| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |
|
|
|
|
|
|
|
| |
nbr_dummy_bytes variable could be easily replaced by phy->latency in
st33zp24_spi_send and st33zp24_spi_recv.
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
| |
Simplify st33zp24_spi_acpi_request_resources, st33zp24_spi_of_request_resources
and st33zp24_spi_request_resources to have the same prototype and using
spi_get_drvdata.
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
| |
Simplify st33zp24_i2c_acpi_request_resources, st33zp24_i2c_of_request_resources
and st33zp24_i2c_request_resources to have the same prototype and using
i2c_get_clientdata.
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for acpi probing. SMO3324 is used for st33zp24.
It has been tested with the following acpi node on Minnowboard:
Device (TPM1)
{
Name (_ADR, Zero) // _ADR: Address
Name (_HID, "SMO3324") // _HID: Hardware ID
Name (_CID, "SMO3324") // _CID: Compatible ID
Name (_DDN, "SMO TPM") // _DDN: DOS Device Name
Name (_UID, One) // _UID: Unique ID
Method (_CRS, 0, NotSerialized) // _CRS: Current Resource Settings
{
Name (SBUF, ResourceTemplate ()
{
SpiSerialBus (0, PolarityLow, FourWireMode, 8,
ControllerInitiated, 4000000, ClockPolarityLow,
ClockPhaseFirst, "\\_SB.SPI1",
0x00, ResourceConsumer, ,)
GpioInt (Edge, ActiveHigh, ExclusiveAndWake, PullNone, 0x0000,
"\\_SB.GPO2", 0x00, ResourceConsumer, ,)
{ // Pin list
0x0001
}
GpioIo (Exclusive, PullDefault, 0x0000, 0x0000, IoRestrictionOutputOnly,
"\\_SB.GPO2", 0x00, ResourceConsumer, ,)
{ // Pin list
0x0002,
}
})
Return (SBUF) /* \_SB_.SPI1.TPM1._CRS.SBUF */
}
Method (_STA, 0, NotSerialized) // _STA: Status
{
Return (0x0F)
}
}
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for acpi probing. SMO3324 is used for st33zp24.
It has been tested with the following acpi node on Minnowboard:
Device (TPM1)
{
Name (_ADR, Zero) // _ADR: Address
Name (_HID, "SMO3324") // _HID: Hardware ID
Name (_CID, "SMO3324") // _CID: Compatible ID
Name (_DDN, "SMO TPM") // _DDN: DOS Device Name
Name (_UID, One) // _UID: Unique ID
Method (_CRS, 0, NotSerialized) // _CRS: Current Resource Settings
{
Name (SBUF, ResourceTemplate ()
{
I2cSerialBus (0x0013, ControllerInitiated, 400000,
AddressingMode7Bit, "\\_SB.I2C7",
0x00, ResourceConsumer, ,)
GpioInt (Edge, ActiveHigh, ExclusiveAndWake, PullNone, 0x0000,
"\\_SB.GPO2", 0x00, ResourceConsumer, ,)
{ // Pin list
0x0001
}
GpioIo (Exclusive, PullDefault, 0x0000, 0x0000, IoRestrictionOutputOnly,
"\\_SB.GPO2", 0x00, ResourceConsumer, ,)
{ // Pin list
0x0002,
}
})
Return (SBUF) /* \_SB_.I2C7.TPM1._CRS.SBUF */
}
Method (_STA, 0, NotSerialized) // _STA: Status
{
Return (0x0F)
}
}
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
| |
|
|
|
|
|
|
| |
Extend copyright header to 2016
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
| |
|
|
|
|
|
|
|
| |
Add check in st33zp24_spi_evaluate_latency helping to diagnose if the chip
is present or in a bad state.
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The core st33zp24 module is useless without either the I2C or the
SPI access module. So hide NFC_ST_NCI and select it automatically
if either TCG_TIS_ST33ZP24_I2C or TCG_TIS_ST33ZP24_SPI is selected.
This avoids presenting TCG_TIS_ST33ZP24 when neither TCG_TIS_ST33ZP24_I2C
nor TCG_TIS_ST33ZP24_SPI can be selected.
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
DT headers already define NOOP routines when CONFIG_OF is not defined.
[jarkko.sakkinen@linux.intel.com: I tested that the driver compiles
without warnings and errors with and without CONFIG_OF flag.]
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
| |
|
|
|
|
|
|
|
| |
Remove spi_xfer from st33zp24_spi_phy structure and declare local spi_xfer
when needed instead.
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
| |
|
|
|
|
|
|
|
| |
An affectation is enough when copying 1 byte. Remove memcpy usage where
possible.
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
| |
|
|
|
|
|
|
| |
Make sure every function name use st33zp24_spi_ prefix.
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
| |
|
|
|
|
|
|
|
| |
nbr_dummy_bytes variable could be easily replaced by phy->latency in
st33zp24_spi_send and st33zp24_spi_recv.
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
| |
drivers/char/tpm/tpm_tis.c:838: warning: ‘tpm_tis_resume’ defined but
not used
Reported-by: James Morris <jmorris@namei.org>
Fixes: 00194826e6be ("tpm_tis: Clean up the force=1 module parameter")
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
cc: stable@vger.kernel.org
|
| |
|
|
|
|
|
|
|
| |
Wrong call order.
Reported-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Fixes: 74d6b3ceaa17
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
cc: stable@vger.kernel.org
|
| |
|
|
|
|
|
|
|
| |
In all cases use dev_name() for the mapped resources. This is both
for sake of consistency and also with some platforms resource name
given by ACPI object seems to return garbage.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Fixes: 1bd047be37d9 ("tpm_crb: Use devm_ioremap_resource")
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The commit 0cc698af36ff ("vTPM: support little endian guests") copied
the event, but without the event data, did an endian conversion on the
size and tried to output the event data from the copied version, which
has only have one byte of the data, resulting in garbage event data.
[jarkko.sakkinen@linux.intel.com: fixed minor coding style issues and
renamed the local variable tempPtr as temp_ptr now that there is an
excuse to do this.]
Signed-off-by: Harald Hoyer <harald@redhat.com>
Fixes: 0cc698af36ff ("vTPM: support little endian guests")
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
cc: stable@vger.kernel.org
|
| |
|
|
|
|
|
|
| |
Call put_device() and return error code if devm_add_action() fails.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reported-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Fixes: 8e0ee3c9faed ("tpm: fix the cleanup of struct tpm_chip")
|
| |
|
|
|
|
|
|
|
|
| |
It's better to set the continueSession attribute for the unseal
operation so that the session object is not removed as a side-effect
when the operation is successful. Since a user process created the
session, it should be also decide when the session is destroyed.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Fixes: 5beb0c435b ("keys, trusted: seal with a TPM2 authorization policy")
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If the initialization fails before tpm_chip_register(), put_device()
will be not called, which causes release callback not to be called.
This patch fixes the issue by adding put_device() to devres list of
the parent device.
Fixes: 313d21eeab ("tpm: device class for tpm")
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
cc: stable@vger.kernel.org
Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
|
| |
|
|
|
|
|
|
|
|
| |
Fixed the rollback and gave more self-documenting names for the
functions.
Fixes: d972b0523f ("tpm: fix call order in tpm-chip.c")
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
cc: stable@vger.kernel.org
Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To support the force mode in tpm_tis we need to use resource locking
in tpm_crb as well, via devm_ioremap_resource.
The light restructuring better aligns crb and tis and makes it easier
to see the that new changes make sense.
The control area and its associated buffers do not always fall in the
range of the iomem resource given by the ACPI object. This patch fixes
the issue by mapping the buffers if this is the case.
[jarkko.sakkinen@linux.intel.com: squashed update described in the
last paragraph.]
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
ioread32 and readl are defined to read from PCI style memory, ie little
endian and return the result in host order. On platforms where a
swap is required ioread32/readl do the swap internally (eg see ppc).
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The TPM core has long assumed that every device has a driver attached,
however the force path was attaching the TPM core outside of a driver
context. This isn't generally reliable as the user could detatch the
driver using sysfs or something, but commit b8b2c7d845d5 ("base/platform:
assert that dev_pm_domain callbacks are called unconditionally")
forced the issue by leaving the driver pointer NULL if there is
no probe.
Rework the TPM setup to create a platform device with resources and
then allow the driver core to naturally bind and probe it through the
normal mechanisms. All this structure is needed anyhow to enable TPM
for OF environments.
Finally, since the entire flow is changing convert the init/exit to use
the modern ifdef-less coding style when possible
Reported-by: "Wilck, Martin" <martin.wilck@ts.fujitsu.com>
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Tested-by: Wilck, Martin <martin.wilck@ts.fujitsu.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This does a request_resource under the covers which means tis holds a
lock on the memory range it is using so other drivers cannot grab it.
When doing probing it is important to ensure that other drivers are
not using the same range before tis starts touching it.
To do this flow the actual struct resource from the device right
through to devm_ioremap_resource. This ensures all the proper resource
meta-data is carried down.
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Tested-by: Wilck, Martin <martin.wilck@ts.fujitsu.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the ACPI tables do not declare a memory resource for the TPM2
then do not just fall back to the x86 default base address.
Also be stricter when checking the ancillary TPM2 ACPI data and error
out if any of this data is wrong rather than blindly assuming TPM1.
Fixes: 399235dc6e95 ("tpm, tpm_tis: fix tpm_tis ACPI detection issue with TPM 2.0")
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Tested-by: Wilck, Martin <martin.wilck@ts.fujitsu.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of clearing the global interrupts flag when any device
does not have an interrupt just pass -1 through tpm_info.irq.
The only thing that asks for autoprobing is the force=1 path.
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Tested-by: Wilck, Martin <martin.wilck@ts.fujitsu.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
include/acpi/actbl2.h is the proper place for these definitions
and the needed TPM2 ones have been there since
commit 413d4a6defe0 ("ACPICA: Update TPM2 ACPI table")
This also drops a couple of le32_to_cpu's for members of this table,
the existing swapping was not done consistently, and the standard
used by other Linux callers of acpi_get_table is unswapped.
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Tested-by: Wilck, Martin <martin.wilck@ts.fujitsu.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
In my original patch sealing with policy was done with dynamically
allocated buffer that I changed later into an array so the checks in
tpm2-cmd.c became invalid. This patch fixes the issue.
Fixes: 5beb0c435bdd ("keys, trusted: seal with a TPM2 authorization policy")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
| |
|
|
|
|
|
|
|
|
| |
tpm_tis.c already gets actbl2.h via linux/acpi.h -> acpi/acpi.h ->
acpi/actbl.h -> acpi/actbl2.h, so the direct include in tpm_tis.c
is not needed.
Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
Acked-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TPM2 supports authorization policies, which are essentially
combinational logic statements repsenting the conditions where the data
can be unsealed based on the TPM state. This patch enables to use
authorization policies to seal trusted keys.
Two following new options have been added for trusted keys:
* 'policydigest=': provide an auth policy digest for sealing.
* 'policyhandle=': provide a policy session handle for unsealing.
If 'hash=' option is supplied after 'policydigest=' option, this
will result an error because the state of the option would become
mixed.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Colin Ian King <colin.king@canonical.com>
Reviewed-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added 'hash=' option for selecting the hash algorithm for add_key()
syscall and documentation for it.
Added entry for sm3-256 to the following tables in order to support
TPM_ALG_SM3_256:
* hash_algo_name
* hash_digest_size
Includes support for the following hash algorithms:
* sha1
* sha256
* sha384
* sha512
* sm3-256
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Colin Ian King <colin.king@canonical.com>
Reviewed-by: James Morris <james.l.morris@oracle.com>
Reviewed-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the TPM response reception is interrupted in the wait_event_interruptable
call, the TPM is still busy processing the command and will only deliver the
response later. So we have to wait for an outstanding response before sending
a new request to avoid trying to put a 2nd request into the CRQ. Also reset
the res_len before sending a command so we will end up in that
wait_event_interruptable() waiting for the response rather than reading the
command packet as a response.
The easiest way to trigger the problem is to run the following
cd /sys/device/vio/71000004
while :; cat pcrs >/dev/null; done
And press Ctrl-C. This will then display an error
tpm_ibmvtpm 71000004: tpm_transmit: tpm_recv: error -4
followed by several other errors once interaction with the TPM resumes.
tpm_ibmvtpm 71000004: A TPM error (101) occurred attempting to determine the number of PCRS.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Tested-by: Hon Ching(Vicky) Lo <honclo@linux.vnet.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Ashley Lai <ashley@ashleylai.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
auto-probing doesn't work with shared interrupts, and the auto detection
interrupt range is for x86 only.
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Martin Wilck <Martin.Wilck@ts.fujitsu.com>
Tested-by: Scot Doyle <lkml14@scotdoyle.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that the probe and run cases are merged together we can use a
much simpler setup flow where probe and normal setup are done with
exactly the same code.
Since the new flow always calls tpm_gen_interrupt to confirm the IRQ
there is also no longer any need to call tpm_get_timeouts twice.
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Martin Wilck <Martin.Wilck@ts.fujitsu.com>
Tested-by: Scot Doyle <lkml14@scotdoyle.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The new code that works directly in tpm_tis_send is able to handle
IRQ probing duties as well, so just use it for everything.
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Martin Wilck <Martin.Wilck@ts.fujitsu.com>
Tested-by: Scot Doyle <lkml14@scotdoyle.com>
Signed-off--by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
IRQ probing needs to know that the TPM is working before trying to
probe, so move tpm_get_timeouts() to the top of the tpm_tis_init().
This has the advantage of also getting the correct timeouts loaded
before doing IRQ probing.
All the timeout handling code is moved to tpm_get_timeouts() in order to
remove duplicate code in tpm_tis and tpm_crb.
[jarkko.sakkinen@linux.intel.com: squashed two patches together and
improved the commit message.]
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Martin Wilck <Martin.Wilck@ts.fujitsu.com>
Tested-by: Scot Doyle <lkml14@scotdoyle.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This should be done very early, before anything could possibly
cause the TPM to generate an interrupt. If the IRQ line is shared
with another driver causing an interrupt before setting up our
handler will be very bad.
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Martin Wilck <Martin.Wilck@ts.fujitsu.com>
Tested-by: Scot Doyle <lkml14@scotdoyle.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The interrupt is always allocated with devm_request_irq so it
must always be freed with devm_free_irq.
Fixes: 448e9c55c12d ("tpm_tis: verify interrupt during init")
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Acked-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Martin Wilck <Martin.Wilck@ts.fujitsu.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
commit 07b133e6060b ("char/tpm: simplify duration calculation and
eliminate smatch warning.") includes a misleading test that is always
false. The tpm_ordinal_duration table is only valid for TPM_PROTECTED
ordinals where the higher 16 bits are all 0, anyway.
Signed-off-by: Martin Wilck <Martin.Wilck@ts.fujitsu.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
|
| |\
| |
| |
| | |
into for-linus
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
__compat_only_sysfs_link_entry_to_kobj() was unconditionally called for
TPM1 chips, which caused crash on Acer C720 laptop where DSM for the
ACPI object did not exist.
There are two reasons for unwanted behavior:
* The code did not check whether
__compat_only_sysfs_link_entry_to_kobj() returned -ENOENT. This is
OK. It just meanst that ppi is not available.
* The code did not clean up properly. Compat link should added only
after all other init is done.
This patch sorts out these issues.
Fixes: 9b774d5cf2db
Reported-by: Jeremiah Mahler <jmmahler@gmail.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jeremiah Mahler <jmmahler@gmail.com>
Acked-by: Peter Huewe <PeterHuewe@gmx.de>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
The 'migratable' flag was not added to the key payload. This patch
fixes the problem.
Fixes: 0fe5480303a1 ("keys, trusted: seal/unseal with TPM 2.0 chips")
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <PeterHuewe@gmx.de>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Mimi reported that afb5abc reverts the fix in 398a1e7. This patch
reverts it back.
Fixes: afb5abc262e9 ("tpm: two-phase chip management functions")
Reported-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <PeterHuewe@gmx.de>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Reference to the 'np' node is dropped before dereferencing the 'sizep' and
'basep' pointers, which could by then point to junk if the node has been
freed.
Refactor code to call 'of_node_put' later.
Fixes: c5df39262dd5 ("drivers/char/tpm: Add securityfs support for event log")
Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <PeterHuewe@gmx.de>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If the probing finishes without success, it will leave the value 15 in
the TPM_IRQ_VECTOR register. If the driver is unloaded and reloaded, it
will "think" that the hardware had been programmed with IRQ 15, and will
not probe again.
This patch restores the original value in the IO memory if no IRQ is
probed.
Signed-off-by: Martin Wilck <Martin.Wilck@ts.fujitsu.com>
Acked-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <PeterHuewe@gmx.de>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Release IRQs used for probing only. Otherwise the TPM will end up
with all IRQs 3-15 assigned.
Fixes: afb5abc262e9 ("tpm: two-phase chip management functions")
Signed-off-by: Martin Wilck <Martin.Wilck@ts.fujitsu.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <PeterHuewe@gmx.de>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem update from James Morris:
"This is mostly maintenance updates across the subsystem, with a
notable update for TPM 2.0, and addition of Jarkko Sakkinen as a
maintainer of that"
* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (40 commits)
apparmor: clarify CRYPTO dependency
selinux: Use a kmem_cache for allocation struct file_security_struct
selinux: ioctl_has_perm should be static
selinux: use sprintf return value
selinux: use kstrdup() in security_get_bools()
selinux: use kmemdup in security_sid_to_context_core()
selinux: remove pointless cast in selinux_inode_setsecurity()
selinux: introduce security_context_str_to_sid
selinux: do not check open perm on ftruncate call
selinux: change CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE default
KEYS: Merge the type-specific data with the payload data
KEYS: Provide a script to extract a module signature
KEYS: Provide a script to extract the sys cert list from a vmlinux file
keys: Be more consistent in selection of union members used
certs: add .gitignore to stop git nagging about x509_certificate_list
KEYS: use kvfree() in add_key
Smack: limited capability for changing process label
TPM: remove unnecessary little endian conversion
vTPM: support little endian guests
char: Drop owner assignment from i2c_driver
...
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The base pointer for the event log is allocated in the local
kernel (in prom_instantiate_sml()), therefore it is already in
the host's endian byte order and requires no conversion.
The content of the 'basep' pointer in read_log() stores the
base address of the log. This patch ensures that it is correctly
implemented.
Signed-off-by: Hon Ching(Vicky) Lo <honclo@linux.vnet.ibm.com>
Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
Reviewed-by: Ashley Lai <ashley@ahsleylai.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch makes the code endianness independent. We defined a
macro do_endian_conversion to apply endianness to raw integers
in the event entries so that they will be displayed properly.
tpm_binary_bios_measurements_show() is modified for the display.
Signed-off-by: Hon Ching(Vicky) Lo <honclo@linux.vnet.ibm.com>
Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
Reviewed-by: Ashley Lai <ashley@ahsleylai.com>
Reviewed-by: Ashley Lai <ashley@ahsleylai.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
