summaryrefslogtreecommitdiff
path: root/include/linux/tpm.h
AgeCommit message (Collapse)AuthorFilesLines
2017-04-03tpm_crb: request and relinquish locality 0Jarkko Sakkinen1-1/+2
This commit adds support for requesting and relinquishing locality 0 in tpm_crb for the course of command transmission. In order to achieve this, two new callbacks are added to struct tpm_class_ops: - request_locality - relinquish_locality With CRB interface you first set either requestAccess or relinquish bit from TPM_LOC_CTRL_x register and then wait for locAssigned and tpmRegValidSts bits to be set in the TPM_LOC_STATE_x register. The reason why were are doing this is to make sure that the driver will work properly with Intel TXT that uses locality 2. There's no explicit guarantee that it would relinquish this locality. In more general sense this commit enables tpm_crb to be a well behaving citizen in a multi locality environment. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Tested-by: Jerry Snitselaar <jsnitsel@redhat.com>
2016-07-19tpm: Factor out common startup codeJason Gunthorpe1-0/+5
The TCG standard startup sequence (get timeouts, tpm startup, etc) for TPM and TPM2 chips is being open coded in many drivers, move it into the core code. tpm_tis and tpm_crb are used as the basis for the core code implementation and the easy drivers are converted. In the process several small drivers bugs relating to error handling this flow are fixed. For now the flag TPM_OPS_AUTO_STARTUP is optional to allow a staged driver roll out, but ultimately all drivers should use this flow and the flag removed. Some drivers still do not implement the startup sequence at all and will need to be tested with it enabled. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Tested-by: Andrew Zamansky <andrew.zamansky@nuvoton.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2015-10-19tpm: seal/unseal for TPM 2.0Jarkko Sakkinen1-0/+26
Added tpm_trusted_seal() and tpm_trusted_unseal() API for sealing trusted keys. This patch implements basic sealing and unsealing functionality for TPM 2.0: * Seal with a parent key using a 20 byte auth value. * Unseal with a parent key using a 20 byte auth value. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-07-29tpm: Provide a generic means to override the chip returned timeoutsJason Gunthorpe1-0/+3
Some Atmel TPMs provide completely wrong timeouts from their TPM_CAP_PROP_TIS_TIMEOUT query. This patch detects that and returns new correct values via a DID/VID table in the TIS driver. Tested on ARM using an AT97SC3204T FW version 37.16 Cc: <stable@vger.kernel.org> [PHuewe: without this fix these 'broken' Atmel TPMs won't function on older kernels] Signed-off-by: "Berg, Christopher" <Christopher.Berg@atmel.com> Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-01-06tpm: Create a tpm_class_ops structure and use it in the driversJason Gunthorpe1-0/+12
This replaces the static initialization of a tpm_vendor_specific structure in the drivers with the standard Linux idiom of providing a const structure of function pointers. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com> Reviewed-by: Ashley Lai <adlai@linux.vnet.ibm.com> [phuewe: did apply manually due to commit 191ffc6bde3 tpm/tpm_i2c_atmel: fix coccinelle warnings] Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2013-05-21tpm: move TPM_DIGEST_SIZE defintionMimi Zohar1-0/+2
IMA requires access to TPM_DIGEST_SIZE definition. This patch moves the definition to <linux/tpm.h>. Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2012-08-22tpm: Move tpm_get_random api into the TPM device driverKent Yoder1-0/+4
Move the tpm_get_random api from the trusted keys code into the TPM device driver itself so that other callers can make use of it. Also, change the api slightly so that the number of bytes read is returned in the call, since the TPM command can potentially return fewer bytes than requested. Acked-by: David Safford <safford@linux.vnet.ibm.com> Reviewed-by: H. Peter Anvin <hpa@linux.intel.com> Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2010-11-29key: add tpm_send commandMimi Zohar1-0/+4
Add internal kernel tpm_send() command used to seal/unseal keys. Changelog: - replaced module_put in tpm_send() with new tpm_chip_put() wrapper (suggested by David Howells) - Make tpm_send() cmd argument a 'void *' (suggested by David Howells) Signed-off-by: David Safford <safford@watson.ibm.com> Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Acked-by: David Howells <dhowells@redhat.com> Acked-by: Serge E. Hallyn <serge.hallyn@canonical.com> Signed-off-by: James Morris <jmorris@namei.org>
2009-10-29tpm: fix header for modular buildRandy Dunlap1-1/+1
Fix build for TCG_TPM=m. Header file doesn't handle this and incorrectly builds stubs. drivers/char/tpm/tpm.c:720: error: redefinition of 'tpm_pcr_read' include/linux/tpm.h:35: error:previous definition of 'tpm_pcr_read' was here drivers/char/tpm/tpm.c:752: error: redefinition of 'tpm_pcr_extend' include/linux/tpm.h:38: error:previous definition of 'tpm_pcr_extend' was here Repairs linux-next's commit d6ba452128178091dab7a04d54f7e66fdc32fb39 Author: Mimi Zohar <zohar@linux.vnet.ibm.com> Date: Mon Oct 26 09:26:18 2009 -0400 tpm add default function definitions Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com> Cc: Rajiv Andrade <srajiv@linux.vnet.ibm.com> Cc: Mimi Zohar <zohar@us.ibm.com> Cc: James Morris <jmorris@namei.org> Cc: Eric Paris <eparis@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: James Morris <jmorris@namei.org>
2009-10-28tpm add default function definitionsMimi Zohar1-0/+7
Add default tpm_pcr_read/extend function definitions required by IMA/Kconfig changes. Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Reviewed-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
2009-02-03TPM: integrity interfaceRajiv Andrade1-0/+35
This patch adds internal kernel support for: - reading/extending a pcr value - looking up the tpm_chip for a given chip number Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com> Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>