Upgrade tpm driver to align with 4.18.0-147.3.1 kernel from CentOS 8.1
(cherry picked from commit a9e5bdc3399459e7e30286506749d7ab2abc964b) tpm source code is changed to get from kernel tarball, in order to avoid build error. 5 UPSTREAM patches are deleted due to upstream already contain them. disable-arm64-acpi-command.patch is deleted due to it is not needed. tpm-kmod.spec.patchlist is deleted since it is not used. kcompat.h in 0002-tpmdd-kcompat-support.patch is removed, and the macro definition "CONFIG_TCG_TPM_MODULE" is moved to KCFLAGS in spec file. elfutils-libelf-devel is added in BuildRequires to fix below error: " Makefile:977: "Cannot generate ORC metadata for CONFIG_UNWINDER_ORC=y, please install libelf-dev, libelf-devel or elfutils-libelf-devel". Stop. " Change-Id: I74f1c20a3dc3d61bcf975569dda9bdf85ec76be6 Story: 2007308 Task: 38808 Depends-On: https://review.opendev.org/720325 Signed-off-by: Shuicheng Lin <shuicheng.lin@intel.com> Signed-off-by: Dongqi Chen <chen.dq@neusoft.com>
This commit is contained in:
parent
087df449cb
commit
edeca0ad38
|
@ -1,3 +1,4 @@
|
|||
!linux-4.18.0-147.3.1.el8_1.tar.gz#linux-4.18.0-147.3.1.el8_1#https://git.centos.org/sources/kernel/c8/0ee7820c1d452ac7f71c1b1f568f74cd6e8458e8#http_script#post-dl-script/tpm-kmod.sh
|
||||
drbd-8.4.11-1.tar.gz#drbd-8.4.11-1#http://www.linbit.com/downloads/drbd/8.4/drbd-8.4.11-1.tar.gz#http##
|
||||
e1000e-3.4.2.1.tar.gz#e1000e-3.4.2.1#https://sourceforge.net/projects/e1000/files/e1000e%20stable/3.4.2.1/e1000e-3.4.2.1.tar.gz#http##
|
||||
i40e-2.10.19.82.tar.gz#i40e-2.10.19.82#https://sourceforge.net/projects/e1000/files/i40e%20stable/2.10.19.82/i40e-2.10.19.82.tar.gz/download#http##
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
COPY_LIST=" \
|
||||
$PKG_BASE/files/* \
|
||||
$PKG_BASE/patches/* \
|
||||
$STX_BASE/downloads/tpm-kmod-e6aef069.tar.gz"
|
||||
TIS_PATCH_VER=6
|
||||
$STX_BASE/downloads/tpm-kmod-147.3.1.tar.gz"
|
||||
TIS_PATCH_VER=1
|
||||
|
|
|
@ -10,32 +10,26 @@
|
|||
Name: %{kmod_name}-kmod%{?bt_ext}
|
||||
# the version is the Kernel version from which
|
||||
# this driver is extracted
|
||||
Version: 4.12
|
||||
Version: 4.18
|
||||
Release: 0%{?_tis_dist}.%{tis_patch_ver}
|
||||
Group: System Environment/Kernel
|
||||
License: GPLv2
|
||||
Summary: %{kmod_name}%{?bt_ext} kernel module(s)
|
||||
|
||||
BuildRequires: kernel%{?bt_ext}-devel, redhat-rpm-config, perl, openssl
|
||||
BuildRequires: kernel%{?bt_ext}-devel, redhat-rpm-config, perl, openssl, elfutils-libelf-devel
|
||||
ExclusiveArch: x86_64
|
||||
|
||||
# Sources.
|
||||
# the tpmdd is available as a tarball, with
|
||||
# the git commit Id referenced in the name
|
||||
Source0: %{kmod_name}-kmod-e6aef069.tar.gz
|
||||
# the kernel minor version in the name
|
||||
Source0: %{kmod_name}-kmod-147.3.1.tar.gz
|
||||
Source1: modules-load.conf
|
||||
Source2: COPYING
|
||||
Source3: README
|
||||
|
||||
# Patches
|
||||
Patch01: 0001-disable-arm64-acpi-command.patch
|
||||
Patch02: 0002-tpmdd-kcompat-support.patch
|
||||
Patch03: UPSTREAM-0001-tpm-replace-msleep-with-usleep_range.patch
|
||||
Patch04: UPSTREAM-0002-tpm-reduce-tpm-polling-delay-in-tpm_tis_core.patch
|
||||
Patch05: UPSTREAM-0003-tpm-use-tpm_msleep-value-as-max-delay.patch
|
||||
Patch06: UPSTREAM-0004-tpm-wait-for-stat-to-specify-variable-polling-time.patch
|
||||
Patch07: UPSTREAM-0005-tpm-ignore-burstcount-to-improve-send-performance.patch
|
||||
Patch08: UPSTREAM-0006-tpm-use-struct-tpm_chip.patch
|
||||
Patch01: tpmdd-kcompat-support.patch
|
||||
Patch20: UPSTREAM-0005-tpm-ignore-burstcount-to-improve-send-performance.patch
|
||||
|
||||
%define kversion %(rpm -q kernel%{?bt_ext}-devel | sort --version-sort | tail -1 | sed 's/kernel%{?bt_ext}-devel-//')
|
||||
|
||||
|
@ -108,7 +102,7 @@ of the same variant of the Linux kernel and not on any one specific build.
|
|||
|
||||
%build
|
||||
# build out all the TPM kernel modules
|
||||
%{__make} KSRC=%{_usrsrc}/kernels/%{kversion}
|
||||
%{__make} KSRC=%{_usrsrc}/kernels/%{kversion} KCFLAGS="-DCONFIG_TCG_TPM_MODULE"
|
||||
|
||||
%install
|
||||
%{__install} -d %{buildroot}/lib/modules/%{kversion}/kernel/drivers/char/%{kmod_name}/
|
||||
|
@ -130,10 +124,10 @@ find %{buildroot} -type f -name \*.ko -exec %{__strip} --strip-debug \{\} \;
|
|||
|
||||
# Always Sign the modules(s).
|
||||
# If the module signing keys are not defined, define them here.
|
||||
%{!?privkey: %define privkey /usr/src/kernels/%{kversion}/signing_key.priv}
|
||||
%{!?privkey: %define privkey /usr/src/kernels/%{kversion}/signing_key.pem}
|
||||
%{!?pubkey: %define pubkey /usr/src/kernels/%{kversion}/signing_key.x509}
|
||||
for module in $(find %{buildroot} -type f -name \*.ko);
|
||||
do %{__perl} /usr/src/kernels/%{kversion}/scripts/sign-file \
|
||||
do /usr/src/kernels/%{kversion}/scripts/sign-file \
|
||||
sha256 %{privkey} %{pubkey} $module;
|
||||
done
|
||||
|
||||
|
|
|
@ -1,39 +0,0 @@
|
|||
From: Kam Nasim <kam.nasim@windriver.com>
|
||||
Date: Tue, 26 Apr 2017 12:23:03 -0400
|
||||
Subject: [PATCH] ARM64 based ACPI commands should not be compiled
|
||||
|
||||
---
|
||||
tpm_crb.c | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
--- a/tpm_crb.c
|
||||
+++ b/tpm_crb.c
|
||||
@@ -531,7 +531,6 @@ static int crb_acpi_add(struct acpi_devi
|
||||
struct crb_priv *priv;
|
||||
struct tpm_chip *chip;
|
||||
struct device *dev = &device->dev;
|
||||
- struct tpm2_crb_smc *crb_smc;
|
||||
acpi_status status;
|
||||
u32 sm;
|
||||
int rc;
|
||||
@@ -564,6 +563,7 @@ static int crb_acpi_add(struct acpi_devi
|
||||
sm == ACPI_TPM2_COMMAND_BUFFER_WITH_START_METHOD)
|
||||
priv->flags |= CRB_FL_ACPI_START;
|
||||
|
||||
+#ifdef CONFIG_ARM64
|
||||
if (sm == ACPI_TPM2_COMMAND_BUFFER_WITH_SMC) {
|
||||
if (buf->header.length < (sizeof(*buf) + sizeof(*crb_smc))) {
|
||||
dev_err(dev,
|
||||
@@ -572,10 +572,11 @@ static int crb_acpi_add(struct acpi_devi
|
||||
ACPI_TPM2_COMMAND_BUFFER_WITH_SMC);
|
||||
return -EINVAL;
|
||||
}
|
||||
- crb_smc = ACPI_ADD_PTR(struct tpm2_crb_smc, buf, sizeof(*buf));
|
||||
+ struct tpm2_crb_smc *crb_smc = ACPI_ADD_PTR(struct tpm2_crb_smc, buf, sizeof(*buf));
|
||||
priv->smc_func_id = crb_smc->smc_func_id;
|
||||
priv->flags |= CRB_FL_CRB_SMC_START;
|
||||
}
|
||||
+#endif
|
||||
|
||||
rc = crb_map_io(device, priv, buf);
|
||||
if (rc)
|
|
@ -1,200 +0,0 @@
|
|||
From 9f3fc7bcddcb51234e23494531f93ab60475e1c3 Mon Sep 17 00:00:00 2001
|
||||
From: Hamza Attak <hamza@hpe.com>
|
||||
Date: Mon, 14 Aug 2017 19:09:16 +0100
|
||||
Subject: [PATCH] tpm: replace msleep() with usleep_range() in TPM 1.2/2.0
|
||||
generic drivers
|
||||
|
||||
The patch simply replaces all msleep function calls with usleep_range calls
|
||||
in the generic drivers.
|
||||
|
||||
Tested with an Infineon TPM 1.2, using the generic tpm-tis module, for a
|
||||
thousand PCR extends, we see results going from 1m57s unpatched to 40s
|
||||
with the new patch. We obtain similar results when using the original and
|
||||
patched tpm_infineon driver, which is also part of the patch.
|
||||
Similarly with a STM TPM 2.0, using the CRB driver, it takes about 20ms per
|
||||
extend unpatched and around 7ms with the new patch.
|
||||
|
||||
Note that the PCR consistency is untouched with this patch, each TPM has
|
||||
been tested with 10 million extends and the aggregated PCR value is
|
||||
continuously verified to be correct.
|
||||
|
||||
As an extension of this work, this could potentially and easily be applied
|
||||
to other vendor's drivers. Still, these changes are not included in the
|
||||
proposed patch as they are untested.
|
||||
|
||||
Signed-off-by: Hamza Attak <hamza@hpe.com>
|
||||
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
||||
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
||||
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
||||
Signed-off-by: James Morris <james.l.morris@oracle.com>
|
||||
---
|
||||
tpm-interface.c | 10 +++++-----
|
||||
tpm.h | 9 ++++++++-
|
||||
tpm2-cmd.c | 2 +-
|
||||
tpm_infineon.c | 6 +++---
|
||||
tpm_tis_core.c | 8 ++++----
|
||||
5 files changed, 21 insertions(+), 14 deletions(-)
|
||||
|
||||
diff --git a/tpm-interface.c b/tpm-interface.c
|
||||
index fe597e6..1d6729b 100644
|
||||
--- a/tpm-interface.c
|
||||
+++ b/tpm-interface.c
|
||||
@@ -455,7 +455,7 @@ ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space,
|
||||
goto out;
|
||||
}
|
||||
|
||||
- msleep(TPM_TIMEOUT); /* CHECK */
|
||||
+ tpm_msleep(TPM_TIMEOUT);
|
||||
rmb();
|
||||
} while (time_before(jiffies, stop));
|
||||
|
||||
@@ -970,7 +970,7 @@ int tpm_do_selftest(struct tpm_chip *chip)
|
||||
dev_info(
|
||||
&chip->dev, HW_ERR
|
||||
"TPM command timed out during continue self test");
|
||||
- msleep(delay_msec);
|
||||
+ tpm_msleep(delay_msec);
|
||||
continue;
|
||||
}
|
||||
|
||||
@@ -985,7 +985,7 @@ int tpm_do_selftest(struct tpm_chip *chip)
|
||||
}
|
||||
if (rc != TPM_WARN_DOING_SELFTEST)
|
||||
return rc;
|
||||
- msleep(delay_msec);
|
||||
+ tpm_msleep(delay_msec);
|
||||
} while (--loops > 0);
|
||||
|
||||
return rc;
|
||||
@@ -1085,7 +1085,7 @@ int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout,
|
||||
}
|
||||
} else {
|
||||
do {
|
||||
- msleep(TPM_TIMEOUT);
|
||||
+ tpm_msleep(TPM_TIMEOUT);
|
||||
status = chip->ops->status(chip);
|
||||
if ((status & mask) == mask)
|
||||
return 0;
|
||||
@@ -1150,7 +1150,7 @@ int tpm_pm_suspend(struct device *dev)
|
||||
*/
|
||||
if (rc != TPM_WARN_RETRY)
|
||||
break;
|
||||
- msleep(TPM_TIMEOUT_RETRY);
|
||||
+ tpm_msleep(TPM_TIMEOUT_RETRY);
|
||||
}
|
||||
|
||||
if (rc)
|
||||
diff --git a/tpm.h b/tpm.h
|
||||
index 04fbff2..2d5466a 100644
|
||||
--- a/tpm.h
|
||||
+++ b/tpm.h
|
||||
@@ -50,7 +50,8 @@ enum tpm_const {
|
||||
|
||||
enum tpm_timeout {
|
||||
TPM_TIMEOUT = 5, /* msecs */
|
||||
- TPM_TIMEOUT_RETRY = 100 /* msecs */
|
||||
+ TPM_TIMEOUT_RETRY = 100, /* msecs */
|
||||
+ TPM_TIMEOUT_RANGE_US = 300 /* usecs */
|
||||
};
|
||||
|
||||
/* TPM addresses */
|
||||
@@ -527,6 +528,12 @@ ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
|
||||
int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout,
|
||||
wait_queue_head_t *queue, bool check_cancel);
|
||||
|
||||
+static inline void tpm_msleep(unsigned int delay_msec)
|
||||
+{
|
||||
+ usleep_range(delay_msec * 1000,
|
||||
+ (delay_msec * 1000) + TPM_TIMEOUT_RANGE_US);
|
||||
+};
|
||||
+
|
||||
struct tpm_chip *tpm_chip_find_get(int chip_num);
|
||||
__must_check int tpm_try_get_ops(struct tpm_chip *chip);
|
||||
void tpm_put_ops(struct tpm_chip *chip);
|
||||
diff --git a/tpm2-cmd.c b/tpm2-cmd.c
|
||||
index f7f34b2a..e1a41b7 100644
|
||||
--- a/tpm2-cmd.c
|
||||
+++ b/tpm2-cmd.c
|
||||
@@ -899,7 +899,7 @@ static int tpm2_do_selftest(struct tpm_chip *chip)
|
||||
if (rc != TPM2_RC_TESTING)
|
||||
break;
|
||||
|
||||
- msleep(delay_msec);
|
||||
+ tpm_msleep(delay_msec);
|
||||
}
|
||||
|
||||
return rc;
|
||||
diff --git a/tpm_infineon.c b/tpm_infineon.c
|
||||
index 3b1b9f9..d8f1004 100644
|
||||
--- a/tpm_infineon.c
|
||||
+++ b/tpm_infineon.c
|
||||
@@ -191,7 +191,7 @@ static int wait(struct tpm_chip *chip, int wait_for_bit)
|
||||
/* check the status-register if wait_for_bit is set */
|
||||
if (status & 1 << wait_for_bit)
|
||||
break;
|
||||
- msleep(TPM_MSLEEP_TIME);
|
||||
+ tpm_msleep(TPM_MSLEEP_TIME);
|
||||
}
|
||||
if (i == TPM_MAX_TRIES) { /* timeout occurs */
|
||||
if (wait_for_bit == STAT_XFE)
|
||||
@@ -226,7 +226,7 @@ static void tpm_wtx(struct tpm_chip *chip)
|
||||
wait_and_send(chip, TPM_CTRL_WTX);
|
||||
wait_and_send(chip, 0x00);
|
||||
wait_and_send(chip, 0x00);
|
||||
- msleep(TPM_WTX_MSLEEP_TIME);
|
||||
+ tpm_msleep(TPM_WTX_MSLEEP_TIME);
|
||||
}
|
||||
|
||||
static void tpm_wtx_abort(struct tpm_chip *chip)
|
||||
@@ -237,7 +237,7 @@ static void tpm_wtx_abort(struct tpm_chip *chip)
|
||||
wait_and_send(chip, 0x00);
|
||||
wait_and_send(chip, 0x00);
|
||||
number_of_wtx = 0;
|
||||
- msleep(TPM_WTX_MSLEEP_TIME);
|
||||
+ tpm_msleep(TPM_WTX_MSLEEP_TIME);
|
||||
}
|
||||
|
||||
static int tpm_inf_recv(struct tpm_chip *chip, u8 * buf, size_t count)
|
||||
diff --git a/tpm_tis_core.c b/tpm_tis_core.c
|
||||
index b617b2e..63bc6c3 100644
|
||||
--- a/tpm_tis_core.c
|
||||
+++ b/tpm_tis_core.c
|
||||
@@ -51,7 +51,7 @@ static int wait_startup(struct tpm_chip *chip, int l)
|
||||
|
||||
if (access & TPM_ACCESS_VALID)
|
||||
return 0;
|
||||
- msleep(TPM_TIMEOUT);
|
||||
+ tpm_msleep(TPM_TIMEOUT);
|
||||
} while (time_before(jiffies, stop));
|
||||
return -1;
|
||||
}
|
||||
@@ -117,7 +117,7 @@ static int request_locality(struct tpm_chip *chip, int l)
|
||||
do {
|
||||
if (check_locality(chip, l))
|
||||
return l;
|
||||
- msleep(TPM_TIMEOUT);
|
||||
+ tpm_msleep(TPM_TIMEOUT);
|
||||
} while (time_before(jiffies, stop));
|
||||
}
|
||||
return -1;
|
||||
@@ -164,7 +164,7 @@ static int get_burstcount(struct tpm_chip *chip)
|
||||
burstcnt = (value >> 8) & 0xFFFF;
|
||||
if (burstcnt)
|
||||
return burstcnt;
|
||||
- msleep(TPM_TIMEOUT);
|
||||
+ tpm_msleep(TPM_TIMEOUT);
|
||||
} while (time_before(jiffies, stop));
|
||||
return -EBUSY;
|
||||
}
|
||||
@@ -396,7 +396,7 @@ static int tpm_tis_send(struct tpm_chip *chip, u8 *buf, size_t len)
|
||||
priv->irq = irq;
|
||||
chip->flags |= TPM_CHIP_FLAG_IRQ;
|
||||
if (!priv->irq_tested)
|
||||
- msleep(1);
|
||||
+ tpm_msleep(1);
|
||||
if (!priv->irq_tested)
|
||||
disable_interrupts(chip);
|
||||
priv->irq_tested = true;
|
||||
--
|
||||
1.8.3.1
|
||||
|
|
@ -1,59 +0,0 @@
|
|||
From 19b460f3fe98b0513bf5a52f63e19bc120bd8093 Mon Sep 17 00:00:00 2001
|
||||
From: Nayna Jain <nayna@linux.vnet.ibm.com>
|
||||
Date: Fri, 10 Nov 2017 16:33:06 -0500
|
||||
Subject: [PATCH] =?UTF-8?q?tpm:=20reduce=C2=A0tpm=C2=A0polling=C2=A0delay?=
|
||||
=?UTF-8?q?=C2=A0in=C2=A0tpm=5Ftis=5Fcore?=
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
The existing wait_for_tpm_stat() polls for the chip status after
|
||||
5msec sleep. As per TCG ddwg input, it is expected that tpm might
|
||||
return status in few usec. So, reducing the delay in polling to
|
||||
1msec.
|
||||
Similarly, get_burstcount() function sleeps for 5msec before
|
||||
retrying for next query to burstcount in a loop. If it takes
|
||||
lesser time for TPM to return, this 5msec delay is longer than
|
||||
necessary.
|
||||
|
||||
After this change, performance on a TPM 1.2 with an 8 byte
|
||||
burstcount for 1000 extends improved from ~14sec to ~9sec.
|
||||
|
||||
Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com>
|
||||
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
||||
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
||||
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
||||
---
|
||||
tpm-interface.c | 2 +-
|
||||
tpm_tis_core.c | 2 +-
|
||||
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/tpm-interface.c b/tpm-interface.c
|
||||
index 66d671b..9971422 100644
|
||||
--- a/tpm-interface.c
|
||||
+++ b/tpm-interface.c
|
||||
@@ -1050,7 +1050,7 @@ again:
|
||||
}
|
||||
} else {
|
||||
do {
|
||||
- tpm_msleep(TPM_TIMEOUT);
|
||||
+ tpm_msleep(1);
|
||||
status = chip->ops->status(chip);
|
||||
if ((status & mask) == mask)
|
||||
return 0;
|
||||
diff --git a/tpm_tis_core.c b/tpm_tis_core.c
|
||||
index 63bc6c3..d87255f 100644
|
||||
--- a/tpm_tis_core.c
|
||||
+++ b/tpm_tis_core.c
|
||||
@@ -164,7 +164,7 @@ static int get_burstcount(struct tpm_chip *chip)
|
||||
burstcnt = (value >> 8) & 0xFFFF;
|
||||
if (burstcnt)
|
||||
return burstcnt;
|
||||
- tpm_msleep(TPM_TIMEOUT);
|
||||
+ tpm_msleep(1);
|
||||
} while (time_before(jiffies, stop));
|
||||
return -EBUSY;
|
||||
}
|
||||
--
|
||||
1.8.3.1
|
||||
|
|
@ -1,37 +0,0 @@
|
|||
From 86d94390d9b97639fecb3e032120b93004a3036d Mon Sep 17 00:00:00 2001
|
||||
From: Nayna Jain <nayna@linux.vnet.ibm.com>
|
||||
Date: Fri, 10 Nov 2017 16:42:19 -0500
|
||||
Subject: [PATCH] tpm: use tpm_msleep() value as max delay
|
||||
|
||||
Currently, tpm_msleep() uses delay_msec as the minimum value in
|
||||
usleep_range. However, that is the maximum time we want to wait.
|
||||
The function is modified to use the delay_msec as the maximum
|
||||
value, not the minimum value.
|
||||
|
||||
After this change, performance on a TPM 1.2 with an 8 byte
|
||||
burstcount for 1000 extends improved from ~9sec to ~8sec.
|
||||
|
||||
Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com>
|
||||
Acked-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
|
||||
---
|
||||
tpm.h | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/tpm.h b/tpm.h
|
||||
index d9c3659..6f3297e 100644
|
||||
--- a/tpm.h
|
||||
+++ b/tpm.h
|
||||
@@ -550,8 +550,8 @@ int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout,
|
||||
|
||||
static inline void tpm_msleep(unsigned int delay_msec)
|
||||
{
|
||||
- usleep_range(delay_msec * 1000,
|
||||
- (delay_msec * 1000) + TPM_TIMEOUT_RANGE_US);
|
||||
+ usleep_range((delay_msec * 1000) - TPM_TIMEOUT_RANGE_US,
|
||||
+ delay_msec * 1000);
|
||||
};
|
||||
|
||||
struct tpm_chip *tpm_chip_find_get(int chip_num);
|
||||
--
|
||||
1.8.3.1
|
||||
|
|
@ -1,123 +0,0 @@
|
|||
From 2e23fe68b72638a1185f6243528f05f7dc665a3a Mon Sep 17 00:00:00 2001
|
||||
From: Nayna Jain <nayna@linux.vnet.ibm.com>
|
||||
Date: Tue, 14 Nov 2017 11:01:56 -0500
|
||||
Subject: [PATCH] tpm: define __wait_for_tpm_stat to specify variable polling
|
||||
sleep time
|
||||
|
||||
The existing wait_for_tpm_stat() checks the chip status before
|
||||
sleeping for 5 msec in a polling loop. For some functions although
|
||||
the status isn't ready immediately, the status returns extremely
|
||||
quickly. Waiting for 5 msec causes an unnecessary delay. An
|
||||
example is the send() call in the tpms_tis driver.
|
||||
|
||||
This patch defines __wait_for_tpm_stat(), allowing the caller
|
||||
to specify the polling sleep timeout value within the loop.
|
||||
The existing wait_for_tpm_stat() becomes a wrapper for this
|
||||
function.
|
||||
|
||||
After this change, performance on a TPM 1.2 with an 8 byte
|
||||
burstcount for 1000 extends improved from ~14sec to ~10sec.
|
||||
|
||||
Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com>
|
||||
Acked-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
|
||||
---
|
||||
tpm-interface.c | 15 ++++++++++++---
|
||||
tpm.h | 3 +++
|
||||
tpm_tis_core.c | 13 +++++++------
|
||||
3 files changed, 22 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/tpm-interface.c b/tpm-interface.c
|
||||
index 9971422..69041ec 100644
|
||||
--- a/tpm-interface.c
|
||||
+++ b/tpm-interface.c
|
||||
@@ -1015,8 +1015,9 @@ static bool wait_for_tpm_stat_cond(struct tpm_chip *chip, u8 mask,
|
||||
return false;
|
||||
}
|
||||
|
||||
-int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout,
|
||||
- wait_queue_head_t *queue, bool check_cancel)
|
||||
+int __wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout,
|
||||
+ unsigned int poll_sleep, wait_queue_head_t *queue,
|
||||
+ bool check_cancel)
|
||||
{
|
||||
unsigned long stop;
|
||||
long rc;
|
||||
@@ -1050,7 +1051,7 @@ again:
|
||||
}
|
||||
} else {
|
||||
do {
|
||||
- tpm_msleep(1);
|
||||
+ tpm_msleep(poll_sleep);
|
||||
status = chip->ops->status(chip);
|
||||
if ((status & mask) == mask)
|
||||
return 0;
|
||||
@@ -1058,6 +1059,14 @@ again:
|
||||
}
|
||||
return -ETIME;
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(__wait_for_tpm_stat);
|
||||
+
|
||||
+int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout,
|
||||
+ wait_queue_head_t *queue, bool check_cancel)
|
||||
+{
|
||||
+ return __wait_for_tpm_stat(chip, mask, timeout, TPM_TIMEOUT,
|
||||
+ queue, check_cancel);
|
||||
+}
|
||||
EXPORT_SYMBOL_GPL(wait_for_tpm_stat);
|
||||
|
||||
#define TPM_ORD_SAVESTATE cpu_to_be32(152)
|
||||
diff --git a/tpm.h b/tpm.h
|
||||
index 6f3297e..e2c9f06 100644
|
||||
--- a/tpm.h
|
||||
+++ b/tpm.h
|
||||
@@ -545,6 +545,9 @@ int tpm_do_selftest(struct tpm_chip *chip);
|
||||
unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
|
||||
int tpm_pm_suspend(struct device *dev);
|
||||
int tpm_pm_resume(struct device *dev);
|
||||
+int __wait_for_tpm_stat(struct tpm_chip *chip, u8 mask,
|
||||
+ unsigned long timeout, unsigned int poll_sleep,
|
||||
+ wait_queue_head_t *queue, bool check_cancel);
|
||||
int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout,
|
||||
wait_queue_head_t *queue, bool check_cancel);
|
||||
|
||||
diff --git a/tpm_tis_core.c b/tpm_tis_core.c
|
||||
index d87255f..330b1a7 100644
|
||||
--- a/tpm_tis_core.c
|
||||
+++ b/tpm_tis_core.c
|
||||
@@ -262,9 +262,9 @@ static int tpm_tis_send_data(struct tpm_chip *chip, u8 *buf, size_t len)
|
||||
status = tpm_tis_status(chip);
|
||||
if ((status & TPM_STS_COMMAND_READY) == 0) {
|
||||
tpm_tis_ready(chip);
|
||||
- if (wait_for_tpm_stat
|
||||
- (chip, TPM_STS_COMMAND_READY, chip->timeout_b,
|
||||
- &priv->int_queue, false) < 0) {
|
||||
+ if (__wait_for_tpm_stat
|
||||
+ (chip, TPM_STS_COMMAND_READY, chip->timeout_b, 1,
|
||||
+ &priv->int_queue, false) < 0) {
|
||||
rc = -ETIME;
|
||||
goto out_err;
|
||||
}
|
||||
@@ -285,7 +285,8 @@ static int tpm_tis_send_data(struct tpm_chip *chip, u8 *buf, size_t len)
|
||||
|
||||
count += burstcnt;
|
||||
|
||||
- if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
|
||||
+ if (__wait_for_tpm_stat(chip, TPM_STS_VALID,
|
||||
+ chip->timeout_c, 1,
|
||||
&priv->int_queue, false) < 0) {
|
||||
rc = -ETIME;
|
||||
goto out_err;
|
||||
@@ -302,8 +303,8 @@ static int tpm_tis_send_data(struct tpm_chip *chip, u8 *buf, size_t len)
|
||||
if (rc < 0)
|
||||
goto out_err;
|
||||
|
||||
- if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
|
||||
- &priv->int_queue, false) < 0) {
|
||||
+ if (__wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
|
||||
+ 1, &priv->int_queue, false) < 0) {
|
||||
rc = -ETIME;
|
||||
goto out_err;
|
||||
}
|
||||
--
|
||||
1.8.3.1
|
||||
|
|
@ -1,7 +1,8 @@
|
|||
From e82060f0cf390ba8e4f79a54e68cef9a38088104 Mon Sep 17 00:00:00 2001
|
||||
From 4f19722fd1dfbd1f692f4158bcee0c47ba4b1869 Mon Sep 17 00:00:00 2001
|
||||
From: Nayna Jain <nayna@linux.vnet.ibm.com>
|
||||
Date: Fri, 10 Nov 2017 17:16:35 -0500
|
||||
Subject: [PATCH] tpm: ignore burstcount to improve tpm_tis send() performance
|
||||
Subject: [PATCH 3/3] tpm: ignore burstcount to improve tpm_tis send()
|
||||
performance
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
@ -25,14 +26,14 @@ Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
|||
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
||||
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
||||
---
|
||||
tpm_tis_core.c | 42 +++++++++++++++---------------------------
|
||||
1 file changed, 15 insertions(+), 27 deletions(-)
|
||||
tpm_tis_core.c | 43 +++++++++++++++----------------------------
|
||||
1 file changed, 15 insertions(+), 28 deletions(-)
|
||||
|
||||
diff --git a/tpm_tis_core.c b/tpm_tis_core.c
|
||||
index a338701..a6b4149 100644
|
||||
index b9f6468..54a6490 100644
|
||||
--- a/tpm_tis_core.c
|
||||
+++ b/tpm_tis_core.c
|
||||
@@ -256,7 +256,6 @@ static int tpm_tis_send_data(struct tpm_chip *chip, u8 *buf, size_t len)
|
||||
@@ -367,7 +367,6 @@ static int tpm_tis_send_data(struct tpm_chip *chip, const u8 *buf, size_t len)
|
||||
{
|
||||
struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
|
||||
int rc, status, burstcnt;
|
||||
|
@ -40,10 +41,11 @@ index a338701..a6b4149 100644
|
|||
bool itpm = priv->flags & TPM_TIS_ITPM_WORKAROUND;
|
||||
|
||||
status = tpm_tis_status(chip);
|
||||
@@ -270,36 +269,25 @@ static int tpm_tis_send_data(struct tpm_chip *chip, u8 *buf, size_t len)
|
||||
@@ -380,36 +379,24 @@ static int tpm_tis_send_data(struct tpm_chip *chip, const u8 *buf, size_t len)
|
||||
goto out_err;
|
||||
}
|
||||
}
|
||||
|
||||
-
|
||||
- while (count < len - 1) {
|
||||
- burstcnt = get_burstcount(chip);
|
||||
- if (burstcnt < 0) {
|
||||
|
@ -56,11 +58,10 @@ index a338701..a6b4149 100644
|
|||
- burstcnt, buf + count);
|
||||
- if (rc < 0)
|
||||
- goto out_err;
|
||||
|
||||
-
|
||||
- count += burstcnt;
|
||||
-
|
||||
- if (__wait_for_tpm_stat(chip, TPM_STS_VALID,
|
||||
- chip->timeout_c, 1,
|
||||
- if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
|
||||
- &priv->int_queue, false) < 0) {
|
||||
- rc = -ETIME;
|
||||
- goto out_err;
|
||||
|
@ -93,5 +94,5 @@ index a338701..a6b4149 100644
|
|||
goto out_err;
|
||||
|
||||
--
|
||||
1.8.3.1
|
||||
2.7.4
|
||||
|
||||
|
|
|
@ -1,327 +0,0 @@
|
|||
From 5b60e1a889246a5a0d131e74ceaf240fc0637c9f Mon Sep 17 00:00:00 2001
|
||||
From: Shuicheng Lin <shuicheng.lin@intel.com>
|
||||
Date: Sat, 29 Dec 2018 02:51:39 +0800
|
||||
Subject: [PATCH] pick upstream patch to fix build failure with CentOS 7.6
|
||||
3.10.0-957.1.3 kernel
|
||||
|
||||
[commit aad887f6641145fec2a801da2ce4ed36cf99c6a5 from Upstream linux-tpmdd repo]
|
||||
|
||||
"
|
||||
From aad887f6641145fec2a801da2ce4ed36cf99c6a5 Mon Sep 17 00:00:00 2001
|
||||
From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
||||
Date: Sun, 5 Nov 2017 13:16:26 +0200
|
||||
Subject: [PATCH] tpm: use struct tpm_chip for tpm_chip_find_get()
|
||||
|
||||
Device number (the character device index) is not a stable identifier
|
||||
for a TPM chip. That is the reason why every call site passes
|
||||
TPM_ANY_NUM to tpm_chip_find_get().
|
||||
|
||||
This commit changes the API in a way that instead a struct tpm_chip
|
||||
instance is given and NULL means the default chip. In addition, this
|
||||
commit refines the documentation to be up to date with the
|
||||
implementation.
|
||||
|
||||
Suggested-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> (@chip_num -> @chip part)
|
||||
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
||||
Reviewed-by: Jason Gunthorpe <jgg@ziepe.ca>
|
||||
Tested-by: PrasannaKumar Muralidharan <prasannatsmkumar@gmail.com>
|
||||
"
|
||||
|
||||
Signed-off-by: Shuicheng Lin <shuicheng.lin@intel.com>
|
||||
---
|
||||
tpm-chip.c | 15 +++----
|
||||
tpm-interface.c | 133 +++++++++++++++++++++++++++++---------------------------
|
||||
tpm.h | 2 +-
|
||||
3 files changed, 76 insertions(+), 74 deletions(-)
|
||||
|
||||
diff --git a/tpm-chip.c b/tpm-chip.c
|
||||
index a321bd5..84710e0 100644
|
||||
--- a/tpm-chip.c
|
||||
+++ b/tpm-chip.c
|
||||
@@ -80,21 +80,21 @@ void tpm_put_ops(struct tpm_chip *chip)
|
||||
EXPORT_SYMBOL_GPL(tpm_put_ops);
|
||||
|
||||
/**
|
||||
- * tpm_chip_find_get() - return tpm_chip for a given chip number
|
||||
- * @chip_num: id to find
|
||||
+ * tpm_chip_find_get() - find and reserve a TPM chip
|
||||
+ * @chip: a &struct tpm_chip instance, %NULL for the default chip
|
||||
*
|
||||
* The return'd chip has been tpm_try_get_ops'd and must be released via
|
||||
* tpm_put_ops
|
||||
*/
|
||||
-struct tpm_chip *tpm_chip_find_get(int chip_num)
|
||||
+struct tpm_chip *tpm_chip_find_get(struct tpm_chip *chip)
|
||||
{
|
||||
- struct tpm_chip *chip, *res = NULL;
|
||||
+ struct tpm_chip *res = NULL;
|
||||
+ int chip_num = 0;
|
||||
int chip_prev;
|
||||
|
||||
mutex_lock(&idr_lock);
|
||||
|
||||
- if (chip_num == TPM_ANY_NUM) {
|
||||
- chip_num = 0;
|
||||
+ if (!chip) {
|
||||
do {
|
||||
chip_prev = chip_num;
|
||||
chip = idr_get_next(&dev_nums_idr, &chip_num);
|
||||
@@ -104,8 +104,7 @@ struct tpm_chip *tpm_chip_find_get(int chip_num)
|
||||
}
|
||||
} while (chip_prev != chip_num);
|
||||
} else {
|
||||
- chip = idr_find(&dev_nums_idr, chip_num);
|
||||
- if (chip && !tpm_try_get_ops(chip))
|
||||
+ if (!tpm_try_get_ops(chip))
|
||||
res = chip;
|
||||
}
|
||||
|
||||
diff --git a/tpm-interface.c b/tpm-interface.c
|
||||
index 69041ec..036c6b6 100644
|
||||
--- a/tpm-interface.c
|
||||
+++ b/tpm-interface.c
|
||||
@@ -787,19 +787,18 @@ int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
|
||||
}
|
||||
|
||||
/**
|
||||
- * tpm_is_tpm2 - is the chip a TPM2 chip?
|
||||
- * @chip_num: tpm idx # or ANY
|
||||
+ * tpm_is_tpm2 - do we a have a TPM2 chip?
|
||||
+ * @chip: a &struct tpm_chip instance, %NULL for the default chip
|
||||
*
|
||||
* Returns < 0 on error, and 1 or 0 on success depending whether the chip
|
||||
* is a TPM2 chip.
|
||||
*/
|
||||
-int tpm_is_tpm2(u32 chip_num)
|
||||
+int tpm_is_tpm2(struct tpm_chip *chip)
|
||||
{
|
||||
- struct tpm_chip *chip;
|
||||
int rc;
|
||||
|
||||
- chip = tpm_chip_find_get(chip_num);
|
||||
- if (chip == NULL)
|
||||
+ chip = tpm_chip_find_get(chip);
|
||||
+ if (!chip)
|
||||
return -ENODEV;
|
||||
|
||||
rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0;
|
||||
@@ -811,23 +810,18 @@ int tpm_is_tpm2(u32 chip_num)
|
||||
EXPORT_SYMBOL_GPL(tpm_is_tpm2);
|
||||
|
||||
/**
|
||||
- * tpm_pcr_read - read a pcr value
|
||||
- * @chip_num: tpm idx # or ANY
|
||||
- * @pcr_idx: pcr idx to retrieve
|
||||
- * @res_buf: TPM_PCR value
|
||||
- * size of res_buf is 20 bytes (or NULL if you don't care)
|
||||
- *
|
||||
- * The TPM driver should be built-in, but for whatever reason it
|
||||
- * isn't, protect against the chip disappearing, by incrementing
|
||||
- * the module usage count.
|
||||
+ * tpm_pcr_read - read a PCR value from SHA1 bank
|
||||
+ * @chip: a &struct tpm_chip instance, %NULL for the default chip
|
||||
+ * @pcr_idx: the PCR to be retrieved
|
||||
+ * @res_buf: the value of the PCR
|
||||
+ * Return: same as with tpm_transmit_cmd()
|
||||
*/
|
||||
-int tpm_pcr_read(u32 chip_num, int pcr_idx, u8 *res_buf)
|
||||
+int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
|
||||
{
|
||||
- struct tpm_chip *chip;
|
||||
int rc;
|
||||
|
||||
- chip = tpm_chip_find_get(chip_num);
|
||||
- if (chip == NULL)
|
||||
+ chip = tpm_chip_find_get(chip);
|
||||
+ if (!chip)
|
||||
return -ENODEV;
|
||||
if (chip->flags & TPM_CHIP_FLAG_TPM2)
|
||||
rc = tpm2_pcr_read(chip, pcr_idx, res_buf);
|
||||
@@ -848,26 +842,27 @@ static const struct tpm_input_header pcrextend_header = {
|
||||
};
|
||||
|
||||
/**
|
||||
- * tpm_pcr_extend - extend pcr value with hash
|
||||
- * @chip_num: tpm idx # or AN&
|
||||
- * @pcr_idx: pcr idx to extend
|
||||
- * @hash: hash value used to extend pcr value
|
||||
+ * tpm_pcr_extend - extend a PCR value in SHA1 bank.
|
||||
+ * @chip: a &struct tpm_chip instance, %NULL for the default chip
|
||||
+ * @pcr_idx: the PCR to be retrieved
|
||||
+ * @hash: the hash value used to extend the PCR value
|
||||
*
|
||||
- * The TPM driver should be built-in, but for whatever reason it
|
||||
- * isn't, protect against the chip disappearing, by incrementing
|
||||
- * the module usage count.
|
||||
+ * Note: with TPM 2.0 extends also those banks with a known digest size to the
|
||||
+ * cryto subsystem in order to prevent malicious use of those PCR banks. In the
|
||||
+ * future we should dynamically determine digest sizes.
|
||||
+ *
|
||||
+ * Return: same as with tpm_transmit_cmd()
|
||||
*/
|
||||
-int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
|
||||
+int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
|
||||
{
|
||||
struct tpm_cmd_t cmd;
|
||||
int rc;
|
||||
- struct tpm_chip *chip;
|
||||
struct tpm2_digest digest_list[ARRAY_SIZE(chip->active_banks)];
|
||||
u32 count = 0;
|
||||
int i;
|
||||
|
||||
- chip = tpm_chip_find_get(chip_num);
|
||||
- if (chip == NULL)
|
||||
+ chip = tpm_chip_find_get(chip);
|
||||
+ if (!chip)
|
||||
return -ENODEV;
|
||||
|
||||
if (chip->flags & TPM_CHIP_FLAG_TPM2) {
|
||||
@@ -984,17 +979,24 @@ out:
|
||||
return rc;
|
||||
}
|
||||
|
||||
-int tpm_send(u32 chip_num, void *cmd, size_t buflen)
|
||||
+/**
|
||||
+ * tpm_send - send a TPM command
|
||||
+ * @chip: a &struct tpm_chip instance, %NULL for the default chip
|
||||
+ * @cmd: a TPM command buffer
|
||||
+ * @buflen: the length of the TPM command buffer
|
||||
+ *
|
||||
+ * Return: same as with tpm_transmit_cmd()
|
||||
+ */
|
||||
+int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen)
|
||||
{
|
||||
- struct tpm_chip *chip;
|
||||
int rc;
|
||||
|
||||
- chip = tpm_chip_find_get(chip_num);
|
||||
- if (chip == NULL)
|
||||
+ chip = tpm_chip_find_get(chip);
|
||||
+ if (!chip)
|
||||
return -ENODEV;
|
||||
|
||||
rc = tpm_transmit_cmd(chip, NULL, cmd, buflen, 0, 0,
|
||||
- "attempting tpm_cmd");
|
||||
+ "attempting to a send a command");
|
||||
tpm_put_ops(chip);
|
||||
return rc;
|
||||
}
|
||||
@@ -1164,16 +1166,15 @@ static const struct tpm_input_header tpm_getrandom_header = {
|
||||
};
|
||||
|
||||
/**
|
||||
- * tpm_get_random() - Get random bytes from the tpm's RNG
|
||||
- * @chip_num: A specific chip number for the request or TPM_ANY_NUM
|
||||
- * @out: destination buffer for the random bytes
|
||||
- * @max: the max number of bytes to write to @out
|
||||
+ * tpm_get_random() - get random bytes from the TPM's RNG
|
||||
+ * @chip: a &struct tpm_chip instance, %NULL for the default chip
|
||||
+ * @out: destination buffer for the random bytes
|
||||
+ * @max: the max number of bytes to write to @out
|
||||
*
|
||||
- * Returns < 0 on error and the number of bytes read on success
|
||||
+ * Return: same as with tpm_transmit_cmd()
|
||||
*/
|
||||
-int tpm_get_random(u32 chip_num, u8 *out, size_t max)
|
||||
+int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max)
|
||||
{
|
||||
- struct tpm_chip *chip;
|
||||
struct tpm_cmd_t tpm_cmd;
|
||||
u32 recd, num_bytes = min_t(u32, max, TPM_MAX_RNG_DATA), rlength;
|
||||
int err, total = 0, retries = 5;
|
||||
@@ -1182,8 +1183,8 @@ int tpm_get_random(u32 chip_num, u8 *out, size_t max)
|
||||
if (!out || !num_bytes || max > TPM_MAX_RNG_DATA)
|
||||
return -EINVAL;
|
||||
|
||||
- chip = tpm_chip_find_get(chip_num);
|
||||
- if (chip == NULL)
|
||||
+ chip = tpm_chip_find_get(chip);
|
||||
+ if (!chip)
|
||||
return -ENODEV;
|
||||
|
||||
if (chip->flags & TPM_CHIP_FLAG_TPM2) {
|
||||
@@ -1225,22 +1226,23 @@ int tpm_get_random(u32 chip_num, u8 *out, size_t max)
|
||||
EXPORT_SYMBOL_GPL(tpm_get_random);
|
||||
|
||||
/**
|
||||
- * tpm_seal_trusted() - seal a trusted key
|
||||
- * @chip_num: A specific chip number for the request or TPM_ANY_NUM
|
||||
- * @options: authentication values and other options
|
||||
- * @payload: the key data in clear and encrypted form
|
||||
+ * tpm_seal_trusted() - seal a trusted key payload
|
||||
+ * @chip: a &struct tpm_chip instance, %NULL for the default chip
|
||||
+ * @options: authentication values and other options
|
||||
+ * @payload: the key data in clear and encrypted form
|
||||
+ *
|
||||
+ * Note: only TPM 2.0 chip are supported. TPM 1.x implementation is located in
|
||||
+ * the keyring subsystem.
|
||||
*
|
||||
- * Returns < 0 on error and 0 on success. At the moment, only TPM 2.0 chips
|
||||
- * are supported.
|
||||
+ * Return: same as with tpm_transmit_cmd()
|
||||
*/
|
||||
-int tpm_seal_trusted(u32 chip_num, struct trusted_key_payload *payload,
|
||||
+int tpm_seal_trusted(struct tpm_chip *chip, struct trusted_key_payload *payload,
|
||||
struct trusted_key_options *options)
|
||||
{
|
||||
- struct tpm_chip *chip;
|
||||
int rc;
|
||||
|
||||
- chip = tpm_chip_find_get(chip_num);
|
||||
- if (chip == NULL || !(chip->flags & TPM_CHIP_FLAG_TPM2))
|
||||
+ chip = tpm_chip_find_get(chip);
|
||||
+ if (!chip || !(chip->flags & TPM_CHIP_FLAG_TPM2))
|
||||
return -ENODEV;
|
||||
|
||||
rc = tpm2_seal_trusted(chip, payload, options);
|
||||
@@ -1251,22 +1253,23 @@ int tpm_seal_trusted(u32 chip_num, struct trusted_key_payload *payload,
|
||||
EXPORT_SYMBOL_GPL(tpm_seal_trusted);
|
||||
|
||||
/**
|
||||
- * tpm_unseal_trusted() - unseal a trusted key
|
||||
- * @chip_num: A specific chip number for the request or TPM_ANY_NUM
|
||||
- * @options: authentication values and other options
|
||||
- * @payload: the key data in clear and encrypted form
|
||||
+ * @chip: a &struct tpm_chip instance, %NULL for the default chip
|
||||
+ * @options: authentication values and other options
|
||||
+ * @payload: the key data in clear and encrypted form
|
||||
+ *
|
||||
+ * Note: only TPM 2.0 chip are supported. TPM 1.x implementation is located in
|
||||
+ * the keyring subsystem.
|
||||
*
|
||||
- * Returns < 0 on error and 0 on success. At the moment, only TPM 2.0 chips
|
||||
- * are supported.
|
||||
+ * Return: same as with tpm_transmit_cmd()
|
||||
*/
|
||||
-int tpm_unseal_trusted(u32 chip_num, struct trusted_key_payload *payload,
|
||||
- struct trusted_key_options *options)
|
||||
+int tpm_unseal_trusted(struct tpm_chip *chip,
|
||||
+ struct trusted_key_payload *payload,
|
||||
+ struct trusted_key_options *options)
|
||||
{
|
||||
- struct tpm_chip *chip;
|
||||
int rc;
|
||||
|
||||
- chip = tpm_chip_find_get(chip_num);
|
||||
- if (chip == NULL || !(chip->flags & TPM_CHIP_FLAG_TPM2))
|
||||
+ chip = tpm_chip_find_get(chip);
|
||||
+ if (!chip || !(chip->flags & TPM_CHIP_FLAG_TPM2))
|
||||
return -ENODEV;
|
||||
|
||||
rc = tpm2_unseal_trusted(chip, payload, options);
|
||||
diff --git a/tpm.h b/tpm.h
|
||||
index e2c9f06..6d847a2 100644
|
||||
--- a/tpm.h
|
||||
+++ b/tpm.h
|
||||
@@ -557,7 +557,7 @@ static inline void tpm_msleep(unsigned int delay_msec)
|
||||
delay_msec * 1000);
|
||||
};
|
||||
|
||||
-struct tpm_chip *tpm_chip_find_get(int chip_num);
|
||||
+struct tpm_chip *tpm_chip_find_get(struct tpm_chip *chip);
|
||||
__must_check int tpm_try_get_ops(struct tpm_chip *chip);
|
||||
void tpm_put_ops(struct tpm_chip *chip);
|
||||
|
||||
--
|
||||
2.7.4
|
||||
|
|
@ -1,7 +0,0 @@
|
|||
0001-disable-arm64-acpi-command.patch
|
||||
0002-tpmdd-kcompat-support.patch
|
||||
UPSTREAM-0001-tpm-replace-msleep-with-usleep_range.patch
|
||||
UPSTREAM-0002-tpm-reduce-tpm-polling-delay-in-tpm_tis_core.patch
|
||||
UPSTREAM-0003-tpm-use-tpm_msleep-value-as-max-delay.patch
|
||||
UPSTREAM-0004-tpm-wait-for-stat-to-specify-variable-polling-time.patch
|
||||
UPSTREAM-0005-tpm-ignore-burstcount-to-improve-send-performance.patch
|
|
@ -1,35 +1,33 @@
|
|||
From 70386017de51483cfc9c0fc3e809d6f9867c4c5f Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <70386017de51483cfc9c0fc3e809d6f9867c4c5f.1507751678.git.Jim.Somerville@windriver.com>
|
||||
From d2d215014b01dc5c2bce75a2e9e21a3ffefbaa85 Mon Sep 17 00:00:00 2001
|
||||
From: Kam Nasim <kam.nasim@windriver.com>
|
||||
Date: Wed, 26 Apr 2017 12:23:03 -0400
|
||||
Subject: [PATCH 1/1] compat changes for building tpmdd out-of-tree
|
||||
Subject: [PATCH 2/3] compat changes for building tpmdd out-of-tree
|
||||
|
||||
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
|
||||
Signed-off-by: Shuicheng Lin <shuicheng.lin@intel.com>
|
||||
---
|
||||
Makefile | 110 ++++++++++++++++++++-
|
||||
common.mk | 332 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
||||
kcompat.h | 39 ++++++++
|
||||
tpm.h | 3 +
|
||||
4 files changed, 482 insertions(+), 2 deletions(-)
|
||||
2 files changed, 440 insertions(+), 2 deletions(-)
|
||||
create mode 100644 common.mk
|
||||
create mode 100644 kcompat.h
|
||||
|
||||
diff --git a/Makefile b/Makefile
|
||||
index 23681f0..f3250cc 100644
|
||||
index a01c4ca..f2736cf 100644
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -1,6 +1,9 @@
|
||||
-#
|
||||
@@ -1,7 +1,10 @@
|
||||
# SPDX-License-Identifier: GPL-2.0
|
||||
#
|
||||
+
|
||||
+ifneq ($(KERNELRELEASE),)
|
||||
+# kbuild part of makefile
|
||||
# Makefile for the kernel tpm device drivers.
|
||||
#
|
||||
-#
|
||||
+
|
||||
obj-$(CONFIG_TCG_TPM) += tpm.o
|
||||
tpm-y := tpm-interface.o tpm-dev.o tpm-sysfs.o tpm-chip.o tpm2-cmd.o \
|
||||
tpm-dev-common.o tpmrm-dev.o tpm1_eventlog.o tpm2_eventlog.o \
|
||||
@@ -17,7 +20,110 @@ obj-$(CONFIG_TCG_NSC) += tpm_nsc.o
|
||||
tpm-y := tpm-chip.o
|
||||
tpm-y += tpm-dev-common.o
|
||||
@@ -29,7 +32,110 @@ obj-$(CONFIG_TCG_NSC) += tpm_nsc.o
|
||||
obj-$(CONFIG_TCG_ATMEL) += tpm_atmel.o
|
||||
obj-$(CONFIG_TCG_INFINEON) += tpm_infineon.o
|
||||
obj-$(CONFIG_TCG_IBMVTPM) += tpm_ibmvtpm.o
|
||||
|
@ -37,7 +35,6 @@ index 23681f0..f3250cc 100644
|
|||
obj-$(CONFIG_TCG_XEN) += xen-tpmfront.o
|
||||
obj-$(CONFIG_TCG_CRB) += tpm_crb.o
|
||||
obj-$(CONFIG_TCG_VTPM_PROXY) += tpm_vtpm_proxy.o
|
||||
+
|
||||
+else # ifneq($(KERNELRELEASE),)
|
||||
+# normal makefile
|
||||
+
|
||||
|
@ -141,6 +138,7 @@ index 23681f0..f3250cc 100644
|
|||
+.PHONY: default noisy clean silent sparse ccc install uninstall help
|
||||
+
|
||||
+endif # ifneq($(KERNELRELEASE),)
|
||||
+
|
||||
diff --git a/common.mk b/common.mk
|
||||
new file mode 100644
|
||||
index 0000000..671ca33
|
||||
|
@ -479,65 +477,6 @@ index 0000000..671ca33
|
|||
+ modules \
|
||||
+ M="${CURDIR}" \
|
||||
+ ${2} ${1}
|
||||
diff --git a/kcompat.h b/kcompat.h
|
||||
new file mode 100644
|
||||
index 0000000..cd9578a
|
||||
--- /dev/null
|
||||
+++ b/kcompat.h
|
||||
@@ -0,0 +1,39 @@
|
||||
+/**********************************************************************
|
||||
+ *
|
||||
+ * Copyright (c) 2017 Wind River Systems, Inc.
|
||||
+* SPDX-License-Identifier: Apache-2.0
|
||||
+*
|
||||
+*
|
||||
+*
|
||||
+ **********************************************************************/
|
||||
+
|
||||
+#ifndef _KCOMPAT_H_
|
||||
+#define _KCOMPAT_H_
|
||||
+
|
||||
+#ifndef LINUX_VERSION_CODE
|
||||
+#include <linux/version.h>
|
||||
+#else
|
||||
+#define KERNEL_VERSION(a,b,c) (((a) << 16) + ((b) << 8) + (c))
|
||||
+#endif
|
||||
+#include <linux/moduleparam.h>
|
||||
+#include <linux/pm_runtime.h>
|
||||
+
|
||||
+#if ( LINUX_VERSION_CODE <= KERNEL_VERSION(3,10,0) )
|
||||
+#include <linux/idr.h>
|
||||
+#include <linux/printk.h>
|
||||
+
|
||||
+// would normally be passed in from the Kernel, had
|
||||
+// we set CONFIG_TCG_TPM=y in the KConfig, however
|
||||
+// that has the added disadvantage of building the
|
||||
+// TPM driver in-kernel.
|
||||
+#define CONFIG_TCG_TPM_MODULE 1
|
||||
+
|
||||
+#define acpi_os_map_iomem(x, y) acpi_os_map_memory(x, y)
|
||||
+#define acpi_os_unmap_iomem(x, y) acpi_os_unmap_memory(x, y)
|
||||
+
|
||||
+#define module_pnp_driver(__pnp_driver) \
|
||||
+ module_driver(__pnp_driver, pnp_register_driver, \
|
||||
+ pnp_unregister_driver)
|
||||
+
|
||||
+#endif
|
||||
+#endif
|
||||
diff --git a/tpm.h b/tpm.h
|
||||
index 4b4c8de..b744e2f 100644
|
||||
--- a/tpm.h
|
||||
+++ b/tpm.h
|
||||
@@ -23,6 +23,9 @@
|
||||
#ifndef __TPM_H__
|
||||
#define __TPM_H__
|
||||
|
||||
+// WRS: the kernel compat layer
|
||||
+#include "kcompat.h"
|
||||
+
|
||||
#include <linux/module.h>
|
||||
#include <linux/delay.h>
|
||||
#include <linux/fs.h>
|
||||
--
|
||||
1.8.3.1
|
||||
2.7.4
|
||||
|
Loading…
Reference in New Issue