linux-toradex.git/drivers/char/tpm, branch v5.14 Linux kernel for Apalis and Colibri modules tpm_ftpm_tee: Free and unregister TEE shared memory during kexec 2021-07-21T05:55:50+00:00 Tyler Hicks tyhicks@linux.microsoft.com 2021-06-14T22:33:16+00:00 dfb703ad2a8d366b829818a558337be779746575 dma-buf backed shared memory cannot be reliably freed and unregistered during a kexec operation even when tee_shm_free() is called on the shm from a .shutdown hook. The problem occurs because dma_buf_put() calls fput() which then uses task_work_add(), with the TWA_RESUME parameter, to queue tee_shm_release() to be called before the current task returns to user mode. However, the current task never returns to user mode before the kexec completes so the memory is never freed nor unregistered. Use tee_shm_alloc_kernel_buf() to avoid dma-buf backed shared memory allocation so that tee_shm_free() can directly call tee_shm_release(). This will ensure that the shm can be freed and unregistered during a kexec operation. Fixes: 09e574831b27 ("tpm/tpm_ftpm_tee: A driver for firmware TPM running inside TEE") Fixes: 1760eb689ed6 ("tpm/tpm_ftpm_tee: add shutdown call back") Cc: stable@vger.kernel.org Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Acked-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> 
dma-buf backed shared memory cannot be reliably freed and unregistered
during a kexec operation even when tee_shm_free() is called on the shm
from a .shutdown hook. The problem occurs because dma_buf_put() calls
fput() which then uses task_work_add(), with the TWA_RESUME parameter,
to queue tee_shm_release() to be called before the current task returns
to user mode. However, the current task never returns to user mode
before the kexec completes so the memory is never freed nor
unregistered.

Use tee_shm_alloc_kernel_buf() to avoid dma-buf backed shared memory
allocation so that tee_shm_free() can directly call tee_shm_release().
This will ensure that the shm can be freed and unregistered during a
kexec operation.

Fixes: 09e574831b27 ("tpm/tpm_ftpm_tee: A driver for firmware TPM running inside TEE")
Fixes: 1760eb689ed6 ("tpm/tpm_ftpm_tee: add shutdown call back")
Cc: stable@vger.kernel.org
Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Acked-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
tpm: Replace WARN_ONCE() with dev_err_once() in tpm_tis_status() 2021-06-23T13:51:04+00:00 Jarkko Sakkinen jarkko@kernel.org 2021-06-09T13:26:19+00:00 0178f9d0f60ba07e09bab57381a3ef18e2c1fd7f Do not tear down the system when getting invalid status from a TPM chip. This can happen when panic-on-warn is used. Instead, introduce TPM_TIS_INVALID_STATUS bitflag and use it to trigger once the error reporting per chip. In addition, print out the value of TPM_STS for improved forensics. Link: https://lore.kernel.org/keyrings/YKzlTR1AzUigShtZ@kroah.com/ Fixes: 55707d531af6 ("tpm_tis: Add a check for invalid status") Cc: stable@vger.kernel.org Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
Do not tear down the system when getting invalid status from a TPM chip.
This can happen when panic-on-warn is used.

Instead, introduce TPM_TIS_INVALID_STATUS bitflag and use it to trigger
once the error reporting per chip. In addition, print out the value of
TPM_STS for improved forensics.

Link: https://lore.kernel.org/keyrings/YKzlTR1AzUigShtZ@kroah.com/
Fixes: 55707d531af6 ("tpm_tis: Add a check for invalid status")
Cc: stable@vger.kernel.org
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
tpm_tis: Use DEFINE_RES_MEM() to simplify code 2021-06-23T13:51:03+00:00 Zhen Lei thunder.leizhen@huawei.com 2021-06-03T07:49:55+00:00 5a118a39ec9207f9b8cddb013ad270c80bc84a1c Use DEFINE_RES_MEM() to save a couple of lines of code, which is simpler and more readable. The start address does not need to appear twice. Signed-off-by: Zhen Lei <thunder.leizhen@huawei.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> 
Use DEFINE_RES_MEM() to save a couple of lines of code, which is simpler
and more readable. The start address does not need to appear twice.

Signed-off-by: Zhen Lei <thunder.leizhen@huawei.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
tpm: fix some doc warnings in tpm1-cmd.c 2021-06-23T13:51:03+00:00 Yang Yingliang yangyingliang@huawei.com 2021-06-01T12:22:30+00:00 6e0fe58b08e747c73b848de92ccec944f31dddce Fix the following make W=1 warnings: drivers/char/tpm/tpm1-cmd.c:325: warning: expecting prototype for tpm_startup(). Prototype was for tpm1_startup() instead drivers/char/tpm/tpm1-cmd.c:621: warning: expecting prototype for tpm_continue_selftest(). Prototype was for tpm1_continue_selftest() instead Signed-off-by: Yang Yingliang <yangyingliang@huawei.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> 
Fix the following make W=1 warnings:

  drivers/char/tpm/tpm1-cmd.c:325: warning: expecting prototype for tpm_startup(). Prototype was for tpm1_startup() instead
  drivers/char/tpm/tpm1-cmd.c:621: warning: expecting prototype for tpm_continue_selftest(). Prototype was for tpm1_continue_selftest() instead

Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
tpm_tis_spi: add missing SPI device ID entries 2021-06-23T13:51:03+00:00 Javier Martinez Canillas javierm@redhat.com 2021-05-27T15:23:52+00:00 c46ed2281bbe4b84e6f3d4bdfb0e4e9ab813fa9d The SPI core always reports a "MODALIAS=spi:<foo>", even if the device was registered via OF. This means that this module won't auto-load if a DT has for example has a node with a compatible "infineon,slb9670" string. In that case kmod will expect a "MODALIAS=of:N*T*Cinfineon,slb9670" uevent but instead will get a "MODALIAS=spi:slb9670", which is not present in the kernel module aliases: $ modinfo drivers/char/tpm/tpm_tis_spi.ko | grep alias alias: of:N*T*Cgoogle,cr50C* alias: of:N*T*Cgoogle,cr50 alias: of:N*T*Ctcg,tpm_tis-spiC* alias: of:N*T*Ctcg,tpm_tis-spi alias: of:N*T*Cinfineon,slb9670C* alias: of:N*T*Cinfineon,slb9670 alias: of:N*T*Cst,st33htpm-spiC* alias: of:N*T*Cst,st33htpm-spi alias: spi:cr50 alias: spi:tpm_tis_spi alias: acpi*:SMO0768:* To workaround this issue, add in the SPI device ID table all the entries that are present in the OF device ID table. Reported-by: Alexander Wellbrock <a.wellbrock@mailbox.org> Signed-off-by: Javier Martinez Canillas <javierm@redhat.com> Tested-by: Peter Robinson <pbrobinson@gmail.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> 
The SPI core always reports a "MODALIAS=spi:<foo>", even if the device was
registered via OF. This means that this module won't auto-load if a DT has
for example has a node with a compatible "infineon,slb9670" string.

In that case kmod will expect a "MODALIAS=of:N*T*Cinfineon,slb9670" uevent
but instead will get a "MODALIAS=spi:slb9670", which is not present in the
kernel module aliases:

$ modinfo drivers/char/tpm/tpm_tis_spi.ko | grep alias
alias:          of:N*T*Cgoogle,cr50C*
alias:          of:N*T*Cgoogle,cr50
alias:          of:N*T*Ctcg,tpm_tis-spiC*
alias:          of:N*T*Ctcg,tpm_tis-spi
alias:          of:N*T*Cinfineon,slb9670C*
alias:          of:N*T*Cinfineon,slb9670
alias:          of:N*T*Cst,st33htpm-spiC*
alias:          of:N*T*Cst,st33htpm-spi
alias:          spi:cr50
alias:          spi:tpm_tis_spi
alias:          acpi*:SMO0768:*

To workaround this issue, add in the SPI device ID table all the entries
that are present in the OF device ID table.

Reported-by: Alexander Wellbrock <a.wellbrock@mailbox.org>
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Tested-by: Peter Robinson <pbrobinson@gmail.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
tpm: add longer timeout for TPM2_CC_VERIFY_SIGNATURE 2021-06-23T13:51:03+00:00 Amir Mizinski amirmizi6@gmail.com 2021-05-25T11:13:25+00:00 5317677db4290366c95f4209de387d6c9b48707f While running a TPM2_CC_VERIFY_SIGNATURE operation with RSA 3072-bit keys the TPM driver fails with the following error: "kernel: [ 2416.187522] tpm tpm0: Operation Timed out" Since the TPM PC Client specification does not specify a number for verify signature operation timeout, and the duration of TPM2_CC_VERIFY_SIGNATURE with RSA 3072-bit keys exceeds the current timeout of TPM_LONG (2 seconds), it is preferable to pick the longest timeout possible. Therefore, set the duration for TPM2_CC_VERIFY_SIGNATUE to TPM_LONG_LONG (5 minutes). [jarkko@kernel.org: mangled the short summary a bit] Link: https://trustedcomputinggroup.org/resource/pc-client-specific-platform-firmware-profile-specification/ Signed-off-by: Amir Mizinski <amirmizi6@gmail.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> 
While running a TPM2_CC_VERIFY_SIGNATURE operation with RSA 3072-bit
keys the TPM driver fails with the following error:

"kernel: [ 2416.187522] tpm tpm0: Operation Timed out"

Since the TPM PC Client specification does not specify a number for
verify signature operation timeout, and the duration of
TPM2_CC_VERIFY_SIGNATURE with RSA 3072-bit keys exceeds the current timeout
of TPM_LONG (2 seconds), it is preferable to pick the longest timeout
possible.

Therefore, set the duration for TPM2_CC_VERIFY_SIGNATUE to TPM_LONG_LONG
(5 minutes).

[jarkko@kernel.org: mangled the short summary a bit]

Link: https://trustedcomputinggroup.org/resource/pc-client-specific-platform-firmware-profile-specification/
Signed-off-by: Amir Mizinski <amirmizi6@gmail.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
char: tpm: move to use request_irq by IRQF_NO_AUTOEN flag 2021-06-23T13:51:03+00:00 Tian Tao tiantao6@hisilicon.com 2021-05-17T01:18:44+00:00 446cd6f0f3045dd971845e2082ff7b5dbd235743 disable_irq() after request_irq() still has a time gap in which interrupts can come. request_irq() with IRQF_NO_AUTOEN flag will disable IRQ auto-enable because of requesting. Link: https://lore.kernel.org/patchwork/patch/1388765/ Signed-off-by: Tian Tao <tiantao6@hisilicon.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> 
disable_irq() after request_irq() still has a time gap in which
interrupts can come. request_irq() with IRQF_NO_AUTOEN flag will
disable IRQ auto-enable because of requesting.

Link: https://lore.kernel.org/patchwork/patch/1388765/
Signed-off-by: Tian Tao <tiantao6@hisilicon.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
tpm_tis_spi: set default probe function if device id not match 2021-06-23T13:51:03+00:00 Liguang Zhang zhangliguang@linux.alibaba.com 2021-05-07T14:52:55+00:00 114e43371c58992c3ceece219cc359f16314b2c9 In DSDT table, TPM _CID was SMO0768, and no _HID definition. After a kernel upgrade from 4.19 to 5.10, TPM probe function was changed which causes device probe fails. In order to make newer kernel to be compatible with the older acpi definition, it would be best set default probe function. Signed-off-by: Liguang Zhang <zhangliguang@linux.alibaba.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> 
In DSDT table, TPM _CID was SMO0768, and no _HID definition. After a
kernel upgrade from 4.19 to 5.10, TPM probe function was changed which
causes device probe fails. In order to make newer kernel to be
compatible with the older acpi definition, it would be best set default
probe function.

Signed-off-by: Liguang Zhang <zhangliguang@linux.alibaba.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
tpm_crb: Use IOMEM_ERR_PTR when function returns iomem 2021-06-23T13:51:03+00:00 Tian Tao tiantao6@hisilicon.com 2021-04-29T07:39:39+00:00 7937bd532fe6f6342206b3e002bd791bf25085e0 This is to simplify the code, and IOMEM_ERR_PTR(err) is same with (__force void __iomem *)ERR_PTR(err). Signed-off-by: Tian Tao <tiantao6@hisilicon.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> 
This is to simplify the code, and IOMEM_ERR_PTR(err) is same with
(__force void __iomem *)ERR_PTR(err).

Signed-off-by: Tian Tao <tiantao6@hisilicon.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
tpm: fix error return code in tpm2_get_cc_attrs_tbl() 2021-05-12T19:36:50+00:00 Zhen Lei thunder.leizhen@huawei.com 2021-05-12T13:39:26+00:00 1df83992d977355177810c2b711afc30546c81ce If the total number of commands queried through TPM2_CAP_COMMANDS is different from that queried through TPM2_CC_GET_CAPABILITY, it indicates an unknown error. In this case, an appropriate error code -EFAULT should be returned. However, we currently do not explicitly assign this error code to 'rc'. As a result, 0 was incorrectly returned. Cc: stable@vger.kernel.org Fixes: 58472f5cd4f6("tpm: validate TPM 2.0 commands") Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: Zhen Lei <thunder.leizhen@huawei.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> 
If the total number of commands queried through TPM2_CAP_COMMANDS is
different from that queried through TPM2_CC_GET_CAPABILITY, it indicates
an unknown error. In this case, an appropriate error code -EFAULT should
be returned. However, we currently do not explicitly assign this error
code to 'rc'. As a result, 0 was incorrectly returned.

Cc: stable@vger.kernel.org
Fixes: 58472f5cd4f6("tpm: validate TPM 2.0 commands")
Reported-by: Hulk Robot <hulkci@huawei.com>
Signed-off-by: Zhen Lei <thunder.leizhen@huawei.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>