Merge master.kernel.org:/pub/scm/linux/kernel/git/jejb/scsi-rc-fixes-2.6
[linux-2.6] / drivers / char / tpm / tpm.c
1 /*
2  * Copyright (C) 2004 IBM Corporation
3  *
4  * Authors:
5  * Leendert van Doorn <leendert@watson.ibm.com>
6  * Dave Safford <safford@watson.ibm.com>
7  * Reiner Sailer <sailer@watson.ibm.com>
8  * Kylene Hall <kjhall@us.ibm.com>
9  *
10  * Maintained by: <tpmdd_devel@lists.sourceforge.net>
11  *
12  * Device driver for TCG/TCPA TPM (trusted platform module).
13  * Specifications at www.trustedcomputinggroup.org       
14  *
15  * This program is free software; you can redistribute it and/or
16  * modify it under the terms of the GNU General Public License as
17  * published by the Free Software Foundation, version 2 of the
18  * License.
19  * 
20  * Note, the TPM chip is not interrupt driven (only polling)
21  * and can have very long timeouts (minutes!). Hence the unusual
22  * calls to msleep.
23  *
24  */
25
26 #include <linux/sched.h>
27 #include <linux/poll.h>
28 #include <linux/spinlock.h>
29 #include "tpm.h"
30
31 enum tpm_const {
32         TPM_MINOR = 224,        /* officially assigned */
33         TPM_BUFSIZE = 2048,
34         TPM_NUM_DEVICES = 256,
35 };
36
37 enum tpm_duration {
38         TPM_SHORT = 0,
39         TPM_MEDIUM = 1,
40         TPM_LONG = 2,
41         TPM_UNDEFINED,
42 };
43
44 #define TPM_MAX_ORDINAL 243
45 #define TPM_MAX_PROTECTED_ORDINAL 12
46 #define TPM_PROTECTED_ORDINAL_MASK 0xFF
47
48 static LIST_HEAD(tpm_chip_list);
49 static DEFINE_SPINLOCK(driver_lock);
50 static DECLARE_BITMAP(dev_mask, TPM_NUM_DEVICES);
51
52 /*
53  * Array with one entry per ordinal defining the maximum amount
54  * of time the chip could take to return the result.  The ordinal
55  * designation of short, medium or long is defined in a table in
56  * TCG Specification TPM Main Part 2 TPM Structures Section 17. The
57  * values of the SHORT, MEDIUM, and LONG durations are retrieved
58  * from the chip during initialization with a call to tpm_get_timeouts.
59  */
60 static const u8 tpm_protected_ordinal_duration[TPM_MAX_PROTECTED_ORDINAL] = {
61         TPM_UNDEFINED,          /* 0 */
62         TPM_UNDEFINED,
63         TPM_UNDEFINED,
64         TPM_UNDEFINED,
65         TPM_UNDEFINED,
66         TPM_UNDEFINED,          /* 5 */
67         TPM_UNDEFINED,
68         TPM_UNDEFINED,
69         TPM_UNDEFINED,
70         TPM_UNDEFINED,
71         TPM_SHORT,              /* 10 */
72         TPM_SHORT,
73 };
74
75 static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = {
76         TPM_UNDEFINED,          /* 0 */
77         TPM_UNDEFINED,
78         TPM_UNDEFINED,
79         TPM_UNDEFINED,
80         TPM_UNDEFINED,
81         TPM_UNDEFINED,          /* 5 */
82         TPM_UNDEFINED,
83         TPM_UNDEFINED,
84         TPM_UNDEFINED,
85         TPM_UNDEFINED,
86         TPM_SHORT,              /* 10 */
87         TPM_SHORT,
88         TPM_MEDIUM,
89         TPM_LONG,
90         TPM_LONG,
91         TPM_MEDIUM,             /* 15 */
92         TPM_SHORT,
93         TPM_SHORT,
94         TPM_MEDIUM,
95         TPM_LONG,
96         TPM_SHORT,              /* 20 */
97         TPM_SHORT,
98         TPM_MEDIUM,
99         TPM_MEDIUM,
100         TPM_MEDIUM,
101         TPM_SHORT,              /* 25 */
102         TPM_SHORT,
103         TPM_MEDIUM,
104         TPM_SHORT,
105         TPM_SHORT,
106         TPM_MEDIUM,             /* 30 */
107         TPM_LONG,
108         TPM_MEDIUM,
109         TPM_SHORT,
110         TPM_SHORT,
111         TPM_SHORT,              /* 35 */
112         TPM_MEDIUM,
113         TPM_MEDIUM,
114         TPM_UNDEFINED,
115         TPM_UNDEFINED,
116         TPM_MEDIUM,             /* 40 */
117         TPM_LONG,
118         TPM_MEDIUM,
119         TPM_SHORT,
120         TPM_SHORT,
121         TPM_SHORT,              /* 45 */
122         TPM_SHORT,
123         TPM_SHORT,
124         TPM_SHORT,
125         TPM_LONG,
126         TPM_MEDIUM,             /* 50 */
127         TPM_MEDIUM,
128         TPM_UNDEFINED,
129         TPM_UNDEFINED,
130         TPM_UNDEFINED,
131         TPM_UNDEFINED,          /* 55 */
132         TPM_UNDEFINED,
133         TPM_UNDEFINED,
134         TPM_UNDEFINED,
135         TPM_UNDEFINED,
136         TPM_MEDIUM,             /* 60 */
137         TPM_MEDIUM,
138         TPM_MEDIUM,
139         TPM_SHORT,
140         TPM_SHORT,
141         TPM_MEDIUM,             /* 65 */
142         TPM_UNDEFINED,
143         TPM_UNDEFINED,
144         TPM_UNDEFINED,
145         TPM_UNDEFINED,
146         TPM_SHORT,              /* 70 */
147         TPM_SHORT,
148         TPM_UNDEFINED,
149         TPM_UNDEFINED,
150         TPM_UNDEFINED,
151         TPM_UNDEFINED,          /* 75 */
152         TPM_UNDEFINED,
153         TPM_UNDEFINED,
154         TPM_UNDEFINED,
155         TPM_UNDEFINED,
156         TPM_LONG,               /* 80 */
157         TPM_UNDEFINED,
158         TPM_MEDIUM,
159         TPM_LONG,
160         TPM_SHORT,
161         TPM_UNDEFINED,          /* 85 */
162         TPM_UNDEFINED,
163         TPM_UNDEFINED,
164         TPM_UNDEFINED,
165         TPM_UNDEFINED,
166         TPM_SHORT,              /* 90 */
167         TPM_SHORT,
168         TPM_SHORT,
169         TPM_SHORT,
170         TPM_SHORT,
171         TPM_UNDEFINED,          /* 95 */
172         TPM_UNDEFINED,
173         TPM_UNDEFINED,
174         TPM_UNDEFINED,
175         TPM_UNDEFINED,
176         TPM_MEDIUM,             /* 100 */
177         TPM_SHORT,
178         TPM_SHORT,
179         TPM_UNDEFINED,
180         TPM_UNDEFINED,
181         TPM_UNDEFINED,          /* 105 */
182         TPM_UNDEFINED,
183         TPM_UNDEFINED,
184         TPM_UNDEFINED,
185         TPM_UNDEFINED,
186         TPM_SHORT,              /* 110 */
187         TPM_SHORT,
188         TPM_SHORT,
189         TPM_SHORT,
190         TPM_SHORT,
191         TPM_SHORT,              /* 115 */
192         TPM_SHORT,
193         TPM_SHORT,
194         TPM_UNDEFINED,
195         TPM_UNDEFINED,
196         TPM_LONG,               /* 120 */
197         TPM_LONG,
198         TPM_MEDIUM,
199         TPM_UNDEFINED,
200         TPM_SHORT,
201         TPM_SHORT,              /* 125 */
202         TPM_SHORT,
203         TPM_LONG,
204         TPM_SHORT,
205         TPM_SHORT,
206         TPM_SHORT,              /* 130 */
207         TPM_MEDIUM,
208         TPM_UNDEFINED,
209         TPM_SHORT,
210         TPM_MEDIUM,
211         TPM_UNDEFINED,          /* 135 */
212         TPM_UNDEFINED,
213         TPM_UNDEFINED,
214         TPM_UNDEFINED,
215         TPM_UNDEFINED,
216         TPM_SHORT,              /* 140 */
217         TPM_SHORT,
218         TPM_UNDEFINED,
219         TPM_UNDEFINED,
220         TPM_UNDEFINED,
221         TPM_UNDEFINED,          /* 145 */
222         TPM_UNDEFINED,
223         TPM_UNDEFINED,
224         TPM_UNDEFINED,
225         TPM_UNDEFINED,
226         TPM_SHORT,              /* 150 */
227         TPM_MEDIUM,
228         TPM_MEDIUM,
229         TPM_SHORT,
230         TPM_SHORT,
231         TPM_UNDEFINED,          /* 155 */
232         TPM_UNDEFINED,
233         TPM_UNDEFINED,
234         TPM_UNDEFINED,
235         TPM_UNDEFINED,
236         TPM_SHORT,              /* 160 */
237         TPM_SHORT,
238         TPM_SHORT,
239         TPM_SHORT,
240         TPM_UNDEFINED,
241         TPM_UNDEFINED,          /* 165 */
242         TPM_UNDEFINED,
243         TPM_UNDEFINED,
244         TPM_UNDEFINED,
245         TPM_UNDEFINED,
246         TPM_LONG,               /* 170 */
247         TPM_UNDEFINED,
248         TPM_UNDEFINED,
249         TPM_UNDEFINED,
250         TPM_UNDEFINED,
251         TPM_UNDEFINED,          /* 175 */
252         TPM_UNDEFINED,
253         TPM_UNDEFINED,
254         TPM_UNDEFINED,
255         TPM_UNDEFINED,
256         TPM_MEDIUM,             /* 180 */
257         TPM_SHORT,
258         TPM_MEDIUM,
259         TPM_MEDIUM,
260         TPM_MEDIUM,
261         TPM_MEDIUM,             /* 185 */
262         TPM_SHORT,
263         TPM_UNDEFINED,
264         TPM_UNDEFINED,
265         TPM_UNDEFINED,
266         TPM_UNDEFINED,          /* 190 */
267         TPM_UNDEFINED,
268         TPM_UNDEFINED,
269         TPM_UNDEFINED,
270         TPM_UNDEFINED,
271         TPM_UNDEFINED,          /* 195 */
272         TPM_UNDEFINED,
273         TPM_UNDEFINED,
274         TPM_UNDEFINED,
275         TPM_UNDEFINED,
276         TPM_SHORT,              /* 200 */
277         TPM_UNDEFINED,
278         TPM_UNDEFINED,
279         TPM_UNDEFINED,
280         TPM_SHORT,
281         TPM_SHORT,              /* 205 */
282         TPM_SHORT,
283         TPM_SHORT,
284         TPM_SHORT,
285         TPM_SHORT,
286         TPM_MEDIUM,             /* 210 */
287         TPM_UNDEFINED,
288         TPM_MEDIUM,
289         TPM_MEDIUM,
290         TPM_MEDIUM,
291         TPM_UNDEFINED,          /* 215 */
292         TPM_MEDIUM,
293         TPM_UNDEFINED,
294         TPM_UNDEFINED,
295         TPM_SHORT,
296         TPM_SHORT,              /* 220 */
297         TPM_SHORT,
298         TPM_SHORT,
299         TPM_SHORT,
300         TPM_SHORT,
301         TPM_UNDEFINED,          /* 225 */
302         TPM_UNDEFINED,
303         TPM_UNDEFINED,
304         TPM_UNDEFINED,
305         TPM_UNDEFINED,
306         TPM_SHORT,              /* 230 */
307         TPM_LONG,
308         TPM_MEDIUM,
309         TPM_UNDEFINED,
310         TPM_UNDEFINED,
311         TPM_UNDEFINED,          /* 235 */
312         TPM_UNDEFINED,
313         TPM_UNDEFINED,
314         TPM_UNDEFINED,
315         TPM_UNDEFINED,
316         TPM_SHORT,              /* 240 */
317         TPM_UNDEFINED,
318         TPM_MEDIUM,
319 };
320
321 static void user_reader_timeout(unsigned long ptr)
322 {
323         struct tpm_chip *chip = (struct tpm_chip *) ptr;
324
325         schedule_work(&chip->work);
326 }
327
328 static void timeout_work(void *ptr)
329 {
330         struct tpm_chip *chip = ptr;
331
332         down(&chip->buffer_mutex);
333         atomic_set(&chip->data_pending, 0);
334         memset(chip->data_buffer, 0, TPM_BUFSIZE);
335         up(&chip->buffer_mutex);
336 }
337
338 /*
339  * Returns max number of jiffies to wait
340  */
341 unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip,
342                                            u32 ordinal)
343 {
344         int duration_idx = TPM_UNDEFINED;
345         int duration = 0;
346
347         if (ordinal < TPM_MAX_ORDINAL)
348                 duration_idx = tpm_ordinal_duration[ordinal];
349         else if ((ordinal & TPM_PROTECTED_ORDINAL_MASK) <
350                  TPM_MAX_PROTECTED_ORDINAL)
351                 duration_idx =
352                     tpm_protected_ordinal_duration[ordinal &
353                                                    TPM_PROTECTED_ORDINAL_MASK];
354
355         if (duration_idx != TPM_UNDEFINED)
356                 duration = chip->vendor.duration[duration_idx];
357         if (duration <= 0)
358                 return 2 * 60 * HZ;
359         else
360                 return duration;
361 }
362 EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration);
363
364 /*
365  * Internal kernel interface to transmit TPM commands
366  */
367 static ssize_t tpm_transmit(struct tpm_chip *chip, const char *buf,
368                             size_t bufsiz)
369 {
370         ssize_t rc;
371         u32 count, ordinal;
372         unsigned long stop;
373
374         count = be32_to_cpu(*((__be32 *) (buf + 2)));
375         ordinal = be32_to_cpu(*((__be32 *) (buf + 6)));
376         if (count == 0)
377                 return -ENODATA;
378         if (count > bufsiz) {
379                 dev_err(chip->dev,
380                         "invalid count value %x %zx \n", count, bufsiz);
381                 return -E2BIG;
382         }
383
384         down(&chip->tpm_mutex);
385
386         if ((rc = chip->vendor.send(chip, (u8 *) buf, count)) < 0) {
387                 dev_err(chip->dev,
388                         "tpm_transmit: tpm_send: error %zd\n", rc);
389                 goto out;
390         }
391
392         if (chip->vendor.irq)
393                 goto out_recv;
394
395         stop = jiffies + tpm_calc_ordinal_duration(chip, ordinal);
396         do {
397                 u8 status = chip->vendor.status(chip);
398                 if ((status & chip->vendor.req_complete_mask) ==
399                     chip->vendor.req_complete_val)
400                         goto out_recv;
401
402                 if ((status == chip->vendor.req_canceled)) {
403                         dev_err(chip->dev, "Operation Canceled\n");
404                         rc = -ECANCELED;
405                         goto out;
406                 }
407
408                 msleep(TPM_TIMEOUT);    /* CHECK */
409                 rmb();
410         } while (time_before(jiffies, stop));
411
412         chip->vendor.cancel(chip);
413         dev_err(chip->dev, "Operation Timed out\n");
414         rc = -ETIME;
415         goto out;
416
417 out_recv:
418         rc = chip->vendor.recv(chip, (u8 *) buf, bufsiz);
419         if (rc < 0)
420                 dev_err(chip->dev,
421                         "tpm_transmit: tpm_recv: error %zd\n", rc);
422 out:
423         up(&chip->tpm_mutex);
424         return rc;
425 }
426
427 #define TPM_DIGEST_SIZE 20
428 #define TPM_ERROR_SIZE 10
429 #define TPM_RET_CODE_IDX 6
430 #define TPM_GET_CAP_RET_SIZE_IDX 10
431 #define TPM_GET_CAP_RET_UINT32_1_IDX 14
432 #define TPM_GET_CAP_RET_UINT32_2_IDX 18
433 #define TPM_GET_CAP_RET_UINT32_3_IDX 22
434 #define TPM_GET_CAP_RET_UINT32_4_IDX 26
435 #define TPM_GET_CAP_PERM_DISABLE_IDX 16
436 #define TPM_GET_CAP_PERM_INACTIVE_IDX 18
437 #define TPM_GET_CAP_RET_BOOL_1_IDX 14
438 #define TPM_GET_CAP_TEMP_INACTIVE_IDX 16
439
440 #define TPM_CAP_IDX 13
441 #define TPM_CAP_SUBCAP_IDX 21
442
443 enum tpm_capabilities {
444         TPM_CAP_FLAG = 4,
445         TPM_CAP_PROP = 5,
446 };
447
448 enum tpm_sub_capabilities {
449         TPM_CAP_PROP_PCR = 0x1,
450         TPM_CAP_PROP_MANUFACTURER = 0x3,
451         TPM_CAP_FLAG_PERM = 0x8,
452         TPM_CAP_FLAG_VOL = 0x9,
453         TPM_CAP_PROP_OWNER = 0x11,
454         TPM_CAP_PROP_TIS_TIMEOUT = 0x15,
455         TPM_CAP_PROP_TIS_DURATION = 0x20,
456 };
457
458 /*
459  * This is a semi generic GetCapability command for use
460  * with the capability type TPM_CAP_PROP or TPM_CAP_FLAG
461  * and their associated sub_capabilities.
462  */
463
464 static const u8 tpm_cap[] = {
465         0, 193,                 /* TPM_TAG_RQU_COMMAND */
466         0, 0, 0, 22,            /* length */
467         0, 0, 0, 101,           /* TPM_ORD_GetCapability */
468         0, 0, 0, 0,             /* TPM_CAP_<TYPE> */
469         0, 0, 0, 4,             /* TPM_CAP_SUB_<TYPE> size */
470         0, 0, 1, 0              /* TPM_CAP_SUB_<TYPE> */
471 };
472
473 static ssize_t transmit_cmd(struct tpm_chip *chip, u8 *data, int len,
474                             char *desc)
475 {
476         int err;
477
478         len = tpm_transmit(chip, data, len);
479         if (len <  0)
480                 return len;
481         if (len == TPM_ERROR_SIZE) {
482                 err = be32_to_cpu(*((__be32 *) (data + TPM_RET_CODE_IDX)));
483                 dev_dbg(chip->dev, "A TPM error (%d) occurred %s\n", err, desc);
484                 return err;
485         }
486         return 0;
487 }
488
489 void tpm_gen_interrupt(struct tpm_chip *chip)
490 {
491         u8 data[max_t(int, ARRAY_SIZE(tpm_cap), 30)];
492         ssize_t rc;
493
494         memcpy(data, tpm_cap, sizeof(tpm_cap));
495         data[TPM_CAP_IDX] = TPM_CAP_PROP;
496         data[TPM_CAP_SUBCAP_IDX] = TPM_CAP_PROP_TIS_TIMEOUT;
497
498         rc = transmit_cmd(chip, data, sizeof(data),
499                         "attempting to determine the timeouts");
500 }
501 EXPORT_SYMBOL_GPL(tpm_gen_interrupt);
502
503 void tpm_get_timeouts(struct tpm_chip *chip)
504 {
505         u8 data[max_t(int, ARRAY_SIZE(tpm_cap), 30)];
506         ssize_t rc;
507         u32 timeout;
508
509         memcpy(data, tpm_cap, sizeof(tpm_cap));
510         data[TPM_CAP_IDX] = TPM_CAP_PROP;
511         data[TPM_CAP_SUBCAP_IDX] = TPM_CAP_PROP_TIS_TIMEOUT;
512
513         rc = transmit_cmd(chip, data, sizeof(data),
514                         "attempting to determine the timeouts");
515         if (rc)
516                 goto duration;
517
518         if (be32_to_cpu(*((__be32 *) (data + TPM_GET_CAP_RET_SIZE_IDX)))
519             != 4 * sizeof(u32))
520                 goto duration;
521
522         /* Don't overwrite default if value is 0 */
523         timeout =
524             be32_to_cpu(*((__be32 *) (data + TPM_GET_CAP_RET_UINT32_1_IDX)));
525         if (timeout)
526                 chip->vendor.timeout_a = msecs_to_jiffies(timeout);
527         timeout =
528             be32_to_cpu(*((__be32 *) (data + TPM_GET_CAP_RET_UINT32_2_IDX)));
529         if (timeout)
530                 chip->vendor.timeout_b = msecs_to_jiffies(timeout);
531         timeout =
532             be32_to_cpu(*((__be32 *) (data + TPM_GET_CAP_RET_UINT32_3_IDX)));
533         if (timeout)
534                 chip->vendor.timeout_c = msecs_to_jiffies(timeout);
535         timeout =
536             be32_to_cpu(*((__be32 *) (data + TPM_GET_CAP_RET_UINT32_4_IDX)));
537         if (timeout)
538                 chip->vendor.timeout_d = msecs_to_jiffies(timeout);
539
540 duration:
541         memcpy(data, tpm_cap, sizeof(tpm_cap));
542         data[TPM_CAP_IDX] = TPM_CAP_PROP;
543         data[TPM_CAP_SUBCAP_IDX] = TPM_CAP_PROP_TIS_DURATION;
544
545         rc = transmit_cmd(chip, data, sizeof(data),
546                         "attempting to determine the durations");
547         if (rc)
548                 return;
549
550         if (be32_to_cpu(*((__be32 *) (data + TPM_GET_CAP_RET_SIZE_IDX)))
551             != 3 * sizeof(u32))
552                 return;
553
554         chip->vendor.duration[TPM_SHORT] =
555             msecs_to_jiffies(be32_to_cpu
556                              (*((__be32 *) (data +
557                                             TPM_GET_CAP_RET_UINT32_1_IDX))));
558         chip->vendor.duration[TPM_MEDIUM] =
559             msecs_to_jiffies(be32_to_cpu
560                              (*((__be32 *) (data +
561                                             TPM_GET_CAP_RET_UINT32_2_IDX))));
562         chip->vendor.duration[TPM_LONG] =
563             msecs_to_jiffies(be32_to_cpu
564                              (*((__be32 *) (data +
565                                             TPM_GET_CAP_RET_UINT32_3_IDX))));
566 }
567 EXPORT_SYMBOL_GPL(tpm_get_timeouts);
568
569 void tpm_continue_selftest(struct tpm_chip *chip)
570 {
571         u8 data[] = {
572                 0, 193,                 /* TPM_TAG_RQU_COMMAND */
573                 0, 0, 0, 10,            /* length */
574                 0, 0, 0, 83,            /* TPM_ORD_GetCapability */
575         };
576
577         tpm_transmit(chip, data, sizeof(data));
578 }
579 EXPORT_SYMBOL_GPL(tpm_continue_selftest);
580
581 ssize_t tpm_show_enabled(struct device * dev, struct device_attribute * attr,
582                         char *buf)
583 {
584         u8 data[max_t(int, ARRAY_SIZE(tpm_cap), 35)];
585         ssize_t rc;
586
587         struct tpm_chip *chip = dev_get_drvdata(dev);
588         if (chip == NULL)
589                 return -ENODEV;
590
591         memcpy(data, tpm_cap, sizeof(tpm_cap));
592         data[TPM_CAP_IDX] = TPM_CAP_FLAG;
593         data[TPM_CAP_SUBCAP_IDX] = TPM_CAP_FLAG_PERM;
594
595         rc = transmit_cmd(chip, data, sizeof(data),
596                         "attemtping to determine the permanent state");
597         if (rc)
598                 return 0;
599         return sprintf(buf, "%d\n", !data[TPM_GET_CAP_PERM_DISABLE_IDX]);
600 }
601 EXPORT_SYMBOL_GPL(tpm_show_enabled);
602
603 ssize_t tpm_show_active(struct device * dev, struct device_attribute * attr,
604                         char *buf)
605 {
606         u8 data[max_t(int, ARRAY_SIZE(tpm_cap), 35)];
607         ssize_t rc;
608
609         struct tpm_chip *chip = dev_get_drvdata(dev);
610         if (chip == NULL)
611                 return -ENODEV;
612
613         memcpy(data, tpm_cap, sizeof(tpm_cap));
614         data[TPM_CAP_IDX] = TPM_CAP_FLAG;
615         data[TPM_CAP_SUBCAP_IDX] = TPM_CAP_FLAG_PERM;
616
617         rc = transmit_cmd(chip, data, sizeof(data),
618                         "attemtping to determine the permanent state");
619         if (rc)
620                 return 0;
621         return sprintf(buf, "%d\n", !data[TPM_GET_CAP_PERM_INACTIVE_IDX]);
622 }
623 EXPORT_SYMBOL_GPL(tpm_show_active);
624
625 ssize_t tpm_show_owned(struct device * dev, struct device_attribute * attr,
626                         char *buf)
627 {
628         u8 data[sizeof(tpm_cap)];
629         ssize_t rc;
630
631         struct tpm_chip *chip = dev_get_drvdata(dev);
632         if (chip == NULL)
633                 return -ENODEV;
634
635         memcpy(data, tpm_cap, sizeof(tpm_cap));
636         data[TPM_CAP_IDX] = TPM_CAP_PROP;
637         data[TPM_CAP_SUBCAP_IDX] = TPM_CAP_PROP_OWNER;
638
639         rc = transmit_cmd(chip, data, sizeof(data),
640                         "attempting to determine the owner state");
641         if (rc)
642                 return 0;
643         return sprintf(buf, "%d\n", data[TPM_GET_CAP_RET_BOOL_1_IDX]);
644 }
645 EXPORT_SYMBOL_GPL(tpm_show_owned);
646
647 ssize_t tpm_show_temp_deactivated(struct device * dev,
648                                 struct device_attribute * attr, char *buf)
649 {
650         u8 data[sizeof(tpm_cap)];
651         ssize_t rc;
652
653         struct tpm_chip *chip = dev_get_drvdata(dev);
654         if (chip == NULL)
655                 return -ENODEV;
656
657         memcpy(data, tpm_cap, sizeof(tpm_cap));
658         data[TPM_CAP_IDX] = TPM_CAP_FLAG;
659         data[TPM_CAP_SUBCAP_IDX] = TPM_CAP_FLAG_VOL;
660
661         rc = transmit_cmd(chip, data, sizeof(data),
662                         "attempting to determine the temporary state");
663         if (rc)
664                 return 0;
665         return sprintf(buf, "%d\n", data[TPM_GET_CAP_TEMP_INACTIVE_IDX]);
666 }
667 EXPORT_SYMBOL_GPL(tpm_show_temp_deactivated);
668
669 static const u8 pcrread[] = {
670         0, 193,                 /* TPM_TAG_RQU_COMMAND */
671         0, 0, 0, 14,            /* length */
672         0, 0, 0, 21,            /* TPM_ORD_PcrRead */
673         0, 0, 0, 0              /* PCR index */
674 };
675
676 ssize_t tpm_show_pcrs(struct device *dev, struct device_attribute *attr,
677                       char *buf)
678 {
679         u8 data[max_t(int, max(ARRAY_SIZE(tpm_cap), ARRAY_SIZE(pcrread)), 30)];
680         ssize_t rc;
681         int i, j, num_pcrs;
682         __be32 index;
683         char *str = buf;
684
685         struct tpm_chip *chip = dev_get_drvdata(dev);
686         if (chip == NULL)
687                 return -ENODEV;
688
689         memcpy(data, tpm_cap, sizeof(tpm_cap));
690         data[TPM_CAP_IDX] = TPM_CAP_PROP;
691         data[TPM_CAP_SUBCAP_IDX] = TPM_CAP_PROP_PCR;
692
693         rc = transmit_cmd(chip, data, sizeof(data),
694                         "attempting to determine the number of PCRS");
695         if (rc)
696                 return 0;
697
698         num_pcrs = be32_to_cpu(*((__be32 *) (data + 14)));
699         for (i = 0; i < num_pcrs; i++) {
700                 memcpy(data, pcrread, sizeof(pcrread));
701                 index = cpu_to_be32(i);
702                 memcpy(data + 10, &index, 4);
703                 rc = transmit_cmd(chip, data, sizeof(data),
704                                 "attempting to read a PCR");
705                 if (rc)
706                         goto out;
707                 str += sprintf(str, "PCR-%02d: ", i);
708                 for (j = 0; j < TPM_DIGEST_SIZE; j++)
709                         str += sprintf(str, "%02X ", *(data + 10 + j));
710                 str += sprintf(str, "\n");
711         }
712 out:
713         return str - buf;
714 }
715 EXPORT_SYMBOL_GPL(tpm_show_pcrs);
716
717 #define  READ_PUBEK_RESULT_SIZE 314
718 static const u8 readpubek[] = {
719         0, 193,                 /* TPM_TAG_RQU_COMMAND */
720         0, 0, 0, 30,            /* length */
721         0, 0, 0, 124,           /* TPM_ORD_ReadPubek */
722 };
723
724 ssize_t tpm_show_pubek(struct device *dev, struct device_attribute *attr,
725                        char *buf)
726 {
727         u8 *data;
728         ssize_t err;
729         int i, rc;
730         char *str = buf;
731
732         struct tpm_chip *chip = dev_get_drvdata(dev);
733         if (chip == NULL)
734                 return -ENODEV;
735
736         data = kzalloc(READ_PUBEK_RESULT_SIZE, GFP_KERNEL);
737         if (!data)
738                 return -ENOMEM;
739
740         memcpy(data, readpubek, sizeof(readpubek));
741
742         err = transmit_cmd(chip, data, READ_PUBEK_RESULT_SIZE,
743                         "attempting to read the PUBEK");
744         if (err)
745                 goto out;
746
747         /* 
748            ignore header 10 bytes
749            algorithm 32 bits (1 == RSA )
750            encscheme 16 bits
751            sigscheme 16 bits
752            parameters (RSA 12->bytes: keybit, #primes, expbit)  
753            keylenbytes 32 bits
754            256 byte modulus
755            ignore checksum 20 bytes
756          */
757
758         str +=
759             sprintf(str,
760                     "Algorithm: %02X %02X %02X %02X\nEncscheme: %02X %02X\n"
761                     "Sigscheme: %02X %02X\nParameters: %02X %02X %02X %02X"
762                     " %02X %02X %02X %02X %02X %02X %02X %02X\n"
763                     "Modulus length: %d\nModulus: \n",
764                     data[10], data[11], data[12], data[13], data[14],
765                     data[15], data[16], data[17], data[22], data[23],
766                     data[24], data[25], data[26], data[27], data[28],
767                     data[29], data[30], data[31], data[32], data[33],
768                     be32_to_cpu(*((__be32 *) (data + 34))));
769
770         for (i = 0; i < 256; i++) {
771                 str += sprintf(str, "%02X ", data[i + 38]);
772                 if ((i + 1) % 16 == 0)
773                         str += sprintf(str, "\n");
774         }
775 out:
776         rc = str - buf;
777         kfree(data);
778         return rc;
779 }
780 EXPORT_SYMBOL_GPL(tpm_show_pubek);
781
782 #define CAP_VERSION_1_1 6
783 #define CAP_VERSION_1_2 0x1A
784 #define CAP_VERSION_IDX 13
785 static const u8 cap_version[] = {
786         0, 193,                 /* TPM_TAG_RQU_COMMAND */
787         0, 0, 0, 18,            /* length */
788         0, 0, 0, 101,           /* TPM_ORD_GetCapability */
789         0, 0, 0, 0,
790         0, 0, 0, 0
791 };
792
793 ssize_t tpm_show_caps(struct device *dev, struct device_attribute *attr,
794                       char *buf)
795 {
796         u8 data[max_t(int, max(ARRAY_SIZE(tpm_cap), ARRAY_SIZE(cap_version)), 30)];
797         ssize_t rc;
798         char *str = buf;
799
800         struct tpm_chip *chip = dev_get_drvdata(dev);
801         if (chip == NULL)
802                 return -ENODEV;
803
804         memcpy(data, tpm_cap, sizeof(tpm_cap));
805         data[TPM_CAP_IDX] = TPM_CAP_PROP;
806         data[TPM_CAP_SUBCAP_IDX] = TPM_CAP_PROP_MANUFACTURER;
807
808         rc = transmit_cmd(chip, data, sizeof(data),
809                         "attempting to determine the manufacturer");
810         if (rc)
811                 return 0;
812
813         str += sprintf(str, "Manufacturer: 0x%x\n",
814                        be32_to_cpu(*((__be32 *) (data + TPM_GET_CAP_RET_UINT32_1_IDX))));
815
816         memcpy(data, cap_version, sizeof(cap_version));
817         data[CAP_VERSION_IDX] = CAP_VERSION_1_1;
818         rc = transmit_cmd(chip, data, sizeof(data),
819                         "attempting to determine the 1.1 version");
820         if (rc)
821                 goto out;
822
823         str += sprintf(str,
824                        "TCG version: %d.%d\nFirmware version: %d.%d\n",
825                        (int) data[14], (int) data[15], (int) data[16],
826                        (int) data[17]);
827
828 out:
829         return str - buf;
830 }
831 EXPORT_SYMBOL_GPL(tpm_show_caps);
832
833 ssize_t tpm_show_caps_1_2(struct device * dev,
834                           struct device_attribute * attr, char *buf)
835 {
836         u8 data[max_t(int, max(ARRAY_SIZE(tpm_cap), ARRAY_SIZE(cap_version)), 30)];
837         ssize_t len;
838         char *str = buf;
839
840         struct tpm_chip *chip = dev_get_drvdata(dev);
841         if (chip == NULL)
842                 return -ENODEV;
843
844         memcpy(data, tpm_cap, sizeof(tpm_cap));
845         data[TPM_CAP_IDX] = TPM_CAP_PROP;
846         data[TPM_CAP_SUBCAP_IDX] = TPM_CAP_PROP_MANUFACTURER;
847
848         if ((len = tpm_transmit(chip, data, sizeof(data))) <=
849             TPM_ERROR_SIZE) {
850                 dev_dbg(chip->dev, "A TPM error (%d) occurred "
851                         "attempting to determine the manufacturer\n",
852                         be32_to_cpu(*((__be32 *) (data + TPM_RET_CODE_IDX))));
853                 return 0;
854         }
855
856         str += sprintf(str, "Manufacturer: 0x%x\n",
857                        be32_to_cpu(*((__be32 *) (data + TPM_GET_CAP_RET_UINT32_1_IDX))));
858
859         memcpy(data, cap_version, sizeof(cap_version));
860         data[CAP_VERSION_IDX] = CAP_VERSION_1_2;
861
862         if ((len = tpm_transmit(chip, data, sizeof(data))) <=
863             TPM_ERROR_SIZE) {
864                 dev_err(chip->dev, "A TPM error (%d) occurred "
865                         "attempting to determine the 1.2 version\n",
866                         be32_to_cpu(*((__be32 *) (data + TPM_RET_CODE_IDX))));
867                 goto out;
868         }
869         str += sprintf(str,
870                        "TCG version: %d.%d\nFirmware version: %d.%d\n",
871                        (int) data[16], (int) data[17], (int) data[18],
872                        (int) data[19]);
873
874 out:
875         return str - buf;
876 }
877 EXPORT_SYMBOL_GPL(tpm_show_caps_1_2);
878
879 ssize_t tpm_store_cancel(struct device *dev, struct device_attribute *attr,
880                         const char *buf, size_t count)
881 {
882         struct tpm_chip *chip = dev_get_drvdata(dev);
883         if (chip == NULL)
884                 return 0;
885
886         chip->vendor.cancel(chip);
887         return count;
888 }
889 EXPORT_SYMBOL_GPL(tpm_store_cancel);
890
891 /*
892  * Device file system interface to the TPM
893  */
894 int tpm_open(struct inode *inode, struct file *file)
895 {
896         int rc = 0, minor = iminor(inode);
897         struct tpm_chip *chip = NULL, *pos;
898
899         spin_lock(&driver_lock);
900
901         list_for_each_entry(pos, &tpm_chip_list, list) {
902                 if (pos->vendor.miscdev.minor == minor) {
903                         chip = pos;
904                         break;
905                 }
906         }
907
908         if (chip == NULL) {
909                 rc = -ENODEV;
910                 goto err_out;
911         }
912
913         if (chip->num_opens) {
914                 dev_dbg(chip->dev, "Another process owns this TPM\n");
915                 rc = -EBUSY;
916                 goto err_out;
917         }
918
919         chip->num_opens++;
920         get_device(chip->dev);
921
922         spin_unlock(&driver_lock);
923
924         chip->data_buffer = kmalloc(TPM_BUFSIZE * sizeof(u8), GFP_KERNEL);
925         if (chip->data_buffer == NULL) {
926                 chip->num_opens--;
927                 put_device(chip->dev);
928                 return -ENOMEM;
929         }
930
931         atomic_set(&chip->data_pending, 0);
932
933         file->private_data = chip;
934         return 0;
935
936 err_out:
937         spin_unlock(&driver_lock);
938         return rc;
939 }
940 EXPORT_SYMBOL_GPL(tpm_open);
941
942 int tpm_release(struct inode *inode, struct file *file)
943 {
944         struct tpm_chip *chip = file->private_data;
945
946         spin_lock(&driver_lock);
947         file->private_data = NULL;
948         chip->num_opens--;
949         del_singleshot_timer_sync(&chip->user_read_timer);
950         flush_scheduled_work();
951         atomic_set(&chip->data_pending, 0);
952         put_device(chip->dev);
953         kfree(chip->data_buffer);
954         spin_unlock(&driver_lock);
955         return 0;
956 }
957 EXPORT_SYMBOL_GPL(tpm_release);
958
959 ssize_t tpm_write(struct file *file, const char __user *buf,
960                   size_t size, loff_t *off)
961 {
962         struct tpm_chip *chip = file->private_data;
963         int in_size = size, out_size;
964
965         /* cannot perform a write until the read has cleared
966            either via tpm_read or a user_read_timer timeout */
967         while (atomic_read(&chip->data_pending) != 0)
968                 msleep(TPM_TIMEOUT);
969
970         down(&chip->buffer_mutex);
971
972         if (in_size > TPM_BUFSIZE)
973                 in_size = TPM_BUFSIZE;
974
975         if (copy_from_user
976             (chip->data_buffer, (void __user *) buf, in_size)) {
977                 up(&chip->buffer_mutex);
978                 return -EFAULT;
979         }
980
981         /* atomic tpm command send and result receive */
982         out_size = tpm_transmit(chip, chip->data_buffer, TPM_BUFSIZE);
983
984         atomic_set(&chip->data_pending, out_size);
985         up(&chip->buffer_mutex);
986
987         /* Set a timeout by which the reader must come claim the result */
988         mod_timer(&chip->user_read_timer, jiffies + (60 * HZ));
989
990         return in_size;
991 }
992 EXPORT_SYMBOL_GPL(tpm_write);
993
994 ssize_t tpm_read(struct file *file, char __user *buf,
995                  size_t size, loff_t *off)
996 {
997         struct tpm_chip *chip = file->private_data;
998         int ret_size;
999
1000         del_singleshot_timer_sync(&chip->user_read_timer);
1001         flush_scheduled_work();
1002         ret_size = atomic_read(&chip->data_pending);
1003         atomic_set(&chip->data_pending, 0);
1004         if (ret_size > 0) {     /* relay data */
1005                 if (size < ret_size)
1006                         ret_size = size;
1007
1008                 down(&chip->buffer_mutex);
1009                 if (copy_to_user(buf, chip->data_buffer, ret_size))
1010                         ret_size = -EFAULT;
1011                 up(&chip->buffer_mutex);
1012         }
1013
1014         return ret_size;
1015 }
1016 EXPORT_SYMBOL_GPL(tpm_read);
1017
1018 void tpm_remove_hardware(struct device *dev)
1019 {
1020         struct tpm_chip *chip = dev_get_drvdata(dev);
1021
1022         if (chip == NULL) {
1023                 dev_err(dev, "No device data found\n");
1024                 return;
1025         }
1026
1027         spin_lock(&driver_lock);
1028
1029         list_del(&chip->list);
1030
1031         spin_unlock(&driver_lock);
1032
1033         dev_set_drvdata(dev, NULL);
1034         misc_deregister(&chip->vendor.miscdev);
1035         kfree(chip->vendor.miscdev.name);
1036
1037         sysfs_remove_group(&dev->kobj, chip->vendor.attr_group);
1038         tpm_bios_log_teardown(chip->bios_dir);
1039
1040         clear_bit(chip->dev_num, dev_mask);
1041
1042         kfree(chip);
1043
1044         put_device(dev);
1045 }
1046 EXPORT_SYMBOL_GPL(tpm_remove_hardware);
1047
1048 static u8 savestate[] = {
1049         0, 193,                 /* TPM_TAG_RQU_COMMAND */
1050         0, 0, 0, 10,            /* blob length (in bytes) */
1051         0, 0, 0, 152            /* TPM_ORD_SaveState */
1052 };
1053
1054 /*
1055  * We are about to suspend. Save the TPM state
1056  * so that it can be restored.
1057  */
1058 int tpm_pm_suspend(struct device *dev, pm_message_t pm_state)
1059 {
1060         struct tpm_chip *chip = dev_get_drvdata(dev);
1061         if (chip == NULL)
1062                 return -ENODEV;
1063
1064         tpm_transmit(chip, savestate, sizeof(savestate));
1065         return 0;
1066 }
1067 EXPORT_SYMBOL_GPL(tpm_pm_suspend);
1068
1069 /*
1070  * Resume from a power safe. The BIOS already restored
1071  * the TPM state.
1072  */
1073 int tpm_pm_resume(struct device *dev)
1074 {
1075         struct tpm_chip *chip = dev_get_drvdata(dev);
1076
1077         if (chip == NULL)
1078                 return -ENODEV;
1079
1080         return 0;
1081 }
1082 EXPORT_SYMBOL_GPL(tpm_pm_resume);
1083
1084 /*
1085  * Called from tpm_<specific>.c probe function only for devices 
1086  * the driver has determined it should claim.  Prior to calling
1087  * this function the specific probe function has called pci_enable_device
1088  * upon errant exit from this function specific probe function should call
1089  * pci_disable_device
1090  */
1091 struct tpm_chip *tpm_register_hardware(struct device *dev, const struct tpm_vendor_specific
1092                                        *entry)
1093 {
1094 #define DEVNAME_SIZE 7
1095
1096         char *devname;
1097         struct tpm_chip *chip;
1098
1099         /* Driver specific per-device data */
1100         chip = kzalloc(sizeof(*chip), GFP_KERNEL);
1101         if (chip == NULL)
1102                 return NULL;
1103
1104         init_MUTEX(&chip->buffer_mutex);
1105         init_MUTEX(&chip->tpm_mutex);
1106         INIT_LIST_HEAD(&chip->list);
1107
1108         INIT_WORK(&chip->work, timeout_work, chip);
1109
1110         init_timer(&chip->user_read_timer);
1111         chip->user_read_timer.function = user_reader_timeout;
1112         chip->user_read_timer.data = (unsigned long) chip;
1113
1114         memcpy(&chip->vendor, entry, sizeof(struct tpm_vendor_specific));
1115
1116         chip->dev_num = find_first_zero_bit(dev_mask, TPM_NUM_DEVICES);
1117
1118         if (chip->dev_num >= TPM_NUM_DEVICES) {
1119                 dev_err(dev, "No available tpm device numbers\n");
1120                 kfree(chip);
1121                 return NULL;
1122         } else if (chip->dev_num == 0)
1123                 chip->vendor.miscdev.minor = TPM_MINOR;
1124         else
1125                 chip->vendor.miscdev.minor = MISC_DYNAMIC_MINOR;
1126
1127         set_bit(chip->dev_num, dev_mask);
1128
1129         devname = kmalloc(DEVNAME_SIZE, GFP_KERNEL);
1130         scnprintf(devname, DEVNAME_SIZE, "%s%d", "tpm", chip->dev_num);
1131         chip->vendor.miscdev.name = devname;
1132
1133         chip->vendor.miscdev.dev = dev;
1134         chip->dev = get_device(dev);
1135
1136         if (misc_register(&chip->vendor.miscdev)) {
1137                 dev_err(chip->dev,
1138                         "unable to misc_register %s, minor %d\n",
1139                         chip->vendor.miscdev.name,
1140                         chip->vendor.miscdev.minor);
1141                 put_device(dev);
1142                 clear_bit(chip->dev_num, dev_mask);
1143                 kfree(chip);
1144                 return NULL;
1145         }
1146
1147         spin_lock(&driver_lock);
1148
1149         dev_set_drvdata(dev, chip);
1150
1151         list_add(&chip->list, &tpm_chip_list);
1152
1153         spin_unlock(&driver_lock);
1154
1155         sysfs_create_group(&dev->kobj, chip->vendor.attr_group);
1156
1157         chip->bios_dir = tpm_bios_log_setup(devname);
1158
1159         return chip;
1160 }
1161 EXPORT_SYMBOL_GPL(tpm_register_hardware);
1162
1163 MODULE_AUTHOR("Leendert van Doorn (leendert@watson.ibm.com)");
1164 MODULE_DESCRIPTION("TPM Driver");
1165 MODULE_VERSION("2.0");
1166 MODULE_LICENSE("GPL");