/* 45 */
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_LONG,
+	TPM_MEDIUM,		/* 50 */
+	TPM_MEDIUM,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 55 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_MEDIUM,		/* 60 */
+	TPM_MEDIUM,
+	TPM_MEDIUM,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_MEDIUM,		/* 65 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 70 */
+	TPM_SHORT,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 75 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_LONG,		/* 80 */
+	TPM_UNDEFINED,
+	TPM_MEDIUM,
+	TPM_LONG,
+	TPM_SHORT,
+	TPM_UNDEFINED,		/* 85 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 90 */
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_UNDEFINED,		/* 95 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_MEDIUM,		/* 100 */
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 105 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 110 */
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,		/* 115 */
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_LONG,		/* 120 */
+	TPM_LONG,
+	TPM_MEDIUM,
+	TPM_UNDEFINED,
+	TPM_SHORT,
+	TPM_SHORT,		/* 125 */
+	TPM_SHORT,
+	TPM_LONG,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,		/* 130 */
+	TPM_MEDIUM,
+	TPM_UNDEFINED,
+	TPM_SHORT,
+	TPM_MEDIUM,
+	TPM_UNDEFINED,		/* 135 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 140 */
+	TPM_SHORT,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 145 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 150 */
+	TPM_MEDIUM,
+	TPM_MEDIUM,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_UNDEFINED,		/* 155 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 160 */
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 165 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_LONG,		/* 170 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 175 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_MEDIUM,		/* 180 */
+	TPM_SHORT,
+	TPM_MEDIUM,
+	TPM_MEDIUM,
+	TPM_MEDIUM,
+	TPM_MEDIUM,		/* 185 */
+	TPM_SHORT,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 190 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 195 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 200 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,
+	TPM_SHORT,		/* 205 */
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_MEDIUM,		/* 210 */
+	TPM_UNDEFINED,
+	TPM_MEDIUM,
+	TPM_MEDIUM,
+	TPM_MEDIUM,
+	TPM_UNDEFINED,		/* 215 */
+	TPM_MEDIUM,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,
+	TPM_SHORT,		/* 220 */
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_SHORT,
+	TPM_UNDEFINED,		/* 225 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 230 */
+	TPM_LONG,
+	TPM_MEDIUM,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,		/* 235 */
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_UNDEFINED,
+	TPM_SHORT,		/* 240 */
+	TPM_UNDEFINED,
+	TPM_MEDIUM,
+};
+
+/**
+ * tpm1_calc_ordinal_duration() - calculate the maximum command duration
+ * @chip:    TPM chip to use.
+ * @ordinal: TPM command ordinal.
+ *
+ * The function returns the maximum amount of time the chip could take
+ * to return the result for a particular ordinal in jiffies.
+ *
+ * Return: A maximal duration time for an ordinal in jiffies.
+ */
+unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
+{
+	int duration_idx = TPM_UNDEFINED;
+	int duration = 0;
+
+	/*
+	 * We only have a duration table for protected commands, where the upper
+	 * 16 bits are 0. For the few other ordinals the fallback will be used.
+	 */
+	if (ordinal < TPM_MAX_ORDINAL)
+		duration_idx = tpm1_ordinal_duration[ordinal];
+
+	if (duration_idx != TPM_UNDEFINED)
+		duration = chip->duration[duration_idx];
+	if (duration <= 0)
+		return 2 * 60 * HZ;
+	else
+		return duration;
+}
+EXPORT_SYMBOL_GPL(tpm1_calc_ordinal_duration);
diff --git a/drivers/char/tpm/tpm_i2c_nuvoton.c b/drivers/char/tpm/tpm_i2c_nuvoton.c
index f74f451baf6a..ad76482ee387 100644
--- a/drivers/char/tpm/tpm_i2c_nuvoton.c
+++ b/drivers/char/tpm/tpm_i2c_nuvoton.c
@@ -459,11 +459,12 @@ static int i2c_nuvoton_send(struct tpm_chip *chip, u8 *buf, size_t len)
 	if (chip->flags & TPM_CHIP_FLAG_TPM2)
 		duration = tpm2_calc_ordinal_duration(chip, ordinal);
 	else
-		duration = tpm_calc_ordinal_duration(chip, ordinal);
+		duration = tpm1_calc_ordinal_duration(chip, ordinal);
 
 	rc = i2c_nuvoton_wait_for_data_avail(chip, duration, &priv->read_queue);
 	if (rc) {
-		dev_err(dev, "%s() timeout command duration\n", __func__);
+		dev_err(dev, "%s() timeout command duration %ld\n",
+			__func__, duration);
 		i2c_nuvoton_ready(chip);
 		return rc;
 	}
diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c
index d2345d9fd7b5..14c332104de4 100644
--- a/drivers/char/tpm/tpm_tis_core.c
+++ b/drivers/char/tpm/tpm_tis_core.c
@@ -476,7 +476,7 @@ static int tpm_tis_send_main(struct tpm_chip *chip, const u8 *buf, size_t len)
 		if (chip->flags & TPM_CHIP_FLAG_TPM2)
 			dur = tpm2_calc_ordinal_duration(chip, ordinal);
 		else
-			dur = tpm_calc_ordinal_duration(chip, ordinal);
+			dur = tpm1_calc_ordinal_duration(chip, ordinal);
 
 		if (wait_for_tpm_stat
 		    (chip, TPM_STS_DATA_AVAIL | TPM_STS_VALID, dur,
diff --git a/drivers/char/tpm/xen-tpmfront.c b/drivers/char/tpm/xen-tpmfront.c
index b150f87f38f5..77097229bf49 100644
--- a/drivers/char/tpm/xen-tpmfront.c
+++ b/drivers/char/tpm/xen-tpmfront.c
@@ -164,7 +164,7 @@ static int vtpm_send(struct tpm_chip *chip, u8 *buf, size_t count)
 	notify_remote_via_evtchn(priv->evtchn);
 
 	ordinal = be32_to_cpu(((struct tpm_input_header*)buf)->ordinal);
-	duration = tpm_calc_ordinal_duration(chip, ordinal);
+	duration = tpm1_calc_ordinal_duration(chip, ordinal);
 
 	if (wait_for_tpm_stat(chip, VTPM_STATUS_IDLE, duration,
 			&priv->read_queue, true) < 0) {
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 05/21] tpm: add tpm_calc_ordinal_duration() wrapper
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (3 preceding siblings ...)
  2018-10-19 18:22 ` [PATCH v7 04/21] tpm: factor out tpm 1.x duration calculation to tpm1-cmd.c Tomas Winkler
@ 2018-10-19 18:22 ` Tomas Winkler
  2018-10-19 18:22 ` [PATCH v7 06/21] tpm: factor out tpm_get_timeouts() Tomas Winkler
                   ` (16 subsequent siblings)
  21 siblings, 0 replies; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:22 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

Add convenient wrapper for ordinal duration computation
to remove boiler plate if else statement over TPM2.

if (chip->flags & TPM_CHIP_FLAG_TPM2)
	tpm2_calc_ordinal_duration(chip, ordinal);
else
	tpm1_calc_ordinal_duration(chip, ordinal);

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---

V2-V3: Rebase.
V4: Add Kdoc.
V5: Adjust the kdoc to the new standard.
V6: Resend.
V7: Rebase over nuvoton patch.

 drivers/char/tpm/st33zp24/st33zp24.c |  2 +-
 drivers/char/tpm/tpm-interface.c     | 24 ++++++++++++++++++++----
 drivers/char/tpm/tpm.h               |  1 +
 drivers/char/tpm/tpm1-cmd.c          |  1 -
 drivers/char/tpm/tpm2-cmd.c          |  1 -
 drivers/char/tpm/tpm_i2c_nuvoton.c   |  5 +----
 drivers/char/tpm/tpm_tis_core.c      |  6 +-----
 drivers/char/tpm/xen-tpmfront.c      |  2 +-
 8 files changed, 25 insertions(+), 17 deletions(-)

diff --git a/drivers/char/tpm/st33zp24/st33zp24.c b/drivers/char/tpm/st33zp24/st33zp24.c
index 16be974955ea..abd675bec88c 100644
--- a/drivers/char/tpm/st33zp24/st33zp24.c
+++ b/drivers/char/tpm/st33zp24/st33zp24.c
@@ -430,7 +430,7 @@ static int st33zp24_send(struct tpm_chip *chip, unsigned char *buf,
 		ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
 
 		ret = wait_for_stat(chip, TPM_STS_DATA_AVAIL | TPM_STS_VALID,
-				tpm1_calc_ordinal_duration(chip, ordinal),
+				tpm_calc_ordinal_duration(chip, ordinal),
 				&tpm_dev->read_queue, false);
 		if (ret < 0)
 			goto out_err;
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 21c6ed2a6bc1..ca09f84bfb27 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -47,6 +47,25 @@ module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644);
 MODULE_PARM_DESC(suspend_pcr,
 		 "PCR to use for dummy writes to facilitate flush on suspend.");
 
+/**
+ * tpm_calc_ordinal_duration() - calculate the maximum command duration
+ * @chip:    TPM chip to use.
+ * @ordinal: TPM command ordinal.
+ *
+ * The function returns the maximum amount of time the chip could take
+ * to return the result for a particular ordinal in jiffies.
+ *
+ * Return: A maximal duration time for an ordinal in jiffies.
+ */
+unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
+{
+	if (chip->flags & TPM_CHIP_FLAG_TPM2)
+		return tpm2_calc_ordinal_duration(chip, ordinal);
+	else
+		return tpm1_calc_ordinal_duration(chip, ordinal);
+}
+EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration);
+
 static int tpm_validate_command(struct tpm_chip *chip,
 				 struct tpm_space *space,
 				 const u8 *cmd,
@@ -222,10 +241,7 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip,
 	if (chip->flags & TPM_CHIP_FLAG_IRQ)
 		goto out_recv;
 
-	if (chip->flags & TPM_CHIP_FLAG_TPM2)
-		stop = jiffies + tpm2_calc_ordinal_duration(chip, ordinal);
-	else
-		stop = jiffies + tpm1_calc_ordinal_duration(chip, ordinal);
+	stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal);
 	do {
 		u8 status = chip->ops->status(chip);
 		if ((status & chip->ops->req_complete_mask) ==
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index c59d2c20c339..73511cd89bef 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -547,6 +547,7 @@ int tpm_get_timeouts(struct tpm_chip *);
 int tpm1_auto_startup(struct tpm_chip *chip);
 int tpm_do_selftest(struct tpm_chip *chip);
 unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
+unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
 int tpm_pm_suspend(struct device *dev);
 int tpm_pm_resume(struct device *dev);
 
diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
index 991260134659..dfbe9c60cbcf 100644
--- a/drivers/char/tpm/tpm1-cmd.c
+++ b/drivers/char/tpm/tpm1-cmd.c
@@ -307,4 +307,3 @@ unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
 	else
 		return duration;
 }
-EXPORT_SYMBOL_GPL(tpm1_calc_ordinal_duration);
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index d26b439976bc..3eef5565286d 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -132,7 +132,6 @@ unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
 	else
 		return msecs_to_jiffies(TPM2_DURATION_DEFAULT);
 }
-EXPORT_SYMBOL_GPL(tpm2_calc_ordinal_duration);
 
 
 struct tpm2_pcr_read_out {
diff --git a/drivers/char/tpm/tpm_i2c_nuvoton.c b/drivers/char/tpm/tpm_i2c_nuvoton.c
index ad76482ee387..217f7f1cbde8 100644
--- a/drivers/char/tpm/tpm_i2c_nuvoton.c
+++ b/drivers/char/tpm/tpm_i2c_nuvoton.c
@@ -456,10 +456,7 @@ static int i2c_nuvoton_send(struct tpm_chip *chip, u8 *buf, size_t len)
 		return rc;
 	}
 	ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
-	if (chip->flags & TPM_CHIP_FLAG_TPM2)
-		duration = tpm2_calc_ordinal_duration(chip, ordinal);
-	else
-		duration = tpm1_calc_ordinal_duration(chip, ordinal);
+	duration = tpm_calc_ordinal_duration(chip, ordinal);
 
 	rc = i2c_nuvoton_wait_for_data_avail(chip, duration, &priv->read_queue);
 	if (rc) {
diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c
index 14c332104de4..f9e73d0f9386 100644
--- a/drivers/char/tpm/tpm_tis_core.c
+++ b/drivers/char/tpm/tpm_tis_core.c
@@ -473,11 +473,7 @@ static int tpm_tis_send_main(struct tpm_chip *chip, const u8 *buf, size_t len)
 	if (chip->flags & TPM_CHIP_FLAG_IRQ) {
 		ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
 
-		if (chip->flags & TPM_CHIP_FLAG_TPM2)
-			dur = tpm2_calc_ordinal_duration(chip, ordinal);
-		else
-			dur = tpm1_calc_ordinal_duration(chip, ordinal);
-
+		dur = tpm_calc_ordinal_duration(chip, ordinal);
 		if (wait_for_tpm_stat
 		    (chip, TPM_STS_DATA_AVAIL | TPM_STS_VALID, dur,
 		     &priv->read_queue, false) < 0) {
diff --git a/drivers/char/tpm/xen-tpmfront.c b/drivers/char/tpm/xen-tpmfront.c
index 77097229bf49..b150f87f38f5 100644
--- a/drivers/char/tpm/xen-tpmfront.c
+++ b/drivers/char/tpm/xen-tpmfront.c
@@ -164,7 +164,7 @@ static int vtpm_send(struct tpm_chip *chip, u8 *buf, size_t count)
 	notify_remote_via_evtchn(priv->evtchn);
 
 	ordinal = be32_to_cpu(((struct tpm_input_header*)buf)->ordinal);
-	duration = tpm1_calc_ordinal_duration(chip, ordinal);
+	duration = tpm_calc_ordinal_duration(chip, ordinal);
 
 	if (wait_for_tpm_stat(chip, VTPM_STATUS_IDLE, duration,
 			&priv->read_queue, true) < 0) {
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 06/21] tpm: factor out tpm_get_timeouts()
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (4 preceding siblings ...)
  2018-10-19 18:22 ` [PATCH v7 05/21] tpm: add tpm_calc_ordinal_duration() wrapper Tomas Winkler
@ 2018-10-19 18:22 ` Tomas Winkler
  2018-10-19 18:22 ` [PATCH v7 07/21] tpm: move tpm1_pcr_extend to tpm1-cmd.c Tomas Winkler
                   ` (15 subsequent siblings)
  21 siblings, 0 replies; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:22 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

Factor out tpm_get_timeouts() into tpm2_get_timeouts()
and tpm1_get_timeouts()


Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
V2-V3: Rebase
V4: Fix the commit message.
V5: Resend.
V6: Remove tpm1_auto_startup() declaration.
V7: Resend.

 drivers/char/tpm/tpm-interface.c | 127 ++-------------------------------------
 drivers/char/tpm/tpm.h           |   3 +
 drivers/char/tpm/tpm1-cmd.c      | 106 ++++++++++++++++++++++++++++++++
 drivers/char/tpm/tpm2-cmd.c      |  22 +++++++
 4 files changed, 135 insertions(+), 123 deletions(-)

diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index ca09f84bfb27..20f5c15584e4 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -503,132 +503,13 @@ EXPORT_SYMBOL_GPL(tpm_getcap);
 
 int tpm_get_timeouts(struct tpm_chip *chip)
 {
-	cap_t cap;
-	unsigned long timeout_old[4], timeout_chip[4], timeout_eff[4];
-	ssize_t rc;
-
 	if (chip->flags & TPM_CHIP_FLAG_HAVE_TIMEOUTS)
 		return 0;
 
-	if (chip->flags & TPM_CHIP_FLAG_TPM2) {
-		/* Fixed timeouts for TPM2 */
-		chip->timeout_a = msecs_to_jiffies(TPM2_TIMEOUT_A);
-		chip->timeout_b = msecs_to_jiffies(TPM2_TIMEOUT_B);
-		chip->timeout_c = msecs_to_jiffies(TPM2_TIMEOUT_C);
-		chip->timeout_d = msecs_to_jiffies(TPM2_TIMEOUT_D);
-		chip->duration[TPM_SHORT] =
-		    msecs_to_jiffies(TPM2_DURATION_SHORT);
-		chip->duration[TPM_MEDIUM] =
-		    msecs_to_jiffies(TPM2_DURATION_MEDIUM);
-		chip->duration[TPM_LONG] =
-		    msecs_to_jiffies(TPM2_DURATION_LONG);
-		chip->duration[TPM_LONG_LONG] =
-		    msecs_to_jiffies(TPM2_DURATION_LONG_LONG);
-
-		chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS;
-		return 0;
-	}
-
-	rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL,
-			sizeof(cap.timeout));
-	if (rc == TPM_ERR_INVALID_POSTINIT) {
-		if (tpm_startup(chip))
-			return rc;
-
-		rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap,
-				"attempting to determine the timeouts",
-				sizeof(cap.timeout));
-	}
-
-	if (rc) {
-		dev_err(&chip->dev,
-			"A TPM error (%zd) occurred attempting to determine the timeouts\n",
-			rc);
-		return rc;
-	}
-
-	timeout_old[0] = jiffies_to_usecs(chip->timeout_a);
-	timeout_old[1] = jiffies_to_usecs(chip->timeout_b);
-	timeout_old[2] = jiffies_to_usecs(chip->timeout_c);
-	timeout_old[3] = jiffies_to_usecs(chip->timeout_d);
-	timeout_chip[0] = be32_to_cpu(cap.timeout.a);
-	timeout_chip[1] = be32_to_cpu(cap.timeout.b);
-	timeout_chip[2] = be32_to_cpu(cap.timeout.c);
-	timeout_chip[3] = be32_to_cpu(cap.timeout.d);
-	memcpy(timeout_eff, timeout_chip, sizeof(timeout_eff));
-
-	/*
-	 * Provide ability for vendor overrides of timeout values in case
-	 * of misreporting.
-	 */
-	if (chip->ops->update_timeouts != NULL)
-		chip->timeout_adjusted =
-			chip->ops->update_timeouts(chip, timeout_eff);
-
-	if (!chip->timeout_adjusted) {
-		/* Restore default if chip reported 0 */
-		int i;
-
-		for (i = 0; i < ARRAY_SIZE(timeout_eff); i++) {
-			if (timeout_eff[i])
-				continue;
-
-			timeout_eff[i] = timeout_old[i];
-			chip->timeout_adjusted = true;
-		}
-
-		if (timeout_eff[0] != 0 && timeout_eff[0] < 1000) {
-			/* timeouts in msec rather usec */
-			for (i = 0; i != ARRAY_SIZE(timeout_eff); i++)
-				timeout_eff[i] *= 1000;
-			chip->timeout_adjusted = true;
-		}
-	}
-
-	/* Report adjusted timeouts */
-	if (chip->timeout_adjusted) {
-		dev_info(&chip->dev,
-			 HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n",
-			 timeout_chip[0], timeout_eff[0],
-			 timeout_chip[1], timeout_eff[1],
-			 timeout_chip[2], timeout_eff[2],
-			 timeout_chip[3], timeout_eff[3]);
-	}
-
-	chip->timeout_a = usecs_to_jiffies(timeout_eff[0]);
-	chip->timeout_b = usecs_to_jiffies(timeout_eff[1]);
-	chip->timeout_c = usecs_to_jiffies(timeout_eff[2]);
-	chip->timeout_d = usecs_to_jiffies(timeout_eff[3]);
-
-	rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_DURATION, &cap,
-			"attempting to determine the durations",
-			sizeof(cap.duration));
-	if (rc)
-		return rc;
-
-	chip->duration[TPM_SHORT] =
-		usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_short));
-	chip->duration[TPM_MEDIUM] =
-		usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_medium));
-	chip->duration[TPM_LONG] =
-		usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_long));
-	chip->duration[TPM_LONG_LONG] = 0; /* not used under 1.2 */
-
-	/* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above
-	 * value wrong and apparently reports msecs rather than usecs. So we
-	 * fix up the resulting too-small TPM_SHORT value to make things work.
-	 * We also scale the TPM_MEDIUM and -_LONG values by 1000.
-	 */
-	if (chip->duration[TPM_SHORT] < (HZ / 100)) {
-		chip->duration[TPM_SHORT] = HZ;
-		chip->duration[TPM_MEDIUM] *= 1000;
-		chip->duration[TPM_LONG] *= 1000;
-		chip->duration_adjusted = true;
-		dev_info(&chip->dev, "Adjusting TPM timeout parameters.");
-	}
-
-	chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS;
-	return 0;
+	if (chip->flags & TPM_CHIP_FLAG_TPM2)
+		return tpm2_get_timeouts(chip);
+	else
+		return tpm1_get_timeouts(chip);
 }
 EXPORT_SYMBOL_GPL(tpm_get_timeouts);
 
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 73511cd89bef..4ea51bbdbfae 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -546,6 +546,8 @@ ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
 int tpm_get_timeouts(struct tpm_chip *);
 int tpm1_auto_startup(struct tpm_chip *chip);
 int tpm_do_selftest(struct tpm_chip *chip);
+
+int tpm1_get_timeouts(struct tpm_chip *chip);
 unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
 unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
 int tpm_pm_suspend(struct device *dev);
@@ -585,6 +587,7 @@ static inline u32 tpm2_rc_value(u32 rc)
 	return (rc & BIT(7)) ? rc & 0xff : rc;
 }
 
+int tpm2_get_timeouts(struct tpm_chip *chip);
 int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
 int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
 		    struct tpm2_digest *digests);
diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
index dfbe9c60cbcf..978946748ea3 100644
--- a/drivers/char/tpm/tpm1-cmd.c
+++ b/drivers/char/tpm/tpm1-cmd.c
@@ -307,3 +307,109 @@ unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
 	else
 		return duration;
 }
+
+int tpm1_get_timeouts(struct tpm_chip *chip)
+{
+	cap_t cap;
+	unsigned long timeout_old[4], timeout_chip[4], timeout_eff[4];
+	ssize_t rc;
+
+	rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL,
+			sizeof(cap.timeout));
+	if (rc == TPM_ERR_INVALID_POSTINIT) {
+		if (tpm_startup(chip))
+			return rc;
+
+		rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap,
+				"attempting to determine the timeouts",
+				sizeof(cap.timeout));
+	}
+
+	if (rc) {
+		dev_err(&chip->dev, "A TPM error (%zd) occurred attempting to determine the timeouts\n",
+			rc);
+		return rc;
+	}
+
+	timeout_old[0] = jiffies_to_usecs(chip->timeout_a);
+	timeout_old[1] = jiffies_to_usecs(chip->timeout_b);
+	timeout_old[2] = jiffies_to_usecs(chip->timeout_c);
+	timeout_old[3] = jiffies_to_usecs(chip->timeout_d);
+	timeout_chip[0] = be32_to_cpu(cap.timeout.a);
+	timeout_chip[1] = be32_to_cpu(cap.timeout.b);
+	timeout_chip[2] = be32_to_cpu(cap.timeout.c);
+	timeout_chip[3] = be32_to_cpu(cap.timeout.d);
+	memcpy(timeout_eff, timeout_chip, sizeof(timeout_eff));
+
+	/*
+	 * Provide ability for vendor overrides of timeout values in case
+	 * of misreporting.
+	 */
+	if (chip->ops->update_timeouts)
+		chip->timeout_adjusted =
+			chip->ops->update_timeouts(chip, timeout_eff);
+
+	if (!chip->timeout_adjusted) {
+		/* Restore default if chip reported 0 */
+		unsigned int i;
+
+		for (i = 0; i < ARRAY_SIZE(timeout_eff); i++) {
+			if (timeout_eff[i])
+				continue;
+
+			timeout_eff[i] = timeout_old[i];
+			chip->timeout_adjusted = true;
+		}
+
+		if (timeout_eff[0] != 0 && timeout_eff[0] < 1000) {
+			/* timeouts in msec rather usec */
+			for (i = 0; i != ARRAY_SIZE(timeout_eff); i++)
+				timeout_eff[i] *= 1000;
+			chip->timeout_adjusted = true;
+		}
+	}
+
+	/* Report adjusted timeouts */
+	if (chip->timeout_adjusted) {
+		dev_info(&chip->dev, HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n",
+			 timeout_chip[0], timeout_eff[0],
+			 timeout_chip[1], timeout_eff[1],
+			 timeout_chip[2], timeout_eff[2],
+			 timeout_chip[3], timeout_eff[3]);
+	}
+
+	chip->timeout_a = usecs_to_jiffies(timeout_eff[0]);
+	chip->timeout_b = usecs_to_jiffies(timeout_eff[1]);
+	chip->timeout_c = usecs_to_jiffies(timeout_eff[2]);
+	chip->timeout_d = usecs_to_jiffies(timeout_eff[3]);
+
+	rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_DURATION, &cap,
+			"attempting to determine the durations",
+			sizeof(cap.duration));
+	if (rc)
+		return rc;
+
+	chip->duration[TPM_SHORT] =
+		usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_short));
+	chip->duration[TPM_MEDIUM] =
+		usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_medium));
+	chip->duration[TPM_LONG] =
+		usecs_to_jiffies(be32_to_cpu(cap.duration.tpm_long));
+	chip->duration[TPM_LONG_LONG] = 0; /* not used under 1.2 */
+
+	/* The Broadcom BCM0102 chipset in a Dell Latitude D820 gets the above
+	 * value wrong and apparently reports msecs rather than usecs. So we
+	 * fix up the resulting too-small TPM_SHORT value to make things work.
+	 * We also scale the TPM_MEDIUM and -_LONG values by 1000.
+	 */
+	if (chip->duration[TPM_SHORT] < (HZ / 100)) {
+		chip->duration[TPM_SHORT] = HZ;
+		chip->duration[TPM_MEDIUM] *= 1000;
+		chip->duration[TPM_LONG] *= 1000;
+		chip->duration_adjusted = true;
+		dev_info(&chip->dev, "Adjusting TPM timeout parameters.");
+	}
+
+	chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS;
+	return 0;
+}
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index 3eef5565286d..dd2e98f4de08 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -40,6 +40,28 @@ static struct tpm2_hash tpm2_hash_map[] = {
 	{HASH_ALGO_SM3_256, TPM2_ALG_SM3_256},
 };
 
+int tpm2_get_timeouts(struct tpm_chip *chip)
+{
+	/* Fixed timeouts for TPM2 */
+	chip->timeout_a = msecs_to_jiffies(TPM2_TIMEOUT_A);
+	chip->timeout_b = msecs_to_jiffies(TPM2_TIMEOUT_B);
+	chip->timeout_c = msecs_to_jiffies(TPM2_TIMEOUT_C);
+	chip->timeout_d = msecs_to_jiffies(TPM2_TIMEOUT_D);
+
+	/* PTP spec timeouts */
+	chip->duration[TPM_SHORT] = msecs_to_jiffies(TPM2_DURATION_SHORT);
+	chip->duration[TPM_MEDIUM] = msecs_to_jiffies(TPM2_DURATION_MEDIUM);
+	chip->duration[TPM_LONG] = msecs_to_jiffies(TPM2_DURATION_LONG);
+
+	/* Key creation commands long timeouts */
+	chip->duration[TPM_LONG_LONG] =
+		msecs_to_jiffies(TPM2_DURATION_LONG_LONG);
+
+	chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS;
+
+	return 0;
+}
+
 /**
  * tpm2_ordinal_duration_index() - returns an index to the chip duration table
  * @ordinal: TPM command ordinal.
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 07/21] tpm: move tpm1_pcr_extend to tpm1-cmd.c
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (5 preceding siblings ...)
  2018-10-19 18:22 ` [PATCH v7 06/21] tpm: factor out tpm_get_timeouts() Tomas Winkler
@ 2018-10-19 18:22 ` Tomas Winkler
  2018-10-19 18:22 ` [PATCH v7 08/21] tpm: move tpm_getcap " Tomas Winkler
                   ` (14 subsequent siblings)
  21 siblings, 0 replies; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:22 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

Move tpm1_pcr_extend to tpm1-cmd.c and remove
unused pcrextend_header structure and
EXTEND_PCR_RESULT_SIZE and EXTEND_PCR_RESULT_BODY_SIZE
defines.

Fixes warning:
drivers/char/tpm/tpm-interface.c:609:38: warning: ‘pcrextend_header’ defined but not used [-Wunused-const-variable=]
 static const struct tpm_input_header pcrextend_header = {
                                      ^~~~~~~~~~~~~~~~

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Nayna Jain <nayna@linux.ibm.com>
Tested-by: Nayna Jain <nayna@linux.ibm.com>
---
V2-V3: Rebase
V4: Remove defines.
V5: Resend
V6: Add Tested-by:
V7: Resend.

 drivers/char/tpm/tpm-interface.c | 28 ----------------------------
 drivers/char/tpm/tpm.h           |  2 ++
 drivers/char/tpm/tpm1-cmd.c      | 21 +++++++++++++++++++++
 3 files changed, 23 insertions(+), 28 deletions(-)

diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 20f5c15584e4..177795b408ff 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -615,34 +615,6 @@ int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
 }
 EXPORT_SYMBOL_GPL(tpm_pcr_read);
 
-#define TPM_ORD_PCR_EXTEND 20
-#define EXTEND_PCR_RESULT_SIZE 34
-#define EXTEND_PCR_RESULT_BODY_SIZE 20
-static const struct tpm_input_header pcrextend_header = {
-	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
-	.length = cpu_to_be32(34),
-	.ordinal = cpu_to_be32(TPM_ORD_PCR_EXTEND)
-};
-
-static int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
-			   char *log_msg)
-{
-	struct tpm_buf buf;
-	int rc;
-
-	rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCR_EXTEND);
-	if (rc)
-		return rc;
-
-	tpm_buf_append_u32(&buf, pcr_idx);
-	tpm_buf_append(&buf, hash, TPM_DIGEST_SIZE);
-
-	rc = tpm_transmit_cmd(chip, NULL, buf.data, EXTEND_PCR_RESULT_SIZE,
-			      EXTEND_PCR_RESULT_BODY_SIZE, 0, log_msg);
-	tpm_buf_destroy(&buf);
-	return rc;
-}
-
 /**
  * tpm_pcr_extend - extend a PCR value in SHA1 bank.
  * @chip:	a &struct tpm_chip instance, %NULL for the default chip
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 4ea51bbdbfae..221b6dcd15a1 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -549,6 +549,8 @@ int tpm_do_selftest(struct tpm_chip *chip);
 
 int tpm1_get_timeouts(struct tpm_chip *chip);
 unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
+int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
+		    const char *log_msg);
 unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
 int tpm_pm_suspend(struct device *dev);
 int tpm_pm_resume(struct device *dev);
diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
index 978946748ea3..ec242397e6dc 100644
--- a/drivers/char/tpm/tpm1-cmd.c
+++ b/drivers/char/tpm/tpm1-cmd.c
@@ -413,3 +413,24 @@ int tpm1_get_timeouts(struct tpm_chip *chip)
 	chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS;
 	return 0;
 }
+
+#define TPM_ORD_PCR_EXTEND 20
+int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
+		    const char *log_msg)
+{
+	struct tpm_buf buf;
+	int rc;
+
+	rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCR_EXTEND);
+	if (rc)
+		return rc;
+
+	tpm_buf_append_u32(&buf, pcr_idx);
+	tpm_buf_append(&buf, hash, TPM_DIGEST_SIZE);
+
+	rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE,
+			      TPM_DIGEST_SIZE, 0, log_msg);
+
+	tpm_buf_destroy(&buf);
+	return rc;
+}
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 08/21] tpm: move tpm_getcap to tpm1-cmd.c
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (6 preceding siblings ...)
  2018-10-19 18:22 ` [PATCH v7 07/21] tpm: move tpm1_pcr_extend to tpm1-cmd.c Tomas Winkler
@ 2018-10-19 18:22 ` Tomas Winkler
  2018-10-19 18:22 ` [PATCH v7 09/21] tpm: factor out tpm1_get_random into tpm1-cmd.c Tomas Winkler
                   ` (13 subsequent siblings)
  21 siblings, 0 replies; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:22 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

1. Move tpm_getcap to tpm1-cmd. Rename the function to tpm1_getcap.
2. Remove unused tpm_getcap_header with unused constant
as this functionality is already implemented using tpm_buf construct.

Fixes warning:
drivers/char/tpm/tpm-interface.c:452:38: warning: ‘tpm_getcap_header’ defined but not used [-Wunused-const-variable=]
 static const struct tpm_input_header tpm_getcap_header = {
                                      ^~~~~~~~~~~~~~~~~
3. Drop unused TPM_DIGEST_SIZE. It's already defined in
include/linux/tpm.h

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
V2-V3: Rebase
V4-V7: Resend

 drivers/char/tpm/tpm-interface.c | 47 +-----------------------------------
 drivers/char/tpm/tpm-sysfs.c     | 48 ++++++++++++++++++-------------------
 drivers/char/tpm/tpm.h           |  4 ++--
 drivers/char/tpm/tpm1-cmd.c      | 51 +++++++++++++++++++++++++++++++++-------
 drivers/char/tpm/tpm_tis_core.c  |  2 +-
 5 files changed, 71 insertions(+), 81 deletions(-)

diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 177795b408ff..486e211b03a0 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -455,52 +455,6 @@ int tpm_startup(struct tpm_chip *chip)
 	return rc;
 }
 
-#define TPM_DIGEST_SIZE 20
-#define TPM_RET_CODE_IDX 6
-#define TPM_INTERNAL_RESULT_SIZE 200
-#define TPM_ORD_GET_CAP 101
-#define TPM_ORD_GET_RANDOM 70
-
-static const struct tpm_input_header tpm_getcap_header = {
-	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
-	.length = cpu_to_be32(22),
-	.ordinal = cpu_to_be32(TPM_ORD_GET_CAP)
-};
-
-ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
-		   const char *desc, size_t min_cap_length)
-{
-	struct tpm_buf buf;
-	int rc;
-
-	rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_CAP);
-	if (rc)
-		return rc;
-
-	if (subcap_id == TPM_CAP_VERSION_1_1 ||
-	    subcap_id == TPM_CAP_VERSION_1_2) {
-		tpm_buf_append_u32(&buf, subcap_id);
-		tpm_buf_append_u32(&buf, 0);
-	} else {
-		if (subcap_id == TPM_CAP_FLAG_PERM ||
-		    subcap_id == TPM_CAP_FLAG_VOL)
-			tpm_buf_append_u32(&buf, TPM_CAP_FLAG);
-		else
-			tpm_buf_append_u32(&buf, TPM_CAP_PROP);
-
-		tpm_buf_append_u32(&buf, 4);
-		tpm_buf_append_u32(&buf, subcap_id);
-	}
-	rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE,
-			      min_cap_length, 0, desc);
-	if (!rc)
-		*cap = *(cap_t *)&buf.data[TPM_HEADER_SIZE + 4];
-
-	tpm_buf_destroy(&buf);
-	return rc;
-}
-EXPORT_SYMBOL_GPL(tpm_getcap);
-
 int tpm_get_timeouts(struct tpm_chip *chip)
 {
 	if (chip->flags & TPM_CHIP_FLAG_HAVE_TIMEOUTS)
@@ -858,6 +812,7 @@ int tpm_pm_resume(struct device *dev)
 }
 EXPORT_SYMBOL_GPL(tpm_pm_resume);
 
+#define TPM_ORD_GET_RANDOM 70
 #define TPM_GETRANDOM_RESULT_SIZE	18
 static const struct tpm_input_header tpm_getrandom_header = {
 	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
index 83a77a445538..008515314ae3 100644
--- a/drivers/char/tpm/tpm-sysfs.c
+++ b/drivers/char/tpm/tpm-sysfs.c
@@ -106,9 +106,9 @@ static ssize_t pcrs_show(struct device *dev, struct device_attribute *attr,
 	char *str = buf;
 	struct tpm_chip *chip = to_tpm_chip(dev);
 
-	rc = tpm_getcap(chip, TPM_CAP_PROP_PCR, &cap,
-			"attempting to determine the number of PCRS",
-			sizeof(cap.num_pcrs));
+	rc = tpm1_getcap(chip, TPM_CAP_PROP_PCR, &cap,
+			 "attempting to determine the number of PCRS",
+			 sizeof(cap.num_pcrs));
 	if (rc)
 		return 0;
 
@@ -132,9 +132,9 @@ static ssize_t enabled_show(struct device *dev, struct device_attribute *attr,
 	cap_t cap;
 	ssize_t rc;
 
-	rc = tpm_getcap(to_tpm_chip(dev), TPM_CAP_FLAG_PERM, &cap,
-			"attempting to determine the permanent enabled state",
-			sizeof(cap.perm_flags));
+	rc = tpm1_getcap(to_tpm_chip(dev), TPM_CAP_FLAG_PERM, &cap,
+			 "attempting to determine the permanent enabled state",
+			 sizeof(cap.perm_flags));
 	if (rc)
 		return 0;
 
@@ -149,9 +149,9 @@ static ssize_t active_show(struct device *dev, struct device_attribute *attr,
 	cap_t cap;
 	ssize_t rc;
 
-	rc = tpm_getcap(to_tpm_chip(dev), TPM_CAP_FLAG_PERM, &cap,
-			"attempting to determine the permanent active state",
-			sizeof(cap.perm_flags));
+	rc = tpm1_getcap(to_tpm_chip(dev), TPM_CAP_FLAG_PERM, &cap,
+			 "attempting to determine the permanent active state",
+			 sizeof(cap.perm_flags));
 	if (rc)
 		return 0;
 
@@ -166,9 +166,9 @@ static ssize_t owned_show(struct device *dev, struct device_attribute *attr,
 	cap_t cap;
 	ssize_t rc;
 
-	rc = tpm_getcap(to_tpm_chip(dev), TPM_CAP_PROP_OWNER, &cap,
-			"attempting to determine the owner state",
-			sizeof(cap.owned));
+	rc = tpm1_getcap(to_tpm_chip(dev), TPM_CAP_PROP_OWNER, &cap,
+			 "attempting to determine the owner state",
+			 sizeof(cap.owned));
 	if (rc)
 		return 0;
 
@@ -183,9 +183,9 @@ static ssize_t temp_deactivated_show(struct device *dev,
 	cap_t cap;
 	ssize_t rc;
 
-	rc = tpm_getcap(to_tpm_chip(dev), TPM_CAP_FLAG_VOL, &cap,
-			"attempting to determine the temporary state",
-			sizeof(cap.stclear_flags));
+	rc = tpm1_getcap(to_tpm_chip(dev), TPM_CAP_FLAG_VOL, &cap,
+			 "attempting to determine the temporary state",
+			 sizeof(cap.stclear_flags));
 	if (rc)
 		return 0;
 
@@ -202,18 +202,18 @@ static ssize_t caps_show(struct device *dev, struct device_attribute *attr,
 	ssize_t rc;
 	char *str = buf;
 
-	rc = tpm_getcap(chip, TPM_CAP_PROP_MANUFACTURER, &cap,
-			"attempting to determine the manufacturer",
-			sizeof(cap.manufacturer_id));
+	rc = tpm1_getcap(chip, TPM_CAP_PROP_MANUFACTURER, &cap,
+			 "attempting to determine the manufacturer",
+			 sizeof(cap.manufacturer_id));
 	if (rc)
 		return 0;
 	str += sprintf(str, "Manufacturer: 0x%x\n",
 		       be32_to_cpu(cap.manufacturer_id));
 
 	/* Try to get a TPM version 1.2 TPM_CAP_VERSION_INFO */
-	rc = tpm_getcap(chip, TPM_CAP_VERSION_1_2, &cap,
-			"attempting to determine the 1.2 version",
-			sizeof(cap.tpm_version_1_2));
+	rc = tpm1_getcap(chip, TPM_CAP_VERSION_1_2, &cap,
+			 "attempting to determine the 1.2 version",
+			 sizeof(cap.tpm_version_1_2));
 	if (!rc) {
 		str += sprintf(str,
 			       "TCG version: %d.%d\nFirmware version: %d.%d\n",
@@ -223,9 +223,9 @@ static ssize_t caps_show(struct device *dev, struct device_attribute *attr,
 			       cap.tpm_version_1_2.revMinor);
 	} else {
 		/* Otherwise just use TPM_STRUCT_VER */
-		rc = tpm_getcap(chip, TPM_CAP_VERSION_1_1, &cap,
-				"attempting to determine the 1.1 version",
-				sizeof(cap.tpm_version));
+		rc = tpm1_getcap(chip, TPM_CAP_VERSION_1_1, &cap,
+				 "attempting to determine the 1.1 version",
+				 sizeof(cap.tpm_version));
 		if (rc)
 			return 0;
 		str += sprintf(str,
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 221b6dcd15a1..05c386b3ab12 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -541,8 +541,6 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space,
 			 size_t min_rsp_body_length, unsigned int flags,
 			 const char *desc);
 int tpm_startup(struct tpm_chip *chip);
-ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
-		   const char *desc, size_t min_cap_length);
 int tpm_get_timeouts(struct tpm_chip *);
 int tpm1_auto_startup(struct tpm_chip *chip);
 int tpm_do_selftest(struct tpm_chip *chip);
@@ -551,6 +549,8 @@ int tpm1_get_timeouts(struct tpm_chip *chip);
 unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
 int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
 		    const char *log_msg);
+ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
+		    const char *desc, size_t min_cap_length);
 unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
 int tpm_pm_suspend(struct device *dev);
 int tpm_pm_resume(struct device *dev);
diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
index ec242397e6dc..3bd079587ef5 100644
--- a/drivers/char/tpm/tpm1-cmd.c
+++ b/drivers/char/tpm/tpm1-cmd.c
@@ -314,15 +314,15 @@ int tpm1_get_timeouts(struct tpm_chip *chip)
 	unsigned long timeout_old[4], timeout_chip[4], timeout_eff[4];
 	ssize_t rc;
 
-	rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL,
-			sizeof(cap.timeout));
+	rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL,
+			 sizeof(cap.timeout));
 	if (rc == TPM_ERR_INVALID_POSTINIT) {
 		if (tpm_startup(chip))
 			return rc;
 
-		rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap,
-				"attempting to determine the timeouts",
-				sizeof(cap.timeout));
+		rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap,
+				 "attempting to determine the timeouts",
+				 sizeof(cap.timeout));
 	}
 
 	if (rc) {
@@ -383,9 +383,9 @@ int tpm1_get_timeouts(struct tpm_chip *chip)
 	chip->timeout_c = usecs_to_jiffies(timeout_eff[2]);
 	chip->timeout_d = usecs_to_jiffies(timeout_eff[3]);
 
-	rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_DURATION, &cap,
-			"attempting to determine the durations",
-			sizeof(cap.duration));
+	rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_DURATION, &cap,
+			 "attempting to determine the durations",
+			  sizeof(cap.duration));
 	if (rc)
 		return rc;
 
@@ -434,3 +434,38 @@ int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
 	tpm_buf_destroy(&buf);
 	return rc;
 }
+
+#define TPM_ORD_GET_CAP 101
+ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
+		    const char *desc, size_t min_cap_length)
+{
+	struct tpm_buf buf;
+	int rc;
+
+	rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_CAP);
+	if (rc)
+		return rc;
+
+	if (subcap_id == TPM_CAP_VERSION_1_1 ||
+	    subcap_id == TPM_CAP_VERSION_1_2) {
+		tpm_buf_append_u32(&buf, subcap_id);
+		tpm_buf_append_u32(&buf, 0);
+	} else {
+		if (subcap_id == TPM_CAP_FLAG_PERM ||
+		    subcap_id == TPM_CAP_FLAG_VOL)
+			tpm_buf_append_u32(&buf, TPM_CAP_FLAG);
+		else
+			tpm_buf_append_u32(&buf, TPM_CAP_PROP);
+
+		tpm_buf_append_u32(&buf, 4);
+		tpm_buf_append_u32(&buf, subcap_id);
+	}
+	rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE,
+			      min_cap_length, 0, desc);
+	if (!rc)
+		*cap = *(cap_t *)&buf.data[TPM_HEADER_SIZE + 4];
+
+	tpm_buf_destroy(&buf);
+	return rc;
+}
+EXPORT_SYMBOL_GPL(tpm1_getcap);
diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c
index f9e73d0f9386..ced01ec146b5 100644
--- a/drivers/char/tpm/tpm_tis_core.c
+++ b/drivers/char/tpm/tpm_tis_core.c
@@ -664,7 +664,7 @@ static int tpm_tis_gen_interrupt(struct tpm_chip *chip)
 	if (chip->flags & TPM_CHIP_FLAG_TPM2)
 		return tpm2_get_tpm_pt(chip, 0x100, &cap2, desc);
 	else
-		return tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, desc,
+		return tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, desc,
 				  0);
 }
 
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 09/21] tpm: factor out tpm1_get_random into tpm1-cmd.c
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (7 preceding siblings ...)
  2018-10-19 18:22 ` [PATCH v7 08/21] tpm: move tpm_getcap " Tomas Winkler
@ 2018-10-19 18:22 ` Tomas Winkler
  2018-10-20  0:58   ` Jarkko Sakkinen
  2018-10-23 18:42   ` Jarkko Sakkinen
  2018-10-19 18:22 ` [PATCH v7 10/21] tpm: move tpm 1.x selftest code from tpm-interface.c tpm1-cmd.c Tomas Winkler
                   ` (12 subsequent siblings)
  21 siblings, 2 replies; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:22 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

Factor out get random implementation from tpm-interface.c
into tpm1_get_random function in tpm1-cmd.c.
No functional changes.

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkine <jarkko.sakkinen@linux.intel.com>
---
V2-V3: Rebase
V4-V7: Resend

 drivers/char/tpm/tpm-interface.c | 58 +++++-----------------------------------
 drivers/char/tpm/tpm.h           |  1 +
 drivers/char/tpm/tpm1-cmd.c      | 55 +++++++++++++++++++++++++++++++++++++
 3 files changed, 63 insertions(+), 51 deletions(-)

diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 486e211b03a0..a72bf6ea8f05 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -812,14 +812,6 @@ int tpm_pm_resume(struct device *dev)
 }
 EXPORT_SYMBOL_GPL(tpm_pm_resume);
 
-#define TPM_ORD_GET_RANDOM 70
-#define TPM_GETRANDOM_RESULT_SIZE	18
-static const struct tpm_input_header tpm_getrandom_header = {
-	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
-	.length = cpu_to_be32(14),
-	.ordinal = cpu_to_be32(TPM_ORD_GET_RANDOM)
-};
-
 /**
  * tpm_get_random() - get random bytes from the TPM's RNG
  * @chip:	a &struct tpm_chip instance, %NULL for the default chip
@@ -830,58 +822,22 @@ static const struct tpm_input_header tpm_getrandom_header = {
  */
 int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max)
 {
-	struct tpm_cmd_t tpm_cmd;
-	u32 recd, num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA), rlength;
-	int err, total = 0, retries = 5;
-	u8 *dest = out;
+	int rc;
 
-	if (!out || !num_bytes || max > TPM_MAX_RNG_DATA)
+	if (!out || max > TPM_MAX_RNG_DATA)
 		return -EINVAL;
 
 	chip = tpm_find_get_ops(chip);
 	if (!chip)
 		return -ENODEV;
 
-	if (chip->flags & TPM_CHIP_FLAG_TPM2) {
-		err = tpm2_get_random(chip, out, max);
-		tpm_put_ops(chip);
-		return err;
-	}
-
-	do {
-		tpm_cmd.header.in = tpm_getrandom_header;
-		tpm_cmd.params.getrandom_in.num_bytes = cpu_to_be32(num_bytes);
-
-		err = tpm_transmit_cmd(chip, NULL, &tpm_cmd,
-				       TPM_GETRANDOM_RESULT_SIZE + num_bytes,
-				       offsetof(struct tpm_getrandom_out,
-						rng_data),
-				       0, "attempting get random");
-		if (err)
-			break;
-
-		recd = be32_to_cpu(tpm_cmd.params.getrandom_out.rng_data_len);
-		if (recd > num_bytes) {
-			total = -EFAULT;
-			break;
-		}
-
-		rlength = be32_to_cpu(tpm_cmd.header.out.length);
-		if (rlength < TPM_HEADER_SIZE +
-			      offsetof(struct tpm_getrandom_out, rng_data) +
-			      recd) {
-			total = -EFAULT;
-			break;
-		}
-		memcpy(dest, tpm_cmd.params.getrandom_out.rng_data, recd);
-
-		dest += recd;
-		total += recd;
-		num_bytes -= recd;
-	} while (retries-- && total < max);
+	if (chip->flags & TPM_CHIP_FLAG_TPM2)
+		rc = tpm2_get_random(chip, out, max);
+	else
+		rc = tpm1_get_random(chip, out, max);
 
 	tpm_put_ops(chip);
-	return total ? total : -EIO;
+	return rc;
 }
 EXPORT_SYMBOL_GPL(tpm_get_random);
 
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 05c386b3ab12..22f89f41ad52 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -551,6 +551,7 @@ int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
 		    const char *log_msg);
 ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
 		    const char *desc, size_t min_cap_length);
+int tpm1_get_random(struct tpm_chip *chip, u8 *out, size_t max);
 unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
 int tpm_pm_suspend(struct device *dev);
 int tpm_pm_resume(struct device *dev);
diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
index 3bd079587ef5..e02f0c1c822f 100644
--- a/drivers/char/tpm/tpm1-cmd.c
+++ b/drivers/char/tpm/tpm1-cmd.c
@@ -469,3 +469,58 @@ ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
 	return rc;
 }
 EXPORT_SYMBOL_GPL(tpm1_getcap);
+
+#define TPM_ORD_GET_RANDOM 70
+#define TPM_GETRANDOM_RESULT_SIZE	18
+static const struct tpm_input_header tpm_getrandom_header = {
+	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
+	.length = cpu_to_be32(14),
+	.ordinal = cpu_to_be32(TPM_ORD_GET_RANDOM)
+};
+
+int tpm1_get_random(struct tpm_chip *chip, u8 *out, size_t max)
+{
+	struct tpm_cmd_t tpm_cmd;
+	u32 recd;
+	u32 num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA);
+	u32 rlength;
+	int err, total = 0, retries = 5;
+	u8 *dest = out;
+
+	if (!out || !num_bytes || max > TPM_MAX_RNG_DATA)
+		return -EINVAL;
+
+	do {
+		tpm_cmd.header.in = tpm_getrandom_header;
+		tpm_cmd.params.getrandom_in.num_bytes = cpu_to_be32(num_bytes);
+
+		err = tpm_transmit_cmd(chip, NULL, &tpm_cmd,
+				       TPM_GETRANDOM_RESULT_SIZE + num_bytes,
+				       offsetof(struct tpm_getrandom_out,
+						rng_data),
+				       0, "attempting get random");
+		if (err)
+			break;
+
+		recd = be32_to_cpu(tpm_cmd.params.getrandom_out.rng_data_len);
+		if (recd > num_bytes) {
+			total = -EFAULT;
+			break;
+		}
+
+		rlength = be32_to_cpu(tpm_cmd.header.out.length);
+		if (rlength < TPM_HEADER_SIZE +
+			      offsetof(struct tpm_getrandom_out, rng_data) +
+			      recd) {
+			total = -EFAULT;
+			break;
+		}
+		memcpy(dest, tpm_cmd.params.getrandom_out.rng_data, recd);
+
+		dest += recd;
+		total += recd;
+		num_bytes -= recd;
+	} while (retries-- && (size_t)total < max);
+
+	return total ? total : -EIO;
+}
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 10/21] tpm: move tpm 1.x selftest code from tpm-interface.c tpm1-cmd.c
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (8 preceding siblings ...)
  2018-10-19 18:22 ` [PATCH v7 09/21] tpm: factor out tpm1_get_random into tpm1-cmd.c Tomas Winkler
@ 2018-10-19 18:22 ` Tomas Winkler
  2018-10-19 18:22 ` [PATCH v7 11/21] tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c Tomas Winkler
                   ` (11 subsequent siblings)
  21 siblings, 0 replies; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:22 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

Move the tpm1 selftest code functions to tpm1-cmd.c
and adjust callers to use the new function names.
 1. tpm_pcr_read_dev() to tpm1_pcr_read_dev().
 2. tpm_continue_selftest() to tpm1_continue_selftest().
 3. tpm_do_selftest() to tpm1_do_selftest()

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
V2-V3: Rebase
V4: Fix the commit message.
V5: Resend.
V6: Rebase.
V7: Resend.

 drivers/char/tpm/st33zp24/st33zp24.c |   2 +-
 drivers/char/tpm/tpm-interface.c     | 148 +----------------------------------
 drivers/char/tpm/tpm-sysfs.c         |   2 +-
 drivers/char/tpm/tpm.h               |   5 +-
 drivers/char/tpm/tpm1-cmd.c          | 142 +++++++++++++++++++++++++++++++++
 drivers/char/tpm/tpm_tis_core.c      |   2 +-
 6 files changed, 150 insertions(+), 151 deletions(-)

diff --git a/drivers/char/tpm/st33zp24/st33zp24.c b/drivers/char/tpm/st33zp24/st33zp24.c
index abd675bec88c..64dc560859f2 100644
--- a/drivers/char/tpm/st33zp24/st33zp24.c
+++ b/drivers/char/tpm/st33zp24/st33zp24.c
@@ -649,7 +649,7 @@ int st33zp24_pm_resume(struct device *dev)
 	} else {
 		ret = tpm_pm_resume(dev);
 		if (!ret)
-			tpm_do_selftest(chip);
+			tpm1_do_selftest(chip);
 	}
 	return ret;
 } /* st33zp24_pm_resume() */
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index a72bf6ea8f05..43d3540a7875 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -467,59 +467,6 @@ int tpm_get_timeouts(struct tpm_chip *chip)
 }
 EXPORT_SYMBOL_GPL(tpm_get_timeouts);
 
-#define TPM_ORD_CONTINUE_SELFTEST 83
-#define CONTINUE_SELFTEST_RESULT_SIZE 10
-
-static const struct tpm_input_header continue_selftest_header = {
-	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
-	.length = cpu_to_be32(10),
-	.ordinal = cpu_to_be32(TPM_ORD_CONTINUE_SELFTEST),
-};
-
-/**
- * tpm_continue_selftest -- run TPM's selftest
- * @chip: TPM chip to use
- *
- * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
- * a TPM error code.
- */
-static int tpm_continue_selftest(struct tpm_chip *chip)
-{
-	int rc;
-	struct tpm_cmd_t cmd;
-
-	cmd.header.in = continue_selftest_header;
-	rc = tpm_transmit_cmd(chip, NULL, &cmd, CONTINUE_SELFTEST_RESULT_SIZE,
-			      0, 0, "continue selftest");
-	return rc;
-}
-
-#define TPM_ORDINAL_PCRREAD 21
-#define READ_PCR_RESULT_SIZE 30
-#define READ_PCR_RESULT_BODY_SIZE 20
-static const struct tpm_input_header pcrread_header = {
-	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
-	.length = cpu_to_be32(14),
-	.ordinal = cpu_to_be32(TPM_ORDINAL_PCRREAD)
-};
-
-int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
-{
-	int rc;
-	struct tpm_cmd_t cmd;
-
-	cmd.header.in = pcrread_header;
-	cmd.params.pcrread_in.pcr_idx = cpu_to_be32(pcr_idx);
-	rc = tpm_transmit_cmd(chip, NULL, &cmd, READ_PCR_RESULT_SIZE,
-			      READ_PCR_RESULT_BODY_SIZE, 0,
-			      "attempting to read a pcr value");
-
-	if (rc == 0)
-		memcpy(res_buf, cmd.params.pcrread_out.pcr_result,
-		       TPM_DIGEST_SIZE);
-	return rc;
-}
-
 /**
  * tpm_is_tpm2 - do we a have a TPM2 chip?
  * @chip:	a &struct tpm_chip instance, %NULL for the default chip
@@ -560,10 +507,12 @@ int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
 	chip = tpm_find_get_ops(chip);
 	if (!chip)
 		return -ENODEV;
+
 	if (chip->flags & TPM_CHIP_FLAG_TPM2)
 		rc = tpm2_pcr_read(chip, pcr_idx, res_buf);
 	else
-		rc = tpm_pcr_read_dev(chip, pcr_idx, res_buf);
+		rc = tpm1_pcr_read_dev(chip, pcr_idx, res_buf);
+
 	tpm_put_ops(chip);
 	return rc;
 }
@@ -614,97 +563,6 @@ int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
 }
 EXPORT_SYMBOL_GPL(tpm_pcr_extend);
 
-/**
- * tpm_do_selftest - have the TPM continue its selftest and wait until it
- *                   can receive further commands
- * @chip: TPM chip to use
- *
- * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
- * a TPM error code.
- */
-int tpm_do_selftest(struct tpm_chip *chip)
-{
-	int rc;
-	unsigned int loops;
-	unsigned int delay_msec = 100;
-	unsigned long duration;
-	u8 dummy[TPM_DIGEST_SIZE];
-
-	duration = tpm1_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST);
-
-	loops = jiffies_to_msecs(duration) / delay_msec;
-
-	rc = tpm_continue_selftest(chip);
-	if (rc == TPM_ERR_INVALID_POSTINIT) {
-		chip->flags |= TPM_CHIP_FLAG_ALWAYS_POWERED;
-		dev_info(&chip->dev, "TPM not ready (%d)\n", rc);
-	}
-	/* This may fail if there was no TPM driver during a suspend/resume
-	 * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST)
-	 */
-	if (rc)
-		return rc;
-
-	do {
-		/* Attempt to read a PCR value */
-		rc = tpm_pcr_read_dev(chip, 0, dummy);
-
-		/* Some buggy TPMs will not respond to tpm_tis_ready() for
-		 * around 300ms while the self test is ongoing, keep trying
-		 * until the self test duration expires. */
-		if (rc == -ETIME) {
-			dev_info(
-			    &chip->dev, HW_ERR
-			    "TPM command timed out during continue self test");
-			tpm_msleep(delay_msec);
-			continue;
-		}
-
-		if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) {
-			dev_info(&chip->dev,
-				 "TPM is disabled/deactivated (0x%X)\n", rc);
-			/* TPM is disabled and/or deactivated; driver can
-			 * proceed and TPM does handle commands for
-			 * suspend/resume correctly
-			 */
-			return 0;
-		}
-		if (rc != TPM_WARN_DOING_SELFTEST)
-			return rc;
-		tpm_msleep(delay_msec);
-	} while (--loops > 0);
-
-	return rc;
-}
-EXPORT_SYMBOL_GPL(tpm_do_selftest);
-
-/**
- * tpm1_auto_startup - Perform the standard automatic TPM initialization
- *                     sequence
- * @chip: TPM chip to use
- *
- * Returns 0 on success, < 0 in case of fatal error.
- */
-int tpm1_auto_startup(struct tpm_chip *chip)
-{
-	int rc;
-
-	rc = tpm_get_timeouts(chip);
-	if (rc)
-		goto out;
-	rc = tpm_do_selftest(chip);
-	if (rc) {
-		dev_err(&chip->dev, "TPM self test failed\n");
-		goto out;
-	}
-
-	return rc;
-out:
-	if (rc > 0)
-		rc = -ENODEV;
-	return rc;
-}
-
 /**
  * tpm_send - send a TPM command
  * @chip:	a &struct tpm_chip instance, %NULL for the default chip
diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
index 008515314ae3..861acafd8f29 100644
--- a/drivers/char/tpm/tpm-sysfs.c
+++ b/drivers/char/tpm/tpm-sysfs.c
@@ -114,7 +114,7 @@ static ssize_t pcrs_show(struct device *dev, struct device_attribute *attr,
 
 	num_pcrs = be32_to_cpu(cap.num_pcrs);
 	for (i = 0; i < num_pcrs; i++) {
-		rc = tpm_pcr_read_dev(chip, i, digest);
+		rc = tpm1_pcr_read_dev(chip, i, digest);
 		if (rc)
 			break;
 		str += sprintf(str, "PCR-%02d: ", i);
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 22f89f41ad52..f284a98a9455 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -543,12 +543,12 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space,
 int tpm_startup(struct tpm_chip *chip);
 int tpm_get_timeouts(struct tpm_chip *);
 int tpm1_auto_startup(struct tpm_chip *chip);
-int tpm_do_selftest(struct tpm_chip *chip);
-
+int tpm1_do_selftest(struct tpm_chip *chip);
 int tpm1_get_timeouts(struct tpm_chip *chip);
 unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
 int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
 		    const char *log_msg);
+int tpm1_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
 ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
 		    const char *desc, size_t min_cap_length);
 int tpm1_get_random(struct tpm_chip *chip, u8 *out, size_t max);
@@ -575,7 +575,6 @@ void tpm_chip_unregister(struct tpm_chip *chip);
 
 void tpm_sysfs_add_device(struct tpm_chip *chip);
 
-int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
 
 #ifdef CONFIG_ACPI
 extern void tpm_add_ppi(struct tpm_chip *chip);
diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
index e02f0c1c822f..a69a02366c32 100644
--- a/drivers/char/tpm/tpm1-cmd.c
+++ b/drivers/char/tpm/tpm1-cmd.c
@@ -524,3 +524,145 @@ int tpm1_get_random(struct tpm_chip *chip, u8 *out, size_t max)
 
 	return total ? total : -EIO;
 }
+
+#define TPM_ORDINAL_PCRREAD 21
+#define READ_PCR_RESULT_SIZE 30
+#define READ_PCR_RESULT_BODY_SIZE 20
+static const struct tpm_input_header pcrread_header = {
+	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
+	.length = cpu_to_be32(14),
+	.ordinal = cpu_to_be32(TPM_ORDINAL_PCRREAD)
+};
+
+int tpm1_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
+{
+	int rc;
+	struct tpm_cmd_t cmd;
+
+	cmd.header.in = pcrread_header;
+	cmd.params.pcrread_in.pcr_idx = cpu_to_be32(pcr_idx);
+	rc = tpm_transmit_cmd(chip, NULL, &cmd, READ_PCR_RESULT_SIZE,
+			      READ_PCR_RESULT_BODY_SIZE, 0,
+			      "attempting to read a pcr value");
+
+	if (rc == 0)
+		memcpy(res_buf, cmd.params.pcrread_out.pcr_result,
+		       TPM_DIGEST_SIZE);
+	return rc;
+}
+
+#define TPM_ORD_CONTINUE_SELFTEST 83
+#define CONTINUE_SELFTEST_RESULT_SIZE 10
+static const struct tpm_input_header continue_selftest_header = {
+	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
+	.length = cpu_to_be32(10),
+	.ordinal = cpu_to_be32(TPM_ORD_CONTINUE_SELFTEST),
+};
+
+/**
+ * tpm_continue_selftest -- run TPM's selftest
+ * @chip: TPM chip to use
+ *
+ * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
+ * a TPM error code.
+ */
+static int tpm1_continue_selftest(struct tpm_chip *chip)
+{
+	int rc;
+	struct tpm_cmd_t cmd;
+
+	cmd.header.in = continue_selftest_header;
+	rc = tpm_transmit_cmd(chip, NULL, &cmd, CONTINUE_SELFTEST_RESULT_SIZE,
+			      0, 0, "continue selftest");
+	return rc;
+}
+
+/**
+ * tpm1_do_selftest - have the TPM continue its selftest and wait until it
+ *                   can receive further commands
+ * @chip: TPM chip to use
+ *
+ * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
+ * a TPM error code.
+ */
+int tpm1_do_selftest(struct tpm_chip *chip)
+{
+	int rc;
+	unsigned int loops;
+	unsigned int delay_msec = 100;
+	unsigned long duration;
+	u8 dummy[TPM_DIGEST_SIZE];
+
+	duration = tpm1_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST);
+
+	loops = jiffies_to_msecs(duration) / delay_msec;
+
+	rc = tpm1_continue_selftest(chip);
+	if (rc == TPM_ERR_INVALID_POSTINIT) {
+		chip->flags |= TPM_CHIP_FLAG_ALWAYS_POWERED;
+		dev_info(&chip->dev, "TPM not ready (%d)\n", rc);
+	}
+	/* This may fail if there was no TPM driver during a suspend/resume
+	 * cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST)
+	 */
+	if (rc)
+		return rc;
+
+	do {
+		/* Attempt to read a PCR value */
+		rc = tpm1_pcr_read_dev(chip, 0, dummy);
+
+		/* Some buggy TPMs will not respond to tpm_tis_ready() for
+		 * around 300ms while the self test is ongoing, keep trying
+		 * until the self test duration expires.
+		 */
+		if (rc == -ETIME) {
+			dev_info(&chip->dev, HW_ERR "TPM command timed out during continue self test");
+			tpm_msleep(delay_msec);
+			continue;
+		}
+
+		if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) {
+			dev_info(&chip->dev, "TPM is disabled/deactivated (0x%X)\n",
+				 rc);
+			/* TPM is disabled and/or deactivated; driver can
+			 * proceed and TPM does handle commands for
+			 * suspend/resume correctly
+			 */
+			return 0;
+		}
+		if (rc != TPM_WARN_DOING_SELFTEST)
+			return rc;
+		tpm_msleep(delay_msec);
+	} while (--loops > 0);
+
+	return rc;
+}
+EXPORT_SYMBOL_GPL(tpm1_do_selftest);
+
+/**
+ * tpm1_auto_startup - Perform the standard automatic TPM initialization
+ *                     sequence
+ * @chip: TPM chip to use
+ *
+ * Returns 0 on success, < 0 in case of fatal error.
+ */
+int tpm1_auto_startup(struct tpm_chip *chip)
+{
+	int rc;
+
+	rc = tpm1_get_timeouts(chip);
+	if (rc)
+		goto out;
+	rc = tpm1_do_selftest(chip);
+	if (rc) {
+		dev_err(&chip->dev, "TPM self test failed\n");
+		goto out;
+	}
+
+	return rc;
+out:
+	if (rc > 0)
+		rc = -ENODEV;
+	return rc;
+}
diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c
index ced01ec146b5..bf7e49cfa643 100644
--- a/drivers/char/tpm/tpm_tis_core.c
+++ b/drivers/char/tpm/tpm_tis_core.c
@@ -1056,7 +1056,7 @@ int tpm_tis_resume(struct device *dev)
 	 * an error code but for unknown reason it isn't handled.
 	 */
 	if (!(chip->flags & TPM_CHIP_FLAG_TPM2))
-		tpm_do_selftest(chip);
+		tpm1_do_selftest(chip);
 
 	return 0;
 }
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 11/21] tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (9 preceding siblings ...)
  2018-10-19 18:22 ` [PATCH v7 10/21] tpm: move tpm 1.x selftest code from tpm-interface.c tpm1-cmd.c Tomas Winkler
@ 2018-10-19 18:22 ` Tomas Winkler
  2018-10-20  1:05   ` Jarkko Sakkinen
  2018-10-23 18:43   ` Jarkko Sakkinen
  2018-10-19 18:22 ` [PATCH v7 12/21] tpm: factor out tpm_startup function Tomas Winkler
                   ` (10 subsequent siblings)
  21 siblings, 2 replies; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:22 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

Factor out TPM 1.x suspend flow from tpm-interface.c into a new function
tpm1_pm_suspend() in tpm1-cmd.c

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
---
V2-V3: Rebase.
V4: 1. Add kdoc for tpm1_pm_suspend().
    2. Fix commit message.
V5: Adjust the kdoc to the new standard.
V6: Rebase.
V7: Resend.

 drivers/char/tpm/tpm-interface.c | 55 ++++--------------------------------
 drivers/char/tpm/tpm.h           |  2 ++
 drivers/char/tpm/tpm1-cmd.c      | 61 ++++++++++++++++++++++++++++++++++++++++
 3 files changed, 68 insertions(+), 50 deletions(-)

diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 43d3540a7875..e7f220f691f9 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -586,15 +586,6 @@ int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen)
 }
 EXPORT_SYMBOL_GPL(tpm_send);
 
-#define TPM_ORD_SAVESTATE 152
-#define SAVESTATE_RESULT_SIZE 10
-
-static const struct tpm_input_header savestate_header = {
-	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
-	.length = cpu_to_be32(10),
-	.ordinal = cpu_to_be32(TPM_ORD_SAVESTATE)
-};
-
 /*
  * We are about to suspend. Save the TPM state
  * so that it can be restored.
@@ -602,54 +593,18 @@ static const struct tpm_input_header savestate_header = {
 int tpm_pm_suspend(struct device *dev)
 {
 	struct tpm_chip *chip = dev_get_drvdata(dev);
-	struct tpm_cmd_t cmd;
-	int rc, try;
-
-	u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 };
+	int rc = 0;
 
-	if (chip == NULL)
+	if (!chip)
 		return -ENODEV;
 
 	if (chip->flags & TPM_CHIP_FLAG_ALWAYS_POWERED)
 		return 0;
 
-	if (chip->flags & TPM_CHIP_FLAG_TPM2) {
+	if (chip->flags & TPM_CHIP_FLAG_TPM2)
 		tpm2_shutdown(chip, TPM2_SU_STATE);
-		return 0;
-	}
-
-	/* for buggy tpm, flush pcrs with extend to selected dummy */
-	if (tpm_suspend_pcr)
-		rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash,
-				     "extending dummy pcr before suspend");
-
-	/* now do the actual savestate */
-	for (try = 0; try < TPM_RETRY; try++) {
-		cmd.header.in = savestate_header;
-		rc = tpm_transmit_cmd(chip, NULL, &cmd, SAVESTATE_RESULT_SIZE,
-				      0, 0, NULL);
-
-		/*
-		 * If the TPM indicates that it is too busy to respond to
-		 * this command then retry before giving up.  It can take
-		 * several seconds for this TPM to be ready.
-		 *
-		 * This can happen if the TPM has already been sent the
-		 * SaveState command before the driver has loaded.  TCG 1.2
-		 * specification states that any communication after SaveState
-		 * may cause the TPM to invalidate previously saved state.
-		 */
-		if (rc != TPM_WARN_RETRY)
-			break;
-		tpm_msleep(TPM_TIMEOUT_RETRY);
-	}
-
-	if (rc)
-		dev_err(&chip->dev,
-			"Error (%d) sending savestate before suspend\n", rc);
-	else if (try > 0)
-		dev_warn(&chip->dev, "TPM savestate took %dms\n",
-			 try * TPM_TIMEOUT_RETRY);
+	else
+		rc = tpm1_pm_suspend(chip, tpm_suspend_pcr);
 
 	return rc;
 }
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index f284a98a9455..754f7bcb15fa 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -542,6 +542,8 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space,
 			 const char *desc);
 int tpm_startup(struct tpm_chip *chip);
 int tpm_get_timeouts(struct tpm_chip *);
+
+int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr);
 int tpm1_auto_startup(struct tpm_chip *chip);
 int tpm1_do_selftest(struct tpm_chip *chip);
 int tpm1_get_timeouts(struct tpm_chip *chip);
diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
index a69a02366c32..3bd9f1fa77ce 100644
--- a/drivers/char/tpm/tpm1-cmd.c
+++ b/drivers/char/tpm/tpm1-cmd.c
@@ -666,3 +666,64 @@ int tpm1_auto_startup(struct tpm_chip *chip)
 		rc = -ENODEV;
 	return rc;
 }
+
+#define TPM_ORD_SAVESTATE 152
+#define SAVESTATE_RESULT_SIZE 10
+static const struct tpm_input_header savestate_header = {
+	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
+	.length = cpu_to_be32(10),
+	.ordinal = cpu_to_be32(TPM_ORD_SAVESTATE)
+};
+
+/**
+ * tpm1_pm_suspend() - pm suspend handler
+ * @chip: TPM chip to use.
+ * @tpm_suspend_pcr: flush pcr for buggy TPM chips.
+ *
+ * The functions saves the TPM state to be restored on resume.
+ *
+ * Return:
+ * * 0 on success,
+ * * < 0 on error.
+ */
+int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr)
+{
+	u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 };
+	struct tpm_cmd_t cmd;
+	int rc, try;
+
+	/* for buggy tpm, flush pcrs with extend to selected dummy */
+	if (tpm_suspend_pcr)
+		rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash,
+				     "extending dummy pcr before suspend");
+
+	/* now do the actual savestate */
+	for (try = 0; try < TPM_RETRY; try++) {
+		cmd.header.in = savestate_header;
+		rc = tpm_transmit_cmd(chip, NULL, &cmd, SAVESTATE_RESULT_SIZE,
+				      0, 0, NULL);
+
+		/*
+		 * If the TPM indicates that it is too busy to respond to
+		 * this command then retry before giving up.  It can take
+		 * several seconds for this TPM to be ready.
+		 *
+		 * This can happen if the TPM has already been sent the
+		 * SaveState command before the driver has loaded.  TCG 1.2
+		 * specification states that any communication after SaveState
+		 * may cause the TPM to invalidate previously saved state.
+		 */
+		if (rc != TPM_WARN_RETRY)
+			break;
+		tpm_msleep(TPM_TIMEOUT_RETRY);
+	}
+
+	if (rc)
+		dev_err(&chip->dev, "Error (%d) sending savestate before suspend\n",
+			rc);
+	else if (try > 0)
+		dev_warn(&chip->dev, "TPM savestate took %dms\n",
+			 try * TPM_TIMEOUT_RETRY);
+
+	return rc;
+}
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 12/21] tpm: factor out tpm_startup function
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (10 preceding siblings ...)
  2018-10-19 18:22 ` [PATCH v7 11/21] tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c Tomas Winkler
@ 2018-10-19 18:22 ` Tomas Winkler
  2018-10-20  1:06   ` Jarkko Sakkinen
  2018-10-19 18:22 ` [PATCH v7 13/21] tpm: add tpm_auto_startup() into tpm-interface.c Tomas Winkler
                   ` (9 subsequent siblings)
  21 siblings, 1 reply; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:22 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

TPM manual startup is used only from within TPM 1.x or TPM 2.x
code, hence remove tpm_startup() function from tpm-interface.c
and add two static functions implementations tpm1_startup()
and tpm2_startup() into to tpm1-cmd.c and tpm2-cmd.c respectively.

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
V2-V2: Resend.
V4: Fix the commit message.
V5: 1. A small fix in the kdoc.
    2. Fixed Jarkko's name in Tested-by.
V6: Rebase.
V7: Resend.

 drivers/char/tpm/tpm-interface.c | 41 ----------------------------------------
 drivers/char/tpm/tpm.h           |  1 -
 drivers/char/tpm/tpm1-cmd.c      | 37 +++++++++++++++++++++++++++++++++++-
 drivers/char/tpm/tpm2-cmd.c      | 34 +++++++++++++++++++++++++++++++--
 4 files changed, 68 insertions(+), 45 deletions(-)

diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index e7f220f691f9..54b81700561b 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -414,47 +414,6 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space,
 }
 EXPORT_SYMBOL_GPL(tpm_transmit_cmd);
 
-#define TPM_ORD_STARTUP 153
-#define TPM_ST_CLEAR 1
-
-/**
- * tpm_startup - turn on the TPM
- * @chip: TPM chip to use
- *
- * Normally the firmware should start the TPM. This function is provided as a
- * workaround if this does not happen. A legal case for this could be for
- * example when a TPM emulator is used.
- *
- * Return: same as tpm_transmit_cmd()
- */
-int tpm_startup(struct tpm_chip *chip)
-{
-	struct tpm_buf buf;
-	int rc;
-
-	dev_info(&chip->dev, "starting up the TPM manually\n");
-
-	if (chip->flags & TPM_CHIP_FLAG_TPM2) {
-		rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_STARTUP);
-		if (rc < 0)
-			return rc;
-
-		tpm_buf_append_u16(&buf, TPM2_SU_CLEAR);
-	} else {
-		rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_STARTUP);
-		if (rc < 0)
-			return rc;
-
-		tpm_buf_append_u16(&buf, TPM_ST_CLEAR);
-	}
-
-	rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0,
-			      "attempting to start the TPM");
-
-	tpm_buf_destroy(&buf);
-	return rc;
-}
-
 int tpm_get_timeouts(struct tpm_chip *chip)
 {
 	if (chip->flags & TPM_CHIP_FLAG_HAVE_TIMEOUTS)
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 754f7bcb15fa..2eb73f6966c3 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -540,7 +540,6 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space,
 			 void *buf, size_t bufsiz,
 			 size_t min_rsp_body_length, unsigned int flags,
 			 const char *desc);
-int tpm_startup(struct tpm_chip *chip);
 int tpm_get_timeouts(struct tpm_chip *);
 
 int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr);
diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
index 3bd9f1fa77ce..8a84db315676 100644
--- a/drivers/char/tpm/tpm1-cmd.c
+++ b/drivers/char/tpm/tpm1-cmd.c
@@ -308,6 +308,40 @@ unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
 		return duration;
 }
 
+#define TPM_ORD_STARTUP 153
+#define TPM_ST_CLEAR 1
+
+/**
+ * tpm_startup() - turn on the TPM
+ * @chip: TPM chip to use
+ *
+ * Normally the firmware should start the TPM. This function is provided as a
+ * workaround if this does not happen. A legal case for this could be for
+ * example when a TPM emulator is used.
+ *
+ * Return: same as tpm_transmit_cmd()
+ */
+static int tpm1_startup(struct tpm_chip *chip)
+{
+	struct tpm_buf buf;
+	int rc;
+
+	dev_info(&chip->dev, "starting up the TPM manually\n");
+
+	rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_STARTUP);
+	if (rc < 0)
+		return rc;
+
+	tpm_buf_append_u16(&buf, TPM_ST_CLEAR);
+
+	rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0,
+			      "attempting to start the TPM");
+
+	tpm_buf_destroy(&buf);
+
+	return rc;
+}
+
 int tpm1_get_timeouts(struct tpm_chip *chip)
 {
 	cap_t cap;
@@ -317,7 +351,7 @@ int tpm1_get_timeouts(struct tpm_chip *chip)
 	rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL,
 			 sizeof(cap.timeout));
 	if (rc == TPM_ERR_INVALID_POSTINIT) {
-		if (tpm_startup(chip))
+		if (tpm1_startup(chip))
 			return rc;
 
 		rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap,
@@ -727,3 +761,4 @@ int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr)
 
 	return rc;
 }
+
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index dd2e98f4de08..6ca4fc0a0d6f 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -948,6 +948,36 @@ static int tpm2_get_cc_attrs_tbl(struct tpm_chip *chip)
 	return rc;
 }
 
+/**
+ * tpm2_startup - turn on the TPM
+ * @chip: TPM chip to use
+ *
+ * Normally the firmware should start the TPM. This function is provided as a
+ * workaround if this does not happen. A legal case for this could be for
+ * example when a TPM emulator is used.
+ *
+ * Return: same as tpm_transmit_cmd()
+ */
+
+static int tpm2_startup(struct tpm_chip *chip)
+{
+	struct tpm_buf buf;
+	int rc;
+
+	dev_info(&chip->dev, "starting up the TPM manually\n");
+
+	rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_STARTUP);
+	if (rc < 0)
+		return rc;
+
+	tpm_buf_append_u16(&buf, TPM2_SU_CLEAR);
+	rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0,
+			      "attempting to start the TPM");
+	tpm_buf_destroy(&buf);
+
+	return rc;
+}
+
 /**
  * tpm2_auto_startup - Perform the standard automatic TPM initialization
  *                     sequence
@@ -959,7 +989,7 @@ int tpm2_auto_startup(struct tpm_chip *chip)
 {
 	int rc;
 
-	rc = tpm_get_timeouts(chip);
+	rc = tpm2_get_timeouts(chip);
 	if (rc)
 		goto out;
 
@@ -968,7 +998,7 @@ int tpm2_auto_startup(struct tpm_chip *chip)
 		goto out;
 
 	if (rc == TPM2_RC_INITIALIZE) {
-		rc = tpm_startup(chip);
+		rc = tpm2_startup(chip);
 		if (rc)
 			goto out;
 
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 13/21] tpm: add tpm_auto_startup() into tpm-interface.c
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (11 preceding siblings ...)
  2018-10-19 18:22 ` [PATCH v7 12/21] tpm: factor out tpm_startup function Tomas Winkler
@ 2018-10-19 18:22 ` Tomas Winkler
  2018-10-20  1:09   ` Jarkko Sakkinen
  2018-10-19 18:23 ` [PATCH v7 14/21] tpm: tpm-interface.c drop unused macros Tomas Winkler
                   ` (8 subsequent siblings)
  21 siblings, 1 reply; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:22 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

Add wrapper tpm_auto_startup() to tpm-interface.c
instead of open coded decision between TPM 1.x and TPM 2.x
in tpm-chip.c

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
V3: New in the series.
V4: Fix the commit message.
V5-7: Resend.

 drivers/char/tpm/tpm-chip.c      | 11 +++--------
 drivers/char/tpm/tpm-interface.c | 15 +++++++++++++++
 drivers/char/tpm/tpm.h           |  1 +
 3 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
index 46caadca916a..32db84683c40 100644
--- a/drivers/char/tpm/tpm-chip.c
+++ b/drivers/char/tpm/tpm-chip.c
@@ -451,14 +451,9 @@ int tpm_chip_register(struct tpm_chip *chip)
 {
 	int rc;
 
-	if (chip->ops->flags & TPM_OPS_AUTO_STARTUP) {
-		if (chip->flags & TPM_CHIP_FLAG_TPM2)
-			rc = tpm2_auto_startup(chip);
-		else
-			rc = tpm1_auto_startup(chip);
-		if (rc)
-			return rc;
-	}
+	rc = tpm_auto_startup(chip);
+	if (rc)
+		return rc;
 
 	tpm_sysfs_add_device(chip);
 
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 54b81700561b..69e007a198ce 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -545,6 +545,21 @@ int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen)
 }
 EXPORT_SYMBOL_GPL(tpm_send);
 
+int tpm_auto_startup(struct tpm_chip *chip)
+{
+	int rc;
+
+	if (!(chip->ops->flags & TPM_OPS_AUTO_STARTUP))
+		return 0;
+
+	if (chip->flags & TPM_CHIP_FLAG_TPM2)
+		rc = tpm2_auto_startup(chip);
+	else
+		rc = tpm1_auto_startup(chip);
+
+	return rc;
+}
+
 /*
  * We are about to suspend. Save the TPM state
  * so that it can be restored.
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 2eb73f6966c3..daca1d0190b1 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -541,6 +541,7 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space,
 			 size_t min_rsp_body_length, unsigned int flags,
 			 const char *desc);
 int tpm_get_timeouts(struct tpm_chip *);
+int tpm_auto_startup(struct tpm_chip *chip);
 
 int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr);
 int tpm1_auto_startup(struct tpm_chip *chip);
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 14/21] tpm: tpm-interface.c drop unused macros
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (12 preceding siblings ...)
  2018-10-19 18:22 ` [PATCH v7 13/21] tpm: add tpm_auto_startup() into tpm-interface.c Tomas Winkler
@ 2018-10-19 18:23 ` Tomas Winkler
  2018-10-19 18:23 ` [PATCH v7 15/21] tpm: tpm-space.c remove unneeded semicolon Tomas Winkler
                   ` (7 subsequent siblings)
  21 siblings, 0 replies; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:23 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

The commit:
"tpm_tis: further simplify calculation of ordinal duration"
left unused macros, we can drop them now.

Fixes compilation warnings:
tpm-interface.c:37:0: warning: macro "TPM_PROTECTED_COMMAND" is not used [-Wunused-macros]
tpm-interface.c:36:0: warning: macro "TSC_MAX_ORDINAL" is not used [-Wunused-macros]
tpm-interface.c:38:0: warning: macro "TPM_CONNECTION_COMMAND" is not used [-Wunused-macros]

Fixes: f72864300139 ("tpm_tis: further simplify calculation of ordinal duration")
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
V3: New in the series.
V4: Fix the commit message.
V5-V7: Resend.

 drivers/char/tpm/tpm-interface.c | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 69e007a198ce..ba50554e34d3 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -33,10 +33,6 @@
 
 #include "tpm.h"
 
-#define TSC_MAX_ORDINAL 12
-#define TPM_PROTECTED_COMMAND 0x00
-#define TPM_CONNECTION_COMMAND 0x40
-
 /*
  * Bug workaround - some TPM's don't flush the most
  * recently changed pcr on suspend, so force the flush
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 15/21] tpm: tpm-space.c remove unneeded semicolon
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (13 preceding siblings ...)
  2018-10-19 18:23 ` [PATCH v7 14/21] tpm: tpm-interface.c drop unused macros Tomas Winkler
@ 2018-10-19 18:23 ` Tomas Winkler
  2018-10-19 18:23 ` [PATCH v7 16/21] tpm: tpm1: rewrite tpm1_get_random() using tpm_buf structure Tomas Winkler
                   ` (6 subsequent siblings)
  21 siblings, 0 replies; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:23 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

Remove unneeded semicolon in tpm2_map_response_header()

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
V3: New in the series.
V4-V7: Resend.

 drivers/char/tpm/tpm2-space.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/char/tpm/tpm2-space.c b/drivers/char/tpm/tpm2-space.c
index d2e101b32482..dcdfde3c253e 100644
--- a/drivers/char/tpm/tpm2-space.c
+++ b/drivers/char/tpm/tpm2-space.c
@@ -373,7 +373,7 @@ static int tpm2_map_response_header(struct tpm_chip *chip, u32 cc, u8 *rsp,
 		dev_err(&chip->dev, "%s: unknown handle 0x%08X\n",
 			__func__, phandle);
 		break;
-	};
+	}
 
 	return 0;
 out_no_slots:
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 16/21] tpm: tpm1: rewrite tpm1_get_random() using tpm_buf structure
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (14 preceding siblings ...)
  2018-10-19 18:23 ` [PATCH v7 15/21] tpm: tpm-space.c remove unneeded semicolon Tomas Winkler
@ 2018-10-19 18:23 ` Tomas Winkler
  2018-10-19 18:23 ` [PATCH v7 17/21] tpm1: implement tpm1_pcr_read_dev() " Tomas Winkler
                   ` (5 subsequent siblings)
  21 siblings, 0 replies; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:23 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

1. Use tpm_buf in tpm1_get_random()
2. Fix comment in tpm_get_random() so it is clear that
the function is expected to return number of random bytes.

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
V3: New in the series.
V4: Resend.
V5: A small adjustment in the kdoc.
V6-7: Resend.

 drivers/char/tpm/tpm-interface.c |  2 +-
 drivers/char/tpm/tpm.h           | 11 ------
 drivers/char/tpm/tpm1-cmd.c      | 84 +++++++++++++++++++++++-----------------
 3 files changed, 49 insertions(+), 48 deletions(-)

diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index ba50554e34d3..8e1d2bc2df82 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -601,7 +601,7 @@ EXPORT_SYMBOL_GPL(tpm_pm_resume);
  * @out:	destination buffer for the random bytes
  * @max:	the max number of bytes to write to @out
  *
- * Return: same as with tpm_transmit_cmd()
+ * Return: number of random bytes read or a negative error value.
  */
 int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max)
 {
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index daca1d0190b1..6895f183396b 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -396,20 +396,9 @@ struct tpm_pcrread_in {
  * compiler warnings about stack frame size. */
 #define TPM_MAX_RNG_DATA	128
 
-struct tpm_getrandom_out {
-	__be32 rng_data_len;
-	u8     rng_data[TPM_MAX_RNG_DATA];
-} __packed;
-
-struct tpm_getrandom_in {
-	__be32 num_bytes;
-} __packed;
-
 typedef union {
 	struct	tpm_pcrread_in	pcrread_in;
 	struct	tpm_pcrread_out	pcrread_out;
-	struct	tpm_getrandom_in getrandom_in;
-	struct	tpm_getrandom_out getrandom_out;
 } tpm_cmd_params;
 
 struct tpm_cmd_t {
diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
index 8a84db315676..b5c4fa158c30 100644
--- a/drivers/char/tpm/tpm1-cmd.c
+++ b/drivers/char/tpm/tpm1-cmd.c
@@ -505,58 +505,70 @@ ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
 EXPORT_SYMBOL_GPL(tpm1_getcap);
 
 #define TPM_ORD_GET_RANDOM 70
-#define TPM_GETRANDOM_RESULT_SIZE	18
-static const struct tpm_input_header tpm_getrandom_header = {
-	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
-	.length = cpu_to_be32(14),
-	.ordinal = cpu_to_be32(TPM_ORD_GET_RANDOM)
-};
+struct tpm1_get_random_out {
+	__be32 rng_data_len;
+	u8 rng_data[TPM_MAX_RNG_DATA];
+} __packed;
 
-int tpm1_get_random(struct tpm_chip *chip, u8 *out, size_t max)
+/**
+ * tpm1_get_random() - get random bytes from the TPM's RNG
+ * @chip:	a &struct tpm_chip instance
+ * @dest:	destination buffer for the random bytes
+ * @max:	the maximum number of bytes to write to @dest
+ *
+ * Return:
+ * *  number of bytes read
+ * * -errno or a TPM return code otherwise
+ */
+int tpm1_get_random(struct tpm_chip *chip, u8 *dest, size_t max)
 {
-	struct tpm_cmd_t tpm_cmd;
+	struct tpm1_get_random_out *out;
+	u32 num_bytes =  min_t(u32, max, TPM_MAX_RNG_DATA);
+	struct tpm_buf buf;
+	u32 total = 0;
+	int retries = 5;
 	u32 recd;
-	u32 num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA);
-	u32 rlength;
-	int err, total = 0, retries = 5;
-	u8 *dest = out;
+	int rc;
 
-	if (!out || !num_bytes || max > TPM_MAX_RNG_DATA)
-		return -EINVAL;
+	rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_RANDOM);
+	if (rc)
+		return rc;
 
 	do {
-		tpm_cmd.header.in = tpm_getrandom_header;
-		tpm_cmd.params.getrandom_in.num_bytes = cpu_to_be32(num_bytes);
-
-		err = tpm_transmit_cmd(chip, NULL, &tpm_cmd,
-				       TPM_GETRANDOM_RESULT_SIZE + num_bytes,
-				       offsetof(struct tpm_getrandom_out,
-						rng_data),
-				       0, "attempting get random");
-		if (err)
-			break;
+		tpm_buf_append_u32(&buf, num_bytes);
+
+		rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE,
+				      sizeof(out->rng_data_len), 0,
+				      "attempting get random");
+		if (rc)
+			goto out;
 
-		recd = be32_to_cpu(tpm_cmd.params.getrandom_out.rng_data_len);
+		out = (struct tpm1_get_random_out *)&buf.data[TPM_HEADER_SIZE];
+
+		recd = be32_to_cpu(out->rng_data_len);
 		if (recd > num_bytes) {
-			total = -EFAULT;
-			break;
+			rc = -EFAULT;
+			goto out;
 		}
 
-		rlength = be32_to_cpu(tpm_cmd.header.out.length);
-		if (rlength < TPM_HEADER_SIZE +
-			      offsetof(struct tpm_getrandom_out, rng_data) +
-			      recd) {
-			total = -EFAULT;
-			break;
+		if (tpm_buf_length(&buf) < TPM_HEADER_SIZE +
+					   sizeof(out->rng_data_len) + recd) {
+			rc = -EFAULT;
+			goto out;
 		}
-		memcpy(dest, tpm_cmd.params.getrandom_out.rng_data, recd);
+		memcpy(dest, out->rng_data, recd);
 
 		dest += recd;
 		total += recd;
 		num_bytes -= recd;
-	} while (retries-- && (size_t)total < max);
 
-	return total ? total : -EIO;
+		tpm_buf_reset(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_GET_RANDOM);
+	} while (retries-- && total < max);
+
+	rc = total ? (int)total : -EIO;
+out:
+	tpm_buf_destroy(&buf);
+	return rc;
 }
 
 #define TPM_ORDINAL_PCRREAD 21
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 17/21] tpm1: implement tpm1_pcr_read_dev() using tpm_buf structure
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (15 preceding siblings ...)
  2018-10-19 18:23 ` [PATCH v7 16/21] tpm: tpm1: rewrite tpm1_get_random() using tpm_buf structure Tomas Winkler
@ 2018-10-19 18:23 ` Tomas Winkler
  2018-10-19 18:23 ` [PATCH v7 18/21] tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read() Tomas Winkler
                   ` (4 subsequent siblings)
  21 siblings, 0 replies; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:23 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

Implement tpm1_pcr_read_dev() using tpm_buf and remove
now unneeded structures from tpm.h

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
V3: New in the series.
V4-V7: Resend.

 drivers/char/tpm/tpm.h      | 18 ++----------------
 drivers/char/tpm/tpm1-cmd.c | 38 +++++++++++++++++++++-----------------
 2 files changed, 23 insertions(+), 33 deletions(-)

diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 6895f183396b..51d147675b1f 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -382,13 +382,10 @@ typedef union {
 	struct	tpm_output_header out;
 } tpm_cmd_header;
 
-struct tpm_pcrread_out {
-	u8	pcr_result[TPM_DIGEST_SIZE];
+struct tpm_cmd_t {
+	tpm_cmd_header	header;
 } __packed;
 
-struct tpm_pcrread_in {
-	__be32	pcr_idx;
-} __packed;
 
 /* 128 bytes is an arbitrary cap. This could be as large as TPM_BUFSIZE - 18
  * bytes, but 128 is still a relatively large number of random bytes and
@@ -396,17 +393,6 @@ struct tpm_pcrread_in {
  * compiler warnings about stack frame size. */
 #define TPM_MAX_RNG_DATA	128
 
-typedef union {
-	struct	tpm_pcrread_in	pcrread_in;
-	struct	tpm_pcrread_out	pcrread_out;
-} tpm_cmd_params;
-
-struct tpm_cmd_t {
-	tpm_cmd_header	header;
-	tpm_cmd_params	params;
-} __packed;
-
-
 /* A string buffer type for constructing TPM commands. This is based on the
  * ideas of string buffer code in security/keys/trusted.h but is heap based
  * in order to keep the stack usage minimal.
diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
index b5c4fa158c30..d30f336518f6 100644
--- a/drivers/char/tpm/tpm1-cmd.c
+++ b/drivers/char/tpm/tpm1-cmd.c
@@ -571,29 +571,33 @@ int tpm1_get_random(struct tpm_chip *chip, u8 *dest, size_t max)
 	return rc;
 }
 
-#define TPM_ORDINAL_PCRREAD 21
-#define READ_PCR_RESULT_SIZE 30
-#define READ_PCR_RESULT_BODY_SIZE 20
-static const struct tpm_input_header pcrread_header = {
-	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
-	.length = cpu_to_be32(14),
-	.ordinal = cpu_to_be32(TPM_ORDINAL_PCRREAD)
-};
-
+#define TPM_ORD_PCRREAD 21
 int tpm1_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
 {
+	struct tpm_buf buf;
 	int rc;
-	struct tpm_cmd_t cmd;
 
-	cmd.header.in = pcrread_header;
-	cmd.params.pcrread_in.pcr_idx = cpu_to_be32(pcr_idx);
-	rc = tpm_transmit_cmd(chip, NULL, &cmd, READ_PCR_RESULT_SIZE,
-			      READ_PCR_RESULT_BODY_SIZE, 0,
+	rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCRREAD);
+	if (rc)
+		return rc;
+
+	tpm_buf_append_u32(&buf, pcr_idx);
+
+	rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE,
+			      TPM_DIGEST_SIZE, 0,
 			      "attempting to read a pcr value");
+	if (rc)
+		goto out;
 
-	if (rc == 0)
-		memcpy(res_buf, cmd.params.pcrread_out.pcr_result,
-		       TPM_DIGEST_SIZE);
+	if (tpm_buf_length(&buf) < TPM_DIGEST_SIZE) {
+		rc = -EFAULT;
+		goto out;
+	}
+
+	memcpy(res_buf, &buf.data[TPM_HEADER_SIZE], TPM_DIGEST_SIZE);
+
+out:
+	tpm_buf_destroy(&buf);
 	return rc;
 }
 
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 18/21] tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read()
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (16 preceding siblings ...)
  2018-10-19 18:23 ` [PATCH v7 17/21] tpm1: implement tpm1_pcr_read_dev() " Tomas Winkler
@ 2018-10-19 18:23 ` Tomas Winkler
  2018-10-23 18:44   ` Jarkko Sakkinen
  2018-10-19 18:23 ` [PATCH v7 19/21] tpm1: reimplement SAVESTATE using tpm_buf Tomas Winkler
                   ` (3 subsequent siblings)
  21 siblings, 1 reply; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:23 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

Rename tpm1_pcr_read_dev to tpm1_pcr_read() to match
the counterpart tpm2_pcr_read().

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
V4: New in the series
V5: Resend.
V6: Resend.
V7: Fix typo tmp->tpm

 drivers/char/tpm/tpm-interface.c | 2 +-
 drivers/char/tpm/tpm-sysfs.c     | 2 +-
 drivers/char/tpm/tpm.h           | 2 +-
 drivers/char/tpm/tpm1-cmd.c      | 4 ++--
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 8e1d2bc2df82..acd647476ae1 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -466,7 +466,7 @@ int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
 	if (chip->flags & TPM_CHIP_FLAG_TPM2)
 		rc = tpm2_pcr_read(chip, pcr_idx, res_buf);
 	else
-		rc = tpm1_pcr_read_dev(chip, pcr_idx, res_buf);
+		rc = tpm1_pcr_read(chip, pcr_idx, res_buf);
 
 	tpm_put_ops(chip);
 	return rc;
diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
index 861acafd8f29..96fc7433c57d 100644
--- a/drivers/char/tpm/tpm-sysfs.c
+++ b/drivers/char/tpm/tpm-sysfs.c
@@ -114,7 +114,7 @@ static ssize_t pcrs_show(struct device *dev, struct device_attribute *attr,
 
 	num_pcrs = be32_to_cpu(cap.num_pcrs);
 	for (i = 0; i < num_pcrs; i++) {
-		rc = tpm1_pcr_read_dev(chip, i, digest);
+		rc = tpm1_pcr_read(chip, i, digest);
 		if (rc)
 			break;
 		str += sprintf(str, "PCR-%02d: ", i);
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 51d147675b1f..bf2ef1eeda50 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -525,7 +525,7 @@ int tpm1_get_timeouts(struct tpm_chip *chip);
 unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
 int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
 		    const char *log_msg);
-int tpm1_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
+int tpm1_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
 ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
 		    const char *desc, size_t min_cap_length);
 int tpm1_get_random(struct tpm_chip *chip, u8 *out, size_t max);
diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
index d30f336518f6..05b772477bac 100644
--- a/drivers/char/tpm/tpm1-cmd.c
+++ b/drivers/char/tpm/tpm1-cmd.c
@@ -572,7 +572,7 @@ int tpm1_get_random(struct tpm_chip *chip, u8 *dest, size_t max)
 }
 
 #define TPM_ORD_PCRREAD 21
-int tpm1_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
+int tpm1_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
 {
 	struct tpm_buf buf;
 	int rc;
@@ -660,7 +660,7 @@ int tpm1_do_selftest(struct tpm_chip *chip)
 
 	do {
 		/* Attempt to read a PCR value */
-		rc = tpm1_pcr_read_dev(chip, 0, dummy);
+		rc = tpm1_pcr_read(chip, 0, dummy);
 
 		/* Some buggy TPMs will not respond to tpm_tis_ready() for
 		 * around 300ms while the self test is ongoing, keep trying
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 19/21] tpm1: reimplement SAVESTATE using tpm_buf
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (17 preceding siblings ...)
  2018-10-19 18:23 ` [PATCH v7 18/21] tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read() Tomas Winkler
@ 2018-10-19 18:23 ` Tomas Winkler
  2018-10-19 18:23 ` [PATCH v7 20/21] tpm1: reimplement tpm1_continue_selftest() " Tomas Winkler
                   ` (2 subsequent siblings)
  21 siblings, 0 replies; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:23 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

In tpm1_pm_suspend() function reimplement,
TPM_ORD_SAVESTATE comamnd using tpm_buf.

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
V3: New in the series.
V4-V7: Resend

 drivers/char/tpm/tpm1-cmd.c | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
index 05b772477bac..d418a27a75e0 100644
--- a/drivers/char/tpm/tpm1-cmd.c
+++ b/drivers/char/tpm/tpm1-cmd.c
@@ -718,12 +718,6 @@ int tpm1_auto_startup(struct tpm_chip *chip)
 }
 
 #define TPM_ORD_SAVESTATE 152
-#define SAVESTATE_RESULT_SIZE 10
-static const struct tpm_input_header savestate_header = {
-	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
-	.length = cpu_to_be32(10),
-	.ordinal = cpu_to_be32(TPM_ORD_SAVESTATE)
-};
 
 /**
  * tpm1_pm_suspend() - pm suspend handler
@@ -739,18 +733,22 @@ static const struct tpm_input_header savestate_header = {
 int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr)
 {
 	u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 };
-	struct tpm_cmd_t cmd;
-	int rc, try;
+	struct tpm_buf buf;
+	unsigned int try;
+	int rc;
+
 
 	/* for buggy tpm, flush pcrs with extend to selected dummy */
 	if (tpm_suspend_pcr)
 		rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash,
 				     "extending dummy pcr before suspend");
 
+	rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_SAVESTATE);
+	if (rc)
+		return rc;
 	/* now do the actual savestate */
 	for (try = 0; try < TPM_RETRY; try++) {
-		cmd.header.in = savestate_header;
-		rc = tpm_transmit_cmd(chip, NULL, &cmd, SAVESTATE_RESULT_SIZE,
+		rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE,
 				      0, 0, NULL);
 
 		/*
@@ -766,6 +764,8 @@ int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr)
 		if (rc != TPM_WARN_RETRY)
 			break;
 		tpm_msleep(TPM_TIMEOUT_RETRY);
+
+		tpm_buf_reset(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_SAVESTATE);
 	}
 
 	if (rc)
@@ -775,6 +775,8 @@ int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr)
 		dev_warn(&chip->dev, "TPM savestate took %dms\n",
 			 try * TPM_TIMEOUT_RETRY);
 
+	tpm_buf_destroy(&buf);
+
 	return rc;
 }
 
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 20/21] tpm1: reimplement tpm1_continue_selftest() using tpm_buf
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (18 preceding siblings ...)
  2018-10-19 18:23 ` [PATCH v7 19/21] tpm1: reimplement SAVESTATE using tpm_buf Tomas Winkler
@ 2018-10-19 18:23 ` Tomas Winkler
  2018-10-19 18:23 ` [PATCH v7 21/21] tpm: use u32 instead of int for PCR index Tomas Winkler
  2018-10-20  1:19 ` [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Jarkko Sakkinen
  21 siblings, 0 replies; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:23 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

Reimplement tpm1_continue_selftest() using tpm_buf structure.
This is the last command using the old tpm_cmd_t structure
and now the structure can be removed.

Cc: Nayna Jain <nayna@linux.vnet.ibm.com>
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
V3: New in the series.
V4: Resend.
V5: Fix &buf.data -> buf.data in tpm1_continue_selftest()
V6-7: Resend.

 drivers/char/tpm/tpm.h      |  9 ---------
 drivers/char/tpm/tpm1-cmd.c | 21 ++++++++++-----------
 2 files changed, 10 insertions(+), 20 deletions(-)

diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index bf2ef1eeda50..e0778d19da98 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -377,15 +377,6 @@ enum tpm_sub_capabilities {
 	TPM_CAP_PROP_TIS_DURATION = 0x120,
 };
 
-typedef union {
-	struct	tpm_input_header in;
-	struct	tpm_output_header out;
-} tpm_cmd_header;
-
-struct tpm_cmd_t {
-	tpm_cmd_header	header;
-} __packed;
-
 
 /* 128 bytes is an arbitrary cap. This could be as large as TPM_BUFSIZE - 18
  * bytes, but 128 is still a relatively large number of random bytes and
diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
index d418a27a75e0..6b04648f8184 100644
--- a/drivers/char/tpm/tpm1-cmd.c
+++ b/drivers/char/tpm/tpm1-cmd.c
@@ -602,15 +602,8 @@ int tpm1_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
 }
 
 #define TPM_ORD_CONTINUE_SELFTEST 83
-#define CONTINUE_SELFTEST_RESULT_SIZE 10
-static const struct tpm_input_header continue_selftest_header = {
-	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
-	.length = cpu_to_be32(10),
-	.ordinal = cpu_to_be32(TPM_ORD_CONTINUE_SELFTEST),
-};
-
 /**
- * tpm_continue_selftest -- run TPM's selftest
+ * tpm_continue_selftest() - run TPM's selftest
  * @chip: TPM chip to use
  *
  * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing
@@ -618,12 +611,18 @@ static const struct tpm_input_header continue_selftest_header = {
  */
 static int tpm1_continue_selftest(struct tpm_chip *chip)
 {
+	struct tpm_buf buf;
 	int rc;
-	struct tpm_cmd_t cmd;
 
-	cmd.header.in = continue_selftest_header;
-	rc = tpm_transmit_cmd(chip, NULL, &cmd, CONTINUE_SELFTEST_RESULT_SIZE,
+	rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_CONTINUE_SELFTEST);
+	if (rc)
+		return rc;
+
+	rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE,
 			      0, 0, "continue selftest");
+
+	tpm_buf_destroy(&buf);
+
 	return rc;
 }
 
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* [PATCH v7 21/21] tpm: use u32 instead of int for PCR index
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (19 preceding siblings ...)
  2018-10-19 18:23 ` [PATCH v7 20/21] tpm1: reimplement tpm1_continue_selftest() " Tomas Winkler
@ 2018-10-19 18:23 ` Tomas Winkler
  2018-10-23 18:44   ` Jarkko Sakkinen
  2018-10-23 18:55   ` Jarkko Sakkinen
  2018-10-20  1:19 ` [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Jarkko Sakkinen
  21 siblings, 2 replies; 39+ messages in thread
From: Tomas Winkler @ 2018-10-19 18:23 UTC (permalink / raw)
  To: Jarkko Sakkinen, Jason Gunthorpe
  Cc: Nayna Jain, Alexander Usyskin, Tadeusz Struk, linux-integrity,
	linux-security-module, linux-kernel, Tomas Winkler

The TPM specs defines PCR index as a positive number, and there is
no reason to use a signed number. It is also a possible security
issue as currently no functions check for a negative index,
which may become a large number when converted to u32.

Adjust the API to use u32 instead of int in all PCR related
functions.

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
V3: New in the series.
V4: Separate unrelated change to another patches.
V5: Fix the commit message.
V6: Rebased.
V7: Resend.

 drivers/char/tpm/tpm-interface.c    |  6 +++---
 drivers/char/tpm/tpm-sysfs.c        |  2 +-
 drivers/char/tpm/tpm.h              | 10 +++++-----
 drivers/char/tpm/tpm1-cmd.c         |  6 +++---
 drivers/char/tpm/tpm2-cmd.c         |  5 ++---
 include/linux/tpm.h                 | 11 +++++++----
 security/integrity/ima/ima_crypto.c |  5 +++--
 7 files changed, 24 insertions(+), 21 deletions(-)

diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index acd647476ae1..d9439f9abe78 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -38,7 +38,7 @@
  * recently changed pcr on suspend, so force the flush
  * with an extend to the selected _unused_ non-volatile pcr.
  */
-static int tpm_suspend_pcr;
+static u32 tpm_suspend_pcr;
 module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644);
 MODULE_PARM_DESC(suspend_pcr,
 		 "PCR to use for dummy writes to facilitate flush on suspend.");
@@ -455,7 +455,7 @@ EXPORT_SYMBOL_GPL(tpm_is_tpm2);
  *
  * Return: same as with tpm_transmit_cmd()
  */
-int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
+int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
 {
 	int rc;
 
@@ -485,7 +485,7 @@ EXPORT_SYMBOL_GPL(tpm_pcr_read);
  *
  * Return: same as with tpm_transmit_cmd()
  */
-int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
+int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash)
 {
 	int rc;
 	struct tpm2_digest digest_list[ARRAY_SIZE(chip->active_banks)];
diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
index 96fc7433c57d..b88e08ec2c59 100644
--- a/drivers/char/tpm/tpm-sysfs.c
+++ b/drivers/char/tpm/tpm-sysfs.c
@@ -102,7 +102,7 @@ static ssize_t pcrs_show(struct device *dev, struct device_attribute *attr,
 	cap_t cap;
 	u8 digest[TPM_DIGEST_SIZE];
 	ssize_t rc;
-	int i, j, num_pcrs;
+	u32 i, j, num_pcrs;
 	char *str = buf;
 	struct tpm_chip *chip = to_tpm_chip(dev);
 
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index e0778d19da98..f27d1f38a93d 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -509,14 +509,14 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space,
 int tpm_get_timeouts(struct tpm_chip *);
 int tpm_auto_startup(struct tpm_chip *chip);
 
-int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr);
+int tpm1_pm_suspend(struct tpm_chip *chip, u32 tpm_suspend_pcr);
 int tpm1_auto_startup(struct tpm_chip *chip);
 int tpm1_do_selftest(struct tpm_chip *chip);
 int tpm1_get_timeouts(struct tpm_chip *chip);
 unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
-int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
+int tpm1_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash,
 		    const char *log_msg);
-int tpm1_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
+int tpm1_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf);
 ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
 		    const char *desc, size_t min_cap_length);
 int tpm1_get_random(struct tpm_chip *chip, u8 *out, size_t max);
@@ -558,8 +558,8 @@ static inline u32 tpm2_rc_value(u32 rc)
 }
 
 int tpm2_get_timeouts(struct tpm_chip *chip);
-int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
-int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
+int tpm2_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf);
+int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, u32 count,
 		    struct tpm2_digest *digests);
 int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max);
 void tpm2_flush_context_cmd(struct tpm_chip *chip, u32 handle,
diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
index 6b04648f8184..6f306338953b 100644
--- a/drivers/char/tpm/tpm1-cmd.c
+++ b/drivers/char/tpm/tpm1-cmd.c
@@ -449,7 +449,7 @@ int tpm1_get_timeouts(struct tpm_chip *chip)
 }
 
 #define TPM_ORD_PCR_EXTEND 20
-int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
+int tpm1_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash,
 		    const char *log_msg)
 {
 	struct tpm_buf buf;
@@ -572,7 +572,7 @@ int tpm1_get_random(struct tpm_chip *chip, u8 *dest, size_t max)
 }
 
 #define TPM_ORD_PCRREAD 21
-int tpm1_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
+int tpm1_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
 {
 	struct tpm_buf buf;
 	int rc;
@@ -729,7 +729,7 @@ int tpm1_auto_startup(struct tpm_chip *chip)
  * * 0 on success,
  * * < 0 on error.
  */
-int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr)
+int tpm1_pm_suspend(struct tpm_chip *chip, u32 tpm_suspend_pcr)
 {
 	u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 };
 	struct tpm_buf buf;
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index 6ca4fc0a0d6f..ae86fb0218ab 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -175,7 +175,7 @@ struct tpm2_pcr_read_out {
  *
  * Return: Same as with tpm_transmit_cmd.
  */
-int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
+int tpm2_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
 {
 	int rc;
 	struct tpm_buf buf;
@@ -225,7 +225,7 @@ struct tpm2_null_auth_area {
  *
  * Return: Same as with tpm_transmit_cmd.
  */
-int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
+int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, u32 count,
 		    struct tpm2_digest *digests)
 {
 	struct tpm_buf buf;
@@ -272,7 +272,6 @@ int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
 	return rc;
 }
 
-
 struct tpm2_get_random_out {
 	__be16 size;
 	u8 buffer[TPM_MAX_RNG_DATA];
diff --git a/include/linux/tpm.h b/include/linux/tpm.h
index 4609b94142d4..b49a55cf775f 100644
--- a/include/linux/tpm.h
+++ b/include/linux/tpm.h
@@ -53,8 +53,8 @@ struct tpm_class_ops {
 #if defined(CONFIG_TCG_TPM) || defined(CONFIG_TCG_TPM_MODULE)
 
 extern int tpm_is_tpm2(struct tpm_chip *chip);
-extern int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
-extern int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash);
+extern int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf);
+extern int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash);
 extern int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen);
 extern int tpm_get_random(struct tpm_chip *chip, u8 *data, size_t max);
 extern int tpm_seal_trusted(struct tpm_chip *chip,
@@ -69,15 +69,18 @@ static inline int tpm_is_tpm2(struct tpm_chip *chip)
 {
 	return -ENODEV;
 }
-static inline int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
+
+static inline int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
 {
 	return -ENODEV;
 }
-static inline int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx,
+
+static inline int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx,
 				 const u8 *hash)
 {
 	return -ENODEV;
 }
+
 static inline int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen)
 {
 	return -ENODEV;
diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
index 7e7e7e7c250a..959d9edc113a 100644
--- a/security/integrity/ima/ima_crypto.c
+++ b/security/integrity/ima/ima_crypto.c
@@ -629,7 +629,7 @@ int ima_calc_buffer_hash(const void *buf, loff_t len,
 	return calc_buffer_shash(buf, len, hash);
 }
 
-static void __init ima_pcrread(int idx, u8 *pcr)
+static void __init ima_pcrread(u32 idx, u8 *pcr)
 {
 	if (!ima_tpm_chip)
 		return;
@@ -645,7 +645,8 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest,
 					      struct crypto_shash *tfm)
 {
 	u8 pcr_i[TPM_DIGEST_SIZE];
-	int rc, i;
+	int rc;
+	u32 i;
 	SHASH_DESC_ON_STACK(shash, tfm);
 
 	shash->tfm = tfm;
-- 
2.14.4


^ permalink raw reply related	[flat|nested] 39+ messages in thread

* Re: [PATCH v7 01/21] tpm: tpm_i2c_nuvoton: use correct command duration for TPM 2.x
  2018-10-19 18:22 ` [PATCH v7 01/21] tpm: tpm_i2c_nuvoton: use correct command duration for TPM 2.x Tomas Winkler
@ 2018-10-20  0:51   ` Jarkko Sakkinen
  0 siblings, 0 replies; 39+ messages in thread
From: Jarkko Sakkinen @ 2018-10-20  0:51 UTC (permalink / raw)
  To: Tomas Winkler
  Cc: Jarkko Sakkinen, Jason Gunthorpe, Nayna Jain, Alexander Usyskin,
	Tadeusz Struk, linux-integrity, linux-security-module,
	linux-kernel, stable

On Fri, 19 Oct 2018, Tomas Winkler wrote:
> tpm_i2c_nuvoton calculated commands duration using TPM 1.x
> values via tpm_calc_ordinal_duration() also for TPM 2.x chips.
> Call tpm2_calc_ordinal_duration() for retrieving ordinal
> duration for TPM 2.X chips.
>
> Cc: stable@vger.kernel.org
> Cc: Nayna Jain <nayna@linux.vnet.ibm.com>
> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
> Reviewed-by: Nayna Jain <nayna@linux.ibm.com>
> Tested-by: Nayna Jain <nayna@linux.ibm.com> (For TPM 2.0)
> ---
> V7: new in the series.

Please, put change log entries only to the cover letter.

>
> drivers/char/tpm/tpm_i2c_nuvoton.c | 11 +++++++----
> 1 file changed, 7 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm_i2c_nuvoton.c b/drivers/char/tpm/tpm_i2c_nuvoton.c
> index caa86b19c76d..f74f451baf6a 100644
> --- a/drivers/char/tpm/tpm_i2c_nuvoton.c
> +++ b/drivers/char/tpm/tpm_i2c_nuvoton.c
> @@ -369,6 +369,7 @@ static int i2c_nuvoton_send(struct tpm_chip *chip, u8 *buf, size_t len)
> 	struct device *dev = chip->dev.parent;
> 	struct i2c_client *client = to_i2c_client(dev);
> 	u32 ordinal;
> +	unsigned long duration;
> 	size_t count = 0;
> 	int burst_count, bytes2write, retries, rc = -EIO;
>
> @@ -455,10 +456,12 @@ static int i2c_nuvoton_send(struct tpm_chip *chip, u8 *buf, size_t len)
> 		return rc;
> 	}
> 	ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
> -	rc = i2c_nuvoton_wait_for_data_avail(chip,
> -					     tpm_calc_ordinal_duration(chip,
> -								       ordinal),
> -					     &priv->read_queue);
> +	if (chip->flags & TPM_CHIP_FLAG_TPM2)
> +		duration = tpm2_calc_ordinal_duration(chip, ordinal);
> +	else
> +		duration = tpm_calc_ordinal_duration(chip, ordinal);
> +
> +	rc = i2c_nuvoton_wait_for_data_avail(chip, duration, &priv->read_queue);
> 	if (rc) {
> 		dev_err(dev, "%s() timeout command duration\n", __func__);
> 		i2c_nuvoton_ready(chip);
> -- 
> 2.14.4
>
>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

/Jarkko

^ permalink raw reply	[flat|nested] 39+ messages in thread

* Re: [PATCH v7 02/21] tpm2: add new tpm2 commands according to TCG 1.36
  2018-10-19 18:22 ` [PATCH v7 02/21] tpm2: add new tpm2 commands according to TCG 1.36 Tomas Winkler
@ 2018-10-20  0:53   ` Jarkko Sakkinen
  0 siblings, 0 replies; 39+ messages in thread
From: Jarkko Sakkinen @ 2018-10-20  0:53 UTC (permalink / raw)
  To: Tomas Winkler
  Cc: Jarkko Sakkinen, Jason Gunthorpe, Nayna Jain, Alexander Usyskin,
	Tadeusz Struk, linux-integrity, linux-security-module,
	linux-kernel

On Fri, 19 Oct 2018, Tomas Winkler wrote:
> 1. TPM2_CC_LAST has moved from 182 to 193
> 2. Convert tpm2_ordinal_duration from an array into a switch statement,
>   as there are not so many commands that require special duration
>   relative to a number of commands, the switch statement function
>   is called tpm2_ordinal_duration_index().
> 3. Fix kdoc comments for tpm2_calc_ordinal_duration().
>
>
> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
> V2-V3: Rebase.
> V4: 1. Fix kdoc
>    2. Rename tpm2_ordinal_duration() to tpm2_ordinal_duration_index()
>    3. Move the two functions close to each other in the file.
> V5: Adjust the kdoc to the new standard.
> V6: Remove redundant comma in the kdoc.
> V7: Resend.
>
> drivers/char/tpm/tpm.h      |  41 +++++---
> drivers/char/tpm/tpm2-cmd.c | 241 +++++++++++++++++---------------------------
> 2 files changed, 118 insertions(+), 164 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> index f20dc8ece348..0f08518b525d 100644
> --- a/drivers/char/tpm/tpm.h
> +++ b/drivers/char/tpm/tpm.h
> @@ -134,22 +134,31 @@ enum tpm2_algorithms {
> };
>
> enum tpm2_command_codes {
> -	TPM2_CC_FIRST		= 0x011F,
> -	TPM2_CC_CREATE_PRIMARY  = 0x0131,
> -	TPM2_CC_SELF_TEST	= 0x0143,
> -	TPM2_CC_STARTUP		= 0x0144,
> -	TPM2_CC_SHUTDOWN	= 0x0145,
> -	TPM2_CC_CREATE		= 0x0153,
> -	TPM2_CC_LOAD		= 0x0157,
> -	TPM2_CC_UNSEAL		= 0x015E,
> -	TPM2_CC_CONTEXT_LOAD	= 0x0161,
> -	TPM2_CC_CONTEXT_SAVE	= 0x0162,
> -	TPM2_CC_FLUSH_CONTEXT	= 0x0165,
> -	TPM2_CC_GET_CAPABILITY	= 0x017A,
> -	TPM2_CC_GET_RANDOM	= 0x017B,
> -	TPM2_CC_PCR_READ	= 0x017E,
> -	TPM2_CC_PCR_EXTEND	= 0x0182,
> -	TPM2_CC_LAST		= 0x018F,
> +	TPM2_CC_FIRST		        = 0x011F,
> +	TPM2_CC_HIERARCHY_CONTROL       = 0x0121,
> +	TPM2_CC_HIERARCHY_CHANGE_AUTH   = 0x0129,
> +	TPM2_CC_CREATE_PRIMARY          = 0x0131,
> +	TPM2_CC_SEQUENCE_COMPLETE       = 0x013E,
> +	TPM2_CC_SELF_TEST	        = 0x0143,
> +	TPM2_CC_STARTUP		        = 0x0144,
> +	TPM2_CC_SHUTDOWN	        = 0x0145,
> +	TPM2_CC_NV_READ                 = 0x014E,
> +	TPM2_CC_CREATE		        = 0x0153,
> +	TPM2_CC_LOAD		        = 0x0157,
> +	TPM2_CC_SEQUENCE_UPDATE         = 0x015C,
> +	TPM2_CC_UNSEAL		        = 0x015E,
> +	TPM2_CC_CONTEXT_LOAD	        = 0x0161,
> +	TPM2_CC_CONTEXT_SAVE	        = 0x0162,
> +	TPM2_CC_FLUSH_CONTEXT	        = 0x0165,
> +	TPM2_CC_VERIFY_SIGNATURE        = 0x0177,
> +	TPM2_CC_GET_CAPABILITY	        = 0x017A,
> +	TPM2_CC_GET_RANDOM	        = 0x017B,
> +	TPM2_CC_PCR_READ	        = 0x017E,
> +	TPM2_CC_PCR_EXTEND	        = 0x0182,
> +	TPM2_CC_EVENT_SEQUENCE_COMPLETE = 0x0185,
> +	TPM2_CC_HASH_SEQUENCE_START     = 0x0186,
> +	TPM2_CC_CREATE_LOADED           = 0x0191,
> +	TPM2_CC_LAST		        = 0x0193, /* Spec 1.36 */
> };
>
> enum tpm2_permanent_handles {
> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> index 3acf4fd4e5a5..d26b439976bc 100644
> --- a/drivers/char/tpm/tpm2-cmd.c
> +++ b/drivers/char/tpm/tpm2-cmd.c
> @@ -40,129 +40,100 @@ static struct tpm2_hash tpm2_hash_map[] = {
> 	{HASH_ALGO_SM3_256, TPM2_ALG_SM3_256},
> };
>
> -/*
> - * Array with one entry per ordinal defining the maximum amount
> - * of time the chip could take to return the result. The values
> - * of the SHORT, MEDIUM, and LONG durations are taken from the
> - * PC Client Profile (PTP) specification.
> - * LONG_LONG is for commands that generates keys which empirically
> - * takes longer time on some systems.
> +/**
> + * tpm2_ordinal_duration_index() - returns an index to the chip duration table
> + * @ordinal: TPM command ordinal.
> + *
> + * The function returns an index to the chip duration table
> + * (enum tpm_duration), that describes the maximum amount of
> + * time the chip could take to return the result for a  particular ordinal.
> + *
> + * The values of the MEDIUM, and LONG durations are taken
> + * from the PC Client Profile (PTP) specification (750, 2000 msec)
> + *
> + * LONG_LONG is for commands that generates keys which empirically takes
> + * a longer time on some systems.
> + *
> + * Return:
> + * * TPM_MEDIUM
> + * * TPM_LONG
> + * * TPM_LONG_LONG
> + * * TPM_UNDEFINED
>  */
> -static const u8 tpm2_ordinal_duration[TPM2_CC_LAST - TPM2_CC_FIRST + 1] = {
> -	TPM_UNDEFINED,		/* 11F */
> -	TPM_UNDEFINED,		/* 120 */
> -	TPM_LONG,		/* 121 */
> -	TPM_UNDEFINED,		/* 122 */
> -	TPM_UNDEFINED,		/* 123 */
> -	TPM_UNDEFINED,		/* 124 */
> -	TPM_UNDEFINED,		/* 125 */
> -	TPM_UNDEFINED,		/* 126 */
> -	TPM_UNDEFINED,		/* 127 */
> -	TPM_UNDEFINED,		/* 128 */
> -	TPM_LONG,		/* 129 */
> -	TPM_UNDEFINED,		/* 12a */
> -	TPM_UNDEFINED,		/* 12b */
> -	TPM_UNDEFINED,		/* 12c */
> -	TPM_UNDEFINED,		/* 12d */
> -	TPM_UNDEFINED,		/* 12e */
> -	TPM_UNDEFINED,		/* 12f */
> -	TPM_UNDEFINED,		/* 130 */
> -	TPM_LONG_LONG,		/* 131 */
> -	TPM_UNDEFINED,		/* 132 */
> -	TPM_UNDEFINED,		/* 133 */
> -	TPM_UNDEFINED,		/* 134 */
> -	TPM_UNDEFINED,		/* 135 */
> -	TPM_UNDEFINED,		/* 136 */
> -	TPM_UNDEFINED,		/* 137 */
> -	TPM_UNDEFINED,		/* 138 */
> -	TPM_UNDEFINED,		/* 139 */
> -	TPM_UNDEFINED,		/* 13a */
> -	TPM_UNDEFINED,		/* 13b */
> -	TPM_UNDEFINED,		/* 13c */
> -	TPM_UNDEFINED,		/* 13d */
> -	TPM_MEDIUM,		/* 13e */
> -	TPM_UNDEFINED,		/* 13f */
> -	TPM_UNDEFINED,		/* 140 */
> -	TPM_UNDEFINED,		/* 141 */
> -	TPM_UNDEFINED,		/* 142 */
> -	TPM_LONG,		/* 143 */
> -	TPM_MEDIUM,		/* 144 */
> -	TPM_UNDEFINED,		/* 145 */
> -	TPM_UNDEFINED,		/* 146 */
> -	TPM_UNDEFINED,		/* 147 */
> -	TPM_UNDEFINED,		/* 148 */
> -	TPM_UNDEFINED,		/* 149 */
> -	TPM_UNDEFINED,		/* 14a */
> -	TPM_UNDEFINED,		/* 14b */
> -	TPM_UNDEFINED,		/* 14c */
> -	TPM_UNDEFINED,		/* 14d */
> -	TPM_LONG,		/* 14e */
> -	TPM_UNDEFINED,		/* 14f */
> -	TPM_UNDEFINED,		/* 150 */
> -	TPM_UNDEFINED,		/* 151 */
> -	TPM_UNDEFINED,		/* 152 */
> -	TPM_LONG_LONG,		/* 153 */
> -	TPM_UNDEFINED,		/* 154 */
> -	TPM_UNDEFINED,		/* 155 */
> -	TPM_UNDEFINED,		/* 156 */
> -	TPM_UNDEFINED,		/* 157 */
> -	TPM_UNDEFINED,		/* 158 */
> -	TPM_UNDEFINED,		/* 159 */
> -	TPM_UNDEFINED,		/* 15a */
> -	TPM_UNDEFINED,		/* 15b */
> -	TPM_MEDIUM,		/* 15c */
> -	TPM_UNDEFINED,		/* 15d */
> -	TPM_UNDEFINED,		/* 15e */
> -	TPM_UNDEFINED,		/* 15f */
> -	TPM_UNDEFINED,		/* 160 */
> -	TPM_UNDEFINED,		/* 161 */
> -	TPM_UNDEFINED,		/* 162 */
> -	TPM_UNDEFINED,		/* 163 */
> -	TPM_UNDEFINED,		/* 164 */
> -	TPM_UNDEFINED,		/* 165 */
> -	TPM_UNDEFINED,		/* 166 */
> -	TPM_UNDEFINED,		/* 167 */
> -	TPM_UNDEFINED,		/* 168 */
> -	TPM_UNDEFINED,		/* 169 */
> -	TPM_UNDEFINED,		/* 16a */
> -	TPM_UNDEFINED,		/* 16b */
> -	TPM_UNDEFINED,		/* 16c */
> -	TPM_UNDEFINED,		/* 16d */
> -	TPM_UNDEFINED,		/* 16e */
> -	TPM_UNDEFINED,		/* 16f */
> -	TPM_UNDEFINED,		/* 170 */
> -	TPM_UNDEFINED,		/* 171 */
> -	TPM_UNDEFINED,		/* 172 */
> -	TPM_UNDEFINED,		/* 173 */
> -	TPM_UNDEFINED,		/* 174 */
> -	TPM_UNDEFINED,		/* 175 */
> -	TPM_UNDEFINED,		/* 176 */
> -	TPM_LONG,		/* 177 */
> -	TPM_UNDEFINED,		/* 178 */
> -	TPM_UNDEFINED,		/* 179 */
> -	TPM_MEDIUM,		/* 17a */
> -	TPM_LONG,		/* 17b */
> -	TPM_UNDEFINED,		/* 17c */
> -	TPM_UNDEFINED,		/* 17d */
> -	TPM_UNDEFINED,		/* 17e */
> -	TPM_UNDEFINED,		/* 17f */
> -	TPM_UNDEFINED,		/* 180 */
> -	TPM_UNDEFINED,		/* 181 */
> -	TPM_MEDIUM,		/* 182 */
> -	TPM_UNDEFINED,		/* 183 */
> -	TPM_UNDEFINED,		/* 184 */
> -	TPM_MEDIUM,		/* 185 */
> -	TPM_MEDIUM,		/* 186 */
> -	TPM_UNDEFINED,		/* 187 */
> -	TPM_UNDEFINED,		/* 188 */
> -	TPM_UNDEFINED,		/* 189 */
> -	TPM_UNDEFINED,		/* 18a */
> -	TPM_UNDEFINED,		/* 18b */
> -	TPM_UNDEFINED,		/* 18c */
> -	TPM_UNDEFINED,		/* 18d */
> -	TPM_UNDEFINED,		/* 18e */
> -	TPM_UNDEFINED		/* 18f */
> -};
> +static u8 tpm2_ordinal_duration_index(u32 ordinal)
> +{
> +	switch (ordinal) {
> +	/* Startup */
> +	case TPM2_CC_STARTUP:                 /* 144 */
> +		return TPM_MEDIUM;
> +
> +	case TPM2_CC_SELF_TEST:               /* 143 */
> +		return TPM_LONG;
> +
> +	case TPM2_CC_GET_RANDOM:              /* 17B */
> +		return TPM_LONG;
> +
> +	case TPM2_CC_SEQUENCE_UPDATE:         /* 15C */
> +		return TPM_MEDIUM;
> +	case TPM2_CC_SEQUENCE_COMPLETE:       /* 13E */
> +		return TPM_MEDIUM;
> +	case TPM2_CC_EVENT_SEQUENCE_COMPLETE: /* 185 */
> +		return TPM_MEDIUM;
> +	case TPM2_CC_HASH_SEQUENCE_START:     /* 186 */
> +		return TPM_MEDIUM;
> +
> +	case TPM2_CC_VERIFY_SIGNATURE:        /* 177 */
> +		return TPM_LONG;
> +
> +	case TPM2_CC_PCR_EXTEND:              /* 182 */
> +		return TPM_MEDIUM;
> +
> +	case TPM2_CC_HIERARCHY_CONTROL:       /* 121 */
> +		return TPM_LONG;
> +	case TPM2_CC_HIERARCHY_CHANGE_AUTH:   /* 129 */
> +		return TPM_LONG;
> +
> +	case TPM2_CC_GET_CAPABILITY:          /* 17A */
> +		return TPM_MEDIUM;
> +
> +	case TPM2_CC_NV_READ:                 /* 14E */
> +		return TPM_LONG;
> +
> +	case TPM2_CC_CREATE_PRIMARY:          /* 131 */
> +		return TPM_LONG_LONG;
> +	case TPM2_CC_CREATE:                  /* 153 */
> +		return TPM_LONG_LONG;
> +	case TPM2_CC_CREATE_LOADED:           /* 191 */
> +		return TPM_LONG_LONG;
> +
> +	default:
> +		return TPM_UNDEFINED;
> +	}
> +}
> +
> +/**
> + * tpm2_calc_ordinal_duration() - calculate the maximum command duration
> + * @chip:    TPM chip to use.
> + * @ordinal: TPM command ordinal.
> + *
> + * The function returns the maximum amount of time the chip could take
> + * to return the result for a particular ordinal in jiffies.
> + *
> + * Return: A maximal duration time for an ordinal in jiffies.
> + */
> +unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
> +{
> +	unsigned int index;
> +
> +	index = tpm2_ordinal_duration_index(ordinal);
> +
> +	if (index != TPM_UNDEFINED)
> +		return chip->duration[index];
> +	else
> +		return msecs_to_jiffies(TPM2_DURATION_DEFAULT);
> +}
> +EXPORT_SYMBOL_GPL(tpm2_calc_ordinal_duration);
> +
>
> struct tpm2_pcr_read_out {
> 	__be32	update_cnt;
> @@ -748,32 +719,6 @@ void tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type)
> 	tpm_buf_destroy(&buf);
> }
>
> -/*
> - * tpm2_calc_ordinal_duration() - maximum duration for a command
> - *
> - * @chip:	TPM chip to use.
> - * @ordinal:	command code number.
> - *
> - * Return: maximum duration for a command
> - */
> -unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
> -{
> -	int index = TPM_UNDEFINED;
> -	int duration = 0;
> -
> -	if (ordinal >= TPM2_CC_FIRST && ordinal <= TPM2_CC_LAST)
> -		index = tpm2_ordinal_duration[ordinal - TPM2_CC_FIRST];
> -
> -	if (index != TPM_UNDEFINED)
> -		duration = chip->duration[index];
> -
> -	if (duration <= 0)
> -		duration = msecs_to_jiffies(TPM2_DURATION_DEFAULT);
> -
> -	return duration;
> -}
> -EXPORT_SYMBOL_GPL(tpm2_calc_ordinal_duration);
> -
> /**
>  * tpm2_do_selftest() - ensure that all self tests have passed
>  *
> -- 
> 2.14.4
>
>

Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

/Jarkko

^ permalink raw reply	[flat|nested] 39+ messages in thread

* Re: [PATCH v7 04/21] tpm: factor out tpm 1.x duration calculation to tpm1-cmd.c
  2018-10-19 18:22 ` [PATCH v7 04/21] tpm: factor out tpm 1.x duration calculation to tpm1-cmd.c Tomas Winkler
@ 2018-10-20  0:56   ` Jarkko Sakkinen
  0 siblings, 0 replies; 39+ messages in thread
From: Jarkko Sakkinen @ 2018-10-20  0:56 UTC (permalink / raw)
  To: Tomas Winkler
  Cc: Jarkko Sakkinen, Jason Gunthorpe, Nayna Jain, Alexander Usyskin,
	Tadeusz Struk, linux-integrity, linux-security-module,
	linux-kernel

On Fri, 19 Oct 2018, Tomas Winkler wrote:
> Factor out TPM 1.x commands calculation into tpm1-cmd.c file.
> and change the prefix from tpm_ to tpm1_.
> No functional change is done here.
>
> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
> V2-V3: Rebase
> V4: 1. Remove the licence statement it's already covered by SPDX.
>    2. Add kdoc to tpm1_calc_ordinal_duration().
> V5: Adjust the kdoc to the new standard.
> V6: Resend.
> V7: Rebase over nuvoton patch
>
> drivers/char/tpm/Makefile            |   1 +
> drivers/char/tpm/st33zp24/st33zp24.c |   2 +-
> drivers/char/tpm/tpm-interface.c     | 284 +-------------------------------
> drivers/char/tpm/tpm.h               |   2 +-
> drivers/char/tpm/tpm1-cmd.c          | 310 +++++++++++++++++++++++++++++++++++
> drivers/char/tpm/tpm_i2c_nuvoton.c   |   5 +-
> drivers/char/tpm/tpm_tis_core.c      |   2 +-
> drivers/char/tpm/xen-tpmfront.c      |   2 +-
> 8 files changed, 320 insertions(+), 288 deletions(-)
> create mode 100644 drivers/char/tpm/tpm1-cmd.c
>
> diff --git a/drivers/char/tpm/Makefile b/drivers/char/tpm/Makefile
> index efc785053627..a01c4cab902a 100644
> --- a/drivers/char/tpm/Makefile
> +++ b/drivers/char/tpm/Makefile
> @@ -7,6 +7,7 @@ tpm-y := tpm-chip.o
> tpm-y += tpm-dev-common.o
> tpm-y += tpm-dev.o
> tpm-y += tpm-interface.o
> +tpm-y += tpm1-cmd.o
> tpm-y += tpm2-cmd.o
> tpm-y += tpmrm-dev.o
> tpm-y += tpm2-space.o
> diff --git a/drivers/char/tpm/st33zp24/st33zp24.c b/drivers/char/tpm/st33zp24/st33zp24.c
> index abd675bec88c..16be974955ea 100644
> --- a/drivers/char/tpm/st33zp24/st33zp24.c
> +++ b/drivers/char/tpm/st33zp24/st33zp24.c
> @@ -430,7 +430,7 @@ static int st33zp24_send(struct tpm_chip *chip, unsigned char *buf,
> 		ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
>
> 		ret = wait_for_stat(chip, TPM_STS_DATA_AVAIL | TPM_STS_VALID,
> -				tpm_calc_ordinal_duration(chip, ordinal),
> +				tpm1_calc_ordinal_duration(chip, ordinal),
> 				&tpm_dev->read_queue, false);
> 		if (ret < 0)
> 			goto out_err;
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index 95db630dd722..21c6ed2a6bc1 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -33,7 +33,6 @@
>
> #include "tpm.h"
>
> -#define TPM_MAX_ORDINAL 243
> #define TSC_MAX_ORDINAL 12
> #define TPM_PROTECTED_COMMAND 0x00
> #define TPM_CONNECTION_COMMAND 0x40
> @@ -48,285 +47,6 @@ module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644);
> MODULE_PARM_DESC(suspend_pcr,
> 		 "PCR to use for dummy writes to facilitate flush on suspend.");
>
> -/*
> - * Array with one entry per ordinal defining the maximum amount
> - * of time the chip could take to return the result.  The ordinal
> - * designation of short, medium or long is defined in a table in
> - * TCG Specification TPM Main Part 2 TPM Structures Section 17. The
> - * values of the SHORT, MEDIUM, and LONG durations are retrieved
> - * from the chip during initialization with a call to tpm_get_timeouts.
> - */
> -static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = {
> -	TPM_UNDEFINED,		/* 0 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,		/* 5 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_SHORT,		/* 10 */
> -	TPM_SHORT,
> -	TPM_MEDIUM,
> -	TPM_LONG,
> -	TPM_LONG,
> -	TPM_MEDIUM,		/* 15 */
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_MEDIUM,
> -	TPM_LONG,
> -	TPM_SHORT,		/* 20 */
> -	TPM_SHORT,
> -	TPM_MEDIUM,
> -	TPM_MEDIUM,
> -	TPM_MEDIUM,
> -	TPM_SHORT,		/* 25 */
> -	TPM_SHORT,
> -	TPM_MEDIUM,
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_MEDIUM,		/* 30 */
> -	TPM_LONG,
> -	TPM_MEDIUM,
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_SHORT,		/* 35 */
> -	TPM_MEDIUM,
> -	TPM_MEDIUM,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_MEDIUM,		/* 40 */
> -	TPM_LONG,
> -	TPM_MEDIUM,
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_SHORT,		/* 45 */
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_LONG,
> -	TPM_MEDIUM,		/* 50 */
> -	TPM_MEDIUM,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,		/* 55 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_MEDIUM,		/* 60 */
> -	TPM_MEDIUM,
> -	TPM_MEDIUM,
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_MEDIUM,		/* 65 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_SHORT,		/* 70 */
> -	TPM_SHORT,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,		/* 75 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_LONG,		/* 80 */
> -	TPM_UNDEFINED,
> -	TPM_MEDIUM,
> -	TPM_LONG,
> -	TPM_SHORT,
> -	TPM_UNDEFINED,		/* 85 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_SHORT,		/* 90 */
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_UNDEFINED,		/* 95 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_MEDIUM,		/* 100 */
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,		/* 105 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_SHORT,		/* 110 */
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_SHORT,		/* 115 */
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_LONG,		/* 120 */
> -	TPM_LONG,
> -	TPM_MEDIUM,
> -	TPM_UNDEFINED,
> -	TPM_SHORT,
> -	TPM_SHORT,		/* 125 */
> -	TPM_SHORT,
> -	TPM_LONG,
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_SHORT,		/* 130 */
> -	TPM_MEDIUM,
> -	TPM_UNDEFINED,
> -	TPM_SHORT,
> -	TPM_MEDIUM,
> -	TPM_UNDEFINED,		/* 135 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_SHORT,		/* 140 */
> -	TPM_SHORT,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,		/* 145 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_SHORT,		/* 150 */
> -	TPM_MEDIUM,
> -	TPM_MEDIUM,
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_UNDEFINED,		/* 155 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_SHORT,		/* 160 */
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,		/* 165 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_LONG,		/* 170 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,		/* 175 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_MEDIUM,		/* 180 */
> -	TPM_SHORT,
> -	TPM_MEDIUM,
> -	TPM_MEDIUM,
> -	TPM_MEDIUM,
> -	TPM_MEDIUM,		/* 185 */
> -	TPM_SHORT,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,		/* 190 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,		/* 195 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_SHORT,		/* 200 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_SHORT,
> -	TPM_SHORT,		/* 205 */
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_MEDIUM,		/* 210 */
> -	TPM_UNDEFINED,
> -	TPM_MEDIUM,
> -	TPM_MEDIUM,
> -	TPM_MEDIUM,
> -	TPM_UNDEFINED,		/* 215 */
> -	TPM_MEDIUM,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_SHORT,
> -	TPM_SHORT,		/* 220 */
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_SHORT,
> -	TPM_UNDEFINED,		/* 225 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_SHORT,		/* 230 */
> -	TPM_LONG,
> -	TPM_MEDIUM,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,		/* 235 */
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_UNDEFINED,
> -	TPM_SHORT,		/* 240 */
> -	TPM_UNDEFINED,
> -	TPM_MEDIUM,
> -};
> -
> -/*
> - * Returns max number of jiffies to wait
> - */
> -unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip,
> -					   u32 ordinal)
> -{
> -	int duration_idx = TPM_UNDEFINED;
> -	int duration = 0;
> -
> -	/*
> -	 * We only have a duration table for protected commands, where the upper
> -	 * 16 bits are 0. For the few other ordinals the fallback will be used.
> -	 */
> -	if (ordinal < TPM_MAX_ORDINAL)
> -		duration_idx = tpm_ordinal_duration[ordinal];
> -
> -	if (duration_idx != TPM_UNDEFINED)
> -		duration = chip->duration[duration_idx];
> -	if (duration <= 0)
> -		return 2 * 60 * HZ;
> -	else
> -		return duration;
> -}
> -EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration);
> -
> static int tpm_validate_command(struct tpm_chip *chip,
> 				 struct tpm_space *space,
> 				 const u8 *cmd,
> @@ -505,7 +225,7 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip,
> 	if (chip->flags & TPM_CHIP_FLAG_TPM2)
> 		stop = jiffies + tpm2_calc_ordinal_duration(chip, ordinal);
> 	else
> -		stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal);
> +		stop = jiffies + tpm1_calc_ordinal_duration(chip, ordinal);
> 	do {
> 		u8 status = chip->ops->status(chip);
> 		if ((status & chip->ops->req_complete_mask) ==
> @@ -1087,7 +807,7 @@ int tpm_do_selftest(struct tpm_chip *chip)
> 	unsigned long duration;
> 	u8 dummy[TPM_DIGEST_SIZE];
>
> -	duration = tpm_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST);
> +	duration = tpm1_calc_ordinal_duration(chip, TPM_ORD_CONTINUE_SELFTEST);
>
> 	loops = jiffies_to_msecs(duration) / delay_msec;
>
> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> index 0f08518b525d..c59d2c20c339 100644
> --- a/drivers/char/tpm/tpm.h
> +++ b/drivers/char/tpm/tpm.h
> @@ -546,7 +546,7 @@ ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
> int tpm_get_timeouts(struct tpm_chip *);
> int tpm1_auto_startup(struct tpm_chip *chip);
> int tpm_do_selftest(struct tpm_chip *chip);
> -unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
> +unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
> int tpm_pm_suspend(struct device *dev);
> int tpm_pm_resume(struct device *dev);
>
> diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
> new file mode 100644
> index 000000000000..991260134659
> --- /dev/null
> +++ b/drivers/char/tpm/tpm1-cmd.c
> @@ -0,0 +1,310 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) 2004 IBM Corporation
> + * Copyright (C) 2014 Intel Corporation
> + *
> + * Authors:
> + * Leendert van Doorn <leendert@watson.ibm.com>
> + * Dave Safford <safford@watson.ibm.com>
> + * Reiner Sailer <sailer@watson.ibm.com>
> + * Kylene Hall <kjhall@us.ibm.com>
> + *
> + * Device driver for TCG/TCPA TPM (trusted platform module).
> + * Specifications at www.trustedcomputinggroup.org
> + */
> +
> +#include <linux/poll.h>
> +#include <linux/slab.h>
> +#include <linux/mutex.h>
> +#include <linux/spinlock.h>
> +#include <linux/freezer.h>
> +#include <linux/tpm_eventlog.h>
> +
> +#include "tpm.h"
> +
> +#define TPM_MAX_ORDINAL 243
> +
> +/*
> + * Array with one entry per ordinal defining the maximum amount
> + * of time the chip could take to return the result.  The ordinal
> + * designation of short, medium or long is defined in a table in
> + * TCG Specification TPM Main Part 2 TPM Structures Section 17. The
> + * values of the SHORT, MEDIUM, and LONG durations are retrieved
> + * from the chip during initialization with a call to tpm_get_timeouts.
> + */
> +static const u8 tpm1_ordinal_duration[TPM_MAX_ORDINAL] = {
> +	TPM_UNDEFINED,		/* 0 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,		/* 5 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_SHORT,		/* 10 */
> +	TPM_SHORT,
> +	TPM_MEDIUM,
> +	TPM_LONG,
> +	TPM_LONG,
> +	TPM_MEDIUM,		/* 15 */
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_MEDIUM,
> +	TPM_LONG,
> +	TPM_SHORT,		/* 20 */
> +	TPM_SHORT,
> +	TPM_MEDIUM,
> +	TPM_MEDIUM,
> +	TPM_MEDIUM,
> +	TPM_SHORT,		/* 25 */
> +	TPM_SHORT,
> +	TPM_MEDIUM,
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_MEDIUM,		/* 30 */
> +	TPM_LONG,
> +	TPM_MEDIUM,
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_SHORT,		/* 35 */
> +	TPM_MEDIUM,
> +	TPM_MEDIUM,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_MEDIUM,		/* 40 */
> +	TPM_LONG,
> +	TPM_MEDIUM,
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_SHORT,		/* 45 */
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_LONG,
> +	TPM_MEDIUM,		/* 50 */
> +	TPM_MEDIUM,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,		/* 55 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_MEDIUM,		/* 60 */
> +	TPM_MEDIUM,
> +	TPM_MEDIUM,
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_MEDIUM,		/* 65 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_SHORT,		/* 70 */
> +	TPM_SHORT,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,		/* 75 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_LONG,		/* 80 */
> +	TPM_UNDEFINED,
> +	TPM_MEDIUM,
> +	TPM_LONG,
> +	TPM_SHORT,
> +	TPM_UNDEFINED,		/* 85 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_SHORT,		/* 90 */
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_UNDEFINED,		/* 95 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_MEDIUM,		/* 100 */
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,		/* 105 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_SHORT,		/* 110 */
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_SHORT,		/* 115 */
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_LONG,		/* 120 */
> +	TPM_LONG,
> +	TPM_MEDIUM,
> +	TPM_UNDEFINED,
> +	TPM_SHORT,
> +	TPM_SHORT,		/* 125 */
> +	TPM_SHORT,
> +	TPM_LONG,
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_SHORT,		/* 130 */
> +	TPM_MEDIUM,
> +	TPM_UNDEFINED,
> +	TPM_SHORT,
> +	TPM_MEDIUM,
> +	TPM_UNDEFINED,		/* 135 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_SHORT,		/* 140 */
> +	TPM_SHORT,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,		/* 145 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_SHORT,		/* 150 */
> +	TPM_MEDIUM,
> +	TPM_MEDIUM,
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_UNDEFINED,		/* 155 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_SHORT,		/* 160 */
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,		/* 165 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_LONG,		/* 170 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,		/* 175 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_MEDIUM,		/* 180 */
> +	TPM_SHORT,
> +	TPM_MEDIUM,
> +	TPM_MEDIUM,
> +	TPM_MEDIUM,
> +	TPM_MEDIUM,		/* 185 */
> +	TPM_SHORT,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,		/* 190 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,		/* 195 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_SHORT,		/* 200 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_SHORT,
> +	TPM_SHORT,		/* 205 */
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_MEDIUM,		/* 210 */
> +	TPM_UNDEFINED,
> +	TPM_MEDIUM,
> +	TPM_MEDIUM,
> +	TPM_MEDIUM,
> +	TPM_UNDEFINED,		/* 215 */
> +	TPM_MEDIUM,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_SHORT,
> +	TPM_SHORT,		/* 220 */
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_SHORT,
> +	TPM_UNDEFINED,		/* 225 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_SHORT,		/* 230 */
> +	TPM_LONG,
> +	TPM_MEDIUM,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,		/* 235 */
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_UNDEFINED,
> +	TPM_SHORT,		/* 240 */
> +	TPM_UNDEFINED,
> +	TPM_MEDIUM,
> +};
> +
> +/**
> + * tpm1_calc_ordinal_duration() - calculate the maximum command duration
> + * @chip:    TPM chip to use.
> + * @ordinal: TPM command ordinal.
> + *
> + * The function returns the maximum amount of time the chip could take
> + * to return the result for a particular ordinal in jiffies.
> + *
> + * Return: A maximal duration time for an ordinal in jiffies.
> + */
> +unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
> +{
> +	int duration_idx = TPM_UNDEFINED;
> +	int duration = 0;
> +
> +	/*
> +	 * We only have a duration table for protected commands, where the upper
> +	 * 16 bits are 0. For the few other ordinals the fallback will be used.
> +	 */
> +	if (ordinal < TPM_MAX_ORDINAL)
> +		duration_idx = tpm1_ordinal_duration[ordinal];
> +
> +	if (duration_idx != TPM_UNDEFINED)
> +		duration = chip->duration[duration_idx];
> +	if (duration <= 0)
> +		return 2 * 60 * HZ;
> +	else
> +		return duration;
> +}
> +EXPORT_SYMBOL_GPL(tpm1_calc_ordinal_duration);
> diff --git a/drivers/char/tpm/tpm_i2c_nuvoton.c b/drivers/char/tpm/tpm_i2c_nuvoton.c
> index f74f451baf6a..ad76482ee387 100644
> --- a/drivers/char/tpm/tpm_i2c_nuvoton.c
> +++ b/drivers/char/tpm/tpm_i2c_nuvoton.c
> @@ -459,11 +459,12 @@ static int i2c_nuvoton_send(struct tpm_chip *chip, u8 *buf, size_t len)
> 	if (chip->flags & TPM_CHIP_FLAG_TPM2)
> 		duration = tpm2_calc_ordinal_duration(chip, ordinal);
> 	else
> -		duration = tpm_calc_ordinal_duration(chip, ordinal);
> +		duration = tpm1_calc_ordinal_duration(chip, ordinal);
>
> 	rc = i2c_nuvoton_wait_for_data_avail(chip, duration, &priv->read_queue);
> 	if (rc) {
> -		dev_err(dev, "%s() timeout command duration\n", __func__);
> +		dev_err(dev, "%s() timeout command duration %ld\n",
> +			__func__, duration);
> 		i2c_nuvoton_ready(chip);
> 		return rc;
> 	}
> diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c
> index d2345d9fd7b5..14c332104de4 100644
> --- a/drivers/char/tpm/tpm_tis_core.c
> +++ b/drivers/char/tpm/tpm_tis_core.c
> @@ -476,7 +476,7 @@ static int tpm_tis_send_main(struct tpm_chip *chip, const u8 *buf, size_t len)
> 		if (chip->flags & TPM_CHIP_FLAG_TPM2)
> 			dur = tpm2_calc_ordinal_duration(chip, ordinal);
> 		else
> -			dur = tpm_calc_ordinal_duration(chip, ordinal);
> +			dur = tpm1_calc_ordinal_duration(chip, ordinal);
>
> 		if (wait_for_tpm_stat
> 		    (chip, TPM_STS_DATA_AVAIL | TPM_STS_VALID, dur,
> diff --git a/drivers/char/tpm/xen-tpmfront.c b/drivers/char/tpm/xen-tpmfront.c
> index b150f87f38f5..77097229bf49 100644
> --- a/drivers/char/tpm/xen-tpmfront.c
> +++ b/drivers/char/tpm/xen-tpmfront.c
> @@ -164,7 +164,7 @@ static int vtpm_send(struct tpm_chip *chip, u8 *buf, size_t count)
> 	notify_remote_via_evtchn(priv->evtchn);
>
> 	ordinal = be32_to_cpu(((struct tpm_input_header*)buf)->ordinal);
> -	duration = tpm_calc_ordinal_duration(chip, ordinal);
> +	duration = tpm1_calc_ordinal_duration(chip, ordinal);
>
> 	if (wait_for_tpm_stat(chip, VTPM_STATUS_IDLE, duration,
> 			&priv->read_queue, true) < 0) {
> -- 
> 2.14.4
>
>

Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

/Jarkko

^ permalink raw reply	[flat|nested] 39+ messages in thread

* Re: [PATCH v7 09/21] tpm: factor out tpm1_get_random into tpm1-cmd.c
  2018-10-19 18:22 ` [PATCH v7 09/21] tpm: factor out tpm1_get_random into tpm1-cmd.c Tomas Winkler
@ 2018-10-20  0:58   ` Jarkko Sakkinen
  2018-10-23 18:42   ` Jarkko Sakkinen
  1 sibling, 0 replies; 39+ messages in thread
From: Jarkko Sakkinen @ 2018-10-20  0:58 UTC (permalink / raw)
  To: Tomas Winkler
  Cc: Jarkko Sakkinen, Jason Gunthorpe, Nayna Jain, Alexander Usyskin,
	Tadeusz Struk, linux-integrity, linux-security-module,
	linux-kernel

On Fri, 19 Oct 2018, Tomas Winkler wrote:
> Factor out get random implementation from tpm-interface.c
> into tpm1_get_random function in tpm1-cmd.c.
> No functional changes.
>
> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
> Reviewed-by: Jarkko Sakkine <jarkko.sakkinen@linux.intel.com>

*If* there is need for a new version can you change that to:

Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

Otherwise, I can fix it.

/Jarkko

^ permalink raw reply	[flat|nested] 39+ messages in thread

* Re: [PATCH v7 11/21] tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c
  2018-10-19 18:22 ` [PATCH v7 11/21] tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c Tomas Winkler
@ 2018-10-20  1:05   ` Jarkko Sakkinen
  2018-10-23 18:43   ` Jarkko Sakkinen
  1 sibling, 0 replies; 39+ messages in thread
From: Jarkko Sakkinen @ 2018-10-20  1:05 UTC (permalink / raw)
  To: Tomas Winkler
  Cc: Jarkko Sakkinen, Jason Gunthorpe, Nayna Jain, Alexander Usyskin,
	Tadeusz Struk, linux-integrity, linux-security-module,
	linux-kernel

On Fri, 19 Oct 2018, Tomas Winkler wrote:
> Factor out TPM 1.x suspend flow from tpm-interface.c into a new function
> tpm1_pm_suspend() in tpm1-cmd.c
>
> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>

Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

I'll test this later.

/Jarkko

^ permalink raw reply	[flat|nested] 39+ messages in thread

* Re: [PATCH v7 12/21] tpm: factor out tpm_startup function
  2018-10-19 18:22 ` [PATCH v7 12/21] tpm: factor out tpm_startup function Tomas Winkler
@ 2018-10-20  1:06   ` Jarkko Sakkinen
  0 siblings, 0 replies; 39+ messages in thread
From: Jarkko Sakkinen @ 2018-10-20  1:06 UTC (permalink / raw)
  To: Tomas Winkler
  Cc: Jarkko Sakkinen, Jason Gunthorpe, Nayna Jain, Alexander Usyskin,
	Tadeusz Struk, linux-integrity, linux-security-module,
	linux-kernel

On Fri, 19 Oct 2018, Tomas Winkler wrote:
> TPM manual startup is used only from within TPM 1.x or TPM 2.x
> code, hence remove tpm_startup() function from tpm-interface.c
> and add two static functions implementations tpm1_startup()
> and tpm2_startup() into to tpm1-cmd.c and tpm2-cmd.c respectively.
>
> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
> V2-V2: Resend.
> V4: Fix the commit message.
> V5: 1. A small fix in the kdoc.
>    2. Fixed Jarkko's name in Tested-by.
> V6: Rebase.
> V7: Resend.
>
> drivers/char/tpm/tpm-interface.c | 41 ----------------------------------------
> drivers/char/tpm/tpm.h           |  1 -
> drivers/char/tpm/tpm1-cmd.c      | 37 +++++++++++++++++++++++++++++++++++-
> drivers/char/tpm/tpm2-cmd.c      | 34 +++++++++++++++++++++++++++++++--
> 4 files changed, 68 insertions(+), 45 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index e7f220f691f9..54b81700561b 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -414,47 +414,6 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space,
> }
> EXPORT_SYMBOL_GPL(tpm_transmit_cmd);
>
> -#define TPM_ORD_STARTUP 153
> -#define TPM_ST_CLEAR 1
> -
> -/**
> - * tpm_startup - turn on the TPM
> - * @chip: TPM chip to use
> - *
> - * Normally the firmware should start the TPM. This function is provided as a
> - * workaround if this does not happen. A legal case for this could be for
> - * example when a TPM emulator is used.
> - *
> - * Return: same as tpm_transmit_cmd()
> - */
> -int tpm_startup(struct tpm_chip *chip)
> -{
> -	struct tpm_buf buf;
> -	int rc;
> -
> -	dev_info(&chip->dev, "starting up the TPM manually\n");
> -
> -	if (chip->flags & TPM_CHIP_FLAG_TPM2) {
> -		rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_STARTUP);
> -		if (rc < 0)
> -			return rc;
> -
> -		tpm_buf_append_u16(&buf, TPM2_SU_CLEAR);
> -	} else {
> -		rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_STARTUP);
> -		if (rc < 0)
> -			return rc;
> -
> -		tpm_buf_append_u16(&buf, TPM_ST_CLEAR);
> -	}
> -
> -	rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0,
> -			      "attempting to start the TPM");
> -
> -	tpm_buf_destroy(&buf);
> -	return rc;
> -}
> -
> int tpm_get_timeouts(struct tpm_chip *chip)
> {
> 	if (chip->flags & TPM_CHIP_FLAG_HAVE_TIMEOUTS)
> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> index 754f7bcb15fa..2eb73f6966c3 100644
> --- a/drivers/char/tpm/tpm.h
> +++ b/drivers/char/tpm/tpm.h
> @@ -540,7 +540,6 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space,
> 			 void *buf, size_t bufsiz,
> 			 size_t min_rsp_body_length, unsigned int flags,
> 			 const char *desc);
> -int tpm_startup(struct tpm_chip *chip);
> int tpm_get_timeouts(struct tpm_chip *);
>
> int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr);
> diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
> index 3bd9f1fa77ce..8a84db315676 100644
> --- a/drivers/char/tpm/tpm1-cmd.c
> +++ b/drivers/char/tpm/tpm1-cmd.c
> @@ -308,6 +308,40 @@ unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
> 		return duration;
> }
>
> +#define TPM_ORD_STARTUP 153
> +#define TPM_ST_CLEAR 1
> +
> +/**
> + * tpm_startup() - turn on the TPM
> + * @chip: TPM chip to use
> + *
> + * Normally the firmware should start the TPM. This function is provided as a
> + * workaround if this does not happen. A legal case for this could be for
> + * example when a TPM emulator is used.
> + *
> + * Return: same as tpm_transmit_cmd()
> + */
> +static int tpm1_startup(struct tpm_chip *chip)
> +{
> +	struct tpm_buf buf;
> +	int rc;
> +
> +	dev_info(&chip->dev, "starting up the TPM manually\n");
> +
> +	rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_STARTUP);
> +	if (rc < 0)
> +		return rc;
> +
> +	tpm_buf_append_u16(&buf, TPM_ST_CLEAR);
> +
> +	rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0,
> +			      "attempting to start the TPM");
> +
> +	tpm_buf_destroy(&buf);
> +
> +	return rc;
> +}
> +
> int tpm1_get_timeouts(struct tpm_chip *chip)
> {
> 	cap_t cap;
> @@ -317,7 +351,7 @@ int tpm1_get_timeouts(struct tpm_chip *chip)
> 	rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL,
> 			 sizeof(cap.timeout));
> 	if (rc == TPM_ERR_INVALID_POSTINIT) {
> -		if (tpm_startup(chip))
> +		if (tpm1_startup(chip))
> 			return rc;
>
> 		rc = tpm1_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap,
> @@ -727,3 +761,4 @@ int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr)
>
> 	return rc;
> }
> +
> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> index dd2e98f4de08..6ca4fc0a0d6f 100644
> --- a/drivers/char/tpm/tpm2-cmd.c
> +++ b/drivers/char/tpm/tpm2-cmd.c
> @@ -948,6 +948,36 @@ static int tpm2_get_cc_attrs_tbl(struct tpm_chip *chip)
> 	return rc;
> }
>
> +/**
> + * tpm2_startup - turn on the TPM
> + * @chip: TPM chip to use
> + *
> + * Normally the firmware should start the TPM. This function is provided as a
> + * workaround if this does not happen. A legal case for this could be for
> + * example when a TPM emulator is used.
> + *
> + * Return: same as tpm_transmit_cmd()
> + */
> +
> +static int tpm2_startup(struct tpm_chip *chip)
> +{
> +	struct tpm_buf buf;
> +	int rc;
> +
> +	dev_info(&chip->dev, "starting up the TPM manually\n");
> +
> +	rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_STARTUP);
> +	if (rc < 0)
> +		return rc;
> +
> +	tpm_buf_append_u16(&buf, TPM2_SU_CLEAR);
> +	rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0,
> +			      "attempting to start the TPM");
> +	tpm_buf_destroy(&buf);
> +
> +	return rc;
> +}
> +
> /**
>  * tpm2_auto_startup - Perform the standard automatic TPM initialization
>  *                     sequence
> @@ -959,7 +989,7 @@ int tpm2_auto_startup(struct tpm_chip *chip)
> {
> 	int rc;
>
> -	rc = tpm_get_timeouts(chip);
> +	rc = tpm2_get_timeouts(chip);
> 	if (rc)
> 		goto out;
>
> @@ -968,7 +998,7 @@ int tpm2_auto_startup(struct tpm_chip *chip)
> 		goto out;
>
> 	if (rc == TPM2_RC_INITIALIZE) {
> -		rc = tpm_startup(chip);
> +		rc = tpm2_startup(chip);
> 		if (rc)
> 			goto out;
>
> -- 
> 2.14.4
>
>

Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

/Jarkko

^ permalink raw reply	[flat|nested] 39+ messages in thread

* Re: [PATCH v7 13/21] tpm: add tpm_auto_startup() into tpm-interface.c
  2018-10-19 18:22 ` [PATCH v7 13/21] tpm: add tpm_auto_startup() into tpm-interface.c Tomas Winkler
@ 2018-10-20  1:09   ` Jarkko Sakkinen
  0 siblings, 0 replies; 39+ messages in thread
From: Jarkko Sakkinen @ 2018-10-20  1:09 UTC (permalink / raw)
  To: Tomas Winkler
  Cc: Jarkko Sakkinen, Jason Gunthorpe, Nayna Jain, Alexander Usyskin,
	Tadeusz Struk, linux-integrity, linux-security-module,
	linux-kernel

On Fri, 19 Oct 2018, Tomas Winkler wrote:
> Add wrapper tpm_auto_startup() to tpm-interface.c
> instead of open coded decision between TPM 1.x and TPM 2.x
> in tpm-chip.c
>
> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
> V3: New in the series.
> V4: Fix the commit message.
> V5-7: Resend.
>
> drivers/char/tpm/tpm-chip.c      | 11 +++--------
> drivers/char/tpm/tpm-interface.c | 15 +++++++++++++++
> drivers/char/tpm/tpm.h           |  1 +
> 3 files changed, 19 insertions(+), 8 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
> index 46caadca916a..32db84683c40 100644
> --- a/drivers/char/tpm/tpm-chip.c
> +++ b/drivers/char/tpm/tpm-chip.c
> @@ -451,14 +451,9 @@ int tpm_chip_register(struct tpm_chip *chip)
> {
> 	int rc;
>
> -	if (chip->ops->flags & TPM_OPS_AUTO_STARTUP) {
> -		if (chip->flags & TPM_CHIP_FLAG_TPM2)
> -			rc = tpm2_auto_startup(chip);
> -		else
> -			rc = tpm1_auto_startup(chip);
> -		if (rc)
> -			return rc;
> -	}
> +	rc = tpm_auto_startup(chip);
> +	if (rc)
> +		return rc;
>
> 	tpm_sysfs_add_device(chip);
>
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index 54b81700561b..69e007a198ce 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -545,6 +545,21 @@ int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen)
> }
> EXPORT_SYMBOL_GPL(tpm_send);
>
> +int tpm_auto_startup(struct tpm_chip *chip)
> +{
> +	int rc;
> +
> +	if (!(chip->ops->flags & TPM_OPS_AUTO_STARTUP))
> +		return 0;
> +
> +	if (chip->flags & TPM_CHIP_FLAG_TPM2)
> +		rc = tpm2_auto_startup(chip);
> +	else
> +		rc = tpm1_auto_startup(chip);
> +
> +	return rc;
> +}
> +
> /*
>  * We are about to suspend. Save the TPM state
>  * so that it can be restored.
> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> index 2eb73f6966c3..daca1d0190b1 100644
> --- a/drivers/char/tpm/tpm.h
> +++ b/drivers/char/tpm/tpm.h
> @@ -541,6 +541,7 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space,
> 			 size_t min_rsp_body_length, unsigned int flags,
> 			 const char *desc);
> int tpm_get_timeouts(struct tpm_chip *);
> +int tpm_auto_startup(struct tpm_chip *chip);
>
> int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr);
> int tpm1_auto_startup(struct tpm_chip *chip);
> -- 
> 2.14.4
>
>

Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

/Jarkko

^ permalink raw reply	[flat|nested] 39+ messages in thread

* Re: [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands
  2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
                   ` (20 preceding siblings ...)
  2018-10-19 18:23 ` [PATCH v7 21/21] tpm: use u32 instead of int for PCR index Tomas Winkler
@ 2018-10-20  1:19 ` Jarkko Sakkinen
  2018-10-22 17:12   ` Winkler, Tomas
  21 siblings, 1 reply; 39+ messages in thread
From: Jarkko Sakkinen @ 2018-10-20  1:19 UTC (permalink / raw)
  To: Tomas Winkler
  Cc: Jarkko Sakkinen, Jason Gunthorpe, Nayna Jain, Alexander Usyskin,
	Tadeusz Struk, linux-integrity, linux-security-module,
	linux-kernel

On Fri, 19 Oct 2018, Tomas Winkler wrote:
> This patch series provides initial separation of tpm 1.x and tpm 2.x
> commands, in foresight that the tpm 1.x chips will eventually phase out
> and can be compiled out for modern systems.
> A new file is added tpm1-cmd.c that contains tpm 1.x specific commands.
> In addition, tpm 1.x commands are now implemented using tpm_buf
> structure and instead of tpm_cmd_t construct. The latter is now removed.
>
> Note: my tpm 1.x HW availability is limited hence some more testing is needed.
>
> This series also contains two trivial cleanups and addition of new
> commands by TCG spec 1.36, now supported on new Intet's platforms.
>
> V6: 1. Dropping tpm: move pcr extend code to tpm2-cmd.c and rebasing code over that change
>    2. Trivial fixes in kdoc and header
> V7: 1. Add backportable patch for nuvoton duration calculation
>    2. Rebase durations patches over it.
>    3. Fix notorious typo tmp->tpm
>
>
> Tomas Winkler (21):
>  tpm: tpm_i2c_nuvoton: use correct command duration for TPM 2.x
>  tpm2: add new tpm2 commands according to TCG 1.36
>  tpm: sort objects in the Makefile
>  tpm: factor out tpm 1.x duration calculation to tpm1-cmd.c
>  tpm: add tpm_calc_ordinal_duration() wrapper
>  tpm: factor out tpm_get_timeouts()
>  tpm: move tpm1_pcr_extend to tpm1-cmd.c
>  tpm: move tpm_getcap to tpm1-cmd.c
>  tpm: factor out tpm1_get_random into tpm1-cmd.c
>  tpm: move tpm 1.x selftest code from tpm-interface.c tpm1-cmd.c
>  tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c
>  tpm: factor out tpm_startup function
>  tpm: add tpm_auto_startup() into tpm-interface.c
>  tpm: tpm-interface.c drop unused macros
>  tpm: tpm-space.c remove unneeded semicolon
>  tpm: tpm1: rewrite tpm1_get_random() using tpm_buf structure
>  tpm1: implement tpm1_pcr_read_dev() using tpm_buf structure
>  tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read()
>  tpm1: reimplement SAVESTATE using tpm_buf
>  tpm1: reimplement tpm1_continue_selftest() using tpm_buf
>  tpm: use u32 instead of int for PCR index
>
> drivers/char/tpm/Makefile            |  16 +-
> drivers/char/tpm/st33zp24/st33zp24.c |   2 +-
> drivers/char/tpm/tpm-chip.c          |  11 +-
> drivers/char/tpm/tpm-interface.c     | 817 +++--------------------------------
> drivers/char/tpm/tpm-sysfs.c         |  52 +--
> drivers/char/tpm/tpm.h               |  97 ++---
> drivers/char/tpm/tpm1-cmd.c          | 781 +++++++++++++++++++++++++++++++++
> drivers/char/tpm/tpm2-cmd.c          | 301 +++++++------
> drivers/char/tpm/tpm2-space.c        |   2 +-
> drivers/char/tpm/tpm_i2c_nuvoton.c   |  11 +-
> drivers/char/tpm/tpm_tis_core.c      |  10 +-
> include/linux/tpm.h                  |  11 +-
> security/integrity/ima/ima_crypto.c  |   5 +-
> 13 files changed, 1082 insertions(+), 1034 deletions(-)
> create mode 100644 drivers/char/tpm/tpm1-cmd.c
>
> -- 
> 2.14.4
>
>

Starts to look reosonable:

https://patchwork.kernel.org/project/linux-integrity/list/?series=33257

This is the list of patches (assuming that I didn't miss anything) that
still need tested-by tags:

- tpm: factor out tpm1_get_random into tpm1-cmd.c
- tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c
- tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read()
   (the subsystem tag is wrong in this, just noticed, should be 'tpm:')
- tpm: use u32 instead of int for PCR index

/Jarkko

^ permalink raw reply	[flat|nested] 39+ messages in thread

* RE: [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands
  2018-10-20  1:19 ` [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Jarkko Sakkinen
@ 2018-10-22 17:12   ` Winkler, Tomas
  2018-10-23 13:14     ` Jarkko Sakkinen
  0 siblings, 1 reply; 39+ messages in thread
From: Winkler, Tomas @ 2018-10-22 17:12 UTC (permalink / raw)
  To: Jarkko Sakkinen
  Cc: Jason Gunthorpe, Nayna Jain, Usyskin, Alexander, Struk, Tadeusz,
	linux-integrity, linux-security-module, linux-kernel

> 
> On Fri, 19 Oct 2018, Tomas Winkler wrote:
> > This patch series provides initial separation of tpm 1.x and tpm 2.x
> > commands, in foresight that the tpm 1.x chips will eventually phase
> > out and can be compiled out for modern systems.
> > A new file is added tpm1-cmd.c that contains tpm 1.x specific commands.
> > In addition, tpm 1.x commands are now implemented using tpm_buf
> > structure and instead of tpm_cmd_t construct. The latter is now removed.
> >
> > Note: my tpm 1.x HW availability is limited hence some more testing is
> needed.
> >
> > This series also contains two trivial cleanups and addition of new
> > commands by TCG spec 1.36, now supported on new Intet's platforms.
> >
> > V6: 1. Dropping tpm: move pcr extend code to tpm2-cmd.c and rebasing
> code over that change
> >    2. Trivial fixes in kdoc and header
> > V7: 1. Add backportable patch for nuvoton duration calculation
> >    2. Rebase durations patches over it.
> >    3. Fix notorious typo tmp->tpm
> >
> >
> > Tomas Winkler (21):
> >  tpm: tpm_i2c_nuvoton: use correct command duration for TPM 2.x
> >  tpm2: add new tpm2 commands according to TCG 1.36
> >  tpm: sort objects in the Makefile
> >  tpm: factor out tpm 1.x duration calculation to tpm1-cmd.c
> >  tpm: add tpm_calc_ordinal_duration() wrapper
> >  tpm: factor out tpm_get_timeouts()
> >  tpm: move tpm1_pcr_extend to tpm1-cmd.c
> >  tpm: move tpm_getcap to tpm1-cmd.c
> >  tpm: factor out tpm1_get_random into tpm1-cmd.c
> >  tpm: move tpm 1.x selftest code from tpm-interface.c tpm1-cmd.c
> >  tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c
> >  tpm: factor out tpm_startup function
> >  tpm: add tpm_auto_startup() into tpm-interface.c
> >  tpm: tpm-interface.c drop unused macros
> >  tpm: tpm-space.c remove unneeded semicolon
> >  tpm: tpm1: rewrite tpm1_get_random() using tpm_buf structure
> >  tpm1: implement tpm1_pcr_read_dev() using tpm_buf structure
> >  tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read()
> >  tpm1: reimplement SAVESTATE using tpm_buf
> >  tpm1: reimplement tpm1_continue_selftest() using tpm_buf
> >  tpm: use u32 instead of int for PCR index
> >
> > drivers/char/tpm/Makefile            |  16 +-
> > drivers/char/tpm/st33zp24/st33zp24.c |   2 +-
> > drivers/char/tpm/tpm-chip.c          |  11 +-
> > drivers/char/tpm/tpm-interface.c     | 817 +++--------------------------------
> > drivers/char/tpm/tpm-sysfs.c         |  52 +--
> > drivers/char/tpm/tpm.h               |  97 ++---
> > drivers/char/tpm/tpm1-cmd.c          | 781
> +++++++++++++++++++++++++++++++++
> > drivers/char/tpm/tpm2-cmd.c          | 301 +++++++------
> > drivers/char/tpm/tpm2-space.c        |   2 +-
> > drivers/char/tpm/tpm_i2c_nuvoton.c   |  11 +-
> > drivers/char/tpm/tpm_tis_core.c      |  10 +-
> > include/linux/tpm.h                  |  11 +-
> > security/integrity/ima/ima_crypto.c  |   5 +-
> > 13 files changed, 1082 insertions(+), 1034 deletions(-) create mode
> > 100644 drivers/char/tpm/tpm1-cmd.c
> >
> > --
> > 2.14.4
> >
> >
> 
> Starts to look reosonable:
> 
> https://patchwork.kernel.org/project/linux-integrity/list/?series=33257
> 
> This is the list of patches (assuming that I didn't miss anything) that still
> need tested-by tags:

Those are just code movements, we are running them form months on our systems.

> 
> - tpm: factor out tpm1_get_random into tpm1-cmd.c
> - tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c
> - tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read()
>    (the subsystem tag is wrong in this, just noticed, should be 'tpm:')
When have you established this requirement I missed that and it cannot be deduced from the git history.

> - tpm: use u32 instead of int for PCR index

The last one maybe need some more target testing.

Thanks
Tomas


^ permalink raw reply	[flat|nested] 39+ messages in thread

* RE: [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands
  2018-10-22 17:12   ` Winkler, Tomas
@ 2018-10-23 13:14     ` Jarkko Sakkinen
  2018-10-23 13:35       ` Winkler, Tomas
  0 siblings, 1 reply; 39+ messages in thread
From: Jarkko Sakkinen @ 2018-10-23 13:14 UTC (permalink / raw)
  To: Winkler, Tomas
  Cc: Jarkko Sakkinen, Jason Gunthorpe, Nayna Jain, Usyskin, Alexander,
	Struk, Tadeusz, linux-integrity, linux-security-module,
	linux-kernel

On Mon, 22 Oct 2018, Winkler, Tomas wrote:
>> This is the list of patches (assuming that I didn't miss anything)
>> that still need tested-by tags:
>
> Those are just code movements, we are running them form months on our
> systems.

I'm not sure what point you are trying to make. You cannot give
tested-by by yourself to yourself you know. By saying that you
are just saying things. It is not any form of peer testing.

>> - tpm: factor out tpm1_get_random into tpm1-cmd.c
>> - tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c
>> - tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read()
>>    (the subsystem tag is wrong in this, just noticed, should be 'tpm:')
> When have you established this requirement I missed that and it cannot
> be deduced from the git history.

Which requirement?

/jarkko

^ permalink raw reply	[flat|nested] 39+ messages in thread

* RE: [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands
  2018-10-23 13:14     ` Jarkko Sakkinen
@ 2018-10-23 13:35       ` Winkler, Tomas
  0 siblings, 0 replies; 39+ messages in thread
From: Winkler, Tomas @ 2018-10-23 13:35 UTC (permalink / raw)
  To: Jarkko Sakkinen
  Cc: Jason Gunthorpe, Nayna Jain, Usyskin, Alexander, Struk, Tadeusz,
	linux-integrity, linux-security-module, linux-kernel

> 
> On Mon, 22 Oct 2018, Winkler, Tomas wrote:
> >> This is the list of patches (assuming that I didn't miss anything)
> >> that still need tested-by tags:
> >
> > Those are just code movements, we are running them form months on our
> > systems.
> 
> I'm not sure what point you are trying to make. You cannot give tested-by by
> yourself to yourself you know. By saying that you are just saying things. It is
> not any form of peer testing.
No, you are exposed to that code base as well, after all you are working @intel.
> 
> >> - tpm: factor out tpm1_get_random into tpm1-cmd.c
> >> - tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c
> >> - tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read()
> >>    (the subsystem tag is wrong in this, just noticed, should be
> >> 'tpm:')
> > When have you established this requirement I missed that and it cannot
> > be deduced from the git history.
> 
> Which requirement?

The requirement that the  subsystem prefix should be 'tpm:' 


Thanks
Tomas


^ permalink raw reply	[flat|nested] 39+ messages in thread

* Re: [PATCH v7 09/21] tpm: factor out tpm1_get_random into tpm1-cmd.c
  2018-10-19 18:22 ` [PATCH v7 09/21] tpm: factor out tpm1_get_random into tpm1-cmd.c Tomas Winkler
  2018-10-20  0:58   ` Jarkko Sakkinen
@ 2018-10-23 18:42   ` Jarkko Sakkinen
  1 sibling, 0 replies; 39+ messages in thread
From: Jarkko Sakkinen @ 2018-10-23 18:42 UTC (permalink / raw)
  To: Tomas Winkler
  Cc: Jarkko Sakkinen, Jason Gunthorpe, Nayna Jain, Alexander Usyskin,
	Tadeusz Struk, linux-integrity, linux-security-module,
	linux-kernel

On Fri, 19 Oct 2018, Tomas Winkler wrote:
> Factor out get random implementation from tpm-interface.c
> into tpm1_get_random function in tpm1-cmd.c.
> No functional changes.
>
> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
> Reviewed-by: Jarkko Sakkine <jarkko.sakkinen@linux.intel.com>
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
> V2-V3: Rebase
> V4-V7: Resend
>
> drivers/char/tpm/tpm-interface.c | 58 +++++-----------------------------------
> drivers/char/tpm/tpm.h           |  1 +
> drivers/char/tpm/tpm1-cmd.c      | 55 +++++++++++++++++++++++++++++++++++++
> 3 files changed, 63 insertions(+), 51 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index 486e211b03a0..a72bf6ea8f05 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -812,14 +812,6 @@ int tpm_pm_resume(struct device *dev)
> }
> EXPORT_SYMBOL_GPL(tpm_pm_resume);
>
> -#define TPM_ORD_GET_RANDOM 70
> -#define TPM_GETRANDOM_RESULT_SIZE	18
> -static const struct tpm_input_header tpm_getrandom_header = {
> -	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> -	.length = cpu_to_be32(14),
> -	.ordinal = cpu_to_be32(TPM_ORD_GET_RANDOM)
> -};
> -
> /**
>  * tpm_get_random() - get random bytes from the TPM's RNG
>  * @chip:	a &struct tpm_chip instance, %NULL for the default chip
> @@ -830,58 +822,22 @@ static const struct tpm_input_header tpm_getrandom_header = {
>  */
> int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max)
> {
> -	struct tpm_cmd_t tpm_cmd;
> -	u32 recd, num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA), rlength;
> -	int err, total = 0, retries = 5;
> -	u8 *dest = out;
> +	int rc;
>
> -	if (!out || !num_bytes || max > TPM_MAX_RNG_DATA)
> +	if (!out || max > TPM_MAX_RNG_DATA)
> 		return -EINVAL;
>
> 	chip = tpm_find_get_ops(chip);
> 	if (!chip)
> 		return -ENODEV;
>
> -	if (chip->flags & TPM_CHIP_FLAG_TPM2) {
> -		err = tpm2_get_random(chip, out, max);
> -		tpm_put_ops(chip);
> -		return err;
> -	}
> -
> -	do {
> -		tpm_cmd.header.in = tpm_getrandom_header;
> -		tpm_cmd.params.getrandom_in.num_bytes = cpu_to_be32(num_bytes);
> -
> -		err = tpm_transmit_cmd(chip, NULL, &tpm_cmd,
> -				       TPM_GETRANDOM_RESULT_SIZE + num_bytes,
> -				       offsetof(struct tpm_getrandom_out,
> -						rng_data),
> -				       0, "attempting get random");
> -		if (err)
> -			break;
> -
> -		recd = be32_to_cpu(tpm_cmd.params.getrandom_out.rng_data_len);
> -		if (recd > num_bytes) {
> -			total = -EFAULT;
> -			break;
> -		}
> -
> -		rlength = be32_to_cpu(tpm_cmd.header.out.length);
> -		if (rlength < TPM_HEADER_SIZE +
> -			      offsetof(struct tpm_getrandom_out, rng_data) +
> -			      recd) {
> -			total = -EFAULT;
> -			break;
> -		}
> -		memcpy(dest, tpm_cmd.params.getrandom_out.rng_data, recd);
> -
> -		dest += recd;
> -		total += recd;
> -		num_bytes -= recd;
> -	} while (retries-- && total < max);
> +	if (chip->flags & TPM_CHIP_FLAG_TPM2)
> +		rc = tpm2_get_random(chip, out, max);
> +	else
> +		rc = tpm1_get_random(chip, out, max);
>
> 	tpm_put_ops(chip);
> -	return total ? total : -EIO;
> +	return rc;
> }
> EXPORT_SYMBOL_GPL(tpm_get_random);
>
> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> index 05c386b3ab12..22f89f41ad52 100644
> --- a/drivers/char/tpm/tpm.h
> +++ b/drivers/char/tpm/tpm.h
> @@ -551,6 +551,7 @@ int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
> 		    const char *log_msg);
> ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
> 		    const char *desc, size_t min_cap_length);
> +int tpm1_get_random(struct tpm_chip *chip, u8 *out, size_t max);
> unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
> int tpm_pm_suspend(struct device *dev);
> int tpm_pm_resume(struct device *dev);
> diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
> index 3bd079587ef5..e02f0c1c822f 100644
> --- a/drivers/char/tpm/tpm1-cmd.c
> +++ b/drivers/char/tpm/tpm1-cmd.c
> @@ -469,3 +469,58 @@ ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
> 	return rc;
> }
> EXPORT_SYMBOL_GPL(tpm1_getcap);
> +
> +#define TPM_ORD_GET_RANDOM 70
> +#define TPM_GETRANDOM_RESULT_SIZE	18
> +static const struct tpm_input_header tpm_getrandom_header = {
> +	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> +	.length = cpu_to_be32(14),
> +	.ordinal = cpu_to_be32(TPM_ORD_GET_RANDOM)
> +};
> +
> +int tpm1_get_random(struct tpm_chip *chip, u8 *out, size_t max)
> +{
> +	struct tpm_cmd_t tpm_cmd;
> +	u32 recd;
> +	u32 num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA);
> +	u32 rlength;
> +	int err, total = 0, retries = 5;
> +	u8 *dest = out;
> +
> +	if (!out || !num_bytes || max > TPM_MAX_RNG_DATA)
> +		return -EINVAL;
> +
> +	do {
> +		tpm_cmd.header.in = tpm_getrandom_header;
> +		tpm_cmd.params.getrandom_in.num_bytes = cpu_to_be32(num_bytes);
> +
> +		err = tpm_transmit_cmd(chip, NULL, &tpm_cmd,
> +				       TPM_GETRANDOM_RESULT_SIZE + num_bytes,
> +				       offsetof(struct tpm_getrandom_out,
> +						rng_data),
> +				       0, "attempting get random");
> +		if (err)
> +			break;
> +
> +		recd = be32_to_cpu(tpm_cmd.params.getrandom_out.rng_data_len);
> +		if (recd > num_bytes) {
> +			total = -EFAULT;
> +			break;
> +		}
> +
> +		rlength = be32_to_cpu(tpm_cmd.header.out.length);
> +		if (rlength < TPM_HEADER_SIZE +
> +			      offsetof(struct tpm_getrandom_out, rng_data) +
> +			      recd) {
> +			total = -EFAULT;
> +			break;
> +		}
> +		memcpy(dest, tpm_cmd.params.getrandom_out.rng_data, recd);
> +
> +		dest += recd;
> +		total += recd;
> +		num_bytes -= recd;
> +	} while (retries-- && (size_t)total < max);
> +
> +	return total ? total : -EIO;
> +}
>

Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

/Jarkko

^ permalink raw reply	[flat|nested] 39+ messages in thread

* Re: [PATCH v7 11/21] tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c
  2018-10-19 18:22 ` [PATCH v7 11/21] tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c Tomas Winkler
  2018-10-20  1:05   ` Jarkko Sakkinen
@ 2018-10-23 18:43   ` Jarkko Sakkinen
  1 sibling, 0 replies; 39+ messages in thread
From: Jarkko Sakkinen @ 2018-10-23 18:43 UTC (permalink / raw)
  To: Tomas Winkler
  Cc: Jarkko Sakkinen, Jason Gunthorpe, Nayna Jain, Alexander Usyskin,
	Tadeusz Struk, linux-integrity, linux-security-module,
	linux-kernel

On Fri, 19 Oct 2018, Tomas Winkler wrote:
> Factor out TPM 1.x suspend flow from tpm-interface.c into a new function
> tpm1_pm_suspend() in tpm1-cmd.c
>
> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
> V2-V3: Rebase.
> V4: 1. Add kdoc for tpm1_pm_suspend().
>    2. Fix commit message.
> V5: Adjust the kdoc to the new standard.
> V6: Rebase.
> V7: Resend.
>
> drivers/char/tpm/tpm-interface.c | 55 ++++--------------------------------
> drivers/char/tpm/tpm.h           |  2 ++
> drivers/char/tpm/tpm1-cmd.c      | 61 ++++++++++++++++++++++++++++++++++++++++
> 3 files changed, 68 insertions(+), 50 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index 43d3540a7875..e7f220f691f9 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -586,15 +586,6 @@ int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen)
> }
> EXPORT_SYMBOL_GPL(tpm_send);
>
> -#define TPM_ORD_SAVESTATE 152
> -#define SAVESTATE_RESULT_SIZE 10
> -
> -static const struct tpm_input_header savestate_header = {
> -	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> -	.length = cpu_to_be32(10),
> -	.ordinal = cpu_to_be32(TPM_ORD_SAVESTATE)
> -};
> -
> /*
>  * We are about to suspend. Save the TPM state
>  * so that it can be restored.
> @@ -602,54 +593,18 @@ static const struct tpm_input_header savestate_header = {
> int tpm_pm_suspend(struct device *dev)
> {
> 	struct tpm_chip *chip = dev_get_drvdata(dev);
> -	struct tpm_cmd_t cmd;
> -	int rc, try;
> -
> -	u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 };
> +	int rc = 0;
>
> -	if (chip == NULL)
> +	if (!chip)
> 		return -ENODEV;
>
> 	if (chip->flags & TPM_CHIP_FLAG_ALWAYS_POWERED)
> 		return 0;
>
> -	if (chip->flags & TPM_CHIP_FLAG_TPM2) {
> +	if (chip->flags & TPM_CHIP_FLAG_TPM2)
> 		tpm2_shutdown(chip, TPM2_SU_STATE);
> -		return 0;
> -	}
> -
> -	/* for buggy tpm, flush pcrs with extend to selected dummy */
> -	if (tpm_suspend_pcr)
> -		rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash,
> -				     "extending dummy pcr before suspend");
> -
> -	/* now do the actual savestate */
> -	for (try = 0; try < TPM_RETRY; try++) {
> -		cmd.header.in = savestate_header;
> -		rc = tpm_transmit_cmd(chip, NULL, &cmd, SAVESTATE_RESULT_SIZE,
> -				      0, 0, NULL);
> -
> -		/*
> -		 * If the TPM indicates that it is too busy to respond to
> -		 * this command then retry before giving up.  It can take
> -		 * several seconds for this TPM to be ready.
> -		 *
> -		 * This can happen if the TPM has already been sent the
> -		 * SaveState command before the driver has loaded.  TCG 1.2
> -		 * specification states that any communication after SaveState
> -		 * may cause the TPM to invalidate previously saved state.
> -		 */
> -		if (rc != TPM_WARN_RETRY)
> -			break;
> -		tpm_msleep(TPM_TIMEOUT_RETRY);
> -	}
> -
> -	if (rc)
> -		dev_err(&chip->dev,
> -			"Error (%d) sending savestate before suspend\n", rc);
> -	else if (try > 0)
> -		dev_warn(&chip->dev, "TPM savestate took %dms\n",
> -			 try * TPM_TIMEOUT_RETRY);
> +	else
> +		rc = tpm1_pm_suspend(chip, tpm_suspend_pcr);
>
> 	return rc;
> }
> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> index f284a98a9455..754f7bcb15fa 100644
> --- a/drivers/char/tpm/tpm.h
> +++ b/drivers/char/tpm/tpm.h
> @@ -542,6 +542,8 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space,
> 			 const char *desc);
> int tpm_startup(struct tpm_chip *chip);
> int tpm_get_timeouts(struct tpm_chip *);
> +
> +int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr);
> int tpm1_auto_startup(struct tpm_chip *chip);
> int tpm1_do_selftest(struct tpm_chip *chip);
> int tpm1_get_timeouts(struct tpm_chip *chip);
> diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
> index a69a02366c32..3bd9f1fa77ce 100644
> --- a/drivers/char/tpm/tpm1-cmd.c
> +++ b/drivers/char/tpm/tpm1-cmd.c
> @@ -666,3 +666,64 @@ int tpm1_auto_startup(struct tpm_chip *chip)
> 		rc = -ENODEV;
> 	return rc;
> }
> +
> +#define TPM_ORD_SAVESTATE 152
> +#define SAVESTATE_RESULT_SIZE 10
> +static const struct tpm_input_header savestate_header = {
> +	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> +	.length = cpu_to_be32(10),
> +	.ordinal = cpu_to_be32(TPM_ORD_SAVESTATE)
> +};
> +
> +/**
> + * tpm1_pm_suspend() - pm suspend handler
> + * @chip: TPM chip to use.
> + * @tpm_suspend_pcr: flush pcr for buggy TPM chips.
> + *
> + * The functions saves the TPM state to be restored on resume.
> + *
> + * Return:
> + * * 0 on success,
> + * * < 0 on error.
> + */
> +int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr)
> +{
> +	u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 };
> +	struct tpm_cmd_t cmd;
> +	int rc, try;
> +
> +	/* for buggy tpm, flush pcrs with extend to selected dummy */
> +	if (tpm_suspend_pcr)
> +		rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash,
> +				     "extending dummy pcr before suspend");
> +
> +	/* now do the actual savestate */
> +	for (try = 0; try < TPM_RETRY; try++) {
> +		cmd.header.in = savestate_header;
> +		rc = tpm_transmit_cmd(chip, NULL, &cmd, SAVESTATE_RESULT_SIZE,
> +				      0, 0, NULL);
> +
> +		/*
> +		 * If the TPM indicates that it is too busy to respond to
> +		 * this command then retry before giving up.  It can take
> +		 * several seconds for this TPM to be ready.
> +		 *
> +		 * This can happen if the TPM has already been sent the
> +		 * SaveState command before the driver has loaded.  TCG 1.2
> +		 * specification states that any communication after SaveState
> +		 * may cause the TPM to invalidate previously saved state.
> +		 */
> +		if (rc != TPM_WARN_RETRY)
> +			break;
> +		tpm_msleep(TPM_TIMEOUT_RETRY);
> +	}
> +
> +	if (rc)
> +		dev_err(&chip->dev, "Error (%d) sending savestate before suspend\n",
> +			rc);
> +	else if (try > 0)
> +		dev_warn(&chip->dev, "TPM savestate took %dms\n",
> +			 try * TPM_TIMEOUT_RETRY);
> +
> +	return rc;
> +}
>

Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

/Jarkko

^ permalink raw reply	[flat|nested] 39+ messages in thread

* Re: [PATCH v7 18/21] tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read()
  2018-10-19 18:23 ` [PATCH v7 18/21] tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read() Tomas Winkler
@ 2018-10-23 18:44   ` Jarkko Sakkinen
  0 siblings, 0 replies; 39+ messages in thread
From: Jarkko Sakkinen @ 2018-10-23 18:44 UTC (permalink / raw)
  To: Tomas Winkler
  Cc: Jarkko Sakkinen, Jason Gunthorpe, Nayna Jain, Alexander Usyskin,
	Tadeusz Struk, linux-integrity, linux-security-module,
	linux-kernel

On Fri, 19 Oct 2018, Tomas Winkler wrote:
> Rename tpm1_pcr_read_dev to tpm1_pcr_read() to match
> the counterpart tpm2_pcr_read().
>
> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
> V4: New in the series
> V5: Resend.
> V6: Resend.
> V7: Fix typo tmp->tpm
>
> drivers/char/tpm/tpm-interface.c | 2 +-
> drivers/char/tpm/tpm-sysfs.c     | 2 +-
> drivers/char/tpm/tpm.h           | 2 +-
> drivers/char/tpm/tpm1-cmd.c      | 4 ++--
> 4 files changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index 8e1d2bc2df82..acd647476ae1 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -466,7 +466,7 @@ int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> 	if (chip->flags & TPM_CHIP_FLAG_TPM2)
> 		rc = tpm2_pcr_read(chip, pcr_idx, res_buf);
> 	else
> -		rc = tpm1_pcr_read_dev(chip, pcr_idx, res_buf);
> +		rc = tpm1_pcr_read(chip, pcr_idx, res_buf);
>
> 	tpm_put_ops(chip);
> 	return rc;
> diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
> index 861acafd8f29..96fc7433c57d 100644
> --- a/drivers/char/tpm/tpm-sysfs.c
> +++ b/drivers/char/tpm/tpm-sysfs.c
> @@ -114,7 +114,7 @@ static ssize_t pcrs_show(struct device *dev, struct device_attribute *attr,
>
> 	num_pcrs = be32_to_cpu(cap.num_pcrs);
> 	for (i = 0; i < num_pcrs; i++) {
> -		rc = tpm1_pcr_read_dev(chip, i, digest);
> +		rc = tpm1_pcr_read(chip, i, digest);
> 		if (rc)
> 			break;
> 		str += sprintf(str, "PCR-%02d: ", i);
> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> index 51d147675b1f..bf2ef1eeda50 100644
> --- a/drivers/char/tpm/tpm.h
> +++ b/drivers/char/tpm/tpm.h
> @@ -525,7 +525,7 @@ int tpm1_get_timeouts(struct tpm_chip *chip);
> unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
> int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
> 		    const char *log_msg);
> -int tpm1_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
> +int tpm1_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
> ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
> 		    const char *desc, size_t min_cap_length);
> int tpm1_get_random(struct tpm_chip *chip, u8 *out, size_t max);
> diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
> index d30f336518f6..05b772477bac 100644
> --- a/drivers/char/tpm/tpm1-cmd.c
> +++ b/drivers/char/tpm/tpm1-cmd.c
> @@ -572,7 +572,7 @@ int tpm1_get_random(struct tpm_chip *chip, u8 *dest, size_t max)
> }
>
> #define TPM_ORD_PCRREAD 21
> -int tpm1_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> +int tpm1_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> {
> 	struct tpm_buf buf;
> 	int rc;
> @@ -660,7 +660,7 @@ int tpm1_do_selftest(struct tpm_chip *chip)
>
> 	do {
> 		/* Attempt to read a PCR value */
> -		rc = tpm1_pcr_read_dev(chip, 0, dummy);
> +		rc = tpm1_pcr_read(chip, 0, dummy);
>
> 		/* Some buggy TPMs will not respond to tpm_tis_ready() for
> 		 * around 300ms while the self test is ongoing, keep trying
>

Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

/Jarkko

^ permalink raw reply	[flat|nested] 39+ messages in thread

* Re: [PATCH v7 21/21] tpm: use u32 instead of int for PCR index
  2018-10-19 18:23 ` [PATCH v7 21/21] tpm: use u32 instead of int for PCR index Tomas Winkler
@ 2018-10-23 18:44   ` Jarkko Sakkinen
  2018-10-23 18:55   ` Jarkko Sakkinen
  1 sibling, 0 replies; 39+ messages in thread
From: Jarkko Sakkinen @ 2018-10-23 18:44 UTC (permalink / raw)
  To: Tomas Winkler
  Cc: Jarkko Sakkinen, Jason Gunthorpe, Nayna Jain, Alexander Usyskin,
	Tadeusz Struk, linux-integrity, linux-security-module,
	linux-kernel

On Fri, 19 Oct 2018, Tomas Winkler wrote:
> The TPM specs defines PCR index as a positive number, and there is
> no reason to use a signed number. It is also a possible security
> issue as currently no functions check for a negative index,
> which may become a large number when converted to u32.
>
> Adjust the API to use u32 instead of int in all PCR related
> functions.
>
> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
> V3: New in the series.
> V4: Separate unrelated change to another patches.
> V5: Fix the commit message.
> V6: Rebased.
> V7: Resend.
>
> drivers/char/tpm/tpm-interface.c    |  6 +++---
> drivers/char/tpm/tpm-sysfs.c        |  2 +-
> drivers/char/tpm/tpm.h              | 10 +++++-----
> drivers/char/tpm/tpm1-cmd.c         |  6 +++---
> drivers/char/tpm/tpm2-cmd.c         |  5 ++---
> include/linux/tpm.h                 | 11 +++++++----
> security/integrity/ima/ima_crypto.c |  5 +++--
> 7 files changed, 24 insertions(+), 21 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index acd647476ae1..d9439f9abe78 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -38,7 +38,7 @@
>  * recently changed pcr on suspend, so force the flush
>  * with an extend to the selected _unused_ non-volatile pcr.
>  */
> -static int tpm_suspend_pcr;
> +static u32 tpm_suspend_pcr;
> module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644);
> MODULE_PARM_DESC(suspend_pcr,
> 		 "PCR to use for dummy writes to facilitate flush on suspend.");
> @@ -455,7 +455,7 @@ EXPORT_SYMBOL_GPL(tpm_is_tpm2);
>  *
>  * Return: same as with tpm_transmit_cmd()
>  */
> -int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> +int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
> {
> 	int rc;
>
> @@ -485,7 +485,7 @@ EXPORT_SYMBOL_GPL(tpm_pcr_read);
>  *
>  * Return: same as with tpm_transmit_cmd()
>  */
> -int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
> +int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash)
> {
> 	int rc;
> 	struct tpm2_digest digest_list[ARRAY_SIZE(chip->active_banks)];
> diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
> index 96fc7433c57d..b88e08ec2c59 100644
> --- a/drivers/char/tpm/tpm-sysfs.c
> +++ b/drivers/char/tpm/tpm-sysfs.c
> @@ -102,7 +102,7 @@ static ssize_t pcrs_show(struct device *dev, struct device_attribute *attr,
> 	cap_t cap;
> 	u8 digest[TPM_DIGEST_SIZE];
> 	ssize_t rc;
> -	int i, j, num_pcrs;
> +	u32 i, j, num_pcrs;
> 	char *str = buf;
> 	struct tpm_chip *chip = to_tpm_chip(dev);
>
> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> index e0778d19da98..f27d1f38a93d 100644
> --- a/drivers/char/tpm/tpm.h
> +++ b/drivers/char/tpm/tpm.h
> @@ -509,14 +509,14 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space,
> int tpm_get_timeouts(struct tpm_chip *);
> int tpm_auto_startup(struct tpm_chip *chip);
>
> -int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr);
> +int tpm1_pm_suspend(struct tpm_chip *chip, u32 tpm_suspend_pcr);
> int tpm1_auto_startup(struct tpm_chip *chip);
> int tpm1_do_selftest(struct tpm_chip *chip);
> int tpm1_get_timeouts(struct tpm_chip *chip);
> unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
> -int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
> +int tpm1_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash,
> 		    const char *log_msg);
> -int tpm1_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
> +int tpm1_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf);
> ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
> 		    const char *desc, size_t min_cap_length);
> int tpm1_get_random(struct tpm_chip *chip, u8 *out, size_t max);
> @@ -558,8 +558,8 @@ static inline u32 tpm2_rc_value(u32 rc)
> }
>
> int tpm2_get_timeouts(struct tpm_chip *chip);
> -int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
> -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
> +int tpm2_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf);
> +int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, u32 count,
> 		    struct tpm2_digest *digests);
> int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max);
> void tpm2_flush_context_cmd(struct tpm_chip *chip, u32 handle,
> diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
> index 6b04648f8184..6f306338953b 100644
> --- a/drivers/char/tpm/tpm1-cmd.c
> +++ b/drivers/char/tpm/tpm1-cmd.c
> @@ -449,7 +449,7 @@ int tpm1_get_timeouts(struct tpm_chip *chip)
> }
>
> #define TPM_ORD_PCR_EXTEND 20
> -int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
> +int tpm1_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash,
> 		    const char *log_msg)
> {
> 	struct tpm_buf buf;
> @@ -572,7 +572,7 @@ int tpm1_get_random(struct tpm_chip *chip, u8 *dest, size_t max)
> }
>
> #define TPM_ORD_PCRREAD 21
> -int tpm1_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> +int tpm1_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
> {
> 	struct tpm_buf buf;
> 	int rc;
> @@ -729,7 +729,7 @@ int tpm1_auto_startup(struct tpm_chip *chip)
>  * * 0 on success,
>  * * < 0 on error.
>  */
> -int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr)
> +int tpm1_pm_suspend(struct tpm_chip *chip, u32 tpm_suspend_pcr)
> {
> 	u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 };
> 	struct tpm_buf buf;
> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> index 6ca4fc0a0d6f..ae86fb0218ab 100644
> --- a/drivers/char/tpm/tpm2-cmd.c
> +++ b/drivers/char/tpm/tpm2-cmd.c
> @@ -175,7 +175,7 @@ struct tpm2_pcr_read_out {
>  *
>  * Return: Same as with tpm_transmit_cmd.
>  */
> -int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> +int tpm2_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
> {
> 	int rc;
> 	struct tpm_buf buf;
> @@ -225,7 +225,7 @@ struct tpm2_null_auth_area {
>  *
>  * Return: Same as with tpm_transmit_cmd.
>  */
> -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
> +int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, u32 count,
> 		    struct tpm2_digest *digests)
> {
> 	struct tpm_buf buf;
> @@ -272,7 +272,6 @@ int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
> 	return rc;
> }
>
> -
> struct tpm2_get_random_out {
> 	__be16 size;
> 	u8 buffer[TPM_MAX_RNG_DATA];
> diff --git a/include/linux/tpm.h b/include/linux/tpm.h
> index 4609b94142d4..b49a55cf775f 100644
> --- a/include/linux/tpm.h
> +++ b/include/linux/tpm.h
> @@ -53,8 +53,8 @@ struct tpm_class_ops {
> #if defined(CONFIG_TCG_TPM) || defined(CONFIG_TCG_TPM_MODULE)
>
> extern int tpm_is_tpm2(struct tpm_chip *chip);
> -extern int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
> -extern int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash);
> +extern int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf);
> +extern int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash);
> extern int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen);
> extern int tpm_get_random(struct tpm_chip *chip, u8 *data, size_t max);
> extern int tpm_seal_trusted(struct tpm_chip *chip,
> @@ -69,15 +69,18 @@ static inline int tpm_is_tpm2(struct tpm_chip *chip)
> {
> 	return -ENODEV;
> }
> -static inline int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> +
> +static inline int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
> {
> 	return -ENODEV;
> }
> -static inline int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx,
> +
> +static inline int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx,
> 				 const u8 *hash)
> {
> 	return -ENODEV;
> }
> +
> static inline int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen)
> {
> 	return -ENODEV;
> diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
> index 7e7e7e7c250a..959d9edc113a 100644
> --- a/security/integrity/ima/ima_crypto.c
> +++ b/security/integrity/ima/ima_crypto.c
> @@ -629,7 +629,7 @@ int ima_calc_buffer_hash(const void *buf, loff_t len,
> 	return calc_buffer_shash(buf, len, hash);
> }
>
> -static void __init ima_pcrread(int idx, u8 *pcr)
> +static void __init ima_pcrread(u32 idx, u8 *pcr)
> {
> 	if (!ima_tpm_chip)
> 		return;
> @@ -645,7 +645,8 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest,
> 					      struct crypto_shash *tfm)
> {
> 	u8 pcr_i[TPM_DIGEST_SIZE];
> -	int rc, i;
> +	int rc;
> +	u32 i;
> 	SHASH_DESC_ON_STACK(shash, tfm);
>
> 	shash->tfm = tfm;
>

Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

/Jarkko

^ permalink raw reply	[flat|nested] 39+ messages in thread

* Re: [PATCH v7 21/21] tpm: use u32 instead of int for PCR index
  2018-10-19 18:23 ` [PATCH v7 21/21] tpm: use u32 instead of int for PCR index Tomas Winkler
  2018-10-23 18:44   ` Jarkko Sakkinen
@ 2018-10-23 18:55   ` Jarkko Sakkinen
  2018-10-23 18:56     ` Winkler, Tomas
  1 sibling, 1 reply; 39+ messages in thread
From: Jarkko Sakkinen @ 2018-10-23 18:55 UTC (permalink / raw)
  To: Tomas Winkler
  Cc: Jarkko Sakkinen, Jason Gunthorpe, Nayna Jain, Alexander Usyskin,
	Tadeusz Struk, linux-integrity, linux-security-module,
	linux-kernel

On Fri, 19 Oct 2018, Tomas Winkler wrote:
> The TPM specs defines PCR index as a positive number, and there is
> no reason to use a signed number. It is also a possible security
> issue as currently no functions check for a negative index,
> which may become a large number when converted to u32.
>
> Adjust the API to use u32 instead of int in all PCR related
> functions.
>
> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
> V3: New in the series.
> V4: Separate unrelated change to another patches.
> V5: Fix the commit message.
> V6: Rebased.
> V7: Resend.
>
> drivers/char/tpm/tpm-interface.c    |  6 +++---
> drivers/char/tpm/tpm-sysfs.c        |  2 +-
> drivers/char/tpm/tpm.h              | 10 +++++-----
> drivers/char/tpm/tpm1-cmd.c         |  6 +++---
> drivers/char/tpm/tpm2-cmd.c         |  5 ++---
> include/linux/tpm.h                 | 11 +++++++----
> security/integrity/ima/ima_crypto.c |  5 +++--
> 7 files changed, 24 insertions(+), 21 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index acd647476ae1..d9439f9abe78 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -38,7 +38,7 @@
>  * recently changed pcr on suspend, so force the flush
>  * with an extend to the selected _unused_ non-volatile pcr.
>  */
> -static int tpm_suspend_pcr;
> +static u32 tpm_suspend_pcr;
> module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644);
> MODULE_PARM_DESC(suspend_pcr,
> 		 "PCR to use for dummy writes to facilitate flush on suspend.");
> @@ -455,7 +455,7 @@ EXPORT_SYMBOL_GPL(tpm_is_tpm2);
>  *
>  * Return: same as with tpm_transmit_cmd()
>  */
> -int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> +int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
> {
> 	int rc;
>
> @@ -485,7 +485,7 @@ EXPORT_SYMBOL_GPL(tpm_pcr_read);
>  *
>  * Return: same as with tpm_transmit_cmd()
>  */
> -int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
> +int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash)
> {
> 	int rc;
> 	struct tpm2_digest digest_list[ARRAY_SIZE(chip->active_banks)];
> diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
> index 96fc7433c57d..b88e08ec2c59 100644
> --- a/drivers/char/tpm/tpm-sysfs.c
> +++ b/drivers/char/tpm/tpm-sysfs.c
> @@ -102,7 +102,7 @@ static ssize_t pcrs_show(struct device *dev, struct device_attribute *attr,
> 	cap_t cap;
> 	u8 digest[TPM_DIGEST_SIZE];
> 	ssize_t rc;
> -	int i, j, num_pcrs;
> +	u32 i, j, num_pcrs;
> 	char *str = buf;
> 	struct tpm_chip *chip = to_tpm_chip(dev);
>
> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> index e0778d19da98..f27d1f38a93d 100644
> --- a/drivers/char/tpm/tpm.h
> +++ b/drivers/char/tpm/tpm.h
> @@ -509,14 +509,14 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_space *space,
> int tpm_get_timeouts(struct tpm_chip *);
> int tpm_auto_startup(struct tpm_chip *chip);
>
> -int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr);
> +int tpm1_pm_suspend(struct tpm_chip *chip, u32 tpm_suspend_pcr);
> int tpm1_auto_startup(struct tpm_chip *chip);
> int tpm1_do_selftest(struct tpm_chip *chip);
> int tpm1_get_timeouts(struct tpm_chip *chip);
> unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
> -int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
> +int tpm1_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash,
> 		    const char *log_msg);
> -int tpm1_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
> +int tpm1_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf);
> ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
> 		    const char *desc, size_t min_cap_length);
> int tpm1_get_random(struct tpm_chip *chip, u8 *out, size_t max);
> @@ -558,8 +558,8 @@ static inline u32 tpm2_rc_value(u32 rc)
> }
>
> int tpm2_get_timeouts(struct tpm_chip *chip);
> -int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
> -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
> +int tpm2_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf);
> +int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, u32 count,
> 		    struct tpm2_digest *digests);
> int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max);
> void tpm2_flush_context_cmd(struct tpm_chip *chip, u32 handle,
> diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
> index 6b04648f8184..6f306338953b 100644
> --- a/drivers/char/tpm/tpm1-cmd.c
> +++ b/drivers/char/tpm/tpm1-cmd.c
> @@ -449,7 +449,7 @@ int tpm1_get_timeouts(struct tpm_chip *chip)
> }
>
> #define TPM_ORD_PCR_EXTEND 20
> -int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
> +int tpm1_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash,
> 		    const char *log_msg)
> {
> 	struct tpm_buf buf;
> @@ -572,7 +572,7 @@ int tpm1_get_random(struct tpm_chip *chip, u8 *dest, size_t max)
> }
>
> #define TPM_ORD_PCRREAD 21
> -int tpm1_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> +int tpm1_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
> {
> 	struct tpm_buf buf;
> 	int rc;
> @@ -729,7 +729,7 @@ int tpm1_auto_startup(struct tpm_chip *chip)
>  * * 0 on success,
>  * * < 0 on error.
>  */
> -int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr)
> +int tpm1_pm_suspend(struct tpm_chip *chip, u32 tpm_suspend_pcr)
> {
> 	u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 };
> 	struct tpm_buf buf;
> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> index 6ca4fc0a0d6f..ae86fb0218ab 100644
> --- a/drivers/char/tpm/tpm2-cmd.c
> +++ b/drivers/char/tpm/tpm2-cmd.c
> @@ -175,7 +175,7 @@ struct tpm2_pcr_read_out {
>  *
>  * Return: Same as with tpm_transmit_cmd.
>  */
> -int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> +int tpm2_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
> {
> 	int rc;
> 	struct tpm_buf buf;
> @@ -225,7 +225,7 @@ struct tpm2_null_auth_area {
>  *
>  * Return: Same as with tpm_transmit_cmd.
>  */
> -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
> +int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, u32 count,
> 		    struct tpm2_digest *digests)
> {
> 	struct tpm_buf buf;
> @@ -272,7 +272,6 @@ int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
> 	return rc;
> }
>
> -
> struct tpm2_get_random_out {
> 	__be16 size;
> 	u8 buffer[TPM_MAX_RNG_DATA];
> diff --git a/include/linux/tpm.h b/include/linux/tpm.h
> index 4609b94142d4..b49a55cf775f 100644
> --- a/include/linux/tpm.h
> +++ b/include/linux/tpm.h
> @@ -53,8 +53,8 @@ struct tpm_class_ops {
> #if defined(CONFIG_TCG_TPM) || defined(CONFIG_TCG_TPM_MODULE)
>
> extern int tpm_is_tpm2(struct tpm_chip *chip);
> -extern int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
> -extern int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash);
> +extern int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf);
> +extern int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash);
> extern int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen);
> extern int tpm_get_random(struct tpm_chip *chip, u8 *data, size_t max);
> extern int tpm_seal_trusted(struct tpm_chip *chip,
> @@ -69,15 +69,18 @@ static inline int tpm_is_tpm2(struct tpm_chip *chip)
> {
> 	return -ENODEV;
> }
> -static inline int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> +
> +static inline int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
> {
> 	return -ENODEV;
> }
> -static inline int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx,
> +
> +static inline int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx,
> 				 const u8 *hash)
> {
> 	return -ENODEV;
> }
> +
> static inline int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen)
> {
> 	return -ENODEV;
> diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
> index 7e7e7e7c250a..959d9edc113a 100644
> --- a/security/integrity/ima/ima_crypto.c
> +++ b/security/integrity/ima/ima_crypto.c
> @@ -629,7 +629,7 @@ int ima_calc_buffer_hash(const void *buf, loff_t len,
> 	return calc_buffer_shash(buf, len, hash);
> }
>
> -static void __init ima_pcrread(int idx, u8 *pcr)
> +static void __init ima_pcrread(u32 idx, u8 *pcr)
> {
> 	if (!ima_tpm_chip)
> 		return;
> @@ -645,7 +645,8 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest,
> 					      struct crypto_shash *tfm)
> {
> 	u8 pcr_i[TPM_DIGEST_SIZE];
> -	int rc, i;
> +	int rc;
> +	u32 i;
> 	SHASH_DESC_ON_STACK(shash, tfm);
>
> 	shash->tfm = tfm;
>

All commits have been now applied.

/Jarkko

^ permalink raw reply	[flat|nested] 39+ messages in thread

* RE: [PATCH v7 21/21] tpm: use u32 instead of int for PCR index
  2018-10-23 18:55   ` Jarkko Sakkinen
@ 2018-10-23 18:56     ` Winkler, Tomas
  0 siblings, 0 replies; 39+ messages in thread
From: Winkler, Tomas @ 2018-10-23 18:56 UTC (permalink / raw)
  To: Jarkko Sakkinen
  Cc: Jason Gunthorpe, Nayna Jain, Usyskin, Alexander, Struk, Tadeusz,
	linux-integrity, linux-security-module, linux-kernel

> 
> On Fri, 19 Oct 2018, Tomas Winkler wrote:
> > The TPM specs defines PCR index as a positive number, and there is no
> > reason to use a signed number. It is also a possible security issue as
> > currently no functions check for a negative index, which may become a
> > large number when converted to u32.
> >
> > Adjust the API to use u32 instead of int in all PCR related functions.
> >
> > Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
> > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > ---
> > V3: New in the series.
> > V4: Separate unrelated change to another patches.
> > V5: Fix the commit message.
> > V6: Rebased.
> > V7: Resend.
> >
> > drivers/char/tpm/tpm-interface.c    |  6 +++---
> > drivers/char/tpm/tpm-sysfs.c        |  2 +-
> > drivers/char/tpm/tpm.h              | 10 +++++-----
> > drivers/char/tpm/tpm1-cmd.c         |  6 +++---
> > drivers/char/tpm/tpm2-cmd.c         |  5 ++---
> > include/linux/tpm.h                 | 11 +++++++----
> > security/integrity/ima/ima_crypto.c |  5 +++--
> > 7 files changed, 24 insertions(+), 21 deletions(-)
> >
> > diff --git a/drivers/char/tpm/tpm-interface.c
> > b/drivers/char/tpm/tpm-interface.c
> > index acd647476ae1..d9439f9abe78 100644
> > --- a/drivers/char/tpm/tpm-interface.c
> > +++ b/drivers/char/tpm/tpm-interface.c
> > @@ -38,7 +38,7 @@
> >  * recently changed pcr on suspend, so force the flush
> >  * with an extend to the selected _unused_ non-volatile pcr.
> >  */
> > -static int tpm_suspend_pcr;
> > +static u32 tpm_suspend_pcr;
> > module_param_named(suspend_pcr, tpm_suspend_pcr, uint, 0644);
> > MODULE_PARM_DESC(suspend_pcr,
> > 		 "PCR to use for dummy writes to facilitate flush on
> suspend."); @@
> > -455,7 +455,7 @@ EXPORT_SYMBOL_GPL(tpm_is_tpm2);
> >  *
> >  * Return: same as with tpm_transmit_cmd()  */ -int
> > tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> > +int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
> > {
> > 	int rc;
> >
> > @@ -485,7 +485,7 @@ EXPORT_SYMBOL_GPL(tpm_pcr_read);
> >  *
> >  * Return: same as with tpm_transmit_cmd()  */ -int
> > tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
> > +int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8
> > +*hash)
> > {
> > 	int rc;
> > 	struct tpm2_digest digest_list[ARRAY_SIZE(chip->active_banks)];
> > diff --git a/drivers/char/tpm/tpm-sysfs.c
> > b/drivers/char/tpm/tpm-sysfs.c index 96fc7433c57d..b88e08ec2c59 100644
> > --- a/drivers/char/tpm/tpm-sysfs.c
> > +++ b/drivers/char/tpm/tpm-sysfs.c
> > @@ -102,7 +102,7 @@ static ssize_t pcrs_show(struct device *dev, struct
> device_attribute *attr,
> > 	cap_t cap;
> > 	u8 digest[TPM_DIGEST_SIZE];
> > 	ssize_t rc;
> > -	int i, j, num_pcrs;
> > +	u32 i, j, num_pcrs;
> > 	char *str = buf;
> > 	struct tpm_chip *chip = to_tpm_chip(dev);
> >
> > diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h index
> > e0778d19da98..f27d1f38a93d 100644
> > --- a/drivers/char/tpm/tpm.h
> > +++ b/drivers/char/tpm/tpm.h
> > @@ -509,14 +509,14 @@ ssize_t tpm_transmit_cmd(struct tpm_chip
> *chip,
> > struct tpm_space *space, int tpm_get_timeouts(struct tpm_chip *); int
> > tpm_auto_startup(struct tpm_chip *chip);
> >
> > -int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr);
> > +int tpm1_pm_suspend(struct tpm_chip *chip, u32 tpm_suspend_pcr);
> > int tpm1_auto_startup(struct tpm_chip *chip); int
> > tpm1_do_selftest(struct tpm_chip *chip); int tpm1_get_timeouts(struct
> > tpm_chip *chip); unsigned long tpm1_calc_ordinal_duration(struct
> > tpm_chip *chip, u32 ordinal); -int tpm1_pcr_extend(struct tpm_chip
> > *chip, int pcr_idx, const u8 *hash,
> > +int tpm1_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8
> > +*hash,
> > 		    const char *log_msg);
> > -int tpm1_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
> > +int tpm1_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf);
> > ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
> > 		    const char *desc, size_t min_cap_length); int
> > tpm1_get_random(struct tpm_chip *chip, u8 *out, size_t max); @@ -558,8
> > +558,8 @@ static inline u32 tpm2_rc_value(u32 rc) }
> >
> > int tpm2_get_timeouts(struct tpm_chip *chip); -int
> > tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf); -int
> > tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
> > +int tpm2_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf);
> > +int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, u32 count,
> > 		    struct tpm2_digest *digests);
> > int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max); void
> > tpm2_flush_context_cmd(struct tpm_chip *chip, u32 handle, diff --git
> > a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c index
> > 6b04648f8184..6f306338953b 100644
> > --- a/drivers/char/tpm/tpm1-cmd.c
> > +++ b/drivers/char/tpm/tpm1-cmd.c
> > @@ -449,7 +449,7 @@ int tpm1_get_timeouts(struct tpm_chip *chip) }
> >
> > #define TPM_ORD_PCR_EXTEND 20
> > -int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8
> > *hash,
> > +int tpm1_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8
> > +*hash,
> > 		    const char *log_msg)
> > {
> > 	struct tpm_buf buf;
> > @@ -572,7 +572,7 @@ int tpm1_get_random(struct tpm_chip *chip, u8
> > *dest, size_t max) }
> >
> > #define TPM_ORD_PCRREAD 21
> > -int tpm1_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> > +int tpm1_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
> > {
> > 	struct tpm_buf buf;
> > 	int rc;
> > @@ -729,7 +729,7 @@ int tpm1_auto_startup(struct tpm_chip *chip)
> >  * * 0 on success,
> >  * * < 0 on error.
> >  */
> > -int tpm1_pm_suspend(struct tpm_chip *chip, int tpm_suspend_pcr)
> > +int tpm1_pm_suspend(struct tpm_chip *chip, u32 tpm_suspend_pcr)
> > {
> > 	u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 };
> > 	struct tpm_buf buf;
> > diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> > index 6ca4fc0a0d6f..ae86fb0218ab 100644
> > --- a/drivers/char/tpm/tpm2-cmd.c
> > +++ b/drivers/char/tpm/tpm2-cmd.c
> > @@ -175,7 +175,7 @@ struct tpm2_pcr_read_out {
> >  *
> >  * Return: Same as with tpm_transmit_cmd.
> >  */
> > -int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> > +int tpm2_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
> > {
> > 	int rc;
> > 	struct tpm_buf buf;
> > @@ -225,7 +225,7 @@ struct tpm2_null_auth_area {
> >  *
> >  * Return: Same as with tpm_transmit_cmd.
> >  */
> > -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
> > +int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, u32 count,
> > 		    struct tpm2_digest *digests)
> > {
> > 	struct tpm_buf buf;
> > @@ -272,7 +272,6 @@ int tpm2_pcr_extend(struct tpm_chip *chip, int
> pcr_idx, u32 count,
> > 	return rc;
> > }
> >
> > -
> > struct tpm2_get_random_out {
> > 	__be16 size;
> > 	u8 buffer[TPM_MAX_RNG_DATA];
> > diff --git a/include/linux/tpm.h b/include/linux/tpm.h index
> > 4609b94142d4..b49a55cf775f 100644
> > --- a/include/linux/tpm.h
> > +++ b/include/linux/tpm.h
> > @@ -53,8 +53,8 @@ struct tpm_class_ops { #if defined(CONFIG_TCG_TPM)
> > || defined(CONFIG_TCG_TPM_MODULE)
> >
> > extern int tpm_is_tpm2(struct tpm_chip *chip); -extern int
> > tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf); -extern
> > int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8
> > *hash);
> > +extern int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8
> > +*res_buf); extern int tpm_pcr_extend(struct tpm_chip *chip, u32
> > +pcr_idx, const u8 *hash);
> > extern int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen);
> > extern int tpm_get_random(struct tpm_chip *chip, u8 *data, size_t
> > max); extern int tpm_seal_trusted(struct tpm_chip *chip, @@ -69,15
> > +69,18 @@ static inline int tpm_is_tpm2(struct tpm_chip *chip) {
> > 	return -ENODEV;
> > }
> > -static inline int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8
> > *res_buf)
> > +
> > +static inline int tpm_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8
> > +*res_buf)
> > {
> > 	return -ENODEV;
> > }
> > -static inline int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx,
> > +
> > +static inline int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx,
> > 				 const u8 *hash)
> > {
> > 	return -ENODEV;
> > }
> > +
> > static inline int tpm_send(struct tpm_chip *chip, void *cmd, size_t
> > buflen) {
> > 	return -ENODEV;
> > diff --git a/security/integrity/ima/ima_crypto.c
> > b/security/integrity/ima/ima_crypto.c
> > index 7e7e7e7c250a..959d9edc113a 100644
> > --- a/security/integrity/ima/ima_crypto.c
> > +++ b/security/integrity/ima/ima_crypto.c
> > @@ -629,7 +629,7 @@ int ima_calc_buffer_hash(const void *buf, loff_t
> len,
> > 	return calc_buffer_shash(buf, len, hash); }
> >
> > -static void __init ima_pcrread(int idx, u8 *pcr)
> > +static void __init ima_pcrread(u32 idx, u8 *pcr)
> > {
> > 	if (!ima_tpm_chip)
> > 		return;
> > @@ -645,7 +645,8 @@ static int __init ima_calc_boot_aggregate_tfm(char
> *digest,
> > 					      struct crypto_shash *tfm)
> > {
> > 	u8 pcr_i[TPM_DIGEST_SIZE];
> > -	int rc, i;
> > +	int rc;
> > +	u32 i;
> > 	SHASH_DESC_ON_STACK(shash, tfm);
> >
> > 	shash->tfm = tfm;
> >
> 
> All commits have been now applied.
> 
Appreciated.
Thanks
Tomas


^ permalink raw reply	[flat|nested] 39+ messages in thread

end of thread, other threads:[~2018-10-23 18:56 UTC | newest]

Thread overview: 39+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-10-19 18:22 [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Tomas Winkler
2018-10-19 18:22 ` [PATCH v7 01/21] tpm: tpm_i2c_nuvoton: use correct command duration for TPM 2.x Tomas Winkler
2018-10-20  0:51   ` Jarkko Sakkinen
2018-10-19 18:22 ` [PATCH v7 02/21] tpm2: add new tpm2 commands according to TCG 1.36 Tomas Winkler
2018-10-20  0:53   ` Jarkko Sakkinen
2018-10-19 18:22 ` [PATCH v7 03/21] tpm: sort objects in the Makefile Tomas Winkler
2018-10-19 18:22 ` [PATCH v7 04/21] tpm: factor out tpm 1.x duration calculation to tpm1-cmd.c Tomas Winkler
2018-10-20  0:56   ` Jarkko Sakkinen
2018-10-19 18:22 ` [PATCH v7 05/21] tpm: add tpm_calc_ordinal_duration() wrapper Tomas Winkler
2018-10-19 18:22 ` [PATCH v7 06/21] tpm: factor out tpm_get_timeouts() Tomas Winkler
2018-10-19 18:22 ` [PATCH v7 07/21] tpm: move tpm1_pcr_extend to tpm1-cmd.c Tomas Winkler
2018-10-19 18:22 ` [PATCH v7 08/21] tpm: move tpm_getcap " Tomas Winkler
2018-10-19 18:22 ` [PATCH v7 09/21] tpm: factor out tpm1_get_random into tpm1-cmd.c Tomas Winkler
2018-10-20  0:58   ` Jarkko Sakkinen
2018-10-23 18:42   ` Jarkko Sakkinen
2018-10-19 18:22 ` [PATCH v7 10/21] tpm: move tpm 1.x selftest code from tpm-interface.c tpm1-cmd.c Tomas Winkler
2018-10-19 18:22 ` [PATCH v7 11/21] tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c Tomas Winkler
2018-10-20  1:05   ` Jarkko Sakkinen
2018-10-23 18:43   ` Jarkko Sakkinen
2018-10-19 18:22 ` [PATCH v7 12/21] tpm: factor out tpm_startup function Tomas Winkler
2018-10-20  1:06   ` Jarkko Sakkinen
2018-10-19 18:22 ` [PATCH v7 13/21] tpm: add tpm_auto_startup() into tpm-interface.c Tomas Winkler
2018-10-20  1:09   ` Jarkko Sakkinen
2018-10-19 18:23 ` [PATCH v7 14/21] tpm: tpm-interface.c drop unused macros Tomas Winkler
2018-10-19 18:23 ` [PATCH v7 15/21] tpm: tpm-space.c remove unneeded semicolon Tomas Winkler
2018-10-19 18:23 ` [PATCH v7 16/21] tpm: tpm1: rewrite tpm1_get_random() using tpm_buf structure Tomas Winkler
2018-10-19 18:23 ` [PATCH v7 17/21] tpm1: implement tpm1_pcr_read_dev() " Tomas Winkler
2018-10-19 18:23 ` [PATCH v7 18/21] tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read() Tomas Winkler
2018-10-23 18:44   ` Jarkko Sakkinen
2018-10-19 18:23 ` [PATCH v7 19/21] tpm1: reimplement SAVESTATE using tpm_buf Tomas Winkler
2018-10-19 18:23 ` [PATCH v7 20/21] tpm1: reimplement tpm1_continue_selftest() " Tomas Winkler
2018-10-19 18:23 ` [PATCH v7 21/21] tpm: use u32 instead of int for PCR index Tomas Winkler
2018-10-23 18:44   ` Jarkko Sakkinen
2018-10-23 18:55   ` Jarkko Sakkinen
2018-10-23 18:56     ` Winkler, Tomas
2018-10-20  1:19 ` [PATCH v7 00/21] tpm: separate tpm 1.x and tpm 2.x commands Jarkko Sakkinen
2018-10-22 17:12   ` Winkler, Tomas
2018-10-23 13:14     ` Jarkko Sakkinen
2018-10-23 13:35       ` Winkler, Tomas

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).