Commit Graph

573 Commits

Author SHA1 Message Date
Christophe Ricard
1ba3b0b6f2 tpm/tpm_i2c_stm_st33: Fix potential bug in tpm_stm_i2c_send
When sending data in tpm_stm_i2c_send, each loop iteration send buf.
Send buf + i instead as the goal of this for loop is to send a number
of byte from buf that fit in burstcnt. Once those byte are sent, we are
supposed to send the next ones.

The driver was working because the burstcount value returns always the maximum size for a TPM
command or response. (0x800 for a command and 0x400 for a response).

Cc: stable@vger.kernel.org

Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2015-01-17 14:00:06 +01:00
Markus Elfring
2dfc2deda2 char: tpm: Deletion of unnecessary checks before the function call "tpm_dev_vendor_release"
The tpm_dev_vendor_release() function tests whether its argument is NULL
and then returns immediately. Thus the test around the call is not needed.

This issue was detected by using the Coccinelle software.

Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2015-01-17 14:00:06 +01:00
Fabian Frederick
9fd8e5a25e tpm: remove unnecessary sizeof(u8)
sizeof(u8) is always 1.

Signed-off-by: Fabian Frederick <fabf@skynet.be>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2015-01-17 14:00:06 +01:00
Hon Ching (Vicky) Lo
84eb186bc3 tpm: Fix NULL return in tpm_ibmvtpm_get_desired_dma
There was an oops in tpm_ibmvtpm_get_desired_dma, which caused
kernel panic during boot when vTPM is enabled in Power partition
configured in AMS mode.

vio_bus_probe calls vio_cmo_bus_probe which calls
tpm_ibmvtpm_get_desired_dma to get the size needed for DMA allocation.
The problem is, vio_cmo_bus_probe is called before calling probe, which
for vtpm is tpm_ibmvtpm_probe and it's this function that initializes
and sets up vtpm's CRQ and gets required data values.  Therefore,
since this has not yet been done, NULL is returned in attempt to get
the size for DMA allocation.

We added a NULL check.  In addition, a default buffer size will
be set when NULL is returned.

Cc: <stable@vger.kernel.org>
Signed-off-by: Hon Ching (Vicky) Lo <honclo@linux.vnet.ibm.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2015-01-17 14:00:06 +01:00
Scot Doyle
448e9c55c1 tpm_tis: verify interrupt during init
Some machines, such as the Acer C720 and Toshiba CB35, have TPMs that do
not send IRQs while also having an ACPI TPM entry indicating that they
will be sent. These machines freeze on resume while the tpm_tis module
waits for an IRQ, eventually timing out.

When in interrupt mode, the tpm_tis module should receive an IRQ during
module init. Fall back to polling mode if none is received when expected.

Cc: <stable@vger.kernel.org>
Signed-off-by: Scot Doyle <lkml14@scotdoyle.com>
Tested-by: Michael Mullin <masmullin@gmail.com>
Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
[phuewe: minor checkpatch fixed]
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2015-01-17 14:00:05 +01:00
Kiran Padwal
bb95cd34ba char: tpm: Add missing error check for devm_kzalloc
Currently these driver are missing a check on the return value of devm_kzalloc,
which would cause a NULL pointer dereference in a OOM situation.

This patch adds a missing check for tpm_i2c_atmel.c and tpm_i2c_nuvoton.c

Cc: stable@vger.kernel.org
Signed-off-by: Kiran Padwal <kiran.padwal@smartplayin.com>
Reviewed-By: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2015-01-17 14:00:05 +01:00
David Howells
398a1e71dc TPM: Add new TPMs to the tail of the list to prevent inadvertent change of dev
Add newly registered TPMs to the tail of the list, not the beginning, so that
things that are specifying TPM_ANY_NUM don't find that the device they're
using has inadvertently changed.  Adding a second device would break IMA, for
instance.

Cc: stable@vger.kernel.org
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2015-01-17 14:00:05 +01:00
Wolfram Sang
05e6cc68af char: tpm: drop owner assignment from platform_drivers
A platform_driver does not need to set an owner, it will be populated by the
driver core.

Signed-off-by: Wolfram Sang <wsa@the-dreams.de>
2014-10-20 16:20:21 +02:00
David Vrabel
95afae4814 xen: remove DEFINE_XENBUS_DRIVER() macro
The DEFINE_XENBUS_DRIVER() macro looks a bit weird and causes sparse
errors.

Replace the uses with standard structure definitions instead.  This is
similar to pci and usb device registration.

Signed-off-by: David Vrabel <david.vrabel@citrix.com>
2014-10-06 10:27:57 +01:00
Andy Shevchenko
a3d64df849 tpm: simplify code by using %*phN specifier
Instead of looping by ourselves we may use %*phN specifier to dump a small
buffer.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
[ PHuewe: removed now unused variable i ]
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-07-29 23:10:56 +02:00
Jason Gunthorpe
8e54caf407 tpm: Provide a generic means to override the chip returned timeouts
Some Atmel TPMs provide completely wrong timeouts from their
TPM_CAP_PROP_TIS_TIMEOUT query. This patch detects that and returns
new correct values via a DID/VID table in the TIS driver.

Tested on ARM using an AT97SC3204T FW version 37.16

Cc: <stable@vger.kernel.org>
[PHuewe: without this fix these 'broken' Atmel TPMs won't function on
older kernels]
Signed-off-by: "Berg, Christopher" <Christopher.Berg@atmel.com>
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-07-29 23:10:56 +02:00
Jarkko Sakkinen
3e14d83ef9 tpm: missing tpm_chip_put in tpm_get_random()
Regression in 41ab999c. Call to tpm_chip_put is missing. This
will cause TPM device driver not to unload if tmp_get_random()
is called.

Cc: <stable@vger.kernel.org> # 3.7+
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-07-29 23:10:55 +02:00
Stefan Berger
b49e1043c4 tpm: Properly clean sysfs entries in error path
Properly clean the sysfs entries in the error path

Cc: <stable@vger.kernel.org>
Reported-by: Dmitry Kasatkin <dmitry.kasatkin@gmail.com>
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-07-29 23:10:55 +02:00
Jason Gunthorpe
f07a5e9a33 tpm: Add missing tpm_do_selftest to ST33 I2C driver
Most device drivers do call 'tpm_do_selftest' which executes a
TPM_ContinueSelfTest. tpm_i2c_stm_st33 is just pointlessly different,
I think it is bug.

These days we have the general assumption that the TPM is usable by
the kernel immediately after the driver is finished, so we can no
longer defer the mandatory self test to userspace.

Cc: <stable@vger.kernel.org> # 3.12+
Reported-by: Richard Marciel <rmaciel@linux.vnet.ibm.com>
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-07-29 23:10:55 +02:00
Rafael J. Wysocki
0e36d43c9c Merge branch 'acpica'
* acpica: (63 commits)
  ACPICA: Namespace: Remove _PRP method support.
  ACPI: Fix x86 regression related to early mapping size limitation
  ACPICA: Tables: Add mechanism to control early table checksum verification.
  ACPICA: acpidump: Fix repetitive table dump in -n mode.
  ACPI: Clean up acpi_os_map/unmap_memory() to eliminate __iomem.
  ACPICA: Clean up redudant definitions already defined elsewhere
  ACPICA: Linux headers: Add <asm/acenv.h> to remove mis-ordered inclusion of <asm/acpi.h>
  ACPICA: Linux headers: Add <acpi/platform/aclinuxex.h>
  ACPICA: Linux headers: Remove ACPI_PREEMPTION_POINT() due to no usages.
  ACPICA: Update version to 20140424.
  ACPICA: Comment/format update, no functional change.
  ACPICA: Events: Update GPE handling and initialization code.
  ACPICA: Remove extraneous error message for large number of GPEs.
  ACPICA: Tables: Remove old mechanism to validate if XSDT contains NULL entries.
  ACPICA: Tables: Add new mechanism to skip NULL entries in RSDT and XSDT.
  ACPICA: acpidump: Add support to force using RSDT.
  ACPICA: Back port of improvements on exception code.
  ACPICA: Back port of _PRP update.
  ACPICA: acpidump: Fix truncated RSDP signature validation.
  ACPICA: Linux header: Add support for stubbed externals.
  ...
2014-06-03 23:12:27 +02:00
Lv Zheng
a238317ce8 ACPI: Clean up acpi_os_map/unmap_memory() to eliminate __iomem.
ACPICA doesn't include protections around address space checking, Linux
build tests always complain increased sparse warnings around ACPICA
internal acpi_os_map/unmap_memory() invocations.  This patch tries to fix
this issue permanently.

There are 2 choices left for us to solve this issue:
 1. Add __iomem address space awareness into ACPICA.
 2. Remove sparse checker of __iomem from ACPICA source code.

This patch chooses solution 2, because:
 1.  Most of the acpi_os_map/unmap_memory() invocations are used for ACPICA.
     table mappings, which in fact are not IO addresses.
 2.  The only IO addresses usage is for "system memory space" mapping code in:
      drivers/acpi/acpica/exregion.c
      drivers/acpi/acpica/evrgnini.c
      drivers/acpi/acpica/exregion.c
    The mapped address is accessed in the handler of "system memory space"
    - acpi_ex_system_memory_space_handler().  This function in fact can be
    changed to invoke acpi_os_read/write_memory() so that __iomem can
    always be type-casted in the OSL layer.

According to the above investigation, we drew the following conclusion:
It is not a good idea to introduce __iomem address space awareness into
ACPICA mostly in order to protect non-IO addresses.

We can simply remove __iomem for acpi_os_map/unmap_memory() to remove
__iomem checker for ACPICA code. Then we need to enforce external usages
to invoke other APIs that are aware of __iomem address space.
The external usages are:
 drivers/acpi/apei/einj.c
 drivers/acpi/acpi_extlog.c
 drivers/char/tpm/tpm_acpi.c
 drivers/acpi/nvs.c

This patch thus performs cleanups in this way:
 1. Add acpi_os_map/unmap_iomem() to be invoked by non-ACPICA code.
 2. Remove __iomem from acpi_os_map/unmap_memory().

Signed-off-by: Lv Zheng <lv.zheng@intel.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
2014-05-27 18:13:08 +02:00
Rafael J. Wysocki
f759546498 ACPI / TPM: Fix resume regression on Chromebooks
Chromebooks (at least Acer C720 and Pixel) implement an ACPI object
for TPM, but don't implement the _DSM method to support PPI.  As
a result, the TPM driver fails to load on those machines after
commit 1569a4c4ce (ACPI / TPM: detect PPI features by checking
availability of _DSM functions) which causes them to fail to
resume from system suspend, becuase they require the TPM hardware
to be put into the right state during resume and the TPM driver
is necessary for that.

Fix the problem by making tpm_add_ppi() return 0 when tpm_ppi_handle
is still NULL after walking the ACPI namespace in search for the PPI
_DSM, which allows the TPM driver to load and operate the hardware
(during system resume in particular), but avoid creating the PPI
sysfs group in that case.

This change is based on a prototype patch from Jiang Liu.

Fixes: 1569a4c4ce (ACPI / TPM: detect PPI features by checking availability of _DSM functions)
References: https://bugzilla.kernel.org/show_bug.cgi?id=74021
Reported-by: James Duley <jagduley@gmail.com>
Reported-by: Phillip Dixon <phil@dixon.gen.nz>
Tested-by: Brandon Casey <drafnel@gmail.com>
Cc: 3.14+ <stable@vger.kernel.org> # 3.14+
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
2014-05-12 01:13:28 +02:00
Uwe Kleine-König
ce816fa88c Kconfig: rename HAS_IOPORT to HAS_IOPORT_MAP
If the renamed symbol is defined lib/iomap.c implements ioport_map and
ioport_unmap and currently (nearly) all platforms define the port
accessor functions outb/inb and friend unconditionally.  So
HAS_IOPORT_MAP is the better name for this.

Consequently NO_IOPORT is renamed to NO_IOPORT_MAP.

The motivation for this change is to reintroduce a symbol HAS_IOPORT
that signals if outb/int et al are available.  I will address that at
least one merge window later though to keep surprises to a minimum and
catch new introductions of (HAS|NO)_IOPORT.

The changes in this commit were done using:

	$ git grep -l -E '(NO|HAS)_IOPORT' | xargs perl -p -i -e 's/\b((?:CONFIG_)?(?:NO|HAS)_IOPORT)\b/$1_MAP/'

Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-04-07 16:36:11 -07:00
Paul Gortmaker
4c020b032b drivers/char: delete non-required instances of include <linux/init.h>
None of these files are actually using any __init type directives
and hence don't need to include <linux/init.h>.  Most are just a
left over from __devinit and __cpuinit removal, or simply due to
code getting copied from one driver to the next.

Cc: David Airlie <airlied@linux.ie>
Cc: Matt Mackall <mpm@selenic.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Kukjin Kim <kgene.kim@samsung.com>
Cc: Corey Minyard <minyard@acm.org>
Cc: Chris Metcalf <cmetcalf@tilera.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Peter Huewe <peterhuewe@gmx.de>
Cc: Ashley Lai <ashley@ashleylai.com>
Cc: Marcel Selhorst <tpmdd@selhorst.net>
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-02-07 15:10:19 -08:00
Linus Torvalds
09da8dfa98 ACPI and power management updates for 3.14-rc1
- ACPI core changes to make it create a struct acpi_device object for every
    device represented in the ACPI tables during all namespace scans regardless
    of the current status of that device.  In accordance with this, ACPI hotplug
    operations will not delete those objects, unless the underlying ACPI tables
    go away.
 
  - On top of the above, new sysfs attribute for ACPI device objects allowing
    user space to check device status by triggering the execution of _STA for
    its ACPI object.  From Srinivas Pandruvada.
 
  - ACPI core hotplug changes reducing code duplication, integrating the
    PCI root hotplug with the core and reworking container hotplug.
 
  - ACPI core simplifications making it use ACPI_COMPANION() in the code
    "glueing" ACPI device objects to "physical" devices.
 
  - ACPICA update to upstream version 20131218.  This adds support for the
    DBG2 and PCCT tables to ACPICA, fixes some bugs and improves debug
    facilities.  From Bob Moore, Lv Zheng and Betty Dall.
 
  - Init code change to carry out the early ACPI initialization earlier.
    That should allow us to use ACPI during the timekeeping initialization
    and possibly to simplify the EFI initialization too.  From Chun-Yi Lee.
 
  - Clenups of the inclusions of ACPI headers in many places all over from
    Lv Zheng and Rashika Kheria (work in progress).
 
  - New helper for ACPI _DSM execution and rework of the code in drivers
    that uses _DSM to execute it via the new helper.  From Jiang Liu.
 
  - New Win8 OSI blacklist entries from Takashi Iwai.
 
  - Assorted ACPI fixes and cleanups from Al Stone, Emil Goode, Hanjun Guo,
    Lan Tianyu, Masanari Iida, Oliver Neukum, Prarit Bhargava, Rashika Kheria,
    Tang Chen, Zhang Rui.
 
  - intel_pstate driver updates, including proper Baytrail support, from
    Dirk Brandewie and intel_pstate documentation from Ramkumar Ramachandra.
 
  - Generic CPU boost ("turbo") support for cpufreq from Lukasz Majewski.
 
  - powernow-k6 cpufreq driver fixes from Mikulas Patocka.
 
  - cpufreq core fixes and cleanups from Viresh Kumar, Jane Li, Mark Brown.
 
  - Assorted cpufreq drivers fixes and cleanups from Anson Huang, John Tobias,
    Paul Bolle, Paul Walmsley, Sachin Kamat, Shawn Guo, Viresh Kumar.
 
  - cpuidle cleanups from Bartlomiej Zolnierkiewicz.
 
  - Support for hibernation APM events from Bin Shi.
 
  - Hibernation fix to avoid bringing up nonboot CPUs with ACPI EC disabled
    during thaw transitions from Bjørn Mork.
 
  - PM core fixes and cleanups from Ben Dooks, Leonardo Potenza, Ulf Hansson.
 
  - PNP subsystem fixes and cleanups from Dmitry Torokhov, Levente Kurusa,
    Rashika Kheria.
 
  - New tool for profiling system suspend from Todd E Brandt and a cpupower
    tool cleanup from One Thousand Gnomes.
 
 /
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABCAAGBQJS3a1eAAoJEILEb/54YlRxnTgP/iGawvgjKWm6Qqp7WSIvd5gQ
 zZ6q75C6Pc/W2fq1+OzVGnpCF8WYFy+nFDAXOvUHjIXuoxSwFcuW5l4aMckgl/0a
 TXEWe9MJrCHHRfDApfFacCJ44U02bjJAD5vTyL/hKA+IHeinq4WCSojryYC+8jU0
 cBrUIV0aNH8r5JR2WJNAyv/U29rXsDUOu0I4qTqZ4YaZT6AignMjtLXn1e9AH1Pn
 DPZphTIo/HMnb+kgBOjt4snMk+ahVO9eCOxh/hH8ecnWExw9WynXoU5Nsna0tSZs
 ssyHC7BYexD3oYsG8D52cFUpp4FCsJ0nFQNa2kw0LY+0FBNay43LySisKYHZPXEs
 2WpESDv+/t7yhtnrvM+TtA7aBheKm2XMWGFSu/aERLE17jIidOkXKH5Y7ryYLNf/
 uyRKxNS0NcZWZ0G+/wuY02jQYNkfYz3k/nTr8BAUItRBjdporGIRNEnR9gPzgCUC
 uQhjXWMPulqubr8xbyefPWHTEzU2nvbXwTUWGjrBxSy8zkyy5arfqizUj+VG6afT
 NsboANoMHa9b+xdzigSFdA3nbVK6xBjtU6Ywntk9TIpODKF5NgfARx0H+oSH+Zrj
 32bMzgZtHw/lAbYsnQ9OnTY6AEWQYt6NMuVbTiLXrMHhM3nWwfg/XoN4nZqs6jPo
 IYvE6WhQZU6L6fptGHFC
 =dRf6
 -----END PGP SIGNATURE-----

Merge tag 'pm+acpi-3.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm

Pull ACPI and power management updates from Rafael Wysocki:
 "As far as the number of commits goes, the top spot belongs to ACPI
  this time with cpufreq in the second position and a handful of PM
  core, PNP and cpuidle updates.  They are fixes and cleanups mostly, as
  usual, with a couple of new features in the mix.

  The most visible change is probably that we will create struct
  acpi_device objects (visible in sysfs) for all devices represented in
  the ACPI tables regardless of their status and there will be a new
  sysfs attribute under those objects allowing user space to check that
  status via _STA.

  Consequently, ACPI device eject or generally hot-removal will not
  delete those objects, unless the table containing the corresponding
  namespace nodes is unloaded, which is extremely rare.  Also ACPI
  container hotplug will be handled quite a bit differently and cpufreq
  will support CPU boost ("turbo") generically and not only in the
  acpi-cpufreq driver.

  Specifics:

   - ACPI core changes to make it create a struct acpi_device object for
     every device represented in the ACPI tables during all namespace
     scans regardless of the current status of that device.  In
     accordance with this, ACPI hotplug operations will not delete those
     objects, unless the underlying ACPI tables go away.

   - On top of the above, new sysfs attribute for ACPI device objects
     allowing user space to check device status by triggering the
     execution of _STA for its ACPI object.  From Srinivas Pandruvada.

   - ACPI core hotplug changes reducing code duplication, integrating
     the PCI root hotplug with the core and reworking container hotplug.

   - ACPI core simplifications making it use ACPI_COMPANION() in the
     code "glueing" ACPI device objects to "physical" devices.

   - ACPICA update to upstream version 20131218.  This adds support for
     the DBG2 and PCCT tables to ACPICA, fixes some bugs and improves
     debug facilities.  From Bob Moore, Lv Zheng and Betty Dall.

   - Init code change to carry out the early ACPI initialization
     earlier.  That should allow us to use ACPI during the timekeeping
     initialization and possibly to simplify the EFI initialization too.
     From Chun-Yi Lee.

   - Clenups of the inclusions of ACPI headers in many places all over
     from Lv Zheng and Rashika Kheria (work in progress).

   - New helper for ACPI _DSM execution and rework of the code in
     drivers that uses _DSM to execute it via the new helper.  From
     Jiang Liu.

   - New Win8 OSI blacklist entries from Takashi Iwai.

   - Assorted ACPI fixes and cleanups from Al Stone, Emil Goode, Hanjun
     Guo, Lan Tianyu, Masanari Iida, Oliver Neukum, Prarit Bhargava,
     Rashika Kheria, Tang Chen, Zhang Rui.

   - intel_pstate driver updates, including proper Baytrail support,
     from Dirk Brandewie and intel_pstate documentation from Ramkumar
     Ramachandra.

   - Generic CPU boost ("turbo") support for cpufreq from Lukasz
     Majewski.

   - powernow-k6 cpufreq driver fixes from Mikulas Patocka.

   - cpufreq core fixes and cleanups from Viresh Kumar, Jane Li, Mark
     Brown.

   - Assorted cpufreq drivers fixes and cleanups from Anson Huang, John
     Tobias, Paul Bolle, Paul Walmsley, Sachin Kamat, Shawn Guo, Viresh
     Kumar.

   - cpuidle cleanups from Bartlomiej Zolnierkiewicz.

   - Support for hibernation APM events from Bin Shi.

   - Hibernation fix to avoid bringing up nonboot CPUs with ACPI EC
     disabled during thaw transitions from Bjørn Mork.

   - PM core fixes and cleanups from Ben Dooks, Leonardo Potenza, Ulf
     Hansson.

   - PNP subsystem fixes and cleanups from Dmitry Torokhov, Levente
     Kurusa, Rashika Kheria.

   - New tool for profiling system suspend from Todd E Brandt and a
     cpupower tool cleanup from One Thousand Gnomes"

* tag 'pm+acpi-3.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: (153 commits)
  thermal: exynos: boost: Automatic enable/disable of BOOST feature (at Exynos4412)
  cpufreq: exynos4x12: Change L0 driver data to CPUFREQ_BOOST_FREQ
  Documentation: cpufreq / boost: Update BOOST documentation
  cpufreq: exynos: Extend Exynos cpufreq driver to support boost
  cpufreq / boost: Kconfig: Support for software-managed BOOST
  acpi-cpufreq: Adjust the code to use the common boost attribute
  cpufreq: Add boost frequency support in core
  intel_pstate: Add trace point to report internal state.
  cpufreq: introduce cpufreq_generic_get() routine
  ARM: SA1100: Create dummy clk_get_rate() to avoid build failures
  cpufreq: stats: create sysfs entries when cpufreq_stats is a module
  cpufreq: stats: free table and remove sysfs entry in a single routine
  cpufreq: stats: remove hotplug notifiers
  cpufreq: stats: handle cpufreq_unregister_driver() and suspend/resume properly
  cpufreq: speedstep: remove unused speedstep_get_state
  platform: introduce OF style 'modalias' support for platform bus
  PM / tools: new tool for suspend/resume performance optimization
  ACPI: fix module autoloading for ACPI enumerated devices
  ACPI: add module autoloading support for ACPI enumerated devices
  ACPI: fix create_modalias() return value handling
  ...
2014-01-24 15:51:02 -08:00
Linus Torvalds
84621c9b18 Features:
- FIFO event channels. Key advantages: support for over 100,000 events (2^17),
    16 different event priorities, improved fairness in event latency through
    the use of FIFOs.
  - Xen PVH support. "It’s a fully PV kernel mode, running with paravirtualized
    disk and network, paravirtualized interrupts and timers, no emulated devices
    of any kind (and thus no qemu), no BIOS or legacy boot — but instead of
    requiring PV MMU, it uses the HVM hardware extensions to virtualize the
    pagetables, as well as system calls and other privileged operations."
    (from "The Paravirtualization Spectrum, Part 2: From poles to a spectrum")
 Bug-fixes:
  - Fixes in balloon driver (refactor and make it work under ARM)
  - Allow xenfb to be used in HVM guests.
  - Allow xen_platform_pci=0 to work properly.
  - Refactors in event channels.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJS4BmLAAoJEFjIrFwIi8fJ4SAH/iNGESowgMhfW64vRA8pBWq+
 NRJpUjYjjwmbxpwoNl6NPwn15cIXFyc3sMtvvrDD3taRDyko2RFuT+NTjpO05xPh
 d/cRpRXpXERHoiFgPf/WTp7ONBDhvPtHG0+BzJKwgqEIOUYXdbhD+gEjaVlFJScS
 CAY68OLmk7XYMSZBNzPfKNbSCyhVgZF7wpaimK9lxZBKsFRCDIq6jIyrAsC8epIL
 6V/V4l2S6lk/uUeGB6ULphYeINjI2kkpbSfCd1vyenLfWpVscc2o8uWEYFcZMAxy
 V4HpsoseuqrfdDqgPfud3VgogdISvbkCvDfW85rzfDP4MWxei2mVHFtJ/gSBV+g=
 =ToNG
 -----END PGP SIGNATURE-----

Merge tag 'stable/for-linus-3.14-rc0-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip

Pull Xen updates from Konrad Rzeszutek Wilk:
 "Two major features that Xen community is excited about:

  The first is event channel scalability by David Vrabel - we switch
  over from an two-level per-cpu bitmap of events (IRQs) - to an FIFO
  queue with priorities.  This lets us be able to handle more events,
  have lower latency, and better scalability.  Good stuff.

  The other is PVH by Mukesh Rathor.  In short, PV is a mode where the
  kernel lets the hypervisor program page-tables, segments, etc.  With
  EPT/NPT capabilities in current processors, the overhead of doing this
  in an HVM (Hardware Virtual Machine) container is much lower than the
  hypervisor doing it for us.

  In short we let a PV guest run without doing page-table, segment,
  syscall, etc updates through the hypervisor - instead it is all done
  within the guest container.  It is a "hybrid" PV - hence the 'PVH'
  name - a PV guest within an HVM container.

  The major benefits are less code to deal with - for example we only
  use one function from the the pv_mmu_ops (which has 39 function
  calls); faster performance for syscall (no context switches into the
  hypervisor); less traps on various operations; etc.

  It is still being baked - the ABI is not yet set in stone.  But it is
  pretty awesome and we are excited about it.

  Lastly, there are some changes to ARM code - you should get a simple
  conflict which has been resolved in #linux-next.

  In short, this pull has awesome features.

  Features:
   - FIFO event channels.  Key advantages: support for over 100,000
     events (2^17), 16 different event priorities, improved fairness in
     event latency through the use of FIFOs.
   - Xen PVH support.  "It’s a fully PV kernel mode, running with
     paravirtualized disk and network, paravirtualized interrupts and
     timers, no emulated devices of any kind (and thus no qemu), no BIOS
     or legacy boot — but instead of requiring PV MMU, it uses the HVM
     hardware extensions to virtualize the pagetables, as well as system
     calls and other privileged operations." (from "The
     Paravirtualization Spectrum, Part 2: From poles to a spectrum")

  Bug-fixes:
   - Fixes in balloon driver (refactor and make it work under ARM)
   - Allow xenfb to be used in HVM guests.
   - Allow xen_platform_pci=0 to work properly.
   - Refactors in event channels"

* tag 'stable/for-linus-3.14-rc0-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip: (52 commits)
  xen/pvh: Set X86_CR0_WP and others in CR0 (v2)
  MAINTAINERS: add git repository for Xen
  xen/pvh: Use 'depend' instead of 'select'.
  xen: delete new instances of __cpuinit usage
  xen/fb: allow xenfb initialization for hvm guests
  xen/evtchn_fifo: fix error return code in evtchn_fifo_setup()
  xen-platform: fix error return code in platform_pci_init()
  xen/pvh: remove duplicated include from enlighten.c
  xen/pvh: Fix compile issues with xen_pvh_domain()
  xen: Use dev_is_pci() to check whether it is pci device
  xen/grant-table: Force to use v1 of grants.
  xen/pvh: Support ParaVirtualized Hardware extensions (v3).
  xen/pvh: Piggyback on PVHVM XenBus.
  xen/pvh: Piggyback on PVHVM for grant driver (v4)
  xen/grant: Implement an grant frame array struct (v3).
  xen/grant-table: Refactor gnttab_init
  xen/grants: Remove gnttab_max_grant_frames dependency on gnttab_init.
  xen/pvh: Piggyback on PVHVM for event channels (v2)
  xen/pvh: Update E820 to work with PVH (v2)
  xen/pvh: Secondary VCPU bringup (non-bootup CPUs)
  ...
2014-01-22 22:00:18 -08:00
Linus Torvalds
fb2e2c8537 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security layer updates from James Morris:
 "Changes for this kernel include maintenance updates for Smack, SELinux
  (and several networking fixes), IMA and TPM"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (39 commits)
  SELinux: Fix memory leak upon loading policy
  tpm/tpm-sysfs: active_show() can be static
  tpm: tpm_tis: Fix compile problems with CONFIG_PM_SLEEP/CONFIG_PNP
  tpm: Make tpm-dev allocate a per-file structure
  tpm: Use the ops structure instead of a copy in tpm_vendor_specific
  tpm: Create a tpm_class_ops structure and use it in the drivers
  tpm: Pull all driver sysfs code into tpm-sysfs.c
  tpm: Move sysfs functions from tpm-interface to tpm-sysfs
  tpm: Pull everything related to /dev/tpmX into tpm-dev.c
  char: tpm: nuvoton: remove unused variable
  tpm: MAINTAINERS: Cleanup TPM Maintainers file
  tpm/tpm_i2c_atmel: fix coccinelle warnings
  tpm/tpm_ibmvtpm: fix unreachable code warning (smatch warning)
  tpm/tpm_i2c_stm_st33: Check return code of get_burstcount
  tpm/tpm_ppi: Check return value of acpi_get_name
  tpm/tpm_ppi: Do not compare strcmp(a,b) == -1
  ima: remove unneeded size_limit argument from ima_eventdigest_init_common()
  ima: update IMA-templates.txt documentation
  ima: pass HASH_ALGO__LAST as hash algo in ima_eventdigest_init()
  ima: change the default hash algorithm to SHA1 in ima_eventdigest_ng_init()
  ...
2014-01-21 09:06:02 -08:00
Rafael J. Wysocki
fbb9c10d40 Merge branch 'acpi-dsm'
* acpi-dsm:
  ACPI / extlog: replace open-coded _DSM code with helper functions
  ACPI / nouveau: replace open-coded _DSM code with helper functions
  nouveau / ACPI: fix memory leak in ACPI _DSM related code
  ACPI / i915: replace open-coded _DSM code with helper functions
  ACPI / i2c-hid: replace open-coded _DSM code with helper functions
  ACPI / TPM: detect PPI features by checking availability of _DSM functions
  ACPI / TPM: replace open-coded _DSM code with helper functions
  ACPI / TPM: match node name instead of full path when searching for TPM device
  PCI / pci-label: treat PCI label with index 0 as valid label
  ACPI / PCI: replace open-coded _DSM code with helper functions
  PCI / pci-label: release allocated ACPI object on error recovery path
  ACPI: introduce helper interfaces for _DSM method
2014-01-12 23:45:52 +01:00
Rafael J. Wysocki
98feb7cc61 Merge branch 'acpi-cleanup'
* acpi-cleanup: (22 commits)
  ACPI / tables: Return proper error codes from acpi_table_parse() and fix comment.
  ACPI / tables: Check if id is NULL in acpi_table_parse()
  ACPI / proc: Include appropriate header file in proc.c
  ACPI / EC: Remove unused functions and add prototype declaration in internal.h
  ACPI / dock: Include appropriate header file in dock.c
  ACPI / PCI: Include appropriate header file in pci_link.c
  ACPI / PCI: Include appropriate header file in pci_slot.c
  ACPI / EC: Mark the function acpi_ec_add_debugfs() as static in ec_sys.c
  ACPI / NVS: Include appropriate header file in nvs.c
  ACPI / OSL: Mark the function acpi_table_checksum() as static
  ACPI / processor: initialize a variable to silence compiler warning
  ACPI / processor: use ACPI_COMPANION() to get ACPI device
  ACPI: correct minor typos
  ACPI / sleep: Drop redundant acpi_disabled check
  ACPI / dock: Drop redundant acpi_disabled check
  ACPI / table: Replace '1' with specific error return values
  ACPI: remove trailing whitespace
  ACPI / IBFT: Fix incorrect <acpi/acpi.h> inclusion in iSCSI boot firmware module
  ACPI / i915: Fix incorrect <acpi/acpi.h> inclusions via <linux/acpi_io.h>
  SFI / ACPI: Fix warnings reported during builds with W=1
  ...

Conflicts:
	drivers/acpi/nvs.c
	drivers/hwmon/asus_atk0110.c
2014-01-12 23:44:09 +01:00
Fengguang Wu
5f64822d63 tpm/tpm-sysfs: active_show() can be static
so we make it static

CC: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
CC: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-01-06 14:37:25 +01:00
Jason Gunthorpe
19b94d2df5 tpm: tpm_tis: Fix compile problems with CONFIG_PM_SLEEP/CONFIG_PNP
If CONFIG_PM_SLEEP=n, CONFIG_PNP=y we get this warning:

drivers/char/tpm/tpm_tis.c:706:13: warning: 'tpm_tis_reenable_interrupts' defined but not used [-Wunused-function]

This seems to have been introduced in a2fa3fb0d 'tpm: convert tpm_tis driver
to use dev_pm_ops from legacy pm_ops'

Also, unpon reviewing, the #ifdefs around tpm_tis_pm are not right, the first
reference is protected, the second is not. tpm_tis_pm is always defined so we
can drop the #ifdef.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-01-06 14:37:25 +01:00
Jason Gunthorpe
e3302e0d6d tpm: Make tpm-dev allocate a per-file structure
This consolidates everything that is only used within tpm-dev.c
into tpm-dev.c and out of the publicly visible struct tpm_chip.

The per-file allocation lays the ground work for someday fixing the
strange forced O_EXCL behaviour of the current code.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com>
Reviewed-by: Ashley Lai <adlai@linux.vnet.ibm.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-01-06 14:37:25 +01:00
Jason Gunthorpe
5f82e9f004 tpm: Use the ops structure instead of a copy in tpm_vendor_specific
This builds on the last commit to use the ops structure in the core
and reduce the size of tpm_vendor_specific.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com>
Reviewed-by: Ashley Lai <adlai@linux.vnet.ibm.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-01-06 14:37:25 +01:00
Jason Gunthorpe
01ad1fa75d tpm: Create a tpm_class_ops structure and use it in the drivers
This replaces the static initialization of a tpm_vendor_specific
structure in the drivers with the standard Linux idiom of providing
a const structure of function pointers.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com>
Reviewed-by: Ashley Lai <adlai@linux.vnet.ibm.com>
[phuewe: did apply manually due to commit
191ffc6bde3 tpm/tpm_i2c_atmel: fix coccinelle warnings]
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-01-06 14:37:25 +01:00
Jason Gunthorpe
1e3b73a957 tpm: Pull all driver sysfs code into tpm-sysfs.c
The tpm core now sets up and controls all sysfs attributes, instead
of having each driver have a unique take on it.

All drivers now now have a uniform set of attributes, and no sysfs
related entry points are exported from the tpm core module.

This also uses the new method used to declare sysfs attributes
with DEVICE_ATTR_RO and 'struct attribute *'

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
[phuewe: had to apply the tpm_i2c_atmel part manually due to commit
191ffc6bde3fc tpm/tpm_i2c_atmel: fix coccinelle warnings]

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-01-06 14:37:25 +01:00
Jason Gunthorpe
000a07b0aa tpm: Move sysfs functions from tpm-interface to tpm-sysfs
CLASS-sysfs.c is a common idiom for linux subsystems.

This is the first step to pulling all the sysfs support code from
the drivers into tpm-sysfs. This is a plain text copy from tpm-interface
with support changes to make it compile.

_tpm_pcr_read is made non-static and is called tpm_pcr_read_dev.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-01-06 14:37:24 +01:00
Jason Gunthorpe
afdba32e2a tpm: Pull everything related to /dev/tpmX into tpm-dev.c
CLASS-dev.c is a common idiom for Linux subsystems

This pulls all the code related to the miscdev into tpm-dev.c and makes it
static. The identical file_operation structs in the drivers are purged and the
tpm common code unconditionally creates the miscdev.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com>
Reviewed-by: Ashley Lai <adlai@linux.vnet.ibm.com>
[phuewe:
tpm_dev_release is now used only in this file, thus the EXPORT_SYMBOL
can be dropped and the function be marked as static.
It has no other in-kernel users]
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-01-06 14:37:24 +01:00
Michal Nazarewicz
d65e55d499 char: tpm: nuvoton: remove unused variable
“wait” wait queue is defined but never used in the function, thus
it can be removed.

Signed-off-by: Michal Nazarewicz <mina86@mina86.com>
Acked-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-01-06 14:37:24 +01:00
Fengguang Wu
ba6a09d7c0 tpm/tpm_i2c_atmel: fix coccinelle warnings
drivers/char/tpm/tpm_i2c_atmel.c:178:8-9: WARNING: return of 0/1 in function 'i2c_atmel_req_canceled' with return type bool

 Return statements in functions returning bool should use
 true/false instead of 1/0.
Generated by: coccinelle/misc/boolreturn.cocci

CC: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
CC: Peter Huewe <peterhuewe@gmx.de>
Acked-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Signed-off-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-01-06 14:37:24 +01:00
Peter Huewe
37bd99d7cb tpm/tpm_ibmvtpm: fix unreachable code warning (smatch warning)
smatch complains:
drivers/char/tpm/tpm_ibmvtpm.c:510
ibmvtpm_crq_process() info: ignoring unreachable code.

-> The return is not necessary here, remove it

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-01-06 14:37:24 +01:00
Peter Huewe
85c5e0d451 tpm/tpm_i2c_stm_st33: Check return code of get_burstcount
The 'get_burstcount' function can in some circumstances 'return -EBUSY' which
in tpm_stm_i2c_send is stored in an 'u32 burstcnt'
thus converting the signed value into an unsigned value, resulting
in 'burstcnt' being huge.
Changing the type to u32 only does not solve the problem as the signed
value is converted to an unsigned in I2C_WRITE_DATA, resulting in the
same effect.

Thus
-> Change type of burstcnt to u32 (the return type of get_burstcount)
-> Add a check for the return value of 'get_burstcount' and propagate a
potential error.

This makes also sense in the 'I2C_READ_DATA' case, where the there is no
signed/unsigned conversion.

found by coverity
Cc: stable@vger.kernel.org
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-01-06 14:37:24 +01:00
Peter Huewe
238b1eaa59 tpm/tpm_ppi: Check return value of acpi_get_name
If
 status = acpi_get_name(handle, ACPI_FULL_PATHNAME, &buffer);
fails for whatever reason and does not return AE_OK
 if (strstr(buffer.pointer, context) != NULL) {
does dereference a null pointer.

-> Check the return value and return the status to the caller

Found by coverity
Cc: stable@vger.kernel.org
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-01-06 14:37:23 +01:00
Peter Huewe
747d35bd9b tpm/tpm_ppi: Do not compare strcmp(a,b) == -1
Depending on the implementation strcmp might return the difference between
two strings not only -1,0,1 consequently
 if (strcmp (a,b) == -1)
might lead to taking the wrong branch

-> compare with < 0  instead,
which in any case is more canonical.

Cc: stable@vger.kernel.org
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2014-01-06 14:37:23 +01:00
Jiang Liu
1569a4c4ce ACPI / TPM: detect PPI features by checking availability of _DSM functions
Detecting physical presence interface features by checking availbility
of corresponding ACPI _DSM functions, it should be more accurate than
checking TPM version number.

Signed-off-by: Jiang Liu <jiang.liu@linux.intel.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
2014-01-05 16:07:15 +01:00
Jiang Liu
84b1667dea ACPI / TPM: replace open-coded _DSM code with helper functions
Use helper functions to simplify _DSM related code in TPM driver.

This patch also help to get rid of following warning messages:
[  163.509575] ACPI Error: Incorrect return type [Buffer] requested [Package]
(20130517/nsxfeval-135)

But there is still an warning left.
[  181.637366] ACPI Warning: \_SB_.IIO0.LPC0.TPM_._DSM: Argument #4 type
mismatch - Found [Buffer], ACPI requires [Package] (20130517/nsarguments-95)

Signed-off-by: Jiang Liu <jiang.liu@linux.intel.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
2014-01-05 16:07:14 +01:00
Jiang Liu
529139c973 ACPI / TPM: match node name instead of full path when searching for TPM device
When searching ACPI object for TPM device, it should match current
ACPI object name instead of the full path.

Signed-off-by: Jiang Liu <jiang.liu@linux.intel.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
2014-01-05 16:07:14 +01:00
Jiang Liu
df45c712d1 ACPI / TPM: fix memory leak when walking ACPI namespace
In function ppi_callback(), memory allocated by acpi_get_name() will get
leaked when current device isn't the desired TPM device, so fix the
memory leak.

Signed-off-by: Jiang Liu <jiang.liu@linux.intel.com>
Cc: All applicable <stable@vger.kernel.org>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
2014-01-05 15:54:21 +01:00
Konrad Rzeszutek Wilk
51c71a3bba xen/pvhvm: If xen_platform_pci=0 is set don't blow up (v4).
The user has the option of disabling the platform driver:
00:02.0 Unassigned class [ff80]: XenSource, Inc. Xen Platform Device (rev 01)

which is used to unplug the emulated drivers (IDE, Realtek 8169, etc)
and allow the PV drivers to take over. If the user wishes
to disable that they can set:

  xen_platform_pci=0
  (in the guest config file)

or
  xen_emul_unplug=never
  (on the Linux command line)

except it does not work properly. The PV drivers still try to
load and since the Xen platform driver is not run - and it
has not initialized the grant tables, most of the PV drivers
stumble upon:

input: Xen Virtual Keyboard as /devices/virtual/input/input5
input: Xen Virtual Pointer as /devices/virtual/input/input6M
------------[ cut here ]------------
kernel BUG at /home/konrad/ssd/konrad/linux/drivers/xen/grant-table.c:1206!
invalid opcode: 0000 [#1] SMP
Modules linked in: xen_kbdfront(+) xenfs xen_privcmd
CPU: 6 PID: 1389 Comm: modprobe Not tainted 3.13.0-rc1upstream-00021-ga6c892b-dirty #1
Hardware name: Xen HVM domU, BIOS 4.4-unstable 11/26/2013
RIP: 0010:[<ffffffff813ddc40>]  [<ffffffff813ddc40>] get_free_entries+0x2e0/0x300
Call Trace:
 [<ffffffff8150d9a3>] ? evdev_connect+0x1e3/0x240
 [<ffffffff813ddd0e>] gnttab_grant_foreign_access+0x2e/0x70
 [<ffffffffa0010081>] xenkbd_connect_backend+0x41/0x290 [xen_kbdfront]
 [<ffffffffa0010a12>] xenkbd_probe+0x2f2/0x324 [xen_kbdfront]
 [<ffffffff813e5757>] xenbus_dev_probe+0x77/0x130
 [<ffffffff813e7217>] xenbus_frontend_dev_probe+0x47/0x50
 [<ffffffff8145e9a9>] driver_probe_device+0x89/0x230
 [<ffffffff8145ebeb>] __driver_attach+0x9b/0xa0
 [<ffffffff8145eb50>] ? driver_probe_device+0x230/0x230
 [<ffffffff8145eb50>] ? driver_probe_device+0x230/0x230
 [<ffffffff8145cf1c>] bus_for_each_dev+0x8c/0xb0
 [<ffffffff8145e7d9>] driver_attach+0x19/0x20
 [<ffffffff8145e260>] bus_add_driver+0x1a0/0x220
 [<ffffffff8145f1ff>] driver_register+0x5f/0xf0
 [<ffffffff813e55c5>] xenbus_register_driver_common+0x15/0x20
 [<ffffffff813e76b3>] xenbus_register_frontend+0x23/0x40
 [<ffffffffa0015000>] ? 0xffffffffa0014fff
 [<ffffffffa001502b>] xenkbd_init+0x2b/0x1000 [xen_kbdfront]
 [<ffffffff81002049>] do_one_initcall+0x49/0x170

.. snip..

which is hardly nice. This patch fixes this by having each
PV driver check for:
 - if running in PV, then it is fine to execute (as that is their
   native environment).
 - if running in HVM, check if user wanted 'xen_emul_unplug=never',
   in which case bail out and don't load any PV drivers.
 - if running in HVM, and if PCI device 5853:0001 (xen_platform_pci)
   does not exist, then bail out and not load PV drivers.
 - (v2) if running in HVM, and if the user wanted 'xen_emul_unplug=ide-disks',
   then bail out for all PV devices _except_ the block one.
   Ditto for the network one ('nics').
 - (v2) if running in HVM, and if the user wanted 'xen_emul_unplug=unnecessary'
   then load block PV driver, and also setup the legacy IDE paths.
   In (v3) make it actually load PV drivers.

Reported-by: Sander Eikelenboom <linux@eikelenboom.it
Reported-by: Anthony PERARD <anthony.perard@citrix.com>
Reported-and-Tested-by: Fabio Fantoni <fabio.fantoni@m2r.biz>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
[v2: Add extra logic to handle the myrid ways 'xen_emul_unplug'
can be used per Ian and Stefano suggestion]
[v3: Make the unnecessary case work properly]
[v4: s/disks/ide-disks/ spotted by Fabio]
Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Bjorn Helgaas <bhelgaas@google.com> [for PCI parts]
CC: stable@vger.kernel.org
2014-01-03 14:54:18 -05:00
Lv Zheng
8b48463f89 ACPI: Clean up inclusions of ACPI header files
Replace direct inclusions of <acpi/acpi.h>, <acpi/acpi_bus.h> and
<acpi/acpi_drivers.h>, which are incorrect, with <linux/acpi.h>
inclusions and remove some inclusions of those files that aren't
necessary.

First of all, <acpi/acpi.h>, <acpi/acpi_bus.h> and <acpi/acpi_drivers.h>
should not be included directly from any files that are built for
CONFIG_ACPI unset, because that generally leads to build warnings about
undefined symbols in !CONFIG_ACPI builds.  For CONFIG_ACPI set,
<linux/acpi.h> includes those files and for CONFIG_ACPI unset it
provides stub ACPI symbols to be used in that case.

Second, there are ordering dependencies between those files that always
have to be met.  Namely, it is required that <acpi/acpi_bus.h> be included
prior to <acpi/acpi_drivers.h> so that the acpi_pci_root declarations the
latter depends on are always there.  And <acpi/acpi.h> which provides
basic ACPICA type declarations should always be included prior to any other
ACPI headers in CONFIG_ACPI builds.  That also is taken care of including
<linux/acpi.h> as appropriate.

Signed-off-by: Lv Zheng <lv.zheng@intel.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Matthew Garrett <mjg59@srcf.ucam.org>
Cc: Tony Luck <tony.luck@intel.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Acked-by: Bjorn Helgaas <bhelgaas@google.com> (drivers/pci stuff)
Acked-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> (Xen stuff)
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
2013-12-07 01:03:14 +01:00
Linus Torvalds
78dc53c422 Merge branch 'for-linus2' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris:
 "In this patchset, we finally get an SELinux update, with Paul Moore
  taking over as maintainer of that code.

  Also a significant update for the Keys subsystem, as well as
  maintenance updates to Smack, IMA, TPM, and Apparmor"

and since I wanted to know more about the updates to key handling,
here's the explanation from David Howells on that:

 "Okay.  There are a number of separate bits.  I'll go over the big bits
  and the odd important other bit, most of the smaller bits are just
  fixes and cleanups.  If you want the small bits accounting for, I can
  do that too.

   (1) Keyring capacity expansion.

        KEYS: Consolidate the concept of an 'index key' for key access
        KEYS: Introduce a search context structure
        KEYS: Search for auth-key by name rather than target key ID
        Add a generic associative array implementation.
        KEYS: Expand the capacity of a keyring

     Several of the patches are providing an expansion of the capacity of a
     keyring.  Currently, the maximum size of a keyring payload is one page.
     Subtract a small header and then divide up into pointers, that only gives
     you ~500 pointers on an x86_64 box.  However, since the NFS idmapper uses
     a keyring to store ID mapping data, that has proven to be insufficient to
     the cause.

     Whatever data structure I use to handle the keyring payload, it can only
     store pointers to keys, not the keys themselves because several keyrings
     may point to a single key.  This precludes inserting, say, and rb_node
     struct into the key struct for this purpose.

     I could make an rbtree of records such that each record has an rb_node
     and a key pointer, but that would use four words of space per key stored
     in the keyring.  It would, however, be able to use much existing code.

     I selected instead a non-rebalancing radix-tree type approach as that
     could have a better space-used/key-pointer ratio.  I could have used the
     radix tree implementation that we already have and insert keys into it by
     their serial numbers, but that means any sort of search must iterate over
     the whole radix tree.  Further, its nodes are a bit on the capacious side
     for what I want - especially given that key serial numbers are randomly
     allocated, thus leaving a lot of empty space in the tree.

     So what I have is an associative array that internally is a radix-tree
     with 16 pointers per node where the index key is constructed from the key
     type pointer and the key description.  This means that an exact lookup by
     type+description is very fast as this tells us how to navigate directly to
     the target key.

     I made the data structure general in lib/assoc_array.c as far as it is
     concerned, its index key is just a sequence of bits that leads to a
     pointer.  It's possible that someone else will be able to make use of it
     also.  FS-Cache might, for example.

   (2) Mark keys as 'trusted' and keyrings as 'trusted only'.

        KEYS: verify a certificate is signed by a 'trusted' key
        KEYS: Make the system 'trusted' keyring viewable by userspace
        KEYS: Add a 'trusted' flag and a 'trusted only' flag
        KEYS: Separate the kernel signature checking keyring from module signing

     These patches allow keys carrying asymmetric public keys to be marked as
     being 'trusted' and allow keyrings to be marked as only permitting the
     addition or linkage of trusted keys.

     Keys loaded from hardware during kernel boot or compiled into the kernel
     during build are marked as being trusted automatically.  New keys can be
     loaded at runtime with add_key().  They are checked against the system
     keyring contents and if their signatures can be validated with keys that
     are already marked trusted, then they are marked trusted also and can
     thus be added into the master keyring.

     Patches from Mimi Zohar make this usable with the IMA keyrings also.

   (3) Remove the date checks on the key used to validate a module signature.

        X.509: Remove certificate date checks

     It's not reasonable to reject a signature just because the key that it was
     generated with is no longer valid datewise - especially if the kernel
     hasn't yet managed to set the system clock when the first module is
     loaded - so just remove those checks.

   (4) Make it simpler to deal with additional X.509 being loaded into the kernel.

        KEYS: Load *.x509 files into kernel keyring
        KEYS: Have make canonicalise the paths of the X.509 certs better to deduplicate

     The builder of the kernel now just places files with the extension ".x509"
     into the kernel source or build trees and they're concatenated by the
     kernel build and stuffed into the appropriate section.

   (5) Add support for userspace kerberos to use keyrings.

        KEYS: Add per-user_namespace registers for persistent per-UID kerberos caches
        KEYS: Implement a big key type that can save to tmpfs

     Fedora went to, by default, storing kerberos tickets and tokens in tmpfs.
     We looked at storing it in keyrings instead as that confers certain
     advantages such as tickets being automatically deleted after a certain
     amount of time and the ability for the kernel to get at these tokens more
     easily.

     To make this work, two things were needed:

     (a) A way for the tickets to persist beyond the lifetime of all a user's
         sessions so that cron-driven processes can still use them.

         The problem is that a user's session keyrings are deleted when the
         session that spawned them logs out and the user's user keyring is
         deleted when the UID is deleted (typically when the last log out
         happens), so neither of these places is suitable.

         I've added a system keyring into which a 'persistent' keyring is
         created for each UID on request.  Each time a user requests their
         persistent keyring, the expiry time on it is set anew.  If the user
         doesn't ask for it for, say, three days, the keyring is automatically
         expired and garbage collected using the existing gc.  All the kerberos
         tokens it held are then also gc'd.

     (b) A key type that can hold really big tickets (up to 1MB in size).

         The problem is that Active Directory can return huge tickets with lots
         of auxiliary data attached.  We don't, however, want to eat up huge
         tracts of unswappable kernel space for this, so if the ticket is
         greater than a certain size, we create a swappable shmem file and dump
         the contents in there and just live with the fact we then have an
         inode and a dentry overhead.  If the ticket is smaller than that, we
         slap it in a kmalloc()'d buffer"

* 'for-linus2' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (121 commits)
  KEYS: Fix keyring content gc scanner
  KEYS: Fix error handling in big_key instantiation
  KEYS: Fix UID check in keyctl_get_persistent()
  KEYS: The RSA public key algorithm needs to select MPILIB
  ima: define '_ima' as a builtin 'trusted' keyring
  ima: extend the measurement list to include the file signature
  kernel/system_certificate.S: use real contents instead of macro GLOBAL()
  KEYS: fix error return code in big_key_instantiate()
  KEYS: Fix keyring quota misaccounting on key replacement and unlink
  KEYS: Fix a race between negating a key and reading the error set
  KEYS: Make BIG_KEYS boolean
  apparmor: remove the "task" arg from may_change_ptraced_domain()
  apparmor: remove parent task info from audit logging
  apparmor: remove tsk field from the apparmor_audit_struct
  apparmor: fix capability to not use the current task, during reporting
  Smack: Ptrace access check mode
  ima: provide hash algo info in the xattr
  ima: enable support for larger default filedata hash algorithms
  ima: define kernel parameter 'ima_template=' to change configured default
  ima: add Kconfig default measurement list template
  ...
2013-11-21 19:46:00 -08:00
Peter Huewe
4ef4c943a0 tpm: use tabs instead of whitespaces in Kconfig
just like the other entries

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2013-10-22 19:43:12 +02:00
Peter Huewe
b3f2436add tpm: Fix module name description in Kconfig for tpm_i2c_infineon
This patch changes the displayed module name from
tpm_tis_i2c_infineon to its actual name tpm_i2c_infineon.

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2013-10-22 19:43:10 +02:00
Jason Gunthorpe
a2871c62e1 tpm: Add support for Atmel I2C TPMs
This is based on the work of Teddy Reed <teddy@prosauce.org> published
on GitHub:
 https://github.com/theopolis/tpm-i2c-atmel.git
 34894b988b67e0ae55088d6388e77b0dbf10c07d

That driver was never merged, I have taken it as a starting port,
forward ported, tested and revised the driver:
 - Make it broadly textually similar to the Infineon and Nuvoton I2C
   driver
 - Place everything in a format suitable for mainline inclusion
 - Use high level I2C functions i2c_master_send and
   i2c_master_recv for data xfer
 - Use the timeout system from the core code, by faking out a status
   register
 - Only I2C transfer the number of bytes in the reply, not a fixed
   message size.
 - checkpatch cleanups
 - Testing on ARM Kirkwood, with this device tree, using a
   AT97SC3204T-X1A180
        tpm@29 {
                compatible = "atmel,at97sc3204t";
                reg = <0x29>;
        };

Signed-off-by: Teddy Reed <teddy@prosauce.org>
[jgg: revised and tested]
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
[phuewe: minor whitespace changes]

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2013-10-22 19:43:07 +02:00
Jason Gunthorpe
4c336e4b15 tpm: Add support for the Nuvoton NPCT501 I2C TPM
This chip is/was also branded as a Winbond WPCT301.

Originally written by Dan Morav <dmorav@nuvoton.com> and posted to LKML:
https://lkml.org/lkml/2011/9/7/206

The original posting was not merged, I have taken it as a
starting point, forward ported, tested and revised the driver:
 - Rework interrupt handling to work properly with level triggered
   interrupts. The old version just locked up.
 - Synchronize various items with Peter Huewe's Infineon driver:
    * Add durations/timeouts sysfs calls
    * Remove I2C device auto-detection
    * Don't fiddle with chip->release
    * Call tpm_dev_vendor_release in the probe error path
    * Use MODULE_DEVICE_TABLE for the I2C ids
    * Provide OF compatible strings for DT support
    * Use SIMPLE_DEV_PM_OPS
    * Use module_i2c_driver
 - checkpatch cleanups
 - Testing on ARM Kirkwood with GPIO interrupts, with this device tree:
	tpm@57 {
                compatible = "nuvoton,npct501";
                reg = <0x57>;
                interrupt-parent = <&gpio1>;
                interrupts = <6 IRQ_TYPE_LEVEL_LOW>;
        };

Signed-off-by: Dan Morav <dmorav@nuvoton.com>
[jgg: revised and tested]
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
[phuewe: minor whitespace changes, fixed module name in kconfig]

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2013-10-22 19:43:04 +02:00
Jason Gunthorpe
187eea0c35 tpm: Merge the tpm-bios module with tpm.o
Now that we can have multiple .c files in the tpm module there is
no reason for tpm-bios.

tpm-bios exported several functions: tpm_bios_log_setup,
tpm_bios_log_teardown, tpm_add_ppi, and tpm_remove_ppi.

They are only used by tpm, and if tpm-bios is built then
tpm will unconditionally require them. Further, tpm-bios does
nothing on its own, it has no module_init function.

Thus we remove the exports and merge the modules to simplify things.

The Makefile conditions are changed slightly to match the code,
tpm_ppi is always required if CONFIG_ACPI is set.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
2013-10-22 19:43:01 +02:00
Jason Gunthorpe
9deb0eb7ca tpm: Rename tpm.c to tpm-interface.c
This is preparation for making the tpm module multi-file. kbuild does
not like having a .c file with the same name as a module. We wish to
keep the tpm module name so that userspace doesn't see this change.

tpm-interface.c is chosen because the next several commits in the series
migrate items into tpm-sysfs.c, tpm-dev.c and tpm-class.c. All that will
be left is tpm command processing and interfacing code.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
2013-10-22 19:42:51 +02:00
Peter Huewe
0a4182692e tpm: cleanup checkpatch warnings
before we rename the file it might be a good idea to cleanup the long
persisting checkpatch warnings.
Since everything is really trivial, splitting the patch up would only
result in noise.

For the interested reader - here the checkpatch warnings:
(regrouped for easer readability)

ERROR: trailing whitespace
+ * Specifications at www.trustedcomputinggroup.org^I $
+ * $
+^I/* $
+^I   parameters (RSA 12->bytes: keybit, #primes, expbit)  $

WARNING: unnecessary whitespace before a quoted newline
+			"invalid count value %x %zx \n", count, bufsiz);

ERROR: do not use assignment in if condition
+	if ((rc = chip->vendor.send(chip, (u8 *) buf, count)) < 0) {

ERROR: space required after that ',' (ctx:VxV)
+	len = tpm_transmit(chip,(u8 *) cmd, len);
 	                       ^

ERROR: "foo * bar" should be "foo *bar"
+ssize_t tpm_show_enabled(struct device * dev, struct device_attribute * attr,
+ssize_t tpm_show_enabled(struct device * dev, struct device_attribute * attr,
+ssize_t tpm_show_active(struct device * dev, struct device_attribute * attr,
+ssize_t tpm_show_active(struct device * dev, struct device_attribute * attr,
+ssize_t tpm_show_owned(struct device * dev, struct device_attribute * attr,
+ssize_t tpm_show_owned(struct device * dev, struct device_attribute * attr,
+ssize_t tpm_show_temp_deactivated(struct device * dev,
+				struct device_attribute * attr, char *buf)

WARNING: please, no space before tabs
+ * @chip_num: ^Itpm idx # or ANY$
+ * @res_buf: ^ITPM_PCR value$
+ * ^I^Isize of res_buf is 20 bytes (or NULL if you don't care)$
+ * @chip_num: ^Itpm idx # or AN&$
+ * @hash: ^Ihash value used to extend pcr value$

ERROR: code indent should use tabs where possible
+^I                                     TPM_ORD_CONTINUE_SELFTEST);$

WARNING: line over 80 characters
+static bool wait_for_tpm_stat_cond(struct tpm_chip *chip, u8 mask, bool check_cancel,

ERROR: trailing whitespace
+ * Called from tpm_<specific>.c probe function only for devices $

total: 16 errors, 7 warnings, 1554 lines checked

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2013-10-22 19:42:48 +02:00
Jason Gunthorpe
e907481bed tpm: Remove tpm_show_caps_1_2
The version of the TPM should not depend on the bus it is connected
through. 1.1, 1.2 and soon 2.0 TPMS will be all be able to use the
same bus interfaces.

Make tpm_show_caps try the 1.2 capability first. If that fails then
fall back to the 1.1 capability. This effectively auto-detects what
interface the TPM supports at run-time.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com>
Reviewed-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2013-10-22 19:42:41 +02:00
Jason Gunthorpe
cb996158df tpm: st33: Remove chip->data_buffer access from this driver
For some reason this driver thinks that chip->data_buffer needs
to be set before it can call tpm_pm_*. This is not true. data_buffer
is used only by /dev/tpmX, which is why it is managed exclusively
by the fops functions.

Cc: Mathias Leblanc <mathias.leblanc@st.com>
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com>
2013-10-22 19:42:38 +02:00
Jason Gunthorpe
d0a40174ef tpm: Remove redundant dev_set_drvdata
TPM drivers should not call dev_set_drvdata (or aliases), only the core
code is allowed to call dev_set_drvdata, and it does it during
tpm_register_hardware.

These extra sets are harmless, but are an anti-pattern that many drivers
have copied.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com>
Reviewed-by: Peter Huewe <peterhuewe@gmx.de>
Acked-by: Ashley Lai <adlai@linux.vnet.ibm.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2013-10-22 19:42:35 +02:00
Jason Gunthorpe
58c09e2133 tpm: Use container_of to locate the tpm_chip in tpm_open
misc_open sets the file->private_date to the misc_dev when calling
open. We can use container_of to go from the misc_dev back to the
tpm_chip.

Future clean ups will move tpm_open into a new file and this change
means we do not have to export the tpm_chip list.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com>
Reviewed-by: Peter Huewe <peterhuewe@gmx.de>
Acked-by: Ashley Lai <adlai@linux.vnet.ibm.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2013-10-22 19:42:31 +02:00
Jason Gunthorpe
6aff1fdc5d tpm: Store devname in the tpm_chip
Just put the memory directly in the chip structure, rather than
in a 2nd dedicated kmalloc.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com>
Reviewed-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
Acked-by: Ashley Lai <adlai@linux.vnet.ibm.com>
2013-10-22 19:42:28 +02:00
Jason Gunthorpe
1e6e0974b5 tpm atmel: Call request_region with the correct base
Commit e0dd03caf2 ("tpm: return chip from
tpm_register_hardware") changed the code path here so that
ateml_get_base_addr no longer directly altered the tpm_vendor_specific
structure, and instead placed the base address on the stack.

The commit missed updating the request_region call, which would have
resulted in request_region being called with 0 as the base address.

I don't know if request_region(0, ..) will fail, if so the
driver has been broken since 2006 and we should remove it
from the tree as it has no users.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com>
Reviewed-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2013-10-22 19:42:26 +02:00
Jason Gunthorpe
37ab034148 tpm: ibmvtpm: Use %zd formatting for size_t format arguments
This suppresses compile warnings on 32 bit builds.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com>
Reviewed-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
Acked-by: Ashley Lai <adlai@linux.vnet.ibm.com>
2013-10-22 19:42:25 +02:00
Rob Herring
8702c67531 tpm: xen-tpmfront: fix missing declaration of xen_domain
xen-tpmfront fails to build on arm64 with the following error:

drivers/char/tpm/xen-tpmfront.c: In function ‘xen_tpmfront_init’:
drivers/char/tpm/xen-tpmfront.c:422:2: error: implicit declaration of function ‘xen_domain’ [-Werror=implicit-function-declaration]

Add include of xen/xen.h to fix this.

Signed-off-by: Rob Herring <rob.herring@calxeda.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Reviewed-by: Ashley Lai <adlai@linux.vnet.ibm.com>
Acked-by: Ashley Lai <adlai@linux.vnet.ibm.com>
Cc: Leonidas Da Silva Barbosa <leosilva@linux.vnet.ibm.com>
Cc: Rajiv Andrade <mail@srajiv.net>
Cc: Marcel Selhorst <tpmdd@selhorst.net>
Cc: Sirrix AG <tpmdd@sirrix.com>
Cc: tpmdd-devel@lists.sourceforge.net
2013-10-10 14:38:27 +00:00
Linus Torvalds
4b97280675 Bug-fixes:
- Fix PV spinlocks triggering jump_label code bug
  - Remove extraneous code in the tpm front driver
  - Fix ballooning out of pages when non-preemptible
  - Fix deadlock when using a 32-bit initial domain with large amount of memory.
  - Add xen_nopvpsin parameter to the documentation
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.14 (GNU/Linux)
 
 iQEcBAABAgAGBQJSQvzCAAoJEFjIrFwIi8fJyCIIAMENABapdLhrOiRdQ1Y7T5v1
 4bogPDLwpVxHzwo/vnHcNpl35/dUZrC6wQa51Bkoqq0V8o1XmjFy3SY/EBGjEAvw
 hh4qxGY0p0NNi6hKrWC8mH9u2TcluZGm1uecabkXUhl9mrAB5oBsfJdbBZ5N69gO
 QXXt0j7Xwv1APwH86T0e1Lz+lulhdw2ItXP4osYkEbRYNSaaGnuwsd0Jxcb4DeMk
 qhKgP7QMn3C7zDDaapJo1axeYQRBNEtv5M8+0wwMleX4yX1+IBRZeQTsRfMr7RB/
 8FhssWiH15xU6Gmzgi/VR8xhTEIbQh5GWsVReGf6pqIYSxGSYTvvyhm0bVRH4JI=
 =c+7u
 -----END PGP SIGNATURE-----

Merge tag 'stable/for-linus-3.12-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip

Pull Xen fixes from Konrad Rzeszutek Wilk:
 "Bug-fixes and one update to the kernel-paramters.txt documentation.

   - Fix PV spinlocks triggering jump_label code bug
   - Remove extraneous code in the tpm front driver
   - Fix ballooning out of pages when non-preemptible
   - Fix deadlock when using a 32-bit initial domain with large amount
     of memory
   - Add xen_nopvpsin parameter to the documentation"

* tag 'stable/for-linus-3.12-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip:
  xen/spinlock: Document the xen_nopvspin parameter.
  xen/p2m: check MFN is in range before using the m2p table
  xen/balloon: don't alloc page while non-preemptible
  xen: Do not enable spinlocks before jump_label_init() has executed
  tpm: xen-tpmfront: Remove the locality sysfs attribute
  tpm: xen-tpmfront: Fix default durations
2013-09-25 15:50:53 -07:00
Jason Gunthorpe
bf4a7c054b tpm: xen-tpmfront: Remove the locality sysfs attribute
Upon deeper review it was agreed to remove the driver-unique
'locality' sysfs attribute before it is present in a released
kernel.

The attribute was introduced in e2683957fb
during the 3.12 merge window, so this patch needs to go in before
3.12 is released.

The hope is to have a well defined locality API that all the other
locality aware drivers can use, perhaps in 3.13.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
2013-09-24 16:15:15 -04:00
Jason Gunthorpe
56be88954b tpm: xen-tpmfront: Fix default durations
All the default durations were being set to 10 minutes which is
way too long for the timeouts. Normal values for the longest
duration are around 5 mins, and short duration ar around .5s.

Further, these are just the default, tpm_get_timeouts will set
them to values from the TPM (or throw an error).

Just remove them.

Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
2013-09-24 16:14:55 -04:00
Shuah Khan
a2fa3fb0d9 tpm: convert tpm_tis driver to use dev_pm_ops from legacy pm_ops
Convert drivers/char/tpm/tpm_tis.c to use dev_pm_ops instead of legacy
pm_ops.  This patch depends on pnp driver bus ops change to invoke
pnp_driver dev_pm_ops.

Signed-off-by: Shuah Khan <shuah.kh@samsung.com>
Cc: Matthew Garrett <matthew.garrett@nebula.com>
Cc: Leonidas Da Silva Barbosa <leosilva@linux.vnet.ibm.com>
Cc: Ashley Lai <ashley@ashleylai.com>
Cc: Rajiv Andrade <mail@srajiv.net>
Cc: Marcel Selhorst <tpmdd@selhorst.net>
Cc: Sirrix AG <tpmdd@sirrix.com>
Cc: Alessandro Zummo <a.zummo@towertech.it>
Cc: "Rafael J. Wysocki" <rafael.j.wysocki@intel.com>
Cc: Bjorn Helgaas <bhelgaas@google.com>
Cc: Grant Likely <grant.likely@linaro.org>
Cc: Rob Herring <rob.herring@calxeda.com>
Cc: Peter Hüwe <PeterHuewe@gmx.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-09-11 15:58:16 -07:00
Konrad Rzeszutek Wilk
713efcabca drivers/xen-tpmfront: Fix compile issue with missing option.
Randy reports:

x86_64:

drivers/built-in.o: In function `xen_tpmfront_init':
xen-tpmfront.c:(.init.text+0x257c): undefined reference to `xenbus_register_frontend'

This is nicely fixed by selecting the XenBus frontend module.

Reported-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
2013-08-30 13:24:14 -04:00
Daniel De Graaf
e2683957fb drivers/tpm: add xen tpmfront interface
This is a complete rewrite of the Xen TPM frontend driver, taking
advantage of a simplified frontend/backend interface and adding support
for cancellation and timeouts.  The backend for this driver is provided
by a vTPM stub domain using the interface in Xen 4.3.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Acked-by: Matthew Fioravante <matthew.fioravante@jhuapl.edu>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
Reviewed-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
2013-08-09 10:57:06 -04:00
Peter Huewe
572e5b018b tpm/tpm_i2c_infineon: Remove unused header file
This driver does not use any module parameters anymore,
so the inclusion of the header file can be removed.

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2013-06-28 00:47:43 +02:00
Lars-Peter Clausen
640843ada1 tpm: tpm_i2c_infinion: Don't modify i2c_client->driver
The I2C client driver is not supposed to modify the client's driver pointer,
this is handled by the I2C core.

Signed-off-by: Lars-Peter Clausen <lars@metafoo.de>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2013-06-28 00:47:43 +02:00
Peter Huewe
e2fa3d799b tpm: fix regression caused by section type conflict of tpm_dev_release() in ppc builds
The 8119807 commit reintroduced a regression
(error: __ksymtab_tpm_dev_release causes a section type conflict) that was fixed by commit
cbb2ed4.
Fix it for good by adding the prototype to tpm.h so sparse doesn't
complain about it anymore.

Reported-by: Tony Camuso <tcamuso@redhat.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
2013-05-27 22:09:09 +02:00
Mimi Zohar
1c16c9636c tpm: move TPM_DIGEST_SIZE defintion
IMA requires access to TPM_DIGEST_SIZE definition.  This patch
moves the definition to <linux/tpm.h>.

Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-05-21 12:25:02 -05:00
Wei Yongjun
4fba3c3ba5 tpm_tis: missing platform_driver_unregister() on error in init_tis()
Add the missing platform_driver_unregister() before return
from init_tis() in the device register error handling case.

Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-05-21 12:24:48 -05:00
Duncan Laurie
32d33b29ba TPM: Retry SaveState command in suspend path
If the TPM has already been sent a SaveState command before the driver
is loaded it may have problems sending that same command again later.

This issue is seen with the Chromebook Pixel due to a firmware bug in
the legacy mode boot path which is sending the SaveState command
before booting the kernel.  More information is available at
http://crbug.com/203524

This change introduces a retry of the SaveState command in the suspend
path in order to work around this issue.  A future firmware update
should fix this but this is also a trivial workaround in the driver
that has no effect on systems that do not show this problem.

When this does happen the TPM responds with a non-fatal TPM_RETRY code
that is defined in the specification:

  The TPM is too busy to respond to the command immediately, but the
  command could be resubmitted at a later time.  The TPM MAY return
  TPM_RETRY for any command at any time.

It can take several seconds before the TPM will respond again.  I
measured a typical time between 3 and 4 seconds and the timeout is set
at a safe 5 seconds.

It is also possible to reproduce this with commands via /dev/tpm0.
The bug linked above has a python script attached which can be used to
test for this problem.  I tested a variety of TPMs from Infineon,
Nuvoton, Atmel, and STMicro but was only able to reproduce this with
LPC and I2C TPMs from Infineon.

The TPM specification only loosely defines this behavior:

  TPM Main Level 2 Part 3 v1.2 r116, section 3.3. TPM_SaveState:
  The TPM MAY declare all preserved values invalid in response to any
  command other than TPM_Init.

  TCG PC Client BIOS Spec 1.21 section 8.3.1.
  After issuing a TPM_SaveState command, the OS SHOULD NOT issue TPM
  commands before transitioning to S3 without issuing another
  TPM_SaveState command.

  TCG PC Client TIS 1.21, section 4. Power Management:
  The TPM_SaveState command allows a Static OS to indicate to the TPM
  that the platform may enter a low power state where the TPM will be
  required to enter into the D3 power state.  The use of the term "may"
  is significant in that there is no requirement for the platform to
  actually enter the low power state after sending the TPM_SaveState
  command.  The software may, in fact, send subsequent commands after
  sending the TPM_SaveState command.

Change-Id: I52b41e826412688e5b6c8ddd3bb16409939704e9
Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-04-17 09:31:32 -05:00
Peter Huewe
6aa4ef4dab tpm/tpm_i2c_infineon: Add small comment about return value of __i2c_transfer
Kent Yoder indicated that the code might be a bit clearer with a comment
here, so this patch adds a small explanation of the code.

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-04-12 12:17:29 -05:00
Peter Huewe
21dc02eab9 tpm/tpm_i2c_infineon.c: Add OF attributes type and name to the of_device_id table entries
As the subject says.
It's probably a good idea to have these fields populated.

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-04-12 12:17:29 -05:00
Sachin Kamat
3320280b6f tpm_i2c_stm_st33: Remove duplicate inclusion of header files
module.h and sched.h were included twice.

Signed-off-by: Sachin Kamat <sachin.kamat@linaro.org>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-04-12 12:17:29 -05:00
Peter Huewe
c61c86dd6e tpm: Add support for new Infineon I2C TPM (SLB 9645 TT 1.2 I2C)
This driver adds support for Infineon's new SLB 9645 TT 1.2 I2C TPMs,
which supports clockstretching, combined reads and a bus speed of
up to 400khz. The device also has a new device id.

The driver works now also fine with device trees, so you can
instantiate your device by adding:
 +       tpm {
 +               compatible = "infineon,slb9645tt";
 +               reg = <0x20>;
 +       };
 for SLB 9645 devices or

 +       tpm {
 +               compatible = "infineon,slb9635tt";
 +               reg = <0x20>;
 +       };
 for SLB 9635 devices

to your device tree.
tpm_i2c_infineon is also retained as a compatible id as a fallback to
slb9635 protocol.

The driver was tested on Beaglebone.

Signed-off-by: Peter Huewe <peter.huewe@infineon.com>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-04-12 12:17:28 -05:00
Shubhrajyoti Datta
eef8b62919 char/tpm: Convert struct i2c_msg initialization to C99 format
Convert the struct i2c_msg initialization to C99 format. This makes
maintaining and editing the code simpler. Also helps once other fields
like transferred are added in future.

Thanks to Julia Lawall for automating the conversion.

Signed-off-by: Shubhrajyoti D <shubhrajyoti@ti.com>
Acked-by: Peter Huewe <peter.huewe@infineon.com>
Signed-off-by: Jean Delvare <khali@linux-fr.org>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-04-12 12:17:28 -05:00
Chen Gang
e361200bfc drivers/char/tpm/tpm_ppi: use strlcpy instead of strncpy
Ensure that the 'version' string includes a NULL terminator after its
copied out of the acpi table.

Signed-off-by: Chen Gang <gang.chen@asianux.com>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-04-12 12:17:28 -05:00
Peter Huewe
2d089f82ae tpm/tpm_i2c_stm_st33: formatting and white space changes
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-04-12 12:17:28 -05:00
Kent Yoder
5b26603260 tpm/ibmvtpm: build only when IBM pseries is configured
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-14 09:36:50 -06:00
Kent Yoder
6e38bfaad6 tpm_tis: check pnp_acpi_device return code
Reported-by: Peter Hüwe <peterhuewe@gmx.de>
Reviewed-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:26 -06:00
Peter Huewe
7333549bf4 char/tpm/tpm_i2c_stm_st33: drop temporary variable for return value
We don't need a temporary variable just to store the return value which
gets return in the next statement.

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:26 -06:00
Peter Huewe
07d721688b char/tpm/tpm_i2c_stm_st33: remove dead assignment in tpm_st33_i2c_probe
Err is never read before it is assigned again -> remove the dead
assigment.
Found with clang static analyzer

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:25 -06:00
Peter Huewe
e02983cffc char/tpm/tpm_i2c_stm_st33: Remove __devexit attribute
With the HOTPLUG changes 3.8 this attribute is going away.

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:25 -06:00
Peter Huewe
64298919ad char/tpm/tpm_i2c_stm_st33: Don't use memcpy for one byte assignment
We don't need to call memcpy for one byte, but assign it directly.
And to make the offset clearer we use the array syntax on the subsequent
call to memset to make the relationship clearer.

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:25 -06:00
Kent Yoder
d479042c82 tpm_i2c_stm_st33: removed unused variables/code
Reported-by: Peter Hüwe <PeterHuewe@gmx.de>
Signed-off-by: Peter Hüwe <PeterHuewe@gmx.de>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:25 -06:00
Jason Gunthorpe
7240b98320 TPM: Wait for TPM_ACCESS tpmRegValidSts to go high at startup
The TIS specification (pg 47) says the valid bit must be set, but
the TPM will not set it until it has completed its internal startup.

The driver checks that the valid bit is set during request_locality,
but it issues a TPM_ACCESS_REQUEST_USE without validating the
valid bit is set.

Some TPMs will ignore the TPM_ACCESS_REQUEST_USE, until valid is
set which causes the request_locality to timeout, which breaks the
driver attach.

Wait one timeout unit for valid to assert. If valid does not assert
then assume -ENODEV.

Seen on embedded with a:
1.2 TPM (device-id 0x3204, rev-id 64)

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:25 -06:00
Stefan Berger
78f09cc248 tpm: Fix cancellation of TPM commands (interrupt mode)
Support cancellation of TPM commands when driver is used in interrupt
mode.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:24 -06:00
Stefan Berger
1f86605729 tpm: Fix cancellation of TPM commands (polling mode)
On one of my machines the cancellation of TPM commands does not work.
The reason is that by writing into sysfs 'cancel' the tpm_tis_ready
call causes the status flag TPM_STS_VALID to be set in the statusregister.
However, the TIS driver seems to wait for TPM_STS_COMMAND_READY.
Once a 2nd time sysfs 'cancel' is written to, the TPM_STS_COMMAND_READY flag
also gets set, resulting in TPM_STS_VALID|TPM_STS_COMMAND_READY to be
read from the status register.

This patch now converts req_canceled into a function to enable more complex
comparisons against possible cancellation status codes.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:24 -06:00
Stefan Berger
3e3a5e9069 tpm: Store TPM vendor ID
Store the TPM vendor ID for later use.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:24 -06:00
Jason Gunthorpe
4643826a3d TPM: Work around buggy TPMs that block during continue self test
We've been testing an alternative TPM for our embedded products and
found random kernel boot failures due to time outs after the continue
self test command.

This was happening randomly, and has been *very* hard to track down, but
it
looks like with this chip there is some kind of race with the
tpm_tis_status()
check of TPM_STS_COMMAND_READY. If things get there 'too fast' then
it sees the chip is ready, or tpm_tis_ready() works. Otherwise it takes
somewhere over 400ms before the chip will return TPM_STS_COMMAND_READY.

Adding some delay after tpm_continue_selftest() makes things reliably
hit the failure path, otherwise it is a crapshot.

The spec says it should be returning TPM_WARN_DOING_SELFTEST, not
holding
off on ready..

Boot log during this event looks like this:

tpm_tis 70030000.tpm_tis: 1.2 TPM (device-id 0x3204, rev-id 64)
tpm_tis 70030000.tpm_tis: Issuing TPM_STARTUP
tpm_tis 70030000.tpm_tis: tpm_transmit: tpm_send: error -62
tpm_tis 70030000.tpm_tis: [Hardware Error]: TPM command timed out during
continue self test
tpm_tis 70030000.tpm_tis: tpm_transmit: tpm_send: error -62
tpm_tis 70030000.tpm_tis: [Hardware Error]: TPM command timed out during
continue self test
tpm_tis 70030000.tpm_tis: tpm_transmit: tpm_send: error -62
tpm_tis 70030000.tpm_tis: [Hardware Error]: TPM command timed out during
continue self test
tpm_tis 70030000.tpm_tis: tpm_transmit: tpm_send: error -62
tpm_tis 70030000.tpm_tis: [Hardware Error]: TPM command timed out during
continue self test

The other TPM vendor we use doesn't show this wonky behaviour:
tpm_tis 70030000.tpm_tis: 1.2 TPM (device-id 0xFE, rev-id 70)

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:24 -06:00
Kent Yoder
1fbc5e9535 tpm_i2c_stm_st33: fix oops when i2c client is unavailable
When no i2c bus exists, user-space can cause an oops by triggering a
device probe through a message sent to an i2c "new_device" sysfs entry.
Adding a check for a NULL i2c client structure in the probe function
closes the hole.

This patch also fixes accessing the NULL client struct in the print
function call reporting the error.

Reported-by: Peter Hüwe <PeterHuewe@gmx.de>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:24 -06:00
Peter Huewe
d459335381 char/tpm: Use struct dev_pm_ops for power management
This patch converts the suspend and resume functions for
tpm_i2c_stm_st33 to the new dev_pm_ops.

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:23 -06:00
Mathias Leblanc
2bfee22f6c TPM: STMicroelectronics ST33 I2C BUILD STUFF
* STMicroelectronics version 1.2.0, Copyright (C) 2010
 * STMicroelectronics comes with ABSOLUTELY NO WARRANTY.
 * This is free software, and you are welcome to redistribute it
 * under certain conditions.

This is the driver for TPM chip from ST Microelectronics.

If you have a TPM security chip from STMicroelectronics working with
an I2C, in menuconfig or .config choose the tpm driver on
device --> tpm and activate the protocol of your choice before compiling
the kernel.
The driver will be accessible from within Linux.

Tested on linux x86/x64, beagleboard REV B & XM REV C and CHROMIUM OS

Signed-off-by: Mathias Leblanc <mathias.leblanc@st.com>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:23 -06:00
Kent Yoder
9da228ea0f tpm: rename STM driver to match other i2c drivers
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:23 -06:00
Kent Yoder
3d7a7bd75d tpm: STM i2c driver fixes
Store the i2c_client struct in the vendor private pointer. Get rid of
the unnecessary include/linux/i2c/ header. Moved include files into the
driver c file. Fix smatch warnings. Make use of module_i2c_driver().
Removed unused code from the tpm_stm_st33_i2c.h file. Fix return
variable signedness in tpm_stm_i2c_send() and tpm_st33_i2c_probe().

Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:23 -06:00
Kent Yoder
775585e47c tpm: rename vendor data to priv and provide an accessor
"data" was too generic a name for what's being used as a generic
private pointer by vendor-specific code. Rename it to "priv" and provide
a #define for users.

Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:23 -06:00
Mathias Leblanc
251a7b0821 TPM: STMicroelectronics ST33 I2C KERNEL 3.x
* STMicroelectronics version 1.2.0, Copyright (C) 2010
 * STMicroelectronics comes with ABSOLUTELY NO WARRANTY.
 * This is free software, and you are welcome to redistribute it
 * under certain conditions.

This is the driver for TPM chip from ST Microelectronics.

If you have a TPM security chip from STMicroelectronics working with
an I2C, in menuconfig or .config choose the tpm driver on
device --> tpm and activate the protocol of your choice before compiling
the kernel.
The driver will be accessible from within Linux.

Tested on linux x86/x64 on kernel 3.x

Signed-off-by: Mathias Leblanc <mathias.leblanc@st.com>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:22 -06:00
Peter Huewe
73249695f0 char/tpm: Use true and false for bools
Bool initializations should use true and false.  Bool tests don't need
comparisons.  Based on contributions from Joe Perches, Rusty Russell
and Bruce W Allan.

The semantic patch that makes this output is available
in scripts/coccinelle/misc/boolinit.cocci.

More information about semantic patching is available at
http://coccinelle.lip6.fr/

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:22 -06:00
Jason Gunthorpe
348df8db30 TPM: Switch to __packed instead of __attribute__((packed))
This seems to be preferred these days.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:22 -06:00
Jason Gunthorpe
c584af1926 TPM: Issue TPM_STARTUP at driver load if the TPM has not been started
The TPM will respond to TPM_GET_CAP with TPM_ERR_INVALID_POSTINIT if
TPM_STARTUP has not been issued. Detect this and automatically
issue TPM_STARTUP.

This is for embedded applications where the kernel is the first thing
to touch the TPM.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Tested-by: Peter Huewe <peter.huewe@infineon.com>
Reviewed-by: Peter Huewe <peter.huewe@infineon.com>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:22 -06:00
Peter Huewe
07b133e606 char/tpm: simplify duration calculation and eliminate smatch warning.
This patch changes the semantics of the duration calculation for an
ordinal, by masking out the higher bits of a tpm command, which specify
whether it's an TPM_PROTECTED_COMMAND, TPM_UNPROTECTED_COMMAND,
TPM_CONNECTION_COMMAND, TPM_CONNECTION_COMMAND, TPM_VENDOR_COMMAND.
(See TPM Main Spec Part 2 Section 17 for details).

For all TPM_PROTECTED and TPM_CONNECTION commands the results are
unchanged.
The TPM_UNPROTECTED commands are TSS commands and thus irrelevant as
they are not sent to the tpm.
For vendor commands the semantics change for ordinals 10 and 11 but
they were probably wrong anyway.

For everything else which has the ordinal set to 10 or 11 the semantics
change as it now uses TPM_UNDEFINED instead of TPM_SHORT which was
probably wrong anyway (but irrelevant as not defined by the standard).

This patch also gets rid of the (false positive) smatch warning:
 drivers/char/tpm/tpm.c:360 tpm_calc_ordinal_duration() error: buffer
 overflow 'tpm_protected_ordinal_duration' 12 <= 243

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:22 -06:00
Peter Huewe
720ca4a9af char/tpm: Remove duplicated lookup table
The entries in tpm_protected_ordinal_duration are exactly the same as
the first 12 in tpm_ordinal_duration, so we can simply remove this one,
and save some bytes.

This does not change the behavior of the driver.

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2013-02-05 09:38:21 -06:00
Linus Torvalds
2a74dbb9a8 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris:
 "A quiet cycle for the security subsystem with just a few maintenance
  updates."

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
  Smack: create a sysfs mount point for smackfs
  Smack: use select not depends in Kconfig
  Yama: remove locking from delete path
  Yama: add RCU to drop read locking
  drivers/char/tpm: remove tasklet and cleanup
  KEYS: Use keyring_alloc() to create special keyrings
  KEYS: Reduce initial permissions on keys
  KEYS: Make the session and process keyrings per-thread
  seccomp: Make syscall skipping and nr changes more consistent
  key: Fix resource leak
  keys: Fix unreachable code
  KEYS: Add payload preparsing opportunity prior to key instantiate or update
2012-12-16 15:40:50 -08:00
Linus Torvalds
6a5971d8fe Char/Misc driver merge for 3.8-rc1
Here is the "big" char/misc driver patches for 3.8-rc1.  I'm starting to
 put random driver subsystems that I had previously sent you through the
 driver-core tree in this tree, as it makes more sense to do so.
 
 Nothing major here, the various __dev* removals, some mei driver
 updates, and other random driver-specific things from the different
 maintainers and developers.
 
 Note, some MFD drivers got added through this tree, and they are also
 coming in through the "real" MFD tree as well, due to some major
 mis-communication between me and the different developers.  If you have
 any merge conflicts, take the ones from the MFD tree, not these ones,
 sorry about that.
 
 All of this has been in linux-next for a while.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (GNU/Linux)
 
 iEYEABECAAYFAlDHj7AACgkQMUfUDdst+ym7pQCgxhFDGQRJimG+Ddag+ghfLhQh
 Ql0AoJsWVFvQjb7q1NO7OvOABaxjEJdu
 =na5b
 -----END PGP SIGNATURE-----

Merge tag 'char-misc-3.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc

Pull Char/Misc driver merge from Greg Kroah-Hartman:
 "Here is the "big" char/misc driver patches for 3.8-rc1.  I'm starting
  to put random driver subsystems that I had previously sent you through
  the driver-core tree in this tree, as it makes more sense to do so.

  Nothing major here, the various __dev* removals, some mei driver
  updates, and other random driver-specific things from the different
  maintainers and developers.

  Note, some MFD drivers got added through this tree, and they are also
  coming in through the "real" MFD tree as well, due to some major
  mis-communication between me and the different developers.  If you
  have any merge conflicts, take the ones from the MFD tree, not these
  ones, sorry about that.

  All of this has been in linux-next for a while.

  Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>"

Fix up trivial conflict in drivers/mmc/host/Kconfig due to new drivers
having been added (both at the end, as usual..)

* tag 'char-misc-3.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc: (84 commits)
  MAINTAINERS: remove drivers/staging/hv/
  misc/st_kim: Free resources in the error path of probe()
  drivers/char: for hpet, add count checking, and ~0UL instead of -1
  w1-gpio: Simplify & get rid of defines
  w1-gpio: Pinctrl-fy
  extcon: remove use of __devexit_p
  extcon: remove use of __devinit
  extcon: remove use of __devexit
  drivers: uio: Only allocate new private data when probing device tree node
  drivers: uio_dmem_genirq: Allow partial success when opening device
  drivers: uio_dmem_genirq: Don't use DMA_ERROR_CODE to indicate unmapped regions
  drivers: uio_dmem_genirq: Don't mix address spaces for dynamic region vaddr
  uio: remove use of __devexit
  uio: remove use of __devinitdata
  uio: remove use of __devinit
  uio: remove use of __devexit_p
  char: remove use of __devexit
  char: remove use of __devinitconst
  char: remove use of __devinitdata
  char: remove use of __devinit
  ...
2012-12-11 13:56:38 -08:00
Bill Pemberton
164dce8221 tpm_infineon: remove use of __devexit_p
CONFIG_HOTPLUG is going away as an option so __devexit_p is no longer
needed.

Signed-off-by: Bill Pemberton <wfp5p@virginia.edu>
Cc: Rajiv Andrade <mail@srajiv.net>
Cc: Marcel Selhorst <tpmdd@selhorst.net>
Cc: Sirrix AG <tpmdd@sirrix.com>
Acked-by: Kent Yoder <key@linux.vnet.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-11-28 11:08:24 -08:00
Bill Pemberton
afc6d36912 tpm: remove use of __devinit
CONFIG_HOTPLUG is going away as an option so __devinit is no longer
needed.

Signed-off-by: Bill Pemberton <wfp5p@virginia.edu>
Cc: Rajiv Andrade <mail@srajiv.net>
Cc: Marcel Selhorst <tpmdd@selhorst.net>
Cc: Sirrix AG <tpmdd@sirrix.com>
Acked-by: Kent Yoder <key@linux.vnet.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-11-28 11:08:24 -08:00
Bill Pemberton
39af33fc45 char: remove use of __devexit
CONFIG_HOTPLUG is going away as an option so __devexit is no
longer needed.

Signed-off-by: Bill Pemberton <wfp5p@virginia.edu>
Cc: David Airlie <airlied@linux.ie>
Cc: Olof Johansson <olof@lixom.net>
Cc: Mattia Dongili <malattia@linux.it>
Cc: Kent Yoder <key@linux.vnet.ibm.com>
Cc: Rajiv Andrade <mail@srajiv.net>
Cc: Marcel Selhorst <tpmdd@selhorst.net>
Cc: Sirrix AG <tpmdd@sirrix.com>
Cc: linuxppc-dev@lists.ozlabs.org
Cc: linux-arm-kernel@lists.infradead.org
Cc: openipmi-developer@lists.sourceforge.net
Cc: platform-driver-x86@vger.kernel.org
Cc: tpmdd-devel@lists.sourceforge.net
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-11-21 12:55:19 -08:00
Bill Pemberton
0bbed20e05 char: remove use of __devinitdata
CONFIG_HOTPLUG is going away as an option so __devinitdata is no
longer needed.

Signed-off-by: Bill Pemberton <wfp5p@virginia.edu>
Cc: David Airlie <airlied@linux.ie>
Cc: Kent Yoder <key@linux.vnet.ibm.com>
Cc: Rajiv Andrade <mail@srajiv.net>
Cc: Marcel Selhorst <tpmdd@selhorst.net>
Cc: Sirrix AG <tpmdd@sirrix.com>
Cc: openipmi-developer@lists.sourceforge.net
Cc: tpmdd-devel@lists.sourceforge.net
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-11-21 12:55:19 -08:00
Ashley Lai
b566650270 drivers/char/tpm: remove tasklet and cleanup
This patch removed the tasklet and moved the wait queue into the
private structure.  It also cleaned up the response CRQ path.

Signed-off-by: Ashley Lai <adlai@us.ibm.com>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2012-11-01 15:23:14 -05:00
James Morris
59b69ac2ba Merge branch 'tpmdd-next-v3.6' of git://github.com/shpedoikal/linux into for-linus 2012-10-11 18:41:29 +08:00
Peter Huewe
abce9ac292 tpm: Propagate error from tpm_transmit to fix a timeout hang
tpm_write calls tpm_transmit without checking the return value and
assigns the return value unconditionally to chip->pending_data, even if
it's an error value.
This causes three bugs.

So if we write to /dev/tpm0 with a tpm_param_size bigger than
TPM_BUFSIZE=0x1000 (e.g. 0x100a)
and a bufsize also bigger than TPM_BUFSIZE (e.g. 0x100a)
tpm_transmit returns -E2BIG which is assigned to chip->pending_data as
-7, but tpm_write returns that TPM_BUFSIZE bytes have been successfully
been written to the TPM, altough this is not true (bug #1).

As we did write more than than TPM_BUFSIZE bytes but tpm_write reports
that only TPM_BUFSIZE bytes have been written the vfs tries to write
the remaining bytes (in this case 10 bytes) to the tpm device driver via
tpm_write which then blocks at

 /* cannot perform a write until the read has cleared
 either via tpm_read or a user_read_timer timeout */
 while (atomic_read(&chip->data_pending) != 0)
	 msleep(TPM_TIMEOUT);

for 60 seconds, since data_pending is -7 and nobody is able to
read it (since tpm_read luckily checks if data_pending is greater than
0) (#bug 2).

After that the remaining bytes are written to the TPM which are
interpreted by the tpm as a normal command. (bug #3)
So if the last bytes of the command stream happen to be a e.g.
tpm_force_clear this gets accidentally sent to the TPM.

This patch fixes all three bugs, by propagating the error code of
tpm_write and returning -E2BIG if the input buffer is too big,
since the response from the tpm for a truncated value is bogus anyway.
Moreover it returns -EBUSY to userspace if there is a response ready to be
read.

Signed-off-by: Peter Huewe <peter.huewe@infineon.com>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2012-10-10 11:34:31 -05:00
Gang Wei
1631cfb7ce driver/char/tpm: fix regression causesd by ppi
This patch try to fix the S3 regression https://lkml.org/lkml/2012/10/5/433,
which includes below line:
[ 1554.684638] sysfs: cannot create duplicate filename '/devices/pnp0/00:0c/ppi'

The root cause is that ppi sysfs teardown code is MIA, so while S3 resume,
the ppi kobject will be created again upon existing one.

To make the tear down code simple, change the ppi subfolder creation from
using kobject_create_and_add to just using a named ppi attribute_group. Then
ppi sysfs teardown could be done with a simple sysfs_remove_group call.

Adjusted the name & return type for ppi sysfs init function.

Reported-by: Ben Guthro <ben@guthro.net>
Signed-off-by: Gang Wei <gang.wei@intel.com>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2012-10-10 09:50:56 -05:00
Linus Torvalds
88265322c1 Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris:
 "Highlights:

   - Integrity: add local fs integrity verification to detect offline
     attacks
   - Integrity: add digital signature verification
   - Simple stacking of Yama with other LSMs (per LSS discussions)
   - IBM vTPM support on ppc64
   - Add new driver for Infineon I2C TIS TPM
   - Smack: add rule revocation for subject labels"

Fixed conflicts with the user namespace support in kernel/auditsc.c and
security/integrity/ima/ima_policy.c.

* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (39 commits)
  Documentation: Update git repository URL for Smack userland tools
  ima: change flags container data type
  Smack: setprocattr memory leak fix
  Smack: implement revoking all rules for a subject label
  Smack: remove task_wait() hook.
  ima: audit log hashes
  ima: generic IMA action flag handling
  ima: rename ima_must_appraise_or_measure
  audit: export audit_log_task_info
  tpm: fix tpm_acpi sparse warning on different address spaces
  samples/seccomp: fix 31 bit build on s390
  ima: digital signature verification support
  ima: add support for different security.ima data types
  ima: add ima_inode_setxattr/removexattr function and calls
  ima: add inode_post_setattr call
  ima: replace iint spinblock with rwlock/read_lock
  ima: allocating iint improvements
  ima: add appraise action keywords and default rules
  ima: integrity appraisal extension
  vfs: move ima_file_free before releasing the file
  ...
2012-10-02 21:38:48 -07:00
Linus Torvalds
033d9959ed Merge branch 'for-3.7' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq
Pull workqueue changes from Tejun Heo:
 "This is workqueue updates for v3.7-rc1.  A lot of activities this
  round including considerable API and behavior cleanups.

   * delayed_work combines a timer and a work item.  The handling of the
     timer part has always been a bit clunky leading to confusing
     cancelation API with weird corner-case behaviors.  delayed_work is
     updated to use new IRQ safe timer and cancelation now works as
     expected.

   * Another deficiency of delayed_work was lack of the counterpart of
     mod_timer() which led to cancel+queue combinations or open-coded
     timer+work usages.  mod_delayed_work[_on]() are added.

     These two delayed_work changes make delayed_work provide interface
     and behave like timer which is executed with process context.

   * A work item could be executed concurrently on multiple CPUs, which
     is rather unintuitive and made flush_work() behavior confusing and
     half-broken under certain circumstances.  This problem doesn't
     exist for non-reentrant workqueues.  While non-reentrancy check
     isn't free, the overhead is incurred only when a work item bounces
     across different CPUs and even in simulated pathological scenario
     the overhead isn't too high.

     All workqueues are made non-reentrant.  This removes the
     distinction between flush_[delayed_]work() and
     flush_[delayed_]_work_sync().  The former is now as strong as the
     latter and the specified work item is guaranteed to have finished
     execution of any previous queueing on return.

   * In addition to the various bug fixes, Lai redid and simplified CPU
     hotplug handling significantly.

   * Joonsoo introduced system_highpri_wq and used it during CPU
     hotplug.

  There are two merge commits - one to pull in IRQ safe timer from
  tip/timers/core and the other to pull in CPU hotplug fixes from
  wq/for-3.6-fixes as Lai's hotplug restructuring depended on them."

Fixed a number of trivial conflicts, but the more interesting conflicts
were silent ones where the deprecated interfaces had been used by new
code in the merge window, and thus didn't cause any real data conflicts.

Tejun pointed out a few of them, I fixed a couple more.

* 'for-3.7' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq: (46 commits)
  workqueue: remove spurious WARN_ON_ONCE(in_irq()) from try_to_grab_pending()
  workqueue: use cwq_set_max_active() helper for workqueue_set_max_active()
  workqueue: introduce cwq_set_max_active() helper for thaw_workqueues()
  workqueue: remove @delayed from cwq_dec_nr_in_flight()
  workqueue: fix possible stall on try_to_grab_pending() of a delayed work item
  workqueue: use hotcpu_notifier() for workqueue_cpu_down_callback()
  workqueue: use __cpuinit instead of __devinit for cpu callbacks
  workqueue: rename manager_mutex to assoc_mutex
  workqueue: WORKER_REBIND is no longer necessary for idle rebinding
  workqueue: WORKER_REBIND is no longer necessary for busy rebinding
  workqueue: reimplement idle worker rebinding
  workqueue: deprecate __cancel_delayed_work()
  workqueue: reimplement cancel_delayed_work() using try_to_grab_pending()
  workqueue: use mod_delayed_work() instead of __cancel + queue
  workqueue: use irqsafe timer for delayed_work
  workqueue: clean up delayed_work initializers and add missing one
  workqueue: make deferrable delayed_work initializer names consistent
  workqueue: cosmetic whitespace updates for macro definitions
  workqueue: deprecate system_nrt[_freezable]_wq
  workqueue: deprecate flush[_delayed]_work_sync()
  ...
2012-10-02 09:54:49 -07:00
Kent Yoder
a40695edad tpm: fix tpm_acpi sparse warning on different address spaces
acpi_os_map_memory expects its return value to be in the __iomem address
space. Tag the variable we're using as such and use memcpy_fromio to
avoid further sparse warnings.

Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2012-09-12 13:18:31 +10:00
Xiaoyan Zhang
81198078d7 driver/char/tpm: declare internal symbols as static
This patch declares the internal struct and functions as static to provide
more security.

Signed-off-by: Xiaoyan Zhang <xiaoyan.zhang@intel.com>
Signed-off-by: Fengguang Wu <fengguang.wu@intel.com>
Reviewed-by: Kent Yoder <key@linux.vnet.ibm.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2012-09-04 16:52:23 -07:00
Xiaoyan Zhang
f84fdff0fd driver: add PPI support in tpm driver
The Physical Presence Interface enables the OS and the BIOS to cooperate and
provides a simple and straightforward platform user experience for
administering the TPM without sacrificing security.

V2: separate the patch out in a separate source file,
    add #ifdef CONFIG_ACPI so it compiles out on ppc,
    use standard error instead of ACPI error as return code of show/store fns.
V3: move #ifdef CONFIG_ACPI from .c file to .h file.
V4: move tpm_ppi code from tpm module to tpm_bios module.
V5: modify sys_add_ppi() so that ppi_attr_grp doesn't need to be exported

Signed-off-by: Xiaoyan Zhang <xiaoyan.zhang@intel.com>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2012-08-22 16:23:42 -05:00
Jesper Juhl
f334ac8da8 tpm: Do not dereference NULL pointer if acpi_os_map_memory() fails.
In drivers/char/tpm/tpm_acpi.c::read_log() we call
acpi_os_map_memory(). That call may fail for a number of reasons
(invalid address, out of memory etc). If the call fails it returns
NULL and we just pass that to memcpy() unconditionally, which will go
bad when it tries to dereference the pointer.

Unfortunately we just get NULL back, so we can't really tell the user
exactely what went wrong, but we can at least avoid crashing and
return an error (-EIO seemed more generic and more suitable here than
-ENOMEM or something else, so I picked that).

Signed-off-by: Jesper Juhl <jj@chaosbits.net>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2012-08-22 16:23:34 -05:00
Ashley Lai
c5df39262d drivers/char/tpm: Add securityfs support for event log
This patch retrieves the event log data from the device tree
during file open. The event log data will then displayed through
securityfs.

Signed-off-by: Ashley Lai <adlai@us.ibm.com>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2012-08-22 16:22:47 -05:00
Ashley Lai
132f762947 drivers/char/tpm: Add new device driver to support IBM vTPM
This patch adds a new device driver to support IBM virtual TPM
(vTPM) for PPC64.  IBM vTPM is supported through the adjunct
partition with firmware release 740 or higher.  With vTPM
support, each lpar is able to have its own vTPM without the
physical TPM hardware.

This driver provides TPM functionalities by communicating with
the vTPM adjunct partition through Hypervisor calls (Hcalls)
and Command/Response Queue (CRQ) commands.

Signed-off-by: Ashley Lai <adlai@us.ibm.com>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2012-08-22 16:21:45 -05:00
Kent Yoder
7e72fe73bf tpm: compile out unused code in the PNP and PM cases
The tpm_tis driver doesn't use tpm_tis_resume except when PM is
configured and doesn't make use of tpm_tis_reenable_interrupts except
when PM or PNP is configured.

Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2012-08-22 11:12:03 -05:00
Kent Yoder
dd7da132f7 tpm: fix double write race and tpm_release free issue
Moved the atomic_set of the data_pending variable until after the
tpm_read has completed processing. The existing code had a window of
time where a second write to the driver could clobber the tpm command
buffer.

Also fixed an issue where if close was called on the tpm device before a
read completed, the tpm command buffer would be returned to the OS,
which could contain sensitive information.

Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2012-08-22 11:11:49 -05:00
Kent Yoder
41ab999c80 tpm: Move tpm_get_random api into the TPM device driver
Move the tpm_get_random api from the trusted keys code into the TPM
device driver itself so that other callers can make use of it. Also,
change the api slightly so that the number of bytes read is returned in
the call, since the TPM command can potentially return fewer bytes than
requested.

Acked-by: David Safford <safford@linux.vnet.ibm.com>
Reviewed-by: H. Peter Anvin <hpa@linux.intel.com>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2012-08-22 11:11:33 -05:00
Kent Yoder
e5dcd87fee tpm: modularize event log collection
Break ACPI-specific pieces of the event log handling into their own file
and create tpm_eventlog.[ch] to store common event log handling code.
This will be required to integrate future event log sources on platforms
without ACPI tables.

Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2012-08-22 11:11:25 -05:00
Peter Huewe
aad628c1d9 char/tpm: Add new driver for Infineon I2C TIS TPM
This patch adds a driver to support Infineon's SLB 9635 TT 1.2 Soft I2C TPMs
which follow the TGC TIS 1.2 TPM specification[1] and Infineon's I2C Protocol
Stack Specification 0.20.
The I2C Protocol Stack Specification is a simple adaption of the LPC TIS
Protocol to the I2C Bus.
The I2C TPMs can be used when LPC Bus is not available (i.e. non x86
architectures like ARM).

The driver is based on the tpm_tis.c driver by Leendert van Dorn and Kyleen
Hall and has quite similar functionality.

Tested on Nvidia ARM Tegra2 Development Platform and Beagleboard (ARM OMAP)
Tested with the Trousers[2] TSS API Testsuite v 0.3 [3]
Compile-tested on x86 (32/64-bit)

Updates since version 2.1.4:
- included "Lock the I2C adapter for a sequence of requests", by Bryan Freed
- use __i2c_transfer instead of own implementation of unlocked i2c_transfer
- use struct dev_pm_ops for power management via SIMPLE_DEV_PM_OPS

Updates since version 2.1.3:
- use proper probing mechanism
* either add the tpm using I2C_BOARD_INFO to your board file or probe it
* during runtime e.g on BeagleBoard using :
* "echo tpm_i2c_infineon 0x20 > /sys/bus/i2c/devices/i2c-2/new_device"
- fix possible endless loop if hardware misbehaves
- improved return codes
- consistent spelling i2c/tpm -> I2C/TPM
- remove hardcoded sleep values and msleep usage
- removed debug statements
- added check for I2C functionality
- renaming to tpm_i2c_infineon

Updates since version 2.1.2:
- added sysfs entries for duration and timeouts
- updated to new tpm_do_selftest

Updates since version 2.1.0:
- improved error handling
- implemented workarounds needed by the tpm
- fixed typos

References:
[1]
http://www.trustedcomputinggroup.org/resources/pc_client_work_group_pc_client_
specific_tpm_interface_specification_tis_version_12/
[2] http://trousers.sourceforge.net/
[3]
http://sourceforge.net/projects/trousers/files/TSS%20API%20test%20suite/0.3/

Reviewed-by: Andi Shyti <andi.shyti@gmail.com>
Acked-by: Marcel Selhorst <tpmdd@selhorst.net>
Signed-off-by: Peter Huewe <peter.huewe@infineon.com>
Signed-off-by: Bryan Freed <bfreed@chromium.org>
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
2012-08-22 11:11:13 -05:00
Tejun Heo
43829731dd workqueue: deprecate flush[_delayed]_work_sync()
flush[_delayed]_work_sync() are now spurious.  Mark them deprecated
and convert all users to flush[_delayed]_work().

If you're cc'd and wondering what's going on: Now all workqueues are
non-reentrant and the regular flushes guarantee that the work item is
not pending or running on any CPU on return, so there's no reason to
use the sync flushes at all and they're going away.

This patch doesn't make any functional difference.

Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Russell King <linux@arm.linux.org.uk>
Cc: Paul Mundt <lethal@linux-sh.org>
Cc: Ian Campbell <ian.campbell@citrix.com>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: Mattia Dongili <malattia@linux.it>
Cc: Kent Yoder <key@linux.vnet.ibm.com>
Cc: David Airlie <airlied@linux.ie>
Cc: Jiri Kosina <jkosina@suse.cz>
Cc: Karsten Keil <isdn@linux-pingi.de>
Cc: Bryan Wu <bryan.wu@canonical.com>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Alasdair Kergon <agk@redhat.com>
Cc: Mauro Carvalho Chehab <mchehab@infradead.org>
Cc: Florian Tobias Schandinat <FlorianSchandinat@gmx.de>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: linux-wireless@vger.kernel.org
Cc: Anton Vorontsov <cbou@mail.ru>
Cc: Sangbeom Kim <sbkim73@samsung.com>
Cc: "James E.J. Bottomley" <James.Bottomley@HansenPartnership.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Eric Van Hensbergen <ericvh@gmail.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Steven Whitehouse <swhiteho@redhat.com>
Cc: Petr Vandrovec <petr@vandrovec.name>
Cc: Mark Fasheh <mfasheh@suse.com>
Cc: Christoph Hellwig <hch@infradead.org>
Cc: Avi Kivity <avi@redhat.com>
2012-08-20 14:51:24 -07:00
Rafael J. Wysocki
07368d32f1 tpm_tis / PM: Fix unused function warning for CONFIG_PM_SLEEP
According to a compiler warning, the tpm_tis_resume() function is not
used for CONFIG_PM_SLEEP unset, so add a #ifdef to prevent it from
being built in that case.

Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl>
2012-08-10 14:29:50 +02:00
Linus Torvalds
e05644e17e Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris:
 "Nothing groundbreaking for this kernel, just cleanups and fixes, and a
  couple of Smack enhancements."

* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (21 commits)
  Smack: Maintainer Record
  Smack: don't show empty rules when /smack/load or /smack/load2 is read
  Smack: user access check bounds
  Smack: onlycap limits on CAP_MAC_ADMIN
  Smack: fix smack_new_inode bogosities
  ima: audit is compiled only when enabled
  ima: ima_initialized is set only if successful
  ima: add policy for pseudo fs
  ima: remove unused cleanup functions
  ima: free securityfs violations file
  ima: use full pathnames in measurement list
  security: Fix nommu build.
  samples: seccomp: add .gitignore for untracked executables
  tpm: check the chip reference before using it
  TPM: fix memleak when register hardware fails
  TPM: chip disabled state erronously being reported as error
  MAINTAINERS: TPM maintainers' contacts update
  Merge branches 'next-queue' and 'next' into next
  Remove unused code from MPI library
  Revert "crypto: GnuPG based MPI lib - additional sources (part 4)"
  ...
2012-07-23 18:49:06 -07:00
Rafael J. Wysocki
ca9a2054fe tpm_nsc: Use struct dev_pm_ops for power management
Make the tpm_nsc driver define its PM callbacks through
a struct dev_pm_ops object rather than by using legacy PM hooks
in struct platform_driver.

This allows the driver to use tpm_pm_suspend() and tpm_pm_resume()
as its PM callbacks directly, without defining its own PM callback
routines.

Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl>
2012-07-10 21:37:18 +02:00
Rafael J. Wysocki
b633f0507e tpm_tis: Use struct dev_pm_ops for power management
Make the tpm_tis driver define its PM callbacks through
a struct dev_pm_ops object rather than by using legacy PM hooks
in struct platform_driver.

This allows the driver to use tpm_pm_suspend() as its suspend
callback directly, without defining its own suspend callback
routine.

Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl>
2012-07-10 21:37:11 +02:00
Rafael J. Wysocki
8324be0538 tpm_atmel: Use struct dev_pm_ops for power management
Make the tpm_atmel driver define its PM callbacks through
a struct dev_pm_ops object rather than by using legacy PM hooks
in struct platform_driver.

This allows the driver to use tpm_pm_suspend() and tpm_pm_resume()
as its PM callbacks directly, without defining its own PM callback
routines.

Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl>
2012-07-10 21:37:02 +02:00
Rafael J. Wysocki
035e2ce8eb PM / TPM: Drop unused pm_message_t argument from tpm_pm_suspend()
The tpm_pm_suspend()'s second argument of type pm_message_t is not
used, so remove it.

Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl>
2012-07-10 21:36:57 +02:00
Andi Shyti
3072928ff2 tpm: check the chip reference before using it
If a driver calls tpm_dev_vendor_release for a device already released
then the driver will oops.

Signed-off-by: Andi Shyti <andi.shyti@gmail.com>
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2012-06-12 18:53:51 -03:00
Wanlong Gao
dad79cb892 TPM: fix memleak when register hardware fails
Adding proper kfree() before returning.

Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2012-06-12 18:53:50 -03:00
Rajiv Andrade
24ebe6670d TPM: chip disabled state erronously being reported as error
tpm_do_selftest() attempts to read a PCR in order to
decide if one can rely on the TPM being used or not.
The function that's used by __tpm_pcr_read() does not
expect the TPM to be disabled or deactivated, and if so,
reports an error.

It's fine if the TPM returns this error when trying to
use it for the first time after a power cycle, but it's
definitely not if it already returned success for a
previous attempt to read one of its PCRs.

The tpm_do_selftest() was modified so that the driver only
reports this return code as an error when it really is.

Reported-and-tested-by: Paul Bolle <pebolle@tiscali.nl>
Cc: Stable <stable@vger.kernel.org>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2012-06-12 18:53:49 -03:00
Rajiv Andrade
cbb2d5e459 MAINTAINERS: TPM maintainers' contacts update
Usual contact update, Debora Velarde role resign, and the new
co-maintainer inclusion, Kent Yoder. He's accepted to contribute
more actively to this driver's maintainership given the current
maintainer's slight career change that will affect his contribution
time.

[Replacing Debora Velarde by Kent Yoder]
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2012-06-12 18:53:22 -03:00
Linus Torvalds
3556485f15 Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates for 3.4 from James Morris:
 "The main addition here is the new Yama security module from Kees Cook,
  which was discussed at the Linux Security Summit last year.  Its
  purpose is to collect miscellaneous DAC security enhancements in one
  place.  This also marks a departure in policy for LSM modules, which
  were previously limited to being standalone access control systems.
  Chromium OS is using Yama, and I believe there are plans for Ubuntu,
  at least.

  This patchset also includes maintenance updates for AppArmor, TOMOYO
  and others."

Fix trivial conflict in <net/sock.h> due to the jumo_label->static_key
rename.

* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (38 commits)
  AppArmor: Fix location of const qualifier on generated string tables
  TOMOYO: Return error if fails to delete a domain
  AppArmor: add const qualifiers to string arrays
  AppArmor: Add ability to load extended policy
  TOMOYO: Return appropriate value to poll().
  AppArmor: Move path failure information into aa_get_name and rename
  AppArmor: Update dfa matching routines.
  AppArmor: Minor cleanup of d_namespace_path to consolidate error handling
  AppArmor: Retrieve the dentry_path for error reporting when path lookup fails
  AppArmor: Add const qualifiers to generated string tables
  AppArmor: Fix oops in policy unpack auditing
  AppArmor: Fix error returned when a path lookup is disconnected
  KEYS: testing wrong bit for KEY_FLAG_REVOKED
  TOMOYO: Fix mount flags checking order.
  security: fix ima kconfig warning
  AppArmor: Fix the error case for chroot relative path name lookup
  AppArmor: fix mapping of META_READ to audit and quiet flags
  AppArmor: Fix underflow in xindex calculation
  AppArmor: Fix dropping of allowed operations that are force audited
  AppArmor: Add mising end of structure test to caps unpacking
  ...
2012-03-21 13:25:04 -07:00
Jiri Kosina
4e70daaf05 tpm_tis: fix tis_lock with respect to RCU
cleanup_tis() -> tpm_remove_hardware() -> syncrhonize_rcu() is being
called in an atomic context (tis_lock spinlock held), which is not
allowed. Convert tis_lock to mutex.

Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Acked-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2012-03-05 14:06:59 +01:00
Tim Gardner
3ab1aff894 TPM: Zero buffer whole after copying to userspace
Commit 3321c07ae5 correctly clears the TPM
buffer if the user specified read length is >= the TPM buffer length. However,
if the user specified read length is < the TPM buffer length, then part of the
TPM buffer is left uncleared.

Reported-by: Seth Forshee <seth.forshee@canonical.com>
Cc: Debora Velarde <debora@linux.vnet.ibm.com>
Cc: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Cc: Marcel Selhorst <m.selhorst@sirrix.com>
Cc: tpmdd-devel@lists.sourceforge.net
Cc: stable@vger.kernel.org
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2012-02-14 16:43:38 -02:00
Stefan Berger
968de8e24d tpm_tis: Clean up after module_param cleanup
Commit 90ab5ee941 changed the
itpm module parameter from int to bool. Some other changes
need to be done to clean up after this change.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Cc: Mauro Carvalho Chehab <mchehab@redhat.com>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2012-02-14 16:43:18 -02:00
Stefan Berger
4e401fb028 tpm_tis: Only probe iTPMs
Detect iTPMs through the vendor ID on the hardware interface and only
probe the device if the manufacturer is found to be Intel. This
obsoletes a previously added delay necessary for some TPMs but not iTPMs.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2012-02-14 16:43:08 -02:00
James Morris
9e3ff38647 Merge branch 'next-queue' into next 2012-02-09 17:02:34 +11:00
Fabio Estevam
f4a0391dfa ima: fix Kconfig dependencies
Fix the following build warning:
warning: (IMA) selects TCG_TPM which has unmet direct dependencies
(HAS_IOMEM && EXPERIMENTAL)

Suggested-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
2012-01-19 21:30:09 -05:00
Stefan Berger
be405411f7 tpm: fix (ACPI S3) suspend regression
This patch fixes an (ACPI S3) suspend regression introduced in commit
68d6e6713f ("tpm: Introduce function to poll for result of self test")
and occurring with an Infineon TPM and tpm_tis and tpm_infineon drivers
active.

The suspend problem occurred if the TPM was disabled and/or deactivated
and therefore the TPM_PCRRead checking the result of the (asynchronous)
self test returned an error code which then caused the tpm_tis driver to
become inactive and this then seemed to have negatively influenced the
suspend support by the tpm_infineon driver...  Besides that the tpm_tis
drive may stay active even if the TPM is disabled and/or deactivated.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Tested-by: Rafael J. Wysocki <rjw@sisk.pl>
Acked-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-01-18 15:50:17 -08:00
Rusty Russell
90ab5ee941 module_param: make bool parameters really bool (drivers & misc)
module_param(bool) used to counter-intuitively take an int.  In
fddd5201 (mid-2009) we allowed bool or int/unsigned int using a messy
trick.

It's time to remove the int/unsigned int option.  For this version
it'll simply give a warning, but it'll break next kernel version.

Acked-by: Mauro Carvalho Chehab <mchehab@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-01-13 09:32:20 +10:30
James Morris
8077e8b059 Merge branch 'for-james' of git://github.com/srajiv/tpm into next 2011-11-17 10:08:37 +11:00
Rajiv Andrade
b9e3238aa3 TPM: fix transmit_cmd error logic
It's incorrect to assume that buffers returned by the TPM
10 bytes long are always error reports. This patches
parses the error field in its header instead. The error report
is now being printed using dev_err() instead of dev_dbg(), making
it easier for users to provide more detailed bug reports.

Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2011-11-16 09:57:11 -02:00
Rajiv Andrade
2f592f2a7d TPM: NSC and TIS drivers X86 dependency fix
A previous commit removed its PNP dependency, that in fact wasn't
necessary, but also allowed it be built for other architectures not
supported by it. This then caused kernel oops on PPC based machines.
I'm placing a x86 dependency back correctly.

Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2011-11-16 09:45:07 -02:00
Rajiv Andrade
fd04886660 TPM: Export wait_for_stat for other vendor specific drivers
Moved wait_for_stat to tpm.c so that other drivers can use it.
Also renamed it to avoid future namespace conflicts.

Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2011-11-16 09:44:55 -02:00
Rajiv Andrade
9efa54f002 TPM: Use vendor specific function for status probe
Moved from using tpm_tis_status() to the vendor specific
one in wait_for_stat(). This way other TPM drivers can use it
instead of reimplementing another.

Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2011-11-16 09:43:50 -02:00
Stefan Berger
a927b81317 tpm_tis: add delay after aborting command
This patch adds a delay after aborting a command. Some TPMs need
this and will not process the subsequent command correctly otherwise.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2011-11-16 09:43:03 -02:00
Stefan Berger
7f326ed7ff tpm_tis: Check return code from getting timeouts/durations
Check the return code from getting the TPM's timeouts and durations
and reject the driver if they could not be read.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2011-11-16 09:43:01 -02:00
Stefan Berger
68d6e6713f tpm: Introduce function to poll for result of self test
This patch introduces a function that runs the TPM_ContinueSelfTest()
function and then polls the TPM to check whether it finished the selftest
and can receive new commands.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2011-11-16 09:42:59 -02:00
Stefan Berger
d97c6ade59 tpm: Cleanup tpm_continue_selftest
Cleanup the tpm_continue_selftest function.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2011-11-16 09:42:57 -02:00
Stefan Berger
2b30a90f6c tpm: Have tpm_get_timeouts return an error code
Have the tpm_get_timeouts function return an error code.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2011-11-16 09:42:54 -02:00
Linus Torvalds
36b8d186e6 Merge branch 'next' of git://selinuxproject.org/~jmorris/linux-security
* 'next' of git://selinuxproject.org/~jmorris/linux-security: (95 commits)
  TOMOYO: Fix incomplete read after seek.
  Smack: allow to access /smack/access as normal user
  TOMOYO: Fix unused kernel config option.
  Smack: fix: invalid length set for the result of /smack/access
  Smack: compilation fix
  Smack: fix for /smack/access output, use string instead of byte
  Smack: domain transition protections (v3)
  Smack: Provide information for UDS getsockopt(SO_PEERCRED)
  Smack: Clean up comments
  Smack: Repair processing of fcntl
  Smack: Rule list lookup performance
  Smack: check permissions from user space (v2)
  TOMOYO: Fix quota and garbage collector.
  TOMOYO: Remove redundant tasklist_lock.
  TOMOYO: Fix domain transition failure warning.
  TOMOYO: Remove tomoyo_policy_memory_lock spinlock.
  TOMOYO: Simplify garbage collector.
  TOMOYO: Fix make namespacecheck warnings.
  target: check hex2bin result
  encrypted-keys: check hex2bin result
  ...
2011-10-25 09:45:31 +02:00
Peter Huewe
3321c07ae5 TPM: Zero buffer after copying to userspace
Since the buffer might contain security related data it might be a good idea to
zero the buffer after we have copied it to userspace.

This got assigned CVE-2011-1162.

Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Cc: Stable Kernel <stable@kernel.org>
Signed-off-by: James Morris <jmorris@namei.org>
2011-09-23 09:46:41 +10:00
Peter Huewe
6b07d30aca TPM: Call tpm_transmit with correct size
This patch changes the call of tpm_transmit by supplying the size of the
userspace buffer instead of TPM_BUFSIZE.

This got assigned CVE-2011-1161.

[The first hunk didn't make sense given one could expect
 way less data than TPM_BUFSIZE, so added tpm_transmit boundary
 check over bufsiz instead
 The last parameter of tpm_transmit() reflects the amount
 of data expected from the device, and not the buffer size
 being supplied to it. It isn't ideal to parse it directly,
 so we just set it to the maximum the input buffer can handle
 and let the userspace API to do such job.]

Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Cc: Stable Kernel <stable@kernel.org>
Signed-off-by: James Morris <jmorris@namei.org>
2011-09-23 09:46:29 +10:00
Axel Lin
de69113ec1 TPM: tpm_nsc: Fix a double free of pdev in cleanup_nsc
platform_device_unregister() will release all resources
and remove it from the subsystem, then drop reference count by
calling platform_device_put().

We should not call kfree(pdev) after platform_device_unregister(pdev).

Signed-off-by: Axel Lin <axel.lin@gmail.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
2011-09-23 09:46:17 +10:00
Geert Uytterhoeven
5ce5ed3593 TPM: TCG_ATMEL should depend on HAS_IOPORT
On m68k, I get:

drivers/char/tpm/tpm_atmel.h: In function ‘atmel_get_base_addr’:
drivers/char/tpm/tpm_atmel.h:129: error: implicit declaration of function ‘ioport_map’
drivers/char/tpm/tpm_atmel.h:129: warning: return makes pointer from integer without a cast

The code in tpm_atmel.h supports PPC64 (using the device tree and ioremap())
and "anything else" (using ioport_map()). However, ioportmap() is only
available on platforms that set HAS_IOPORT.

Although PC64 seems to have HAS_IOPORT, a "depends on HAS_IOPORT" should work,
but I think it's better to expose the special PPC64 handling explicit using
"depends on PPC64 || HAS_IOPORT".

Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
2011-09-23 09:45:57 +10:00
Stefan Berger
403d1d0319 tpm: suppress durations sysfs output if not read
Suppress the output in the 'durations' sysfs entry if they were not read
during driver initialization. This is similar to other sysfs entries
that return nothing if for some reason sending the commands to the TPM
fails.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
2011-08-24 09:30:08 +10:00
Randy Dunlap
1560ffe62a tpm_tis: fix build when ACPI is not enabled
Fix tpm_tis.c build when CONFIG_ACPI is not enabled by providing a stub
function.  Fixes many build errors/warnings:

  drivers/char/tpm/tpm_tis.c:89: error: dereferencing pointer to incomplete type
  drivers/char/tpm/tpm_tis.c:89: warning: type defaults to 'int' in declaration of 'type name'
  drivers/char/tpm/tpm_tis.c:89: error: request for member 'list' in something not a structure or union
  ...

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Cc: Leendert van Doorn <leendert@watson.ibm.com>
Cc: James Morris <jmorris@namei.org>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-08-03 14:25:21 -10:00
Stefan Berger
29412f0f6a tpm_nsc: Fix bug when loading multiple TPM drivers
This patch fixes kernel bugzilla 34572.

https://bugzilla.kernel.org/show_bug.cgi?id=34572

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Reported-by: Witold Baryluk <baryluk@smp.if.uj.edu.pl>
Tested-by: Witold Baryluk <baryluk@smp.if.uj.edu.pl>
Signed-off-by: James Morris <jmorris@namei.org>
2011-07-26 10:34:34 +10:00
Stefan Berger
968543100a tpm: Move tpm_tis_reenable_interrupts out of CONFIG_PNP block
This patch moves the tpm_tis_reenable_interrupts function out of the
CONFIG_PNP-surrounded #define block. This solves a compilation error in
case CONFIG_PNP is not defined.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Reported-by: Randy Dunlap <rdunlap@xenotime.net>
Acked-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: James Morris <jmorris@namei.org>
2011-07-22 17:33:24 +10:00
Stefan Berger
6eb77b2149 tpm: Fix compilation warning when CONFIG_PNP is not defined
The is_itpm() function is only accessed from a block surrounded by
#ifdef CONFIG_PNP. Therefore, also surround it with #ifdef CONFIG_PNP
and remove the #else branch causing the warning.

http://lxr.linux.no/#linux+v2.6.39/drivers/char/tpm/tpm_tis.c#L622

v2:
 - fixes a previous typo

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Reported-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: James Morris <jmorris@namei.org>
2011-07-21 09:29:56 +10:00
Stefan Berger
c920669345 tpm: Fix a typo
This patch fixes a typo.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2011-07-12 18:53:09 -03:00
Stefan Berger
9519de3f26 tpm_tis: Probing function for Intel iTPM bug
This patch introduces a function for automatic probing for the Intel iTPM
STS_DATA_EXPECT flaw.

The patch splits the current tpm_tis_send function into 2 parts where the 1st
part is now called tpm_tis_send_data() and merely sends the data to the TPM.
This function is then used for probing. The new tpm_tis_send function now
first calls tpm_tis_send_data and if that succeeds has the TPM process the
command and waits until the response is there.

The probing for the Intel iTPM is only invoked if the user has not passed
itpm=1 as parameter for the module *or* if such a TPM was detected via ACPI.
Previously it was necessary to pass itpm=1 when also passing force=1 to the
module when doing a 'modprobe'. This function is more general than the ACPI
test function and the function relying on ACPI could probably be removed.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2011-07-12 18:53:09 -03:00
Stefan Berger
a7b66822b2 tpm_tis: Fix the probing for interrupts
This patch fixes several aspects of the probing for interrupts.

This patch reads the TPM's timeouts before probing for the interrupts. The
tpm_get_timeouts() function is invoked in polling mode and gets the proper
timeouts from the TPM so that we don't need to fall back to 2 minutes timeouts
for short duration commands while the interrupt probing is happening.

This patch introduces a variable probed_irq into the vendor structure that gets
the irq number if an interrupt is received while the the tpm_gen_interrupt()
function is run in polling mode during interrupt probing. Previously some
parts of tpm_gen_interrupt() were run in polling mode, then the irq variable
was set in the interrupt handler when an interrupt was received and execution
of tpm_gen_interrupt() ended up switching over to interrupt mode.
tpm_gen_interrupt() execution ended up on an event queue where it eventually
timed out since the probing handler doesn't wake any queues.

Before calling into free_irq() clear all interrupt flags that may have
been set by the TPM. The reason is that free_irq() will call into the probing
interrupt handler and may otherwise fool us into thinking that a real interrupt
happened (because we see the flags as being set) while the TPM's interrupt line
is not even connected to anything on the motherboard. This solves a problem
on one machine I did testing on (Thinkpad T60).

If a TPM claims to use a specifc interrupt, the probing is done as well
to verify that the interrupt is actually working. If a TPM indicates
that it does not use a specific interrupt (returns '0'), probe all interrupts
from 3 to 15.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2011-07-12 18:53:08 -03:00
Stefan Berger
20b87bbfad tpm_tis: Delay ACPI S3 suspend while the TPM is busy
This patch delays the (ACPI S3) suspend while the TPM is busy processing a
command and the TPM TIS driver is run in interrupt mode. This is the same
behavior as we already have it for the TPM TIS driver in polling mode.

Reasoning: Some of the TPM's commands advance the internal state of the TPM.
An example would be the extending of one of its PCR registers. Upper layers,
such as IMA or TSS (TrouSerS), would certainly want to be sure that the
command succeeded rather than getting an error code (-62 = -ETIME) that may
not give a conclusive answer as for what reason the command failed. Reissuing
such a command would put the TPM into the wrong state, so waiting for it to
finish is really the only option.

The downside is that some commands (key creation) can take a long time and
actually prevent the machine from entering S3 at all before the 20 second
timeout of the power management subsystem arrives.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2011-07-12 18:53:08 -03:00
Stefan Berger
45baa1d1fa tpm_tis: Re-enable interrupts upon (S3) resume
This patch makes sure that if the TPM TIS interface is run in interrupt mode
(rather than polling mode) that all interrupts are enabled in the TPM's
interrupt enable register after a resume from ACPI S3 suspend. The registers
may either have been cleared by the TPM loosing its state during device sleep
or by the BIOS leaving the TPM in polling mode (after sending a command to
the TPM for starting it up again)

You may want to check if your TPM runs with interrupts by doing

cat /proc/interrupts | grep -i tpm

and see whether there is an entry or otherwise for it to use interrupts:

modprobe tpm_tis interrupts=1 [add 'itpm=1' for Intel TPM ]

v2:
  - the patch was adapted to work with the pnp and platform driver
    implementations in tpm_tis.c

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2011-07-12 18:53:08 -03:00
Stefan Berger
5a79444f24 tpm: Fix display of data in pubek sysfs entry
This patch fixes the TPM's pubek sysfs entry that is accessible as long
as the TPM doesn't have an owner. It was necessary to shift the access to the
data by -10 -- the first byte immediately follows the 10 byte header. The
line

 	data = tpm_cmd.params.readpubek_out_buffer;

sets it at the offset '10' in the packet, so we can read the data array
starting at offset '0'.

Before:

Algorithm: 00 0C 00 00
Encscheme: 08 00
Sigscheme: 00 00
Parameters: 00 00 00 00 01 00 AC E2 5E 3C A0 78
Modulus length: -563306801
Modulus:
28 21 08 0F 82 CD F2 B1 E7 49 F7 74 70 BE 59 8C
43 78 B1 24 EA 52 E2 FE 52 5C 3A 12 3B DC 61 71
[...]

After:

Algorithm: 00 00 00 01
Encscheme: 00 03
Sigscheme: 00 01
Parameters: 00 00 08 00 00 00 00 02 00 00 00 00
Modulus length: 256
Modulus:
AC E2 5E 3C A0 78 DE 6C 9E CF 28 21 08 0F 82 CD
F2 B1 E7 49 F7 74 70 BE 59 8C 43 78 B1 24 EA 52
[...]

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2011-07-12 18:53:08 -03:00
Stefan Berger
6259210176 tpm_tis: Add timeouts sysfs entry
Display the TPM's interface timeouts in a 'timeouts' sysfs entry. Display
the entries as having been adjusted when they were scaled due to their values
being reported in milliseconds rather than microseconds.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2011-07-12 18:53:08 -03:00
Stefan Berger
e3e1a1e169 tpm: Adjust interface timeouts if they are too small
Adjust the interface timeouts if they are found to be too small, i.e., if
they are returned in milliseconds rather than microseconds as we heared
from Infineon that some (old) Infineon TPMs do.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2011-07-12 18:53:07 -03:00
Stefan Berger
829bf06752 tpm: Use interface timeouts returned from the TPM
The TPM driver currently discards the interface timeout values returned
from the TPM. The check of the response packet needs to consider that
the return_code field is 0 on success and the size of the expected
packet is equivalent to the header size + u32 length indicator for the
TPM_GetCapability() result + 4 interface timeout indicators of type u32.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2011-07-12 18:53:07 -03:00
Stefan Berger
04ab2293bb tpm_tis: Introduce durations sysfs entry
Display the TPM's command timeouts in a 'durations' sysfs entry. Display
the entries as having been adjusted when they were scaled due to their values
being reported in milliseconds rather than microseconds.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Tested-by: Guillaume Chazarain <guichaz@gmail.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2011-07-12 18:53:07 -03:00
Stefan Berger
e934acca1e tpm: Adjust the durations if they are too small
Adjust the durations if they are found to be too small, i.e., if they are
returned in milliseconds rather than microseconds as some Infineon TPMs are
reported to do.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2011-07-12 18:53:07 -03:00
Stefan Berger
979b140614 tpm: Use durations returned from TPM
The TPM driver currently discards the durations values returned
from the TPM. The check of the response packet needs to consider that
the return_code field is 0 on success and the size of the expected
packet is equivalent to the header size + u32 length indicator for the
TPM_GetCapability() result + 3 timeout indicators of type u32.

v4:
- sysfs entry 'durations' is now a patch of its own
- the work-around for TPMs reporting durations in milliseconds is now in a
  patch of its own

v3:
- sysfs entry now called 'durations' to resemble TPM-speak (previously
  was called 'timeouts')

v2:
- adjusting all timeouts for TPM devices reporting timeouts in msec rather
  than usec
- also displaying in sysfs whether the timeouts are 'original' or 'adjusted'

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Tested-by: Guillaume Chazarain <guichaz@gmail.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2011-07-12 18:53:07 -03:00
Peter Huewe
1309d7afbe char/tpm: Fix unitialized usage of data buffer
This patch fixes information leakage to the userspace by initializing
the data buffer to zero.

Reported-by: Peter Huewe <huewe.external@infineon.com>
Signed-off-by: Peter Huewe <huewe.external@infineon.com>
Signed-off-by: Marcel Selhorst <m.selhorst@sirrix.com>
[ Also removed the silly "* sizeof(u8)".  If that isn't 1, we have way
  deeper problems than a simple multiplication can fix.   - Linus ]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-03-29 09:45:34 -07:00
Linus Torvalds
8d1dc20e8d Revert "TPM: Long default timeout fix"
This reverts commit c4ff4b829e.

Ted Ts'o reports:

 "TPM is working for me so I can log into employer's network in 2.6.37.
  It broke when I tried 2.6.38-rc6, with the following relevant lines
  from my dmesg:

  [   11.081627] tpm_tis 00:0b: 1.2 TPM (device-id 0x0, rev-id 78)
  [   25.734114] tpm_tis 00:0b: Operation Timed out
  [   78.040949] tpm_tis 00:0b: Operation Timed out

  This caused me to get suspicious, especially since the _other_ TPM
  commit in 2.6.38 had already been reverted, so I tried reverting
  commit c4ff4b829e: "TPM: Long default timeout fix".  With this commit
  reverted, my TPM on my Lenovo T410 is once again working."

Requested-and-tested-by: Theodore Ts'o <tytso@mit.edu>
Acked-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-03-01 13:23:27 -08:00
Linus Torvalds
e587137240 Revert "tpm_tis: Use timeouts returned from TPM"
This reverts commit 9b29050f8f.

It has caused hibernate regressions, for example Juri Sladby's report:

  "I'm unable to hibernate 2.6.37.1 unless I rmmod tpm_tis:
   [10974.074587] Suspending console(s) (use no_console_suspend to debug)
   [10974.103073] tpm_tis 00:0c: Operation Timed out
   [10974.103089] legacy_suspend(): pnp_bus_suspend+0x0/0xa0 returns -62
   [10974.103095] PM: Device 00:0c failed to freeze: error -62"

and Rafael points out that some of the new conditionals in that commit
seem to make no sense.  This commit needs more work and testing, let's
revert it for now.

Reported-by: Norbert Preining <preining@logic.at>
Reported-and-requested-by: Jiri Slaby <jirislaby@gmail.com>
Cc: Stefan Berger <stefanb@linux.vnet.ibm.com>
Cc: Guillaume Chazarain <guichaz@gmail.com>
Cc: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Acked-by: Rafael J. Wysocki <rjw@sisk.pl>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-02-20 10:03:12 -08:00
Stefan Berger
9b29050f8f tpm_tis: Use timeouts returned from TPM
The current TPM TIS driver in git discards the timeout values returned
from the TPM. The check of the response packet needs to consider that
the return_code field is 0 on success and the size of the expected
packet is equivalent to the header size + u32 length indicator for the
TPM_GetCapability() result + 3 timeout indicators of type u32.

I am also adding a sysfs entry 'timeouts' showing the timeouts that are
being used.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Tested-by: Guillaume Chazarain <guichaz@gmail.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2011-02-11 01:30:50 -02:00
Olof Johansson
e5cce6c13c tpm: fix panic caused by "tpm: Autodetect itpm devices"
commit 3f0d3d016d adds a check for
PNP device id to the common tpm_tis_init() function, which in some
cases (force=1) will be called without the device being a member of
a pnp_dev. Oopsing and panics ensue.

Move the test up to before the call to tpm_tis_init(), since it
just modifies a global variable anyway.

Signed-off-by: Olof Johansson <olof@lixom.net>
Acked-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
2011-01-24 11:29:55 +11:00
Rajiv Andrade
c4ff4b829e TPM: Long default timeout fix
If duration variable value is 0 at this point, it's because
chip->vendor.duration wasn't filled by tpm_get_timeouts() yet.
This patch sets then the lowest timeout just to give enough
time for tpm_get_timeouts() to further succeed.

This fix avoids long boot times in case another entity attempts
to send commands to the TPM when the TPM isn't accessible.

Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
2011-01-24 11:22:48 +11:00
James Morris
d2e7ad1922 Merge branch 'master' into next
Conflicts:
	security/smack/smack_lsm.c

Verified and added fix by Stephen Rothwell <sfr@canb.auug.org.au>
Ok'd by Casey Schaufler <casey@schaufler-ca.com>

Signed-off-by: James Morris <jmorris@namei.org>
2011-01-10 09:46:24 +11:00
Linus Torvalds
23d69b09b7 Merge branch 'for-2.6.38' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq
* 'for-2.6.38' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq: (33 commits)
  usb: don't use flush_scheduled_work()
  speedtch: don't abuse struct delayed_work
  media/video: don't use flush_scheduled_work()
  media/video: explicitly flush request_module work
  ioc4: use static work_struct for ioc4_load_modules()
  init: don't call flush_scheduled_work() from do_initcalls()
  s390: don't use flush_scheduled_work()
  rtc: don't use flush_scheduled_work()
  mmc: update workqueue usages
  mfd: update workqueue usages
  dvb: don't use flush_scheduled_work()
  leds-wm8350: don't use flush_scheduled_work()
  mISDN: don't use flush_scheduled_work()
  macintosh/ams: don't use flush_scheduled_work()
  vmwgfx: don't use flush_scheduled_work()
  tpm: don't use flush_scheduled_work()
  sonypi: don't use flush_scheduled_work()
  hvsi: don't use flush_scheduled_work()
  xen: don't use flush_scheduled_work()
  gdrom: don't use flush_scheduled_work()
  ...

Fixed up trivial conflict in drivers/media/video/bt8xx/bttv-input.c
as per Tejun.
2011-01-07 16:58:04 -08:00
Tejun Heo
2e5c44c920 tpm: don't use flush_scheduled_work()
flush_scheduled_work() is deprecated and scheduled to be removed.
Directly flush chip->work instead.

Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Debora Velarde <debora@linux.vnet.ibm.com>
Cc: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
2010-12-24 15:59:07 +01:00
Matthew Garrett
3f0d3d016d tpm: Autodetect itpm devices
Some Lenovos have TPMs that require a quirk to function correctly. This can
be autodetected by checking whether the device has a _HID of INTC0102. This
is an invalid PNPid, and as such is discarded by the pnp layer - however
it's still present in the ACPI code, so we can pull it out that way. This
means that the quirk won't be automatically applied on non-ACPI systems,
but without ACPI we don't have any way to identify the chip anyway so I
don't think that's a great concern.

Signed-off-by: Matthew Garrett <mjg@redhat.com>
Acked-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Tested-by: Jiri Kosina <jkosina@suse.cz>
Tested-by: Andy Isaacson <adi@hexapodia.org>
Signed-off-by: James Morris <jmorris@namei.org>
2010-11-30 09:18:01 +11:00
Mimi Zohar
c749ba912e key: add tpm_send command
Add internal kernel tpm_send() command used to seal/unseal keys.

Changelog:
- replaced module_put in tpm_send() with new tpm_chip_put() wrapper
  (suggested by David Howells)
- Make tpm_send() cmd argument a 'void *' (suggested by David Howells)

Signed-off-by: David Safford <safford@watson.ibm.com>
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: David Howells <dhowells@redhat.com>
Acked-by: Serge E. Hallyn <serge.hallyn@canonical.com>
Signed-off-by: James Morris <jmorris@namei.org>
2010-11-29 08:55:22 +11:00
Mimi Zohar
a0e39349d8 tpm: add module_put wrapper
For readability, define a tpm_chip_put() wrapper to call module_put().
Replace existing module_put() calls with the wrapper.

(Change based on trusted/encrypted patchset review by David Howells.)

Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: David Safford <safford@watson.ibm.com>
Acked-by: David Howells <dhowells@redhat.com>
Acked-by: Serge E. Hallyn <serge.hallyn@canonical.com>
Signed-off-by: James Morris <jmorris@namei.org>
2010-11-29 08:55:19 +11:00
Linus Torvalds
229aebb873 Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial
* 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial: (39 commits)
  Update broken web addresses in arch directory.
  Update broken web addresses in the kernel.
  Revert "drivers/usb: Remove unnecessary return's from void functions" for musb gadget
  Revert "Fix typo: configuation => configuration" partially
  ida: document IDA_BITMAP_LONGS calculation
  ext2: fix a typo on comment in ext2/inode.c
  drivers/scsi: Remove unnecessary casts of private_data
  drivers/s390: Remove unnecessary casts of private_data
  net/sunrpc/rpc_pipe.c: Remove unnecessary casts of private_data
  drivers/infiniband: Remove unnecessary casts of private_data
  drivers/gpu/drm: Remove unnecessary casts of private_data
  kernel/pm_qos_params.c: Remove unnecessary casts of private_data
  fs/ecryptfs: Remove unnecessary casts of private_data
  fs/seq_file.c: Remove unnecessary casts of private_data
  arm: uengine.c: remove C99 comments
  arm: scoop.c: remove C99 comments
  Fix typo configue => configure in comments
  Fix typo: configuation => configuration
  Fix typo interrest[ing|ed] => interest[ing|ed]
  Fix various typos of valid in comments
  ...

Fix up trivial conflicts in:
	drivers/char/ipmi/ipmi_si_intf.c
	drivers/usb/gadget/rndis.c
	net/irda/irnet/irnet_ppp.c
2010-10-24 13:41:39 -07:00
Dmitry Torokhov
9b3056cca0 tpm: change 'tpm_suspend_pcr' to be module parameter
Fix the following warning:

drivers/char/tpm/tpm.c:1085: warning: `tpm_suspend_setup' defined but not used

and make the workaround operable in case when TPM is compiled as a module.
As a side-effect the option will be called tpm.suspend_pcr.

Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
Cc: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Cc: David Safford <safford@watson.ibm.com>
Cc: James Morris <jmorris@namei.org>
Cc: Debora Velarde <debora@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Morris <jmorris@namei.org>
2010-10-21 10:12:42 +11:00
Justin P. Mattock
631dd1a885 Update broken web addresses in the kernel.
The patch below updates broken web addresses in the kernel

Signed-off-by: Justin P. Mattock <justinmattock@gmail.com>
Cc: Maciej W. Rozycki <macro@linux-mips.org>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Finn Thain <fthain@telegraphics.com.au>
Cc: Randy Dunlap <rdunlap@xenotime.net>
Cc: Matt Turner <mattst88@gmail.com>
Cc: Dimitry Torokhov <dmitry.torokhov@gmail.com>
Cc: Mike Frysinger <vapier.adi@gmail.com>
Acked-by: Ben Pfaff <blp@cs.stanford.edu>
Acked-by: Hans J. Koch <hjk@linutronix.de>
Reviewed-by: Finn Thain <fthain@telegraphics.com.au>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2010-10-18 11:03:14 +02:00
Rajiv Andrade
59f6fbe429 tpm_tis: fix subsequent suspend failures
Fix subsequent suspends by issuing tpm_continue_selftest during resume.
Otherwise, the tpm chip seems to be not fully initialized and will reject
the save state command during suspend, thus preventing the whole system
to suspend.

Addresses https://bugzilla.kernel.org/show_bug.cgi?id=16256

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Cc: James Morris <jmorris@namei.org>
Cc: Debora Velarde <debora@linux.vnet.ibm.com>
Cc: David Safford <safford@watson.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Morris <jmorris@namei.org>
2010-07-26 10:25:45 +10:00
Rajiv Andrade
02a077c52e TPM: ReadPubEK output struct fix
This patch adds a missing element of the ReadPubEK command output,
that prevents future overflow of this buffer when copying the
TPM output result into it.

Prevents a kernel panic in case the user tries to read the
pubek from sysfs.

Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
2010-06-15 09:26:28 +10:00
Rajiv Andrade
7f2ab000c6 TPM: ACPI/PNP dependency removal
This patch pushes the ACPI dependency into the device driver code
itself. Now, even without ACPI/PNP enabled, the device can be registered
using the TIS specified memory space. This will however result in the
lack of access to the BIOS event log, being the only implication of such
ACPI removal.

Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Acked-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
2010-05-17 09:08:18 +10:00
James Morris
ec4a162af3 Revert "TPM: ACPI/PNP dependency removal"
This reverts commit b89e66e1e3.

> > When CONFIG_PM is not set:
> >
> > drivers/built-in.o: In function `acpi_init':
> > bus.c:(.init.text+0x2d84): undefined reference to `pm_flags'
> > bus.c:(.init.text+0x2d91): undefined reference to `pm_flags'
>
> CONFIG_ACPI depends on CONFIG_PM,
> so acpi/bus.c should not be compiled for CONFIG_PM=n
>
> Hmm, is is somebody doing something strange, like "select ACPI"
> without guaranteeing that all of ACPI's dependencies are satisfied?

Signed-off-by: James Morris <jmorris@namei.org>
2010-05-07 09:19:29 +10:00
James Morris
0ffbe2699c Merge branch 'master' into next 2010-05-06 10:56:07 +10:00
Rajiv Andrade
b89e66e1e3 TPM: ACPI/PNP dependency removal
This patch pushes the ACPI dependency into the device driver code
itself. Now, even without ACPI/PNP enabled, the device can be registered
using the TIS specified memory space. This will however result in the
lack of access to the bios event log, being the only implication of such
ACPI removal.

Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Acked-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
2010-05-05 09:59:57 +10:00
Tejun Heo
5a0e3ad6af include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
percpu.h is included by sched.h and module.h and thus ends up being
included when building most .c files.  percpu.h includes slab.h which
in turn includes gfp.h making everything defined by the two files
universally available and complicating inclusion dependencies.

percpu.h -> slab.h dependency is about to be removed.  Prepare for
this change by updating users of gfp and slab facilities include those
headers directly instead of assuming availability.  As this conversion
needs to touch large number of source files, the following script is
used as the basis of conversion.

  http://userweb.kernel.org/~tj/misc/slabh-sweep.py

The script does the followings.

* Scan files for gfp and slab usages and update includes such that
  only the necessary includes are there.  ie. if only gfp is used,
  gfp.h, if slab is used, slab.h.

* When the script inserts a new include, it looks at the include
  blocks and try to put the new include such that its order conforms
  to its surrounding.  It's put in the include block which contains
  core kernel includes, in the same order that the rest are ordered -
  alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
  doesn't seem to be any matching order.

* If the script can't find a place to put a new include (mostly
  because the file doesn't have fitting include block), it prints out
  an error message indicating which .h file needs to be added to the
  file.

The conversion was done in the following steps.

1. The initial automatic conversion of all .c files updated slightly
   over 4000 files, deleting around 700 includes and adding ~480 gfp.h
   and ~3000 slab.h inclusions.  The script emitted errors for ~400
   files.

2. Each error was manually checked.  Some didn't need the inclusion,
   some needed manual addition while adding it to implementation .h or
   embedding .c file was more appropriate for others.  This step added
   inclusions to around 150 files.

3. The script was run again and the output was compared to the edits
   from #2 to make sure no file was left behind.

4. Several build tests were done and a couple of problems were fixed.
   e.g. lib/decompress_*.c used malloc/free() wrappers around slab
   APIs requiring slab.h to be added manually.

5. The script was run on all .h files but without automatically
   editing them as sprinkling gfp.h and slab.h inclusions around .h
   files could easily lead to inclusion dependency hell.  Most gfp.h
   inclusion directives were ignored as stuff from gfp.h was usually
   wildly available and often used in preprocessor macros.  Each
   slab.h inclusion directive was examined and added manually as
   necessary.

6. percpu.h was updated not to include slab.h.

7. Build test were done on the following configurations and failures
   were fixed.  CONFIG_GCOV_KERNEL was turned off for all tests (as my
   distributed build env didn't work with gcov compiles) and a few
   more options had to be turned off depending on archs to make things
   build (like ipr on powerpc/64 which failed due to missing writeq).

   * x86 and x86_64 UP and SMP allmodconfig and a custom test config.
   * powerpc and powerpc64 SMP allmodconfig
   * sparc and sparc64 SMP allmodconfig
   * ia64 SMP allmodconfig
   * s390 SMP allmodconfig
   * alpha SMP allmodconfig
   * um on x86_64 SMP allmodconfig

8. percpu.h modifications were reverted so that it could be applied as
   a separate patch and serve as bisection point.

Given the fact that I had only a couple of failures from tests on step
6, I'm fairly confident about the coverage of this conversion patch.
If there is a breakage, it's likely to be something in one of the arch
headers which should be easily discoverable easily on most builds of
the specific arch.

Signed-off-by: Tejun Heo <tj@kernel.org>
Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
2010-03-30 22:02:32 +09:00
Rajiv Andrade
225a9be24d TPM: workaround to enforce PCR updates across suspends
Add a workaround for TPM's which fail to flush last written
PCR values in a TPM_SaveState, in preparation for suspend.

Signed-off-by: David Safford <safford@watson.ibm.com>
Acked-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
2010-03-26 09:30:03 +11:00
Marcel Selhorst
93716b9470 tpm_infineon: fix suspend/resume handler for pnp_driver
When suspending, tpm_infineon calls the generic suspend function of the
TPM framework.  However, the TPM framework does not return and the system
hangs upon suspend.  When sending the necessary command "TPM_SaveState"
directly within the driver, suspending and resuming works fine.

Signed-off-by: Marcel Selhorst <m.selhorst@sirrix.com>
Cc: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
Cc: Debora Velarde <debora@linux.vnet.ibm.com>
Cc: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Cc: <stable@kernel.org>		[2.6.32.x]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2010-02-11 13:59:42 -08:00
Matt Domsch
31bde71c20 tpm: autoload tpm_tis based on system PnP IDs
The tpm_tis driver already has a list of supported pnp_device_ids.
This patch simply exports that list as a MODULE_DEVICE_TABLE() so that
the module autoloader will discover and load the module at boottime.

Signed-off-by: Matt Domsch <Matt_Domsch@dell.com>
Acked-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Morris <jmorris@namei.org>
2009-11-03 12:05:50 +11:00
Rajiv Andrade
3507d61236 tpm_tis: TPM_STS_DATA_EXPECT workaround
Some newer Lenovo models are shipped with a TPM that doesn't seem to set the TPM_STS_DATA_EXPECT status bit
when sending it a burst of data, so the code understands it as a failure and doesn't proceed sending the chip
the intended data. In this patch we bypass this bit check in case the itpm module parameter was set.

This patch is based on Andy Isaacson's one:

http://marc.info/?l=linux-kernel&m=124650185023495&w=2

It was heavily discussed how should we deal with identifying the chip in kernel space, but the required
patch to do so was NACK'd:

http://marc.info/?l=linux-kernel&m=124650186423711&w=2

This way we let the user choose using this workaround or not based on his
observations on this code behavior when trying to use the TPM.

Fixed a checkpatch issue present on the previous patch, thanks to Daniel Walker.

Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Acked-by: Eric Paris <eparis@redhat.com>
Tested-by: Seiji Munetoh <seiji.munetoh@gmail.com>
Signed-off-by: James Morris <jmorris@namei.org>
2009-11-02 09:09:04 +11:00
Rajiv Andrade
23acb98de5 TPM: fix pcrread
The previously sent patch:

http://marc.info/?l=tpmdd-devel&m=125208945007834&w=2

Had its first hunk cropped when merged, submitting only this first hunk
again.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Cc: Debora Velarde <debora@linux.vnet.ibm.com>
Cc: Marcel Selhorst <m.selhorst@sirrix.com>
Cc: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Tested-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
2009-10-01 07:59:17 +10:00
James Morris
1669b049db Merge branch 'master' into next 2009-09-30 07:47:33 +10:00
Rajiv Andrade
7f366784f5 TPM: increase default TPM buffer
The TPM Working Group requested this communication buffer increase given that a
particular TPM vendor can support a TPM_SHA1Start command input bigger than the
current size.

Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
2009-09-24 13:47:12 -07:00
Linus Torvalds
c82ffab9a8 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6:
  SELinux: do not destroy the avc_cache_nodep
  KEYS: Have the garbage collector set its timer for live expired keys
  tpm-fixup-pcrs-sysfs-file-update
  creds_are_invalid() needs to be exported for use by modules:
  include/linux/cred.h: fix build

Fix trivial BUILD_BUG_ON-induced conflicts in drivers/char/tpm/tpm.c
2009-09-23 15:18:57 -07:00
Jason Gunthorpe
0afd9056f1 tpm-fixup-pcrs-sysfs-file-update
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Cc: Debora Velarde <debora@linux.vnet.ibm.com>
Cc: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Cc: Marcel Selhorst <m.selhorst@sirrix.com>
Cc: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Morris <jmorris@namei.org>
2009-09-23 11:03:40 -07:00
Jan Beulich
8c87df457c BUILD_BUG_ON(): fix it and a couple of bogus uses of it
gcc permitting variable length arrays makes the current construct used for
BUILD_BUG_ON() useless, as that doesn't produce any diagnostic if the
controlling expression isn't really constant.  Instead, this patch makes
it so that a bit field gets used here.  Consequently, those uses where the
condition isn't really constant now also need fixing.

Note that in the gfp.h, kmemcheck.h, and virtio_config.h cases
MAYBE_BUILD_BUG_ON() really just serves documentation purposes - even if
the expression is compile time constant (__builtin_constant_p() yields
true), the array is still deemed of variable length by gcc, and hence the
whole expression doesn't have the intended effect.

[akpm@linux-foundation.org: make arch/sparc/include/asm/vio.h compile]
[akpm@linux-foundation.org: more nonsensical assertions in tpm.c..]
Signed-off-by: Jan Beulich <jbeulich@novell.com>
Cc: Andi Kleen <andi@firstfloor.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Cc: Mimi Zohar <zohar@us.ibm.com>
Cc: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-09-23 07:39:29 -07:00
James Morris
88e9d34c72 seq_file: constify seq_operations
Make all seq_operations structs const, to help mitigate against
revectoring user-triggerable function pointers.

This is derived from the grsecurity patch, although generated from scratch
because it's simpler than extracting the changes from there.

Signed-off-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-09-23 07:39:29 -07:00
Jason Gunthorpe
ec57935837 TPM: Fixup boot probe timeout for tpm_tis driver
When probing the device in tpm_tis_init the call request_locality
uses timeout_a, which wasn't being initalized until after
request_locality. This results in request_locality falsely timing
out if the chip is still starting. Move the initialization to before
request_locality.

This probably only matters for embedded cases (ie mine), a BIOS likely
gets the TPM into a state where this code path isn't necessary.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Acked-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
2009-09-10 19:19:09 +10:00
Alexey Dobriyan
405f55712d headers: smp_lock.h redux
* Remove smp_lock.h from files which don't need it (including some headers!)
* Add smp_lock.h to files which do need it
* Make smp_lock.h include conditional in hardirq.h
  It's needed only for one kernel_locked() usage which is under CONFIG_PREEMPT

  This will make hardirq.h inclusion cheaper for every PREEMPT=n config
  (which includes allmodconfig/allyesconfig, BTW)

Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-07-12 12:22:34 -07:00
Eric Paris
fbaa58696c TPM: get_event_name stack corruption
get_event_name uses sprintf to fill a buffer declared on the stack.  It fills
the buffer 2 bytes at a time.  What the code doesn't take into account is that
sprintf(buf, "%02x", data) actually writes 3 bytes.  2 bytes for the data and
then it nul terminates the string.  Since we declare buf to be 40 characters
long and then we write 40 bytes of data into buf sprintf is going to write 41
characters.  The fix is to leave room in buf for the nul terminator.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
2009-05-20 08:30:05 +10:00
Linus Torvalds
0c93ea4064 Merge git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core-2.6: (61 commits)
  Dynamic debug: fix pr_fmt() build error
  Dynamic debug: allow simple quoting of words
  dynamic debug: update docs
  dynamic debug: combine dprintk and dynamic printk
  sysfs: fix some bin_vm_ops errors
  kobject: don't block for each kobject_uevent
  sysfs: only allow one scheduled removal callback per kobj
  Driver core: Fix device_move() vs. dpm list ordering, v2
  Driver core: some cleanup on drivers/base/sys.c
  Driver core: implement uevent suppress in kobject
  vcs: hook sysfs devices into object lifetime instead of "binding"
  driver core: fix passing platform_data
  driver core: move platform_data into platform_device
  sysfs: don't block indefinitely for unmapped files.
  driver core: move knode_bus into private structure
  driver core: move knode_driver into private structure
  driver core: move klist_children into private structure
  driver core: create a private portion of struct device
  driver core: remove polling for driver_probe_done(v5)
  sysfs: reference sysfs_dirent from sysfs inodes
  ...

Fixed conflicts in drivers/sh/maple/maple.c manually
2009-03-26 11:17:04 -07:00
Ming Lei
7a192ec334 platform driver: fix incorrect use of 'platform_bus_type' with 'struct device_driver'
This patch fixes the bug reported in
	http://bugzilla.kernel.org/show_bug.cgi?id=11681.

"Lots of device drivers register a 'struct device_driver' with
the '.bus' member set to '&platform_bus_type'. This is wrong,
since the platform_bus functions expect the 'struct device_driver'
to be wrapped up in a 'struct platform_driver' which provides
some additional callbacks (like suspend_late, resume_early).
The effect may be that platform_suspend_late() uses bogus data
outside the device_driver struct as a pointer pointer to the
device driver's suspend_late() function or other hard to
reproduce failures."(Lothar Wassmann)

Signed-off-by: Ming Lei <tom.leiming@gmail.com>
Acked-by: Henrique de Moraes Holschuh <hmh@hmh.eng.br>
Acked-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2009-03-24 16:38:25 -07:00
James Morris
703a3cd728 Merge branch 'master' into next 2009-03-24 10:52:46 +11:00
Marcel Selhorst
7dcce1334f tpm: correct email address for tpm_infineon-driver
Update my email address.

Signed-off-by: Marcel Selhorst <m.selhorst@sirrix.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-02-11 14:25:35 -08:00
James Morris
cb5629b10d Merge branch 'master' into next
Conflicts:
	fs/namei.c

Manually merged per:

diff --cc fs/namei.c
index 734f2b5,bbc15c2..0000000
--- a/fs/namei.c
+++ b/fs/namei.c
@@@ -860,9 -848,8 +849,10 @@@ static int __link_path_walk(const char
  		nd->flags |= LOOKUP_CONTINUE;
  		err = exec_permission_lite(inode);
  		if (err == -EAGAIN)
- 			err = vfs_permission(nd, MAY_EXEC);
+ 			err = inode_permission(nd->path.dentry->d_inode,
+ 					       MAY_EXEC);
 +		if (!err)
 +			err = ima_path_check(&nd->path, MAY_EXEC);
   		if (err)
  			break;

@@@ -1525,14 -1506,9 +1509,14 @@@ int may_open(struct path *path, int acc
  		flag &= ~O_TRUNC;
  	}

- 	error = vfs_permission(nd, acc_mode);
+ 	error = inode_permission(inode, acc_mode);
  	if (error)
  		return error;
 +
- 	error = ima_path_check(&nd->path,
++	error = ima_path_check(path,
 +			       acc_mode & (MAY_READ | MAY_WRITE | MAY_EXEC));
 +	if (error)
 +		return error;
  	/*
  	 * An append-only file must be opened in append mode for writing.
  	 */

Signed-off-by: James Morris <jmorris@namei.org>
2009-02-06 11:01:45 +11:00
Rajiv Andrade
8920d5ad6b TPM: integrity fix
Fix to function which is called by IMA, now tpm_chip_find_get() considers the case in which the machine doesn't have a TPM or, if it has, its TPM isn't enabled.

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
2009-02-06 09:06:43 +11:00
Rajiv Andrade
659aaf2bb5 TPM: integrity interface
This patch adds internal kernel support for:
 - reading/extending a pcr value
 - looking up the tpm_chip for a given chip number

Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
2009-02-03 11:23:12 +11:00
Rajiv Andrade
0883743825 TPM: sysfs functions consolidation
According to Dave Hansen's comments on the tpm_show_*, some of these functions
present a pattern when allocating data[] memory space and also when setting its
content. A new function was created so that this pattern could be consolidated.
Also, replaced the data[] command vectors and its indexes by meaningful structures
as pointed out by Matt Helsley too.

Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
2009-02-03 11:23:09 +11:00
Len Brown
b2576e1d44 Merge branch 'linus' into release 2009-01-09 03:39:43 -05:00
David Smith
09f50c9542 tpm: clean up tpm_nsc driver for platform_device suspend/resume compliance
Signed-off-by: Marcel Selhorst <tpm@selhorst.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-01-08 08:31:12 -08:00
Lin Ming
ea7e96e0f2 ACPI: remove private acpica headers from driver files
External driver files should not include any private acpica headers.

Signed-off-by: Lin Ming <ming.m.lin@intel.com>
Signed-off-by: Len Brown <len.brown@intel.com>
2008-12-31 01:15:22 -05:00
Stephen Rothwell
cbb2ed4ac6 tpm: don't export static functions
Today's linux-next build (powerpc_allyesconfig) failed like this:

drivers/char/tpm/tpm.c:1162: error: __ksymtab_tpm_dev_release causes a section type conflict

Caused by commit 253115b71f ("The
tpm_dev_release function is only called for platform devices, not pnp")
which exported a static function.

Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Cc: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-10-20 08:50:24 -07:00
Andrew Morton
dd78c9439f drivers/char/tpm/tpm.c: fix error-path memory leak
tpm_register_hardware() leaks devname on an error path.

Addresses http://bugzilla.kernel.org/show_bug.cgi?id=11425

Reported-by: Daniel Marjamki <danielm77@spray.se>
Cc: Debora Velarde <debora@linux.vnet.ibm.com>
Cc: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Cc: Marcel Selhorst <tpm@selhorst.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-10-16 11:21:49 -07:00
Valdis Kletnieks
292cf4a8a9 tpm: work around bug in Broadcom BCM0102 chipset
Patch tpm-correct-tpm-timeouts-to-jiffies-conversion reveals a bug in the
Broadcom BCM0102 TPM chipset used in the Dell Latitude D820 - although
most of the timeouts are returned in usecs as per the spec, one is
apparently returned in msecs, which results in a too-small value leading
to a timeout when the code treats it as usecs.  To prevent a regression,
we check for the known too-short value and adjust it to a value that makes
things work.

Signed-off-by: Valdis Kletnieks <valdis.kletnieks@vt.edu>
Cc: Marcin Obara <marcin_obara@users.sourceforge.net>
Cc: Marcel Selhorst <tpm@selhorst.net>
Cc: Kylene Jo Hall <kjhall@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-10-16 11:21:49 -07:00
Marcin Obara
9e5b1b1222 tpm: correct tpm timeouts to jiffies conversion
This patch fixes timeouts conversion to jiffies, by replacing
msecs_to_jiffies() calls with usecs_to_jiffies().  According to TCG TPM
Specification Version 1.2 Revision 103 (pages 166, 167) TPM timeouts and
durations are returned in microseconds (usec) not in miliseconds (msec).

This fixes a long hang while loading TPM driver, if TPM chip starts in
"Idle" state instead of "Ready" state.  Without this patch - 'modprobe'
may hang for 30 seconds or more.

Signed-off-by: Marcin Obara <marcin_obara@users.sourceforge.net>
Cc: Marcel Selhorst <tpm@selhorst.net>
Cc: Kylene Jo Hall <kjhall@us.ibm.com>
Cc: Jiri Slaby <jirislaby@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-10-16 11:21:49 -07:00
Rajiv Andrade
4bdec11f56 As pointed out by Jonathan Corbet, the timer must be deleted before
flushing the work queue in order to avoid a job being submitted after the
chip had been released.

Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: "Serge E. Hallyn" <serue@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Morris <jmorris@namei.org>
2008-10-11 09:05:20 +11:00
Rajiv Andrade
253115b71f The tpm_dev_release function is only called for platform devices, not pnp
devices, so we implemented the .remove function for pnp ones.  Since it's
code is very similar to the one inside tpm_dev_release, we've created a
helper function tpm_dev_vendor_release, which is called by both.

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Cc: "Serge E. Hallyn" <serue@us.ibm.com>
Cc: Bjorn Helgaas <bjorn.helgaas@hp.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Morris <jmorris@namei.org>
2008-10-11 09:04:39 +11:00
Rajiv Andrade
f02a93645e Protect tpm_chip_list when transversing it.
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Acked-by: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Paul E. McKenney" <paulmck@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Morris <jmorris@namei.org>
2008-10-11 09:04:23 +11:00
Rajiv Andrade
dc36d32cc5 Renames num_open to is_open, as only one process can open the file at a time.
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Cc: "Serge E. Hallyn" <serue@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Morris <jmorris@namei.org>
2008-10-11 09:04:02 +11:00
Rajiv Andrade
f89c5edb86 Remove the BKL calls from the TPM driver, which were added in the overall
misc-char-dev-BKL-pushdown.patch, as they are not needed.

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Cc: "Serge E. Hallyn" <serue@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: James Morris <jmorris@namei.org>
2008-10-11 09:03:39 +11:00
Eric Paris
da31894ed7 securityfs: do not depend on CONFIG_SECURITY
Add a new Kconfig option SECURITYFS which will build securityfs support
but does not require CONFIG_SECURITY.  The only current user of
securityfs does not depend on CONFIG_SECURITY and there is no reason the
full LSM needs to be built to build this fs.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
2008-08-28 10:47:42 +10:00
Michael Halcrow
0147600172 tpm: Use correct data types for sizes in tpm_write() and tpm_read()
Use the correct data types for the size parameters in tpm_write() and
tpm_read(). Note that rw_verify_area() makes sure that this bug cannot
be exploited to produce a buffer overrun.

Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com>
Cc: Marcel Selhorst <tpm@selhorst.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-07-26 12:00:04 -07:00
Marcin Obara
ec288bd37e tpm: increase size of internal TPM response buffers
This patch increases size of driver internal response buffers.  Some TPM
responses defined in TCG TPM Specification Version 1.2 Revision 103 have
increased size and do not fit previously defined buffers.  Some TPM
responses do not have fixed size, so bigger response buffers have to be
allocated.  200B buffers should be enough.

[akpm@linux-foundation.org: coding-style fixes]
Signed-off-by: Marcin Obara <marcin_obara@users.sourceforge.net>
Cc: Marcel Selhorst <tpm@selhorst.net>
Cc: Kylene Jo Hall <kjhall@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-07-26 12:00:04 -07:00
Adrian Bunk
3bd60464e3 tpm_bios.c: make 2 structs static
This patch makes two needlessly global structs static.

Signed-off-by: Adrian Bunk <bunk@kernel.org>
Acked-by: Marcel Selhorst <tpm@selhorst.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-07-26 12:00:04 -07:00
LE DISEZ Erwan
061991ec6e tpm: add support for Broadcom TPM TIS device HID
Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Cc: Marcel Selhorst <tpm@selhorst.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-07-26 12:00:03 -07:00
Jonathan Corbet
2fceef397f Merge commit 'v2.6.26' into bkl-removal 2008-07-14 15:29:34 -06:00
Marcin Obara
fb0e7e11d0 tpm: add Intel TPM TIS device HID
This patch adds Intel TPM TIS device HID:  ICO0102

Signed-off-by: Marcin Obara <marcin_obara@users.sourceforge.net>
Acked-by: Marcel Selhorst <tpm@selhorst.net>
Acked-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-07-10 18:04:43 -07:00
Arnd Bergmann
25368ca579 tpm-tpm: BKL pushdown
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2008-07-02 15:06:25 -06:00
Bjorn Helgaas
cedb27de04 tpm: change Kconfig dependencies from PNPACPI to PNP
There is no "PNPACPI" driver interface as such.  PNPACPI is an internal
backend of PNP, and drivers just use the generic PNP interface.

The drivers should depend on CONFIG_PNP, not CONFIG_PNPACPI.

tpm_nsc.c doesn't use PNP at all, so we can just remove the dependency
completely.  It probably *should* use PNP to discover the device, but until it
does, there's no point in depending on PNP.

Signed-off-by: Bjorn Helgaas <bjorn.helgaas@hp.com>
Cc: Kylene Jo Hall <kjhall@us.ibm.com>
Cc: Marcel Selhorst <tpm@selhorst.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-04-29 08:06:26 -07:00
Sam Ravnborg
4821cd111d tpm: fix section mismatch warning
Fix following warning:
WARNING: vmlinux.o(.init.text+0x32804): Section mismatch in reference from the function init_nsc() to the function .devexit.text:tpm_nsc_remove()

The function tpm_nsc_remove() are used outside __exit, so remove the __exit
annotation to make sure the function is always avilable.

Note: Trying to compare this module with other users of platform_device gve me
the impression that this driver needs some work to match other users.

Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
Cc: Kylene Hall <kjhall@us.ibm.com>
Cc: Marcel Selhorst <tpm@selhorst.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-04-29 08:06:26 -07:00
Jeff Garzik
a6f97b293b drivers/char: minor irq handler cleanups
- remove always-false tests

- don't overload 'irq' argument, pass data properly via dev_id

- remove pointless casts from void*

Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
2008-04-20 19:03:43 -04:00
Randy Dunlap
e1d42c983f tpm: infineon section mismatch
Fix section mismatch by making the driver template variable name
match one of the whitelisted variable names in modpost.

WARNING: vmlinux.o(.data+0x7a9e8): Section mismatch: reference to .init.text:tpm_inf_pnp_probe (between 'tpm_inf_pnp' and 'cn_idx')

Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Cc: Marcel Selhorst <tpm@selhorst.net>
Acked-by: Sam Ravnborg <sam@ravnborg.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-02-06 10:41:10 -08:00
Richard MUSIL
5bd91f18be tpm.c: fix crash during device removal
The clean up procedure now uses platform device "release" callback to
handle memory clean up.  For this purpose "release" function callback was
added to struct tpm_vendor_specific, so hw device driver provider can get
called when it is safe to remove all allocated resources.

This is supposed to fix a bug in device removal, where device while in
receive function (waiting on timeout) was prone to segfault, if the
tpm_chip struct was unallocated before the timeout expired (in
tpm_remove_hardware).

Acked-by: Marcel Selhorst <tpm@selhorst.net>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-02-06 10:41:04 -08:00
David Smith
2490c681ea TPM: fix suspend and resume failure
The savestate command structure was being overwritten by the result of
running the TPM_SaveState command after one run, so make it a local
variable to the function instead of a global variable that gets
overwritten.

Acked-by: Pavel Machek <pavel@ucw.cz>
Cc: Kent Yoder <shpedoikal@gmail.com>
Cc: Marcel Selhorst <tpm@selhorst.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-01-14 08:52:22 -08:00
Marcel Selhorst
05a462afe8 TPM: fix TIS device driver locality request
During the initialization of the TPM TIS driver, the necessary locality has
to be requested earlier in the init-process.  Depending on the used TPM
chip, this leads to wrong information.  For example: Lenovo X61s with Atmel
TPM:

tpm_tis 00:0a: 1.2 TPM (device-id 0xFFFF, rev-id 255)

But correct is:

tpm_tis 00:0c: 1.2 TPM (device-id 0x3203, rev-id 9)

This short patch fixes this issue.

Signed-off-by: Marcel Selhorst <tpm@selhorst.net>
Cc: Kylene Jo Hall <kjhall@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-11-29 09:24:52 -08:00
Jeff Garzik
06efcad0d4 Eliminate pointless casts from void* in a few driver irq handlers.
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
2007-10-23 19:53:16 -04:00