From nobody Mon Feb 9 17:22:53 2026 Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0F78932AAAD; Mon, 15 Dec 2025 23:40:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.165.32 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1765842049; cv=none; b=t9Qhuy/XwH0AXlFua4PkdauuNdfUlPxgpCsbyPTxvOLf8ZYhpEttcXatmT8Oj1Z66qqt7seKBYlfmNVIgzf34/EhF9BGH7qrjCJF+9jP6FG84KcYobzWroXaXtypcxN/WM7MxVoeePSB8TuaIbGwQqb1zPz1MUOBxd0rzGzgfCQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1765842049; c=relaxed/simple; bh=jfmBYpMWYkoHwaNCrQKBT2QHpAY0zw4tiRMqbaI2UaU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=c/pAsJ1w1iTpkoCXU09kgHdECVBrg0exUENiNunVVRPnyLqAJiobQNNUNOgW+ki0uscSf8SWFn2RNkeN9rNSrsGmL3bROq3/3xPeCZVwKrU3KZ8XAO+OWHhU4/D8NtUhH6JyVAGxK8CPcHVYcAzZmVNA1qQbIn/lr0AlOYH3E3o= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oracle.com; spf=pass smtp.mailfrom=oracle.com; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b=BMJ78n5z; arc=none smtp.client-ip=205.220.165.32 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oracle.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oracle.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b="BMJ78n5z" Received: from pps.filterd (m0246617.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 5BFJC47Z2788343; Mon, 15 Dec 2025 23:40:01 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=corp-2025-04-25; bh=4MNBV CorbWXO+YBXjckGvgM2KSqpYhGTd+C8Sq7+SBE=; b=BMJ78n5zLtu3/rmu65kio zU5xXD0J9GEmUAOgDdWhEQtCaTSRwg2xOYbt1O9RrOgF2ic2jABQm3Uk+wmEvhFP WRq6g1oiWE8lH2/NQawy/JIVusX1dR6l3eub+OLee2fElMipl5cIo1AOhy8dol09 7wiM4u5HCep6qBQI5TesHo+62Kv//8Cz33yez/ZTXWfyENwhoQHxNieKaxMZqwba btxAy7eR3KH2L/Gr5+nlZs8Qs1t3e5mwEeh5787NyzTYGJusvGh73LXX58Ed92GU hbFGpMu8DmmdTXRqSsRwyrLqI1ONV/snA+JZSttMks+M7q6VexJszzRQTYv94Zi2 w== Received: from phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta03.appoci.oracle.com [138.1.37.129]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 4b10prk13a-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 15 Dec 2025 23:40:01 +0000 (GMT) Received: from pps.filterd (phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (8.18.1.2/8.18.1.2) with ESMTP id 5BFMmtDm024951; Mon, 15 Dec 2025 23:40:00 GMT Received: from pps.reinject (localhost [127.0.0.1]) by phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTPS id 4b0xk9j799-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 15 Dec 2025 23:40:00 +0000 Received: from phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 5BFNdxpJ002925; Mon, 15 Dec 2025 23:39:59 GMT Received: from bur-virt-x6-2-100.us.oracle.com (bur-virt-x6-2-100.us.oracle.com [10.153.92.40]) by phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTPS id 4b0xk9j782-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 15 Dec 2025 23:39:59 +0000 From: Ross Philipson To: linux-kernel@vger.kernel.org, x86@kernel.org, linux-integrity@vger.kernel.org, linux-doc@vger.kernel.org, linux-crypto@vger.kernel.org, kexec@lists.infradead.org, linux-efi@vger.kernel.org, iommu@lists.linux.dev Cc: ross.philipson@oracle.com, dpsmith@apertussolutions.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, hpa@zytor.com, dave.hansen@linux.intel.com, ardb@kernel.org, mjg59@srcf.ucam.org, James.Bottomley@hansenpartnership.com, peterhuewe@gmx.de, jarkko@kernel.org, jgg@ziepe.ca, luto@amacapital.net, nivedita@alum.mit.edu, herbert@gondor.apana.org.au, davem@davemloft.net, corbet@lwn.net, ebiederm@xmission.com, dwmw2@infradead.org, baolu.lu@linux.intel.com, kanth.ghatraju@oracle.com, andrew.cooper3@citrix.com, trenchboot-devel@googlegroups.com Subject: [PATCH v15 03/28] tpm: Move TPM2 specific definitions and functions to new headers Date: Mon, 15 Dec 2025 15:32:51 -0800 Message-ID: <20251215233316.1076248-4-ross.philipson@oracle.com> X-Mailer: git-send-email 2.43.7 In-Reply-To: <20251215233316.1076248-1-ross.philipson@oracle.com> References: <20251215233316.1076248-1-ross.philipson@oracle.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.9,FMLib:17.12.100.49 definitions=2025-12-15_05,2025-12-15_03,2025-10-01_01 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 mlxscore=0 spamscore=0 bulkscore=0 suspectscore=0 phishscore=0 mlxlogscore=999 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2510240000 definitions=main-2512150204 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUxMjE1MDIwMyBTYWx0ZWRfX+PlM+tqXADtG AQI4ek0FxkefjLndjCQSuERHKpphrzvmITIDlgG4sz6U141YziwUInXRucacOyea0BKOzReyFJT GER1MVOHISbTKLt6PD2n5uxeKL20TiuIsG8L1mpGj9PUGMS78lryi34v91RI3Kom0CUEoM38Uj7 GKnV67uvE76JfOuwZ0pgBDR0Ht0oYYP6qXNeU19oMFuS/OP+DOIaezvGQgHhZpfSlMDEDSFDTcR bRwtvigujBVtYKZCriLItwMQIct10OsfvzuFMaBoMlWg7qengJjW1VbOM9sbd4K96JWyxjKidp5 mT+SE+gubtrWP5SU3s/i+dpbAwQKW5vTv5FFZUCYiOEFyTIBRZiPMR+TvmDqvkKjvLiL5gSZ83z pMbh6lTcips9XIXHAAGBQEMxA4cacA== X-Proofpoint-GUID: KrjjXbf461KpiJaPyAqkgM8_UO-d-10B X-Proofpoint-ORIG-GUID: KrjjXbf461KpiJaPyAqkgM8_UO-d-10B X-Authority-Analysis: v=2.4 cv=dParWeZb c=1 sm=1 tr=0 ts=69409c51 b=1 cx=c_pps a=WeWmnZmh0fydH62SvGsd2A==:117 a=WeWmnZmh0fydH62SvGsd2A==:17 a=wP3pNCr1ah4A:10 a=VkNPw1HP01LnGYTKEx00:22 a=xt6ew7UTAAAA:8 a=UN5060LkAAAA:8 a=yPCof4ZbAAAA:8 a=VnNF1IyMAAAA:8 a=FP58Ms26AAAA:8 a=So63hNd7ljDNTd1jjCkA:9 a=tn93DeGZTgJ6DdWMtdD4:22 a=E6eXv-vVeS7VqOnxGRGn:22 Content-Type: text/plain; charset="utf-8" This gathers all the TPM2 definitions and structures into two separate header files (public tpm2.h and private tpm2_structs.h). The definitions moved to these files correspond to the TCG specification for TPM 1 family: TPM 2.0 Library - https://trustedcomputinggroup.org/resource/tpm-library-specification/ Note that the structures were pulled into tpm2_structs.h to allow their external reuse. Signed-off-by: Daniel P. Smith Signed-off-by: Ross Philipson --- drivers/char/tpm/tpm.h | 78 +--------- drivers/char/tpm/tpm2-cmd.c | 32 +--- drivers/char/tpm/tpm2-space.c | 13 -- drivers/char/tpm/tpm2_structs.h | 58 ++++++++ include/linux/tpm.h | 141 +----------------- include/linux/tpm2.h | 252 ++++++++++++++++++++++++++++++++ 6 files changed, 313 insertions(+), 261 deletions(-) create mode 100644 drivers/char/tpm/tpm2_structs.h create mode 100644 include/linux/tpm2.h diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h index 1f9f8540eede..faac3c7065bf 100644 --- a/drivers/char/tpm/tpm.h +++ b/drivers/char/tpm/tpm.h @@ -50,83 +50,6 @@ enum tpm_addr { TPM_ADDR =3D 0x4E, }; =20 -/* TPM2 specific constants. */ -#define TPM2_SPACE_BUFFER_SIZE 16384 /* 16 kB */ - -enum tpm2_pt_props { - TPM2_PT_NONE =3D 0x00000000, - TPM2_PT_GROUP =3D 0x00000100, - TPM2_PT_FIXED =3D TPM2_PT_GROUP * 1, - TPM2_PT_FAMILY_INDICATOR =3D TPM2_PT_FIXED + 0, - TPM2_PT_LEVEL =3D TPM2_PT_FIXED + 1, - TPM2_PT_REVISION =3D TPM2_PT_FIXED + 2, - TPM2_PT_DAY_OF_YEAR =3D TPM2_PT_FIXED + 3, - TPM2_PT_YEAR =3D TPM2_PT_FIXED + 4, - TPM2_PT_MANUFACTURER =3D TPM2_PT_FIXED + 5, - TPM2_PT_VENDOR_STRING_1 =3D TPM2_PT_FIXED + 6, - TPM2_PT_VENDOR_STRING_2 =3D TPM2_PT_FIXED + 7, - TPM2_PT_VENDOR_STRING_3 =3D TPM2_PT_FIXED + 8, - TPM2_PT_VENDOR_STRING_4 =3D TPM2_PT_FIXED + 9, - TPM2_PT_VENDOR_TPM_TYPE =3D TPM2_PT_FIXED + 10, - TPM2_PT_FIRMWARE_VERSION_1 =3D TPM2_PT_FIXED + 11, - TPM2_PT_FIRMWARE_VERSION_2 =3D TPM2_PT_FIXED + 12, - TPM2_PT_INPUT_BUFFER =3D TPM2_PT_FIXED + 13, - TPM2_PT_HR_TRANSIENT_MIN =3D TPM2_PT_FIXED + 14, - TPM2_PT_HR_PERSISTENT_MIN =3D TPM2_PT_FIXED + 15, - TPM2_PT_HR_LOADED_MIN =3D TPM2_PT_FIXED + 16, - TPM2_PT_ACTIVE_SESSIONS_MAX =3D TPM2_PT_FIXED + 17, - TPM2_PT_PCR_COUNT =3D TPM2_PT_FIXED + 18, - TPM2_PT_PCR_SELECT_MIN =3D TPM2_PT_FIXED + 19, - TPM2_PT_CONTEXT_GAP_MAX =3D TPM2_PT_FIXED + 20, - TPM2_PT_NV_COUNTERS_MAX =3D TPM2_PT_FIXED + 22, - TPM2_PT_NV_INDEX_MAX =3D TPM2_PT_FIXED + 23, - TPM2_PT_MEMORY =3D TPM2_PT_FIXED + 24, - TPM2_PT_CLOCK_UPDATE =3D TPM2_PT_FIXED + 25, - TPM2_PT_CONTEXT_HASH =3D TPM2_PT_FIXED + 26, - TPM2_PT_CONTEXT_SYM =3D TPM2_PT_FIXED + 27, - TPM2_PT_CONTEXT_SYM_SIZE =3D TPM2_PT_FIXED + 28, - TPM2_PT_ORDERLY_COUNT =3D TPM2_PT_FIXED + 29, - TPM2_PT_MAX_COMMAND_SIZE =3D TPM2_PT_FIXED + 30, - TPM2_PT_MAX_RESPONSE_SIZE =3D TPM2_PT_FIXED + 31, - TPM2_PT_MAX_DIGEST =3D TPM2_PT_FIXED + 32, - TPM2_PT_MAX_OBJECT_CONTEXT =3D TPM2_PT_FIXED + 33, - TPM2_PT_MAX_SESSION_CONTEXT =3D TPM2_PT_FIXED + 34, - TPM2_PT_PS_FAMILY_INDICATOR =3D TPM2_PT_FIXED + 35, - TPM2_PT_PS_LEVEL =3D TPM2_PT_FIXED + 36, - TPM2_PT_PS_REVISION =3D TPM2_PT_FIXED + 37, - TPM2_PT_PS_DAY_OF_YEAR =3D TPM2_PT_FIXED + 38, - TPM2_PT_PS_YEAR =3D TPM2_PT_FIXED + 39, - TPM2_PT_SPLIT_MAX =3D TPM2_PT_FIXED + 40, - TPM2_PT_TOTAL_COMMANDS =3D TPM2_PT_FIXED + 41, - TPM2_PT_LIBRARY_COMMANDS =3D TPM2_PT_FIXED + 42, - TPM2_PT_VENDOR_COMMANDS =3D TPM2_PT_FIXED + 43, - TPM2_PT_NV_BUFFER_MAX =3D TPM2_PT_FIXED + 44, - TPM2_PT_MODES =3D TPM2_PT_FIXED + 45, - TPM2_PT_MAX_CAP_BUFFER =3D TPM2_PT_FIXED + 46, - TPM2_PT_VAR =3D TPM2_PT_GROUP * 2, - TPM2_PT_PERMANENT =3D TPM2_PT_VAR + 0, - TPM2_PT_STARTUP_CLEAR =3D TPM2_PT_VAR + 1, - TPM2_PT_HR_NV_INDEX =3D TPM2_PT_VAR + 2, - TPM2_PT_HR_LOADED =3D TPM2_PT_VAR + 3, - TPM2_PT_HR_LOADED_AVAIL =3D TPM2_PT_VAR + 4, - TPM2_PT_HR_ACTIVE =3D TPM2_PT_VAR + 5, - TPM2_PT_HR_ACTIVE_AVAIL =3D TPM2_PT_VAR + 6, - TPM2_PT_HR_TRANSIENT_AVAIL =3D TPM2_PT_VAR + 7, - TPM2_PT_HR_PERSISTENT =3D TPM2_PT_VAR + 8, - TPM2_PT_HR_PERSISTENT_AVAIL =3D TPM2_PT_VAR + 9, - TPM2_PT_NV_COUNTERS =3D TPM2_PT_VAR + 10, - TPM2_PT_NV_COUNTERS_AVAIL =3D TPM2_PT_VAR + 11, - TPM2_PT_ALGORITHM_SET =3D TPM2_PT_VAR + 12, - TPM2_PT_LOADED_CURVES =3D TPM2_PT_VAR + 13, - TPM2_PT_LOCKOUT_COUNTER =3D TPM2_PT_VAR + 14, - TPM2_PT_MAX_AUTH_FAIL =3D TPM2_PT_VAR + 15, - TPM2_PT_LOCKOUT_INTERVAL =3D TPM2_PT_VAR + 16, - TPM2_PT_LOCKOUT_RECOVERY =3D TPM2_PT_VAR + 17, - TPM2_PT_NV_WRITE_RECOVERY =3D TPM2_PT_VAR + 18, - TPM2_PT_AUDIT_COUNTER_0 =3D TPM2_PT_VAR + 19, - TPM2_PT_AUDIT_COUNTER_1 =3D TPM2_PT_VAR + 20, -}; - /* 128 bytes is an arbitrary cap. This could be as large as TPM_BUFSIZE - = 18 * bytes, but 128 is still a relatively large number of random bytes and * anything much bigger causes users of struct tpm_cmd_t to start getting @@ -134,6 +57,7 @@ enum tpm2_pt_props { #define TPM_MAX_RNG_DATA 128 =20 #include "tpm1_structs.h" +#include "tpm2_structs.h" =20 extern const struct class tpm_class; extern const struct class tpmrm_class; diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c index a0fcd3cd00b7..7308b08a915f 100644 --- a/drivers/char/tpm/tpm2-cmd.c +++ b/drivers/char/tpm/tpm2-cmd.c @@ -11,8 +11,8 @@ * used by the kernel internally. */ =20 -#include "tpm.h" #include +#include "tpm.h" =20 static bool disable_pcr_integrity; module_param(disable_pcr_integrity, bool, 0444); @@ -79,17 +79,6 @@ unsigned long tpm2_calc_ordinal_duration(u32 ordinal) return msecs_to_jiffies(TPM2_DURATION_DEFAULT); } =20 -struct tpm2_pcr_read_out { - __be32 update_cnt; - __be32 pcr_selects_cnt; - __be16 hash_alg; - u8 pcr_select_size; - u8 pcr_select[TPM2_PCR_SELECT_MIN]; - __be32 digests_cnt; - __be16 digest_size; - u8 digest[]; -} __packed; - /** * tpm2_pcr_read() - read a PCR value * @chip: TPM chip to use. @@ -205,11 +194,6 @@ int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, return rc; } =20 -struct tpm2_get_random_out { - __be16 size; - u8 buffer[TPM_MAX_RNG_DATA]; -} __packed; - /** * tpm2_get_random() - get random bytes from the TPM RNG * @@ -322,14 +306,6 @@ void tpm2_flush_context(struct tpm_chip *chip, u32 han= dle) } EXPORT_SYMBOL_GPL(tpm2_flush_context); =20 -struct tpm2_get_cap_out { - u8 more_data; - __be32 subcap_id; - __be32 property_cnt; - __be32 property_id; - __be32 value; -} __packed; - /** * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property * @chip: a &tpm_chip instance @@ -498,12 +474,6 @@ static int tpm2_init_bank_info(struct tpm_chip *chip, = u32 bank_index) return tpm2_pcr_read(chip, 0, &digest, &bank->digest_size); } =20 -struct tpm2_pcr_selection { - __be16 hash_alg; - u8 size_of_select; - u8 pcr_select[3]; -} __packed; - ssize_t tpm2_get_pcr_allocation(struct tpm_chip *chip) { struct tpm2_pcr_selection pcr_selection; diff --git a/drivers/char/tpm/tpm2-space.c b/drivers/char/tpm/tpm2-space.c index e80fd767998f..8595107ab5b2 100644 --- a/drivers/char/tpm/tpm2-space.c +++ b/drivers/char/tpm/tpm2-space.c @@ -15,19 +15,6 @@ #include #include "tpm.h" =20 -enum tpm2_handle_types { - TPM2_HT_HMAC_SESSION =3D 0x02000000, - TPM2_HT_POLICY_SESSION =3D 0x03000000, - TPM2_HT_TRANSIENT =3D 0x80000000, -}; - -struct tpm2_context { - __be64 sequence; - __be32 saved_handle; - __be32 hierarchy; - __be16 blob_size; -} __packed; - static void tpm2_flush_sessions(struct tpm_chip *chip, struct tpm_space *s= pace) { int i; diff --git a/drivers/char/tpm/tpm2_structs.h b/drivers/char/tpm/tpm2_struct= s.h new file mode 100644 index 000000000000..85c15f2369f2 --- /dev/null +++ b/drivers/char/tpm/tpm2_structs.h @@ -0,0 +1,58 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Copyright (C) 2004 IBM Corporation + * Copyright (C) 2015 Intel Corporation + * + * Authors: + * Leendert van Doorn + * Dave Safford + * Reiner Sailer + * Kylene Hall + * + * Maintained by: + * + * Device driver for TCG/TCPA TPM (trusted platform module). + * Specifications at www.trustedcomputinggroup.org + */ + +#ifndef __TPM2_STRUCTS_H__ +#define __TPM2_STRUCTS_H__ + +struct tpm2_pcr_read_out { + __be32 update_cnt; + __be32 pcr_selects_cnt; + __be16 hash_alg; + u8 pcr_select_size; + u8 pcr_select[TPM2_PCR_SELECT_MIN]; + __be32 digests_cnt; + __be16 digest_size; + u8 digest[]; +} __packed; + +struct tpm2_get_random_out { + __be16 size; + u8 buffer[TPM_MAX_RNG_DATA]; +} __packed; + +struct tpm2_get_cap_out { + u8 more_data; + __be32 subcap_id; + __be32 property_cnt; + __be32 property_id; + __be32 value; +} __packed; + +struct tpm2_pcr_selection { + __be16 hash_alg; + u8 size_of_select; + u8 pcr_select[3]; +} __packed; + +struct tpm2_context { + __be64 sequence; + __be32 saved_handle; + __be32 hierarchy; + __be16 blob_size; +} __packed; + +#endif diff --git a/include/linux/tpm.h b/include/linux/tpm.h index ef81e0b59657..e77e3e2c1d9e 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -27,6 +27,7 @@ =20 #include "tpm_common.h" #include "tpm1.h" +#include "tpm2.h" =20 #define TPM_DIGEST_SIZE 20 /* Max TPM v1.2 PCR size */ #define TPM_HEADER_SIZE 10 @@ -43,12 +44,6 @@ struct trusted_key_options; /* opaque structure, holds auth session parameters like the session key */ struct tpm2_auth; =20 -enum tpm2_session_types { - TPM2_SE_HMAC =3D 0x00, - TPM2_SE_POLICY =3D 0x01, - TPM2_SE_TRIAL =3D 0x02, -}; - /* if you add a new hash to this, increment TPM_MAX_HASHES below */ enum tpm_algorithms { TPM_ALG_ERROR =3D 0x0000, @@ -70,11 +65,6 @@ enum tpm_algorithms { */ #define TPM_MAX_HASHES 5 =20 -enum tpm2_curves { - TPM2_ECC_NONE =3D 0x0000, - TPM2_ECC_NIST_P256 =3D 0x0003, -}; - struct tpm_digest { u16 alg_id; u8 digest[TPM2_MAX_DIGEST_SIZE]; @@ -225,117 +215,11 @@ struct tpm_chip { #endif }; =20 -enum tpm2_timeouts { - TPM2_TIMEOUT_A =3D 750, - TPM2_TIMEOUT_B =3D 4000, - TPM2_TIMEOUT_C =3D 200, - TPM2_TIMEOUT_D =3D 30, -}; - -enum tpm2_durations { - TPM2_DURATION_SHORT =3D 20, - TPM2_DURATION_LONG =3D 2000, - TPM2_DURATION_DEFAULT =3D 120000, -}; - -enum tpm2_structures { - TPM2_ST_NO_SESSIONS =3D 0x8001, - TPM2_ST_SESSIONS =3D 0x8002, - TPM2_ST_CREATION =3D 0x8021, -}; - -/* Indicates from what layer of the software stack the error comes from */ -#define TSS2_RC_LAYER_SHIFT 16 -#define TSS2_RESMGR_TPM_RC_LAYER (11 << TSS2_RC_LAYER_SHIFT) - -enum tpm2_return_codes { - TPM2_RC_SUCCESS =3D 0x0000, - TPM2_RC_HASH =3D 0x0083, /* RC_FMT1 */ - TPM2_RC_HANDLE =3D 0x008B, - TPM2_RC_INTEGRITY =3D 0x009F, - TPM2_RC_INITIALIZE =3D 0x0100, /* RC_VER1 */ - TPM2_RC_FAILURE =3D 0x0101, - TPM2_RC_DISABLED =3D 0x0120, - TPM2_RC_UPGRADE =3D 0x012D, - TPM2_RC_COMMAND_CODE =3D 0x0143, - TPM2_RC_TESTING =3D 0x090A, /* RC_WARN */ - TPM2_RC_REFERENCE_H0 =3D 0x0910, - TPM2_RC_RETRY =3D 0x0922, - TPM2_RC_SESSION_MEMORY =3D 0x0903, -}; - -enum tpm2_command_codes { - TPM2_CC_FIRST =3D 0x011F, - TPM2_CC_HIERARCHY_CONTROL =3D 0x0121, - TPM2_CC_HIERARCHY_CHANGE_AUTH =3D 0x0129, - TPM2_CC_CREATE_PRIMARY =3D 0x0131, - TPM2_CC_SEQUENCE_COMPLETE =3D 0x013E, - TPM2_CC_SELF_TEST =3D 0x0143, - TPM2_CC_STARTUP =3D 0x0144, - TPM2_CC_SHUTDOWN =3D 0x0145, - TPM2_CC_NV_READ =3D 0x014E, - TPM2_CC_CREATE =3D 0x0153, - TPM2_CC_LOAD =3D 0x0157, - TPM2_CC_SEQUENCE_UPDATE =3D 0x015C, - TPM2_CC_UNSEAL =3D 0x015E, - TPM2_CC_CONTEXT_LOAD =3D 0x0161, - TPM2_CC_CONTEXT_SAVE =3D 0x0162, - TPM2_CC_FLUSH_CONTEXT =3D 0x0165, - TPM2_CC_READ_PUBLIC =3D 0x0173, - TPM2_CC_START_AUTH_SESS =3D 0x0176, - TPM2_CC_VERIFY_SIGNATURE =3D 0x0177, - TPM2_CC_GET_CAPABILITY =3D 0x017A, - TPM2_CC_GET_RANDOM =3D 0x017B, - TPM2_CC_PCR_READ =3D 0x017E, - TPM2_CC_PCR_EXTEND =3D 0x0182, - TPM2_CC_EVENT_SEQUENCE_COMPLETE =3D 0x0185, - TPM2_CC_HASH_SEQUENCE_START =3D 0x0186, - TPM2_CC_CREATE_LOADED =3D 0x0191, - TPM2_CC_LAST =3D 0x0193, /* Spec 1.36 */ -}; - -enum tpm2_permanent_handles { - TPM2_RH_NULL =3D 0x40000007, - TPM2_RS_PW =3D 0x40000009, -}; - -/* Most Significant Octet for key types */ -enum tpm2_mso_type { - TPM2_MSO_NVRAM =3D 0x01, - TPM2_MSO_SESSION =3D 0x02, - TPM2_MSO_POLICY =3D 0x03, - TPM2_MSO_PERMANENT =3D 0x40, - TPM2_MSO_VOLATILE =3D 0x80, - TPM2_MSO_PERSISTENT =3D 0x81, -}; - static inline enum tpm2_mso_type tpm2_handle_mso(u32 handle) { return handle >> 24; } =20 -enum tpm2_capabilities { - TPM2_CAP_HANDLES =3D 1, - TPM2_CAP_COMMANDS =3D 2, - TPM2_CAP_PCRS =3D 5, - TPM2_CAP_TPM_PROPERTIES =3D 6, -}; - -enum tpm2_properties { - TPM_PT_TOTAL_COMMANDS =3D 0x0129, -}; - -enum tpm2_startup_types { - TPM2_SU_CLEAR =3D 0x0000, - TPM2_SU_STATE =3D 0x0001, -}; - -enum tpm2_cc_attrs { - TPM2_CC_ATTR_CHANDLES =3D 25, - TPM2_CC_ATTR_RHANDLE =3D 28, - TPM2_CC_ATTR_VENDOR =3D 29, -}; - #define TPM_VID_INTEL 0x8086 #define TPM_VID_WINBOND 0x1050 #define TPM_VID_STM 0x104A @@ -387,29 +271,6 @@ struct tpm_buf { u8 data[]; }; =20 -enum tpm2_object_attributes { - TPM2_OA_FIXED_TPM =3D BIT(1), - TPM2_OA_ST_CLEAR =3D BIT(2), - TPM2_OA_FIXED_PARENT =3D BIT(4), - TPM2_OA_SENSITIVE_DATA_ORIGIN =3D BIT(5), - TPM2_OA_USER_WITH_AUTH =3D BIT(6), - TPM2_OA_ADMIN_WITH_POLICY =3D BIT(7), - TPM2_OA_NO_DA =3D BIT(10), - TPM2_OA_ENCRYPTED_DUPLICATION =3D BIT(11), - TPM2_OA_RESTRICTED =3D BIT(16), - TPM2_OA_DECRYPT =3D BIT(17), - TPM2_OA_SIGN =3D BIT(18), -}; - -enum tpm2_session_attributes { - TPM2_SA_CONTINUE_SESSION =3D BIT(0), - TPM2_SA_AUDIT_EXCLUSIVE =3D BIT(1), - TPM2_SA_AUDIT_RESET =3D BIT(3), - TPM2_SA_DECRYPT =3D BIT(5), - TPM2_SA_ENCRYPT =3D BIT(6), - TPM2_SA_AUDIT =3D BIT(7), -}; - struct tpm2_hash { unsigned int crypto_id; unsigned int tpm_id; diff --git a/include/linux/tpm2.h b/include/linux/tpm2.h new file mode 100644 index 000000000000..f87489aea780 --- /dev/null +++ b/include/linux/tpm2.h @@ -0,0 +1,252 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Copyright (C) 2004,2007,2008 IBM Corporation + * + * Authors: + * Leendert van Doorn + * Dave Safford + * Reiner Sailer + * Kylene Hall + * Debora Velarde + * + * Maintained by: + * + * Device driver for TCG/TCPA TPM (trusted platform module). + * Specifications at www.trustedcomputinggroup.org + */ +#ifndef __LINUX_TPM2_H__ +#define __LINUX_TPM2_H__ + +/* + * TPM 2.0 Library + * https://trustedcomputinggroup.org/resource/tpm-library-specification/ + */ + +/* TPM2 specific constants. */ +#define TPM2_SPACE_BUFFER_SIZE 16384 /* 16 kB */ + +enum tpm2_session_types { + TPM2_SE_HMAC =3D 0x00, + TPM2_SE_POLICY =3D 0x01, + TPM2_SE_TRIAL =3D 0x02, +}; + +enum tpm2_structures { + TPM2_ST_NO_SESSIONS =3D 0x8001, + TPM2_ST_SESSIONS =3D 0x8002, + TPM2_ST_CREATION =3D 0x8021, +}; + +enum tpm2_timeouts { + TPM2_TIMEOUT_A =3D 750, + TPM2_TIMEOUT_B =3D 4000, + TPM2_TIMEOUT_C =3D 200, + TPM2_TIMEOUT_D =3D 30, + TPM2_DURATION_SHORT =3D 20, + TPM2_DURATION_MEDIUM =3D 750, + TPM2_DURATION_LONG =3D 2000, + TPM2_DURATION_LONG_LONG =3D 300000, + TPM2_DURATION_DEFAULT =3D 120000, +}; + +/* Indicates from what layer of the software stack the error comes from */ +#define TSS2_RC_LAYER_SHIFT 16 +#define TSS2_RESMGR_TPM_RC_LAYER (11 << TSS2_RC_LAYER_SHIFT) + +enum tpm2_return_codes { + TPM2_RC_SUCCESS =3D 0x0000, + TPM2_RC_HASH =3D 0x0083, /* RC_FMT1 */ + TPM2_RC_HANDLE =3D 0x008B, + TPM2_RC_INTEGRITY =3D 0x009F, + TPM2_RC_INITIALIZE =3D 0x0100, /* RC_VER1 */ + TPM2_RC_FAILURE =3D 0x0101, + TPM2_RC_DISABLED =3D 0x0120, + TPM2_RC_UPGRADE =3D 0x012D, + TPM2_RC_COMMAND_CODE =3D 0x0143, + TPM2_RC_TESTING =3D 0x090A, /* RC_WARN */ + TPM2_RC_REFERENCE_H0 =3D 0x0910, + TPM2_RC_RETRY =3D 0x0922, + TPM2_RC_SESSION_MEMORY =3D 0x0903, +}; + +enum tpm2_command_codes { + TPM2_CC_FIRST =3D 0x011F, + TPM2_CC_HIERARCHY_CONTROL =3D 0x0121, + TPM2_CC_HIERARCHY_CHANGE_AUTH =3D 0x0129, + TPM2_CC_CREATE_PRIMARY =3D 0x0131, + TPM2_CC_SEQUENCE_COMPLETE =3D 0x013E, + TPM2_CC_SELF_TEST =3D 0x0143, + TPM2_CC_STARTUP =3D 0x0144, + TPM2_CC_SHUTDOWN =3D 0x0145, + TPM2_CC_NV_READ =3D 0x014E, + TPM2_CC_CREATE =3D 0x0153, + TPM2_CC_LOAD =3D 0x0157, + TPM2_CC_SEQUENCE_UPDATE =3D 0x015C, + TPM2_CC_UNSEAL =3D 0x015E, + TPM2_CC_CONTEXT_LOAD =3D 0x0161, + TPM2_CC_CONTEXT_SAVE =3D 0x0162, + TPM2_CC_FLUSH_CONTEXT =3D 0x0165, + TPM2_CC_READ_PUBLIC =3D 0x0173, + TPM2_CC_START_AUTH_SESS =3D 0x0176, + TPM2_CC_VERIFY_SIGNATURE =3D 0x0177, + TPM2_CC_GET_CAPABILITY =3D 0x017A, + TPM2_CC_GET_RANDOM =3D 0x017B, + TPM2_CC_PCR_READ =3D 0x017E, + TPM2_CC_PCR_EXTEND =3D 0x0182, + TPM2_CC_EVENT_SEQUENCE_COMPLETE =3D 0x0185, + TPM2_CC_HASH_SEQUENCE_START =3D 0x0186, + TPM2_CC_CREATE_LOADED =3D 0x0191, + TPM2_CC_LAST =3D 0x0193, /* Spec 1.36 */ +}; + +enum tpm2_capabilities { + TPM2_CAP_HANDLES =3D 1, + TPM2_CAP_COMMANDS =3D 2, + TPM2_CAP_PCRS =3D 5, + TPM2_CAP_TPM_PROPERTIES =3D 6, +}; + +enum tpm2_properties { + TPM_PT_TOTAL_COMMANDS =3D 0x0129, +}; + +enum tpm2_startup_types { + TPM2_SU_CLEAR =3D 0x0000, + TPM2_SU_STATE =3D 0x0001, +}; + +enum tpm2_cc_attrs { + TPM2_CC_ATTR_CHANDLES =3D 25, + TPM2_CC_ATTR_RHANDLE =3D 28, + TPM2_CC_ATTR_VENDOR =3D 29, +}; + +enum tpm2_permanent_handles { + TPM2_RH_NULL =3D 0x40000007, + TPM2_RS_PW =3D 0x40000009, +}; + +/* Most Significant Octet for key types */ +enum tpm2_mso_type { + TPM2_MSO_NVRAM =3D 0x01, + TPM2_MSO_SESSION =3D 0x02, + TPM2_MSO_POLICY =3D 0x03, + TPM2_MSO_PERMANENT =3D 0x40, + TPM2_MSO_VOLATILE =3D 0x80, + TPM2_MSO_PERSISTENT =3D 0x81, +}; + +enum tpm2_ecc_curve { + TPM2_ECC_NONE =3D 0x0000, + TPM2_ECC_NIST_P256 =3D 0x0003, +}; + +enum tpm2_object_attributes { + TPM2_OA_FIXED_TPM =3D BIT(1), + TPM2_OA_ST_CLEAR =3D BIT(2), + TPM2_OA_FIXED_PARENT =3D BIT(4), + TPM2_OA_SENSITIVE_DATA_ORIGIN =3D BIT(5), + TPM2_OA_USER_WITH_AUTH =3D BIT(6), + TPM2_OA_ADMIN_WITH_POLICY =3D BIT(7), + TPM2_OA_NO_DA =3D BIT(10), + TPM2_OA_ENCRYPTED_DUPLICATION =3D BIT(11), + TPM2_OA_RESTRICTED =3D BIT(16), + TPM2_OA_DECRYPT =3D BIT(17), + TPM2_OA_SIGN =3D BIT(18), +}; + +enum tpm2_session_attributes { + TPM2_SA_CONTINUE_SESSION =3D BIT(0), + TPM2_SA_AUDIT_EXCLUSIVE =3D BIT(1), + TPM2_SA_AUDIT_RESET =3D BIT(3), + TPM2_SA_DECRYPT =3D BIT(5), + TPM2_SA_ENCRYPT =3D BIT(6), + TPM2_SA_AUDIT =3D BIT(7), +}; + +enum tpm2_pcr_select { + TPM2_PLATFORM_PCR =3D 24, + TPM2_PCR_SELECT_MIN =3D ((TPM2_PLATFORM_PCR + 7) / 8), +}; + +enum tpm2_handle_types { + TPM2_HT_HMAC_SESSION =3D 0x02000000, + TPM2_HT_POLICY_SESSION =3D 0x03000000, + TPM2_HT_TRANSIENT =3D 0x80000000, +}; + +enum tpm2_pt_props { + TPM2_PT_NONE =3D 0x00000000, + TPM2_PT_GROUP =3D 0x00000100, + TPM2_PT_FIXED =3D TPM2_PT_GROUP * 1, + TPM2_PT_FAMILY_INDICATOR =3D TPM2_PT_FIXED + 0, + TPM2_PT_LEVEL =3D TPM2_PT_FIXED + 1, + TPM2_PT_REVISION =3D TPM2_PT_FIXED + 2, + TPM2_PT_DAY_OF_YEAR =3D TPM2_PT_FIXED + 3, + TPM2_PT_YEAR =3D TPM2_PT_FIXED + 4, + TPM2_PT_MANUFACTURER =3D TPM2_PT_FIXED + 5, + TPM2_PT_VENDOR_STRING_1 =3D TPM2_PT_FIXED + 6, + TPM2_PT_VENDOR_STRING_2 =3D TPM2_PT_FIXED + 7, + TPM2_PT_VENDOR_STRING_3 =3D TPM2_PT_FIXED + 8, + TPM2_PT_VENDOR_STRING_4 =3D TPM2_PT_FIXED + 9, + TPM2_PT_VENDOR_TPM_TYPE =3D TPM2_PT_FIXED + 10, + TPM2_PT_FIRMWARE_VERSION_1 =3D TPM2_PT_FIXED + 11, + TPM2_PT_FIRMWARE_VERSION_2 =3D TPM2_PT_FIXED + 12, + TPM2_PT_INPUT_BUFFER =3D TPM2_PT_FIXED + 13, + TPM2_PT_HR_TRANSIENT_MIN =3D TPM2_PT_FIXED + 14, + TPM2_PT_HR_PERSISTENT_MIN =3D TPM2_PT_FIXED + 15, + TPM2_PT_HR_LOADED_MIN =3D TPM2_PT_FIXED + 16, + TPM2_PT_ACTIVE_SESSIONS_MAX =3D TPM2_PT_FIXED + 17, + TPM2_PT_PCR_COUNT =3D TPM2_PT_FIXED + 18, + TPM2_PT_PCR_SELECT_MIN =3D TPM2_PT_FIXED + 19, + TPM2_PT_CONTEXT_GAP_MAX =3D TPM2_PT_FIXED + 20, + TPM2_PT_NV_COUNTERS_MAX =3D TPM2_PT_FIXED + 22, + TPM2_PT_NV_INDEX_MAX =3D TPM2_PT_FIXED + 23, + TPM2_PT_MEMORY =3D TPM2_PT_FIXED + 24, + TPM2_PT_CLOCK_UPDATE =3D TPM2_PT_FIXED + 25, + TPM2_PT_CONTEXT_HASH =3D TPM2_PT_FIXED + 26, + TPM2_PT_CONTEXT_SYM =3D TPM2_PT_FIXED + 27, + TPM2_PT_CONTEXT_SYM_SIZE =3D TPM2_PT_FIXED + 28, + TPM2_PT_ORDERLY_COUNT =3D TPM2_PT_FIXED + 29, + TPM2_PT_MAX_COMMAND_SIZE =3D TPM2_PT_FIXED + 30, + TPM2_PT_MAX_RESPONSE_SIZE =3D TPM2_PT_FIXED + 31, + TPM2_PT_MAX_DIGEST =3D TPM2_PT_FIXED + 32, + TPM2_PT_MAX_OBJECT_CONTEXT =3D TPM2_PT_FIXED + 33, + TPM2_PT_MAX_SESSION_CONTEXT =3D TPM2_PT_FIXED + 34, + TPM2_PT_PS_FAMILY_INDICATOR =3D TPM2_PT_FIXED + 35, + TPM2_PT_PS_LEVEL =3D TPM2_PT_FIXED + 36, + TPM2_PT_PS_REVISION =3D TPM2_PT_FIXED + 37, + TPM2_PT_PS_DAY_OF_YEAR =3D TPM2_PT_FIXED + 38, + TPM2_PT_PS_YEAR =3D TPM2_PT_FIXED + 39, + TPM2_PT_SPLIT_MAX =3D TPM2_PT_FIXED + 40, + TPM2_PT_TOTAL_COMMANDS =3D TPM2_PT_FIXED + 41, + TPM2_PT_LIBRARY_COMMANDS =3D TPM2_PT_FIXED + 42, + TPM2_PT_VENDOR_COMMANDS =3D TPM2_PT_FIXED + 43, + TPM2_PT_NV_BUFFER_MAX =3D TPM2_PT_FIXED + 44, + TPM2_PT_MODES =3D TPM2_PT_FIXED + 45, + TPM2_PT_MAX_CAP_BUFFER =3D TPM2_PT_FIXED + 46, + TPM2_PT_VAR =3D TPM2_PT_GROUP * 2, + TPM2_PT_PERMANENT =3D TPM2_PT_VAR + 0, + TPM2_PT_STARTUP_CLEAR =3D TPM2_PT_VAR + 1, + TPM2_PT_HR_NV_INDEX =3D TPM2_PT_VAR + 2, + TPM2_PT_HR_LOADED =3D TPM2_PT_VAR + 3, + TPM2_PT_HR_LOADED_AVAIL =3D TPM2_PT_VAR + 4, + TPM2_PT_HR_ACTIVE =3D TPM2_PT_VAR + 5, + TPM2_PT_HR_ACTIVE_AVAIL =3D TPM2_PT_VAR + 6, + TPM2_PT_HR_TRANSIENT_AVAIL =3D TPM2_PT_VAR + 7, + TPM2_PT_HR_PERSISTENT =3D TPM2_PT_VAR + 8, + TPM2_PT_HR_PERSISTENT_AVAIL =3D TPM2_PT_VAR + 9, + TPM2_PT_NV_COUNTERS =3D TPM2_PT_VAR + 10, + TPM2_PT_NV_COUNTERS_AVAIL =3D TPM2_PT_VAR + 11, + TPM2_PT_ALGORITHM_SET =3D TPM2_PT_VAR + 12, + TPM2_PT_LOADED_CURVES =3D TPM2_PT_VAR + 13, + TPM2_PT_LOCKOUT_COUNTER =3D TPM2_PT_VAR + 14, + TPM2_PT_MAX_AUTH_FAIL =3D TPM2_PT_VAR + 15, + TPM2_PT_LOCKOUT_INTERVAL =3D TPM2_PT_VAR + 16, + TPM2_PT_LOCKOUT_RECOVERY =3D TPM2_PT_VAR + 17, + TPM2_PT_NV_WRITE_RECOVERY =3D TPM2_PT_VAR + 18, + TPM2_PT_AUDIT_COUNTER_0 =3D TPM2_PT_VAR + 19, + TPM2_PT_AUDIT_COUNTER_1 =3D TPM2_PT_VAR + 20, +}; + +#endif --=20 2.43.7