From 7937bd532fe6f6342206b3e002bd791bf25085e0 Mon Sep 17 00:00:00 2001 From: Tian Tao Date: Thu, 29 Apr 2021 15:39:39 +0800 Subject: tpm_crb: Use IOMEM_ERR_PTR when function returns iomem This is to simplify the code, and IOMEM_ERR_PTR(err) is same with (__force void __iomem *)ERR_PTR(err). Signed-off-by: Tian Tao Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen --- drivers/char/tpm/tpm_crb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'drivers/char') diff --git a/drivers/char/tpm/tpm_crb.c b/drivers/char/tpm/tpm_crb.c index a9dcf31eadd2..18606651d1aa 100644 --- a/drivers/char/tpm/tpm_crb.c +++ b/drivers/char/tpm/tpm_crb.c @@ -464,7 +464,7 @@ static void __iomem *crb_map_res(struct device *dev, struct resource *iores, /* Detect a 64 bit address on a 32 bit system */ if (start != new_res.start) - return (void __iomem *) ERR_PTR(-EINVAL); + return IOMEM_ERR_PTR(-EINVAL); if (!iores) return devm_ioremap_resource(dev, &new_res); -- cgit v1.2.3-70-g09d2 From 114e43371c58992c3ceece219cc359f16314b2c9 Mon Sep 17 00:00:00 2001 From: Liguang Zhang Date: Fri, 7 May 2021 22:52:55 +0800 Subject: tpm_tis_spi: set default probe function if device id not match In DSDT table, TPM _CID was SMO0768, and no _HID definition. After a kernel upgrade from 4.19 to 5.10, TPM probe function was changed which causes device probe fails. In order to make newer kernel to be compatible with the older acpi definition, it would be best set default probe function. Signed-off-by: Liguang Zhang Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen --- drivers/char/tpm/tpm_tis_spi_main.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'drivers/char') diff --git a/drivers/char/tpm/tpm_tis_spi_main.c b/drivers/char/tpm/tpm_tis_spi_main.c index 3856f6ebcb34..da632a582621 100644 --- a/drivers/char/tpm/tpm_tis_spi_main.c +++ b/drivers/char/tpm/tpm_tis_spi_main.c @@ -240,10 +240,14 @@ static int tpm_tis_spi_driver_probe(struct spi_device *spi) tpm_tis_spi_probe_func probe_func; probe_func = of_device_get_match_data(&spi->dev); - if (!probe_func && spi_dev_id) - probe_func = (tpm_tis_spi_probe_func)spi_dev_id->driver_data; - if (!probe_func) - return -ENODEV; + if (!probe_func) { + if (spi_dev_id) { + probe_func = (tpm_tis_spi_probe_func)spi_dev_id->driver_data; + if (!probe_func) + return -ENODEV; + } else + probe_func = tpm_tis_spi_probe; + } return probe_func(spi); } -- cgit v1.2.3-70-g09d2 From 446cd6f0f3045dd971845e2082ff7b5dbd235743 Mon Sep 17 00:00:00 2001 From: Tian Tao Date: Mon, 17 May 2021 09:18:44 +0800 Subject: char: tpm: move to use request_irq by IRQF_NO_AUTOEN flag disable_irq() after request_irq() still has a time gap in which interrupts can come. request_irq() with IRQF_NO_AUTOEN flag will disable IRQ auto-enable because of requesting. Link: https://lore.kernel.org/patchwork/patch/1388765/ Signed-off-by: Tian Tao Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen --- drivers/char/tpm/tpm_tis_i2c_cr50.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'drivers/char') diff --git a/drivers/char/tpm/tpm_tis_i2c_cr50.c b/drivers/char/tpm/tpm_tis_i2c_cr50.c index f19c227d20f4..44dde2fbe2fb 100644 --- a/drivers/char/tpm/tpm_tis_i2c_cr50.c +++ b/drivers/char/tpm/tpm_tis_i2c_cr50.c @@ -706,14 +706,14 @@ static int tpm_cr50_i2c_probe(struct i2c_client *client, if (client->irq > 0) { rc = devm_request_irq(dev, client->irq, tpm_cr50_i2c_int_handler, - IRQF_TRIGGER_FALLING | IRQF_ONESHOT, + IRQF_TRIGGER_FALLING | IRQF_ONESHOT | + IRQF_NO_AUTOEN, dev->driver->name, chip); if (rc < 0) { dev_err(dev, "Failed to probe IRQ %d\n", client->irq); return rc; } - disable_irq(client->irq); priv->irq = client->irq; } else { dev_warn(dev, "No IRQ, will use %ums delay for TPM ready\n", -- cgit v1.2.3-70-g09d2 From 5317677db4290366c95f4209de387d6c9b48707f Mon Sep 17 00:00:00 2001 From: Amir Mizinski Date: Tue, 25 May 2021 14:13:25 +0300 Subject: tpm: add longer timeout for TPM2_CC_VERIFY_SIGNATURE While running a TPM2_CC_VERIFY_SIGNATURE operation with RSA 3072-bit keys the TPM driver fails with the following error: "kernel: [ 2416.187522] tpm tpm0: Operation Timed out" Since the TPM PC Client specification does not specify a number for verify signature operation timeout, and the duration of TPM2_CC_VERIFY_SIGNATURE with RSA 3072-bit keys exceeds the current timeout of TPM_LONG (2 seconds), it is preferable to pick the longest timeout possible. Therefore, set the duration for TPM2_CC_VERIFY_SIGNATUE to TPM_LONG_LONG (5 minutes). [jarkko@kernel.org: mangled the short summary a bit] Link: https://trustedcomputinggroup.org/resource/pc-client-specific-platform-firmware-profile-specification/ Signed-off-by: Amir Mizinski Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen --- drivers/char/tpm/tpm2-cmd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'drivers/char') diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c index c84d23951219..a25815a6f625 100644 --- a/drivers/char/tpm/tpm2-cmd.c +++ b/drivers/char/tpm/tpm2-cmd.c @@ -87,7 +87,7 @@ static u8 tpm2_ordinal_duration_index(u32 ordinal) return TPM_MEDIUM; case TPM2_CC_VERIFY_SIGNATURE: /* 177 */ - return TPM_LONG; + return TPM_LONG_LONG; case TPM2_CC_PCR_EXTEND: /* 182 */ return TPM_MEDIUM; -- cgit v1.2.3-70-g09d2 From c46ed2281bbe4b84e6f3d4bdfb0e4e9ab813fa9d Mon Sep 17 00:00:00 2001 From: Javier Martinez Canillas Date: Thu, 27 May 2021 17:23:52 +0200 Subject: tpm_tis_spi: add missing SPI device ID entries The SPI core always reports a "MODALIAS=spi:", even if the device was registered via OF. This means that this module won't auto-load if a DT has for example has a node with a compatible "infineon,slb9670" string. In that case kmod will expect a "MODALIAS=of:N*T*Cinfineon,slb9670" uevent but instead will get a "MODALIAS=spi:slb9670", which is not present in the kernel module aliases: $ modinfo drivers/char/tpm/tpm_tis_spi.ko | grep alias alias: of:N*T*Cgoogle,cr50C* alias: of:N*T*Cgoogle,cr50 alias: of:N*T*Ctcg,tpm_tis-spiC* alias: of:N*T*Ctcg,tpm_tis-spi alias: of:N*T*Cinfineon,slb9670C* alias: of:N*T*Cinfineon,slb9670 alias: of:N*T*Cst,st33htpm-spiC* alias: of:N*T*Cst,st33htpm-spi alias: spi:cr50 alias: spi:tpm_tis_spi alias: acpi*:SMO0768:* To workaround this issue, add in the SPI device ID table all the entries that are present in the OF device ID table. Reported-by: Alexander Wellbrock Signed-off-by: Javier Martinez Canillas Tested-by: Peter Robinson Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen --- drivers/char/tpm/tpm_tis_spi_main.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'drivers/char') diff --git a/drivers/char/tpm/tpm_tis_spi_main.c b/drivers/char/tpm/tpm_tis_spi_main.c index da632a582621..54584b4b00d1 100644 --- a/drivers/char/tpm/tpm_tis_spi_main.c +++ b/drivers/char/tpm/tpm_tis_spi_main.c @@ -264,6 +264,8 @@ static int tpm_tis_spi_remove(struct spi_device *dev) } static const struct spi_device_id tpm_tis_spi_id[] = { + { "st33htpm-spi", (unsigned long)tpm_tis_spi_probe }, + { "slb9670", (unsigned long)tpm_tis_spi_probe }, { "tpm_tis_spi", (unsigned long)tpm_tis_spi_probe }, { "cr50", (unsigned long)cr50_spi_probe }, {} -- cgit v1.2.3-70-g09d2 From 6e0fe58b08e747c73b848de92ccec944f31dddce Mon Sep 17 00:00:00 2001 From: Yang Yingliang Date: Tue, 1 Jun 2021 20:22:30 +0800 Subject: tpm: fix some doc warnings in tpm1-cmd.c Fix the following make W=1 warnings: drivers/char/tpm/tpm1-cmd.c:325: warning: expecting prototype for tpm_startup(). Prototype was for tpm1_startup() instead drivers/char/tpm/tpm1-cmd.c:621: warning: expecting prototype for tpm_continue_selftest(). Prototype was for tpm1_continue_selftest() instead Signed-off-by: Yang Yingliang Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen --- drivers/char/tpm/tpm1-cmd.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'drivers/char') diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c index ca7158fa6e6c..f7dc986fa4a0 100644 --- a/drivers/char/tpm/tpm1-cmd.c +++ b/drivers/char/tpm/tpm1-cmd.c @@ -312,7 +312,7 @@ unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal) #define TPM_ST_CLEAR 1 /** - * tpm_startup() - turn on the TPM + * tpm1_startup() - turn on the TPM * @chip: TPM chip to use * * Normally the firmware should start the TPM. This function is provided as a @@ -611,7 +611,7 @@ out: #define TPM_ORD_CONTINUE_SELFTEST 83 /** - * tpm_continue_selftest() - run TPM's selftest + * tpm1_continue_selftest() - run TPM's selftest * @chip: TPM chip to use * * Returns 0 on success, < 0 in case of fatal error or a value > 0 representing -- cgit v1.2.3-70-g09d2 From 5a118a39ec9207f9b8cddb013ad270c80bc84a1c Mon Sep 17 00:00:00 2001 From: Zhen Lei Date: Thu, 3 Jun 2021 15:49:55 +0800 Subject: tpm_tis: Use DEFINE_RES_MEM() to simplify code Use DEFINE_RES_MEM() to save a couple of lines of code, which is simpler and more readable. The start address does not need to appear twice. Signed-off-by: Zhen Lei Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen --- drivers/char/tpm/tpm_tis.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'drivers/char') diff --git a/drivers/char/tpm/tpm_tis.c b/drivers/char/tpm/tpm_tis.c index 4ed6e660273a..d3f2e5364c27 100644 --- a/drivers/char/tpm/tpm_tis.c +++ b/drivers/char/tpm/tpm_tis.c @@ -363,11 +363,7 @@ static int tpm_tis_force_device(void) { struct platform_device *pdev; static const struct resource x86_resources[] = { - { - .start = 0xFED40000, - .end = 0xFED40000 + TIS_MEM_LEN - 1, - .flags = IORESOURCE_MEM, - }, + DEFINE_RES_MEM(0xFED40000, TIS_MEM_LEN) }; if (!force) -- cgit v1.2.3-70-g09d2 From 0178f9d0f60ba07e09bab57381a3ef18e2c1fd7f Mon Sep 17 00:00:00 2001 From: Jarkko Sakkinen Date: Wed, 9 Jun 2021 16:26:19 +0300 Subject: tpm: Replace WARN_ONCE() with dev_err_once() in tpm_tis_status() Do not tear down the system when getting invalid status from a TPM chip. This can happen when panic-on-warn is used. Instead, introduce TPM_TIS_INVALID_STATUS bitflag and use it to trigger once the error reporting per chip. In addition, print out the value of TPM_STS for improved forensics. Link: https://lore.kernel.org/keyrings/YKzlTR1AzUigShtZ@kroah.com/ Fixes: 55707d531af6 ("tpm_tis: Add a check for invalid status") Cc: stable@vger.kernel.org Signed-off-by: Jarkko Sakkinen Reviewed-by: Greg Kroah-Hartman --- drivers/char/tpm/tpm_tis_core.c | 25 ++++++++++++++++++------- drivers/char/tpm/tpm_tis_core.h | 3 ++- 2 files changed, 20 insertions(+), 8 deletions(-) (limited to 'drivers/char') diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c index 55b9d3965ae1..69579efb247b 100644 --- a/drivers/char/tpm/tpm_tis_core.c +++ b/drivers/char/tpm/tpm_tis_core.c @@ -196,13 +196,24 @@ static u8 tpm_tis_status(struct tpm_chip *chip) return 0; if (unlikely((status & TPM_STS_READ_ZERO) != 0)) { - /* - * If this trips, the chances are the read is - * returning 0xff because the locality hasn't been - * acquired. Usually because tpm_try_get_ops() hasn't - * been called before doing a TPM operation. - */ - WARN_ONCE(1, "TPM returned invalid status\n"); + if (!test_and_set_bit(TPM_TIS_INVALID_STATUS, &priv->flags)) { + /* + * If this trips, the chances are the read is + * returning 0xff because the locality hasn't been + * acquired. Usually because tpm_try_get_ops() hasn't + * been called before doing a TPM operation. + */ + dev_err(&chip->dev, "invalid TPM_STS.x 0x%02x, dumping stack for forensics\n", + status); + + /* + * Dump stack for forensics, as invalid TPM_STS.x could be + * potentially triggered by impaired tpm_try_get_ops() or + * tpm_find_get_ops(). + */ + dump_stack(); + } + return 0; } diff --git a/drivers/char/tpm/tpm_tis_core.h b/drivers/char/tpm/tpm_tis_core.h index 9b2d32a59f67..b2a3c6c72882 100644 --- a/drivers/char/tpm/tpm_tis_core.h +++ b/drivers/char/tpm/tpm_tis_core.h @@ -83,6 +83,7 @@ enum tis_defaults { enum tpm_tis_flags { TPM_TIS_ITPM_WORKAROUND = BIT(0), + TPM_TIS_INVALID_STATUS = BIT(1), }; struct tpm_tis_data { @@ -90,7 +91,7 @@ struct tpm_tis_data { int locality; int irq; bool irq_tested; - unsigned int flags; + unsigned long flags; void __iomem *ilb_base_addr; u16 clkrun_enabled; wait_queue_head_t int_queue; -- cgit v1.2.3-70-g09d2