From nobody Mon Apr 6 22:03:30 2026 Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 522062F691D; Tue, 17 Mar 2026 16:06:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.165.32 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773763619; cv=none; b=H3JuFDNp0Sk4UZ1GNWnGTmhgmpxI4nDk/qiPZXwQGhN5k/HgiRnTlFpET6EIhlpGWQPgmuMLS/r8bXhl8/U6yvDgUH9+7RsFpKLkq3bta89riE8hv+vrNthAo3fKrHo6jQ26iGJLTCt39/GC9WDgFtYtnJuWmGWqu1jhl4bIek0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773763619; c=relaxed/simple; bh=kMznvxDxNKPo1eYStvhpKWXxDrQacVSYIj3z3hD0Mm0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=q3MYXf3yOwXFiZNINyFfRnJP8MqUMrLagb9wB1sib9dwzYpBqrIL39INKJOGo/tCpsUhkvCmDFA0eaPhtPFApml5pyoR+1++RK0KtPF9vIk0aSC+uubXDT/tIvxXDST+ULJUT7wsrSGPzVoNeFtcz/OwXxusJvY+MGMr2ztTvJo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oracle.com; spf=pass smtp.mailfrom=oracle.com; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b=l2/TzO5p; arc=none smtp.client-ip=205.220.165.32 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oracle.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oracle.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b="l2/TzO5p" Received: from pps.filterd (m0246627.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 62HDe6dI032629; Tue, 17 Mar 2026 16:06:39 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=corp-2025-04-25; bh=6PrSG M2c8A4Swmft+dJ+URUdWPRK8pm9zwum/+Ioqq8=; b=l2/TzO5pd5y6fJS2qHif4 zTqnjcl/dggjy1RpuTsXKJc0kAt44h3IVpQD/j61SGYM1ncDp9RqtNO0SyWfRW2P /jdVLAiz9qqHmAviJMPZQcjk2NQS6NqetEUOYq4djsumyCMVLUux2YrmGVcsZ3R7 6vHHEBACK4SeYypQ7gvVEhyL+7xxW5Z7VSTL1JzgZFL6NENMfLfo85dFNrtdi1pF gPU1YcZSYGlA6AIdXJ2APrQS0E64/wfNWIGxcsKe4BKgHFrSZvdf+eDnXy7Y0VGm yN7woWDlTLrWUvmw1K1oxTkEBCqNglQDWMTIsneSRSVkyfXdjRqzuust7Y/0Ec5R Q== Received: from iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta01.appoci.oracle.com [130.35.100.223]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 4cvx8x4fej-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 17 Mar 2026 16:06:39 +0000 (GMT) Received: from pps.filterd (iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (8.18.1.2/8.18.1.2) with ESMTP id 62HFHp0f002741; Tue, 17 Mar 2026 16:06:37 GMT Received: from pps.reinject (localhost [127.0.0.1]) by iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTPS id 4cvx4mjp09-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 17 Mar 2026 16:06:37 +0000 Received: from iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 62HG2QOx028917; Tue, 17 Mar 2026 16:06:37 GMT Received: from localhost (alecbro-ol9.allregionaliads.osdevelopmeniad.oraclevcn.com [100.100.255.11]) by iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTP id 4cvx4mjnxk-1; Tue, 17 Mar 2026 16:06:36 +0000 From: Alec Brown To: linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, jarkko@kernel.org Cc: peterhuewe@gmx.de, jarkko.sakkinen@iki.fi, jgg@ziepe.ca, ross.philipson@oracle.com, dpsmith@apertussolutions.com, daniel.kiper@oracle.com, kanth.ghatraju@oracle.com, trenchboot-devel@googlegroups.com, ardb@kernel.org, alec.r.brown@oracle.com Subject: [PATCH 1/4] tpm: Initial step to reorganize TPM public headers Date: Tue, 17 Mar 2026 16:03:32 +0000 Message-ID: <20260317160613.2899129-2-alec.r.brown@oracle.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20260317160613.2899129-1-alec.r.brown@oracle.com> References: <20260317160613.2899129-1-alec.r.brown@oracle.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-03-17_03,2026-03-17_01,2025-10-01_01 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxscore=0 phishscore=0 spamscore=0 adultscore=0 malwarescore=0 mlxlogscore=999 suspectscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2603050001 definitions=main-2603170142 X-Proofpoint-GUID: rmnTDjHoBOM9C3HhxkwT823argqApvCn X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMzE3MDE0MiBTYWx0ZWRfXwC7yj6QYmVvW ernUzoUDOPJvlhuiYZcreUn7slD+CYpHGm/o8OIIyKACCmaIQkFs4E7FSptm5MOZRH8Uv2PDwTd It2S5UXaBFIYF1ghnVStd3OHbKK2I1qDWhfr/DmSmHdzwEHoBmqEws/+4bZZsHJLz1EQRNQqwkG ZZrD1LHDJw18fRalWlrrmOl7PynUfEmy4gZCETUcSTws/1weRYNJrOvAagscY7uDoiFWL0Jz8pF UM08/SLsq7FVPRheJyZejmgAUefDthU2tU2uawESY0LERKDn2Nf2x6LxaSZHZ6dtOrmZ47flSVD V9ysz/LZCRIcbNlwjjOgq50Os6RoUqleNpHDC/lk6CnRNW0uPViy5kdtIIakpPUNhLi6wffOXnN ivmq6HVntmucsWRGHN2567gDKtUQb8dn4a3nUwNFbEEaucYyWlT6zzs1EeEtI+5+JFXkYkI79cy oAJG5/l9hLln2hyoVp0N0LwvwN6alninfPjPOoDY= X-Authority-Analysis: v=2.4 cv=dJmrWeZb c=1 sm=1 tr=0 ts=69b97c0f b=1 cx=c_pps a=zPCbziy225d3KhSqZt3L1A==:117 a=zPCbziy225d3KhSqZt3L1A==:17 a=Yq5XynenixoA:10 a=VkNPw1HP01LnGYTKEx00:22 a=jiCTI4zE5U7BLdzWsZGv:22 a=RD47p0oAkeU5bO7t-o6f:22 a=xt6ew7UTAAAA:8 a=yPCof4ZbAAAA:8 a=UN5060LkAAAA:8 a=aY4EUbk01JFM1SX_nzkA:9 a=tn93DeGZTgJ6DdWMtdD4:22 a=E6eXv-vVeS7VqOnxGRGn:22 cc=ntf awl=host:12272 X-Proofpoint-ORIG-GUID: rmnTDjHoBOM9C3HhxkwT823argqApvCn Content-Type: text/plain; charset="utf-8" From: Ross Philipson From: Ross Philipson Consolidate TPM1 constants in tpm_command.h and remove duplicate constants from tpm1-cmd.c. Signed-off-by: Daniel P. Smith Signed-off-by: Ross Philipson Signed-off-by: Alec Brown --- drivers/char/tpm/tpm-buf.c | 1 - drivers/char/tpm/tpm1-cmd.c | 14 +------- include/keys/trusted_tpm.h | 1 - include/linux/tpm.h | 2 ++ include/linux/tpm_command.h | 43 ++++++++++++++++------- security/keys/trusted-keys/trusted_tpm1.c | 1 - security/keys/trusted-keys/trusted_tpm2.c | 1 - 7 files changed, 33 insertions(+), 30 deletions(-) diff --git a/drivers/char/tpm/tpm-buf.c b/drivers/char/tpm/tpm-buf.c index dc882fc9fa9e..4c4f450630df 100644 --- a/drivers/char/tpm/tpm-buf.c +++ b/drivers/char/tpm/tpm-buf.c @@ -3,7 +3,6 @@ * Handling of TPM command and other buffers. */ =20 -#include #include #include =20 diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c index b49a790f1bd5..664ca1fff2e8 100644 --- a/drivers/char/tpm/tpm1-cmd.c +++ b/drivers/char/tpm/tpm1-cmd.c @@ -22,8 +22,6 @@ =20 #include "tpm.h" =20 -#define TPM_MAX_ORDINAL 243 - /* * Array with one entry per ordinal defining the maximum amount * of time the chip could take to return the result. The ordinal @@ -308,9 +306,6 @@ unsigned long tpm1_calc_ordinal_duration(struct tpm_chi= p *chip, u32 ordinal) return duration; } =20 -#define TPM_ORD_STARTUP 153 -#define TPM_ST_CLEAR 1 - /** * tpm1_startup() - turn on the TPM * @chip: TPM chip to use @@ -459,7 +454,6 @@ int tpm1_get_timeouts(struct tpm_chip *chip) return 0; } =20 -#define TPM_ORD_PCR_EXTEND 20 int tpm1_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash, const char *log_msg) { @@ -478,7 +472,6 @@ int tpm1_pcr_extend(struct tpm_chip *chip, u32 pcr_idx,= const u8 *hash, return rc; } =20 -#define TPM_ORD_GET_CAP 101 ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap, const char *desc, size_t min_cap_length) { @@ -511,7 +504,6 @@ ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_i= d, cap_t *cap, } EXPORT_SYMBOL_GPL(tpm1_getcap); =20 -#define TPM_ORD_GET_RANDOM 70 struct tpm1_get_random_out { __be32 rng_data_len; u8 rng_data[TPM_MAX_RNG_DATA]; @@ -580,13 +572,12 @@ int tpm1_get_random(struct tpm_chip *chip, u8 *dest, = size_t max) return rc; } =20 -#define TPM_ORD_PCRREAD 21 int tpm1_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf) { struct tpm_buf buf; int rc; =20 - rc =3D tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCRREAD); + rc =3D tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCR_READ); if (rc) return rc; =20 @@ -609,7 +600,6 @@ int tpm1_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u= 8 *res_buf) return rc; } =20 -#define TPM_ORD_CONTINUE_SELFTEST 83 /** * tpm1_continue_selftest() - run TPM's selftest * @chip: TPM chip to use @@ -726,8 +716,6 @@ int tpm1_auto_startup(struct tpm_chip *chip) return rc; } =20 -#define TPM_ORD_SAVESTATE 152 - /** * tpm1_pm_suspend() - pm suspend handler * @chip: TPM chip to use. diff --git a/include/keys/trusted_tpm.h b/include/keys/trusted_tpm.h index 0fadc6a4f166..3a0fa3bc8454 100644 --- a/include/keys/trusted_tpm.h +++ b/include/keys/trusted_tpm.h @@ -3,7 +3,6 @@ #define __TRUSTED_TPM_H =20 #include -#include =20 extern struct trusted_key_ops trusted_key_tpm_ops; =20 diff --git a/include/linux/tpm.h b/include/linux/tpm.h index 202da079d500..18dcf0ef46f6 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -25,6 +25,8 @@ #include #include =20 +#include "tpm_command.h" + #define TPM_DIGEST_SIZE 20 /* Max TPM v1.2 PCR size */ =20 #define TPM2_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE diff --git a/include/linux/tpm_command.h b/include/linux/tpm_command.h index f5c03e9c3913..9a8991b8801d 100644 --- a/include/linux/tpm_command.h +++ b/include/linux/tpm_command.h @@ -2,28 +2,45 @@ #ifndef __LINUX_TPM_COMMAND_H__ #define __LINUX_TPM_COMMAND_H__ =20 +/************************************************/ +/* TPM 1 Family Chips */ +/************************************************/ + /* - * TPM Command constants from specifications at - * http://www.trustedcomputinggroup.org + * TPM 1.2 Main Specification + * https://trustedcomputinggroup.org/resource/tpm-main-specification/ */ =20 +#define TPM_MAX_ORDINAL 243 + /* Command TAGS */ -#define TPM_TAG_RQU_COMMAND 193 -#define TPM_TAG_RQU_AUTH1_COMMAND 194 -#define TPM_TAG_RQU_AUTH2_COMMAND 195 -#define TPM_TAG_RSP_COMMAND 196 -#define TPM_TAG_RSP_AUTH1_COMMAND 197 -#define TPM_TAG_RSP_AUTH2_COMMAND 198 +enum tpm_command_tags { + TPM_TAG_RQU_COMMAND =3D 193, + TPM_TAG_RQU_AUTH1_COMMAND =3D 194, + TPM_TAG_RQU_AUTH2_COMMAND =3D 195, + TPM_TAG_RSP_COMMAND =3D 196, + TPM_TAG_RSP_AUTH1_COMMAND =3D 197, + TPM_TAG_RSP_AUTH2_COMMAND =3D 198, +}; =20 /* Command Ordinals */ -#define TPM_ORD_GETRANDOM 70 -#define TPM_ORD_OSAP 11 -#define TPM_ORD_OIAP 10 -#define TPM_ORD_SEAL 23 -#define TPM_ORD_UNSEAL 24 +enum tpm_command_ordinals { + TPM_ORD_CONTINUE_SELFTEST =3D 83, + TPM_ORD_GET_CAP =3D 101, + TPM_ORD_GET_RANDOM =3D 70, + TPM_ORD_PCR_EXTEND =3D 20, + TPM_ORD_PCR_READ =3D 21, + TPM_ORD_OSAP =3D 11, + TPM_ORD_OIAP =3D 10, + TPM_ORD_SAVESTATE =3D 152, + TPM_ORD_SEAL =3D 23, + TPM_ORD_STARTUP =3D 153, + TPM_ORD_UNSEAL =3D 24, +}; =20 /* Other constants */ #define SRKHANDLE 0x40000000 #define TPM_NONCE_SIZE 20 +#define TPM_ST_CLEAR 1 =20 #endif diff --git a/security/keys/trusted-keys/trusted_tpm1.c b/security/keys/trus= ted-keys/trusted_tpm1.c index 636acb66a4f6..10f79a8c2d35 100644 --- a/security/keys/trusted-keys/trusted_tpm1.c +++ b/security/keys/trusted-keys/trusted_tpm1.c @@ -17,7 +17,6 @@ #include #include #include -#include =20 #include =20 diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trus= ted-keys/trusted_tpm2.c index a7ea4a1c3bed..56eb8e20780a 100644 --- a/security/keys/trusted-keys/trusted_tpm2.c +++ b/security/keys/trusted-keys/trusted_tpm2.c @@ -9,7 +9,6 @@ #include #include #include -#include =20 #include #include --=20 2.47.3 From nobody Mon Apr 6 22:03:30 2026 Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2CA602F7AD2; Tue, 17 Mar 2026 16:06:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.165.32 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773763620; cv=none; b=dIxvcs+Zz1y2Sqx8ldqoq8M8gE72I3Tb/auiGkc+t6yMMro5ljKi8mZDM+nOcpo6XduTg38zqM5ZFCDTOzMzSflmZH/lNsyVwCTwzdD3Fb7H8bztIgMGesHDXBaM+ZhCOuSk8kkoU8AUpbz8akFAqD2arvsrmOU3W/nXctqexxI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773763620; c=relaxed/simple; bh=syxAEL/501RO1ZUmlbawWqdmrT2uSQijrIKoGaXtHnY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=QZioJaLzwRWrdm8P8EQ8dVfKGrLkJALaCq6iAJmmnohopCAOG9841Jk8aoOi7MYSn5vdGvF03vBQRzEBkejVUNaOaL6kGWC5TvIc+qqpM8dPnjAYalSbdNbhoWUci+mEMYF5lqUcJzeqzQVxXxzYHKPCufr+Vd0npRKwX4mMf5g= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oracle.com; spf=pass smtp.mailfrom=oracle.com; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b=CKlOwAFm; arc=none smtp.client-ip=205.220.165.32 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oracle.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oracle.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b="CKlOwAFm" Received: from pps.filterd (m0246629.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 62HEldwi690711; Tue, 17 Mar 2026 16:06:40 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=corp-2025-04-25; bh=Vtjvu LVtH4bFy/IPuQthuOAYT+18A15k5X/T8A0XztU=; b=CKlOwAFmv2HS2VoUq/iyK opJRGqCQrr051uREmNHIU2QydCqfUz8iAMNXCSci+toI5DtirirN5o91zkBLVL3H 2MvgFc9GKptLgci2c6xGhigj67qHWCMUuJrcfagH+KntiUWofS/XFR5RhKYFHKWT OsHSpIilCaZf+nqvBiXcMGeG6S6BI4j0wXaMPBNmkOkgiP5uNpz6jxfaRCJb2YnF WoA8kicLNnNmuEhZDpD3DdCjgwPO2M8uNkW11fmI80+DihRzD7/N4Obon1eI1Qkl M5aOv/VRxUHT6DRNxagIaFP6zILpG6j2KzWK3IgIWYHcs9M9wMvh8VpOJD7sowo1 w== Received: from iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta01.appoci.oracle.com [130.35.100.223]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 4cvyj64d4y-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 17 Mar 2026 16:06:39 +0000 (GMT) Received: from pps.filterd (iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (8.18.1.2/8.18.1.2) with ESMTP id 62HF66cA002826; Tue, 17 Mar 2026 16:06:38 GMT Received: from pps.reinject (localhost [127.0.0.1]) by iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTPS id 4cvx4mjp2c-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 17 Mar 2026 16:06:38 +0000 Received: from iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 62HG6cS1027484; Tue, 17 Mar 2026 16:06:38 GMT Received: from localhost (alecbro-ol9.allregionaliads.osdevelopmeniad.oraclevcn.com [100.100.255.11]) by iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTP id 4cvx4mjp0b-1; Tue, 17 Mar 2026 16:06:37 +0000 From: Alec Brown To: linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, jarkko@kernel.org Cc: peterhuewe@gmx.de, jarkko.sakkinen@iki.fi, jgg@ziepe.ca, ross.philipson@oracle.com, dpsmith@apertussolutions.com, daniel.kiper@oracle.com, kanth.ghatraju@oracle.com, trenchboot-devel@googlegroups.com, ardb@kernel.org, alec.r.brown@oracle.com Subject: [PATCH 2/4] tpm: Move TPM1 specific definitions to the command header Date: Tue, 17 Mar 2026 16:03:33 +0000 Message-ID: <20260317160613.2899129-3-alec.r.brown@oracle.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20260317160613.2899129-1-alec.r.brown@oracle.com> References: <20260317160613.2899129-1-alec.r.brown@oracle.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-03-17_03,2026-03-17_01,2025-10-01_01 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxscore=0 phishscore=0 spamscore=0 adultscore=0 malwarescore=0 mlxlogscore=999 suspectscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2603050001 definitions=main-2603170142 X-Authority-Analysis: v=2.4 cv=LKFrgZW9 c=1 sm=1 tr=0 ts=69b97c10 b=1 cx=c_pps a=zPCbziy225d3KhSqZt3L1A==:117 a=zPCbziy225d3KhSqZt3L1A==:17 a=Yq5XynenixoA:10 a=VkNPw1HP01LnGYTKEx00:22 a=jiCTI4zE5U7BLdzWsZGv:22 a=EIcjfB9IiI4px24ztqRk:22 a=xt6ew7UTAAAA:8 a=yPCof4ZbAAAA:8 a=UN5060LkAAAA:8 a=afNhsboDH8tTV8YAr2QA:9 a=tn93DeGZTgJ6DdWMtdD4:22 a=E6eXv-vVeS7VqOnxGRGn:22 cc=ntf awl=host:12272 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMzE3MDE0MiBTYWx0ZWRfX82XdGY3bqpj4 LW+YFBG1zYYzCfMEB6fAy9SXaW6iG9mqoCOX+dV9T3O78jYn087KmlkA1iio/ZvqoWfpKzGLY0O +besE6TUGbBrKJ2FNK2ssHTILcqD4L8WXg2lzYRwOtrFUf8ffdMVFZQxTge7Lmzzk5T6hPE4jFK 5fBAaibC9jhtUN8wTqyggLBMqu64iMVWMq27GnIOu5AT2bEw2DmjoSPbiEpAiUe7eNiv6DJ1/am 0j1R9u7sqnpAdrckYJe0QmsUNK1Lhk/xgl09+sj18iZUiUzlix8m79PiJKcQ4Zg0HjO1p9bGDuM G/4Q+Bydx2GtpL15I7h2MYCxJl63lGGlqSRy6HVweuHj8ApFknRX6IihEK0MhtE752rewd15u7P I/7ZX4D8Zs3uakf3oadOz61X8N58uzksQhegPM4nJxQF59/xhk4ScV9yLcmUURyh6TrDP5bePQl CRwJhbmLhCPiib8y4XQfOQ0NR89sTEYD2RW2eWeE= X-Proofpoint-GUID: YPo-Ec6XQ_HzTPO0aCktydYj-PVJ8oVB X-Proofpoint-ORIG-GUID: YPo-Ec6XQ_HzTPO0aCktydYj-PVJ8oVB Content-Type: text/plain; charset="utf-8" From: Ross Philipson From: Ross Philipson Gather all the TPM1 definitions and structures in the internal header file drivers/char/tpm/tpm.h into the command header. In addition, bring in the single RNG structure from tpm-interface.c. The definitions moved to these files correspond to the TCG specification for TPM 1 family: TPM 1.2 Main Specification - https://trustedcomputinggroup.org/resource/tpm-main-specification/ Signed-off-by: Daniel P. Smith Signed-off-by: Ross Philipson Signed-off-by: Alec Brown --- drivers/char/tpm/tpm.h | 102 -------------------------------- drivers/char/tpm/tpm1-cmd.c | 5 -- include/linux/tpm_command.h | 115 ++++++++++++++++++++++++++++++++++++ 3 files changed, 115 insertions(+), 107 deletions(-) diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h index 02c07fef41ba..1a9a46a921fe 100644 --- a/drivers/char/tpm/tpm.h +++ b/drivers/char/tpm/tpm.h @@ -51,105 +51,9 @@ enum tpm_addr { TPM_ADDR =3D 0x4E, }; =20 -#define TPM_WARN_RETRY 0x800 -#define TPM_WARN_DOING_SELFTEST 0x802 -#define TPM_ERR_DEACTIVATED 0x6 -#define TPM_ERR_DISABLED 0x7 -#define TPM_ERR_FAILEDSELFTEST 0x1C -#define TPM_ERR_INVALID_POSTINIT 38 - -#define TPM_TAG_RQU_COMMAND 193 - /* TPM2 specific constants. */ #define TPM2_SPACE_BUFFER_SIZE 16384 /* 16 kB */ =20 -struct stclear_flags_t { - __be16 tag; - u8 deactivated; - u8 disableForceClear; - u8 physicalPresence; - u8 physicalPresenceLock; - u8 bGlobalLock; -} __packed; - -struct tpm1_version { - u8 major; - u8 minor; - u8 rev_major; - u8 rev_minor; -} __packed; - -struct tpm1_version2 { - __be16 tag; - struct tpm1_version version; -} __packed; - -struct timeout_t { - __be32 a; - __be32 b; - __be32 c; - __be32 d; -} __packed; - -struct duration_t { - __be32 tpm_short; - __be32 tpm_medium; - __be32 tpm_long; -} __packed; - -struct permanent_flags_t { - __be16 tag; - u8 disable; - u8 ownership; - u8 deactivated; - u8 readPubek; - u8 disableOwnerClear; - u8 allowMaintenance; - u8 physicalPresenceLifetimeLock; - u8 physicalPresenceHWEnable; - u8 physicalPresenceCMDEnable; - u8 CEKPUsed; - u8 TPMpost; - u8 TPMpostLock; - u8 FIPS; - u8 operator; - u8 enableRevokeEK; - u8 nvLocked; - u8 readSRKPub; - u8 tpmEstablished; - u8 maintenanceDone; - u8 disableFullDALogicInfo; -} __packed; - -typedef union { - struct permanent_flags_t perm_flags; - struct stclear_flags_t stclear_flags; - __u8 owned; - __be32 num_pcrs; - struct tpm1_version version1; - struct tpm1_version2 version2; - __be32 manufacturer_id; - struct timeout_t timeout; - struct duration_t duration; -} cap_t; - -enum tpm_capabilities { - TPM_CAP_FLAG =3D 4, - TPM_CAP_PROP =3D 5, - TPM_CAP_VERSION_1_1 =3D 0x06, - TPM_CAP_VERSION_1_2 =3D 0x1A, -}; - -enum tpm_sub_capabilities { - TPM_CAP_PROP_PCR =3D 0x101, - TPM_CAP_PROP_MANUFACTURER =3D 0x103, - TPM_CAP_FLAG_PERM =3D 0x108, - TPM_CAP_FLAG_VOL =3D 0x109, - TPM_CAP_PROP_OWNER =3D 0x111, - TPM_CAP_PROP_TIS_TIMEOUT =3D 0x115, - TPM_CAP_PROP_TIS_DURATION =3D 0x120, -}; - enum tpm2_pt_props { TPM2_PT_NONE =3D 0x00000000, TPM2_PT_GROUP =3D 0x00000100, @@ -224,12 +128,6 @@ enum tpm2_pt_props { TPM2_PT_AUDIT_COUNTER_1 =3D TPM2_PT_VAR + 20, }; =20 -/* 128 bytes is an arbitrary cap. This could be as large as TPM_BUFSIZE - = 18 - * bytes, but 128 is still a relatively large number of random bytes and - * anything much bigger causes users of struct tpm_cmd_t to start getting - * compiler warnings about stack frame size. */ -#define TPM_MAX_RNG_DATA 128 - extern const struct class tpm_class; extern const struct class tpmrm_class; extern dev_t tpm_devt; diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c index 664ca1fff2e8..96f189b5fd6f 100644 --- a/drivers/char/tpm/tpm1-cmd.c +++ b/drivers/char/tpm/tpm1-cmd.c @@ -504,11 +504,6 @@ ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_= id, cap_t *cap, } EXPORT_SYMBOL_GPL(tpm1_getcap); =20 -struct tpm1_get_random_out { - __be32 rng_data_len; - u8 rng_data[TPM_MAX_RNG_DATA]; -} __packed; - /** * tpm1_get_random() - get random bytes from the TPM's RNG * @chip: a &struct tpm_chip instance diff --git a/include/linux/tpm_command.h b/include/linux/tpm_command.h index 9a8991b8801d..20b634591fb1 100644 --- a/include/linux/tpm_command.h +++ b/include/linux/tpm_command.h @@ -38,6 +38,121 @@ enum tpm_command_ordinals { TPM_ORD_UNSEAL =3D 24, }; =20 +enum tpm_capabilities { + TPM_CAP_FLAG =3D 4, + TPM_CAP_PROP =3D 5, + TPM_CAP_VERSION_1_1 =3D 0x06, + TPM_CAP_VERSION_1_2 =3D 0x1A, +}; + +enum tpm_sub_capabilities { + TPM_CAP_PROP_PCR =3D 0x101, + TPM_CAP_PROP_MANUFACTURER =3D 0x103, + TPM_CAP_FLAG_PERM =3D 0x108, + TPM_CAP_FLAG_VOL =3D 0x109, + TPM_CAP_PROP_OWNER =3D 0x111, + TPM_CAP_PROP_TIS_TIMEOUT =3D 0x115, + TPM_CAP_PROP_TIS_DURATION =3D 0x120, +}; + +/* Return Codes */ +enum tpm_return_codes { + TPM_BASE_MASK =3D 0, + TPM_NON_FATAL_MASK =3D 0x00000800, + TPM_SUCCESS =3D TPM_BASE_MASK + 0, + TPM_ERR_DEACTIVATED =3D TPM_BASE_MASK + 6, + TPM_ERR_DISABLED =3D TPM_BASE_MASK + 7, + TPM_ERR_FAIL =3D TPM_BASE_MASK + 9, + TPM_ERR_FAILEDSELFTEST =3D TPM_BASE_MASK + 28, + TPM_ERR_INVALID_POSTINIT =3D TPM_BASE_MASK + 38, + TPM_ERR_INVALID_FAMILY =3D TPM_BASE_MASK + 55, + TPM_WARN_RETRY =3D TPM_BASE_MASK + TPM_NON_FATAL_MASK + 0, + TPM_WARN_DOING_SELFTEST =3D TPM_BASE_MASK + TPM_NON_FATAL_MASK + 2, +}; + +struct stclear_flags_t { + __be16 tag; + u8 deactivated; + u8 disableForceClear; + u8 physicalPresence; + u8 physicalPresenceLock; + u8 bGlobalLock; +} __packed; + +struct tpm1_version { + u8 major; + u8 minor; + u8 rev_major; + u8 rev_minor; +} __packed; + +struct tpm1_version2 { + __be16 tag; + struct tpm1_version version; +} __packed; + +struct timeout_t { + __be32 a; + __be32 b; + __be32 c; + __be32 d; +} __packed; + +struct duration_t { + __be32 tpm_short; + __be32 tpm_medium; + __be32 tpm_long; +} __packed; + +struct permanent_flags_t { + __be16 tag; + u8 disable; + u8 ownership; + u8 deactivated; + u8 readPubek; + u8 disableOwnerClear; + u8 allowMaintenance; + u8 physicalPresenceLifetimeLock; + u8 physicalPresenceHWEnable; + u8 physicalPresenceCMDEnable; + u8 CEKPUsed; + u8 TPMpost; + u8 TPMpostLock; + u8 FIPS; + u8 operator; + u8 enableRevokeEK; + u8 nvLocked; + u8 readSRKPub; + u8 tpmEstablished; + u8 maintenanceDone; + u8 disableFullDALogicInfo; +} __packed; + +typedef union { + struct permanent_flags_t perm_flags; + struct stclear_flags_t stclear_flags; + __u8 owned; + __be32 num_pcrs; + struct tpm1_version version1; + struct tpm1_version2 version2; + __be32 manufacturer_id; + struct timeout_t timeout; + struct duration_t duration; +} cap_t; + +/* + * 128 bytes is an arbitrary cap. This could be as large as TPM_BUFSIZE - = 18 + * bytes, but 128 is still a relatively large number of random bytes and + * anything much bigger causes users of struct tpm_cmd_t to start getting + * compiler warnings about stack frame size. + */ +#define TPM_MAX_RNG_DATA 128 + +struct tpm1_get_random_out { + __be32 rng_data_len; + u8 rng_data[TPM_MAX_RNG_DATA]; +} __packed; + /* Other constants */ #define SRKHANDLE 0x40000000 #define TPM_NONCE_SIZE 20 --=20 2.47.3 From nobody Mon Apr 6 22:03:30 2026 Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DE7182989B5; Tue, 17 Mar 2026 16:06:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.165.32 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773763627; cv=none; b=ai2SOcK5MsU+pFtoKYNyrjZRtl4XGHsIbXf1aFWJ6NPHQOnQKbded/0CQSRa8JijTjHfXakoTOposcycjsU9xymGmLRIgzzIP6IgDw4EHoVo3KKxAV+z3CE6zGz28N5x3xWBBBCpydNg6Ti+RjJBex+zI+/88nPHgkEUbmqV+gA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773763627; c=relaxed/simple; bh=t2NL9iSH90ZbyBRuDaEc4VmSUCcU9oMYksWVQH3umKc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=UtEE7NyyErKByv5RpzqgF5fe1FHISWRcqCaeVmAfjlMbezso8YovWPHD4N12Kh29Cp6YB0k7P7JG4MUXVqg9Qaj0v4kN9gZDZXTfhBaX87VtUGvHMN3H+C47r6TdMd2sOaismCzkVl/i+Kfe8DnPeyMDaLPR+MGL5GJvOyz0EZg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oracle.com; spf=pass smtp.mailfrom=oracle.com; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b=RdYG3u5i; arc=none smtp.client-ip=205.220.165.32 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oracle.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oracle.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b="RdYG3u5i" Received: from pps.filterd (m0246627.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 62HFUj6i2678560; Tue, 17 Mar 2026 16:06:41 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=corp-2025-04-25; bh=h17Dq 1sZbOW8NqFaQWYBK3Ma3S2XGzTpK85APlbelc4=; b=RdYG3u5iX81+CefSgNL66 yWtrn+KtjGE02ZlYtD0RSHHO0kAeftAbSe0IOGXCceOwPLcHh9R4o5eY9HRhyED/ o9ZA119TorCeDqF/++oyPm/nAIXzt7ltymLAdRCBpJwlS9WErSASf+KDi3YjFF6n 6O11k7Dhad463FcDdSlXoqImIxmLHI+FaN+yCz+SuX7JTtESuuqx++XJ/7+7ENgi cUai6cq7wGnG1d7HzmR8Tdm8NgIH2ql7X7WDpOJ2974I+J394sJV0TqQkAM1GaQR aMQIB0GJcl/veDHWmJlFZ12swpezMRSv9thC3KENZr49hskZpdePR5JboqHbczuf Q== Received: from phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta02.appoci.oracle.com [147.154.114.232]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 4cvx8x4fen-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 17 Mar 2026 16:06:40 +0000 (GMT) Received: from pps.filterd (phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (8.18.1.2/8.18.1.2) with ESMTP id 62HG5qwl014273; Tue, 17 Mar 2026 16:06:40 GMT Received: from pps.reinject (localhost [127.0.0.1]) by phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTPS id 4cvx4aag0f-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 17 Mar 2026 16:06:39 +0000 Received: from phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 62HG6Pvi031124; Tue, 17 Mar 2026 16:06:39 GMT Received: from localhost (alecbro-ol9.allregionaliads.osdevelopmeniad.oraclevcn.com [100.100.255.11]) by phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTP id 4cvx4aafxe-1; Tue, 17 Mar 2026 16:06:38 +0000 From: Alec Brown To: linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, jarkko@kernel.org Cc: peterhuewe@gmx.de, jarkko.sakkinen@iki.fi, jgg@ziepe.ca, ross.philipson@oracle.com, dpsmith@apertussolutions.com, daniel.kiper@oracle.com, kanth.ghatraju@oracle.com, trenchboot-devel@googlegroups.com, ardb@kernel.org, alec.r.brown@oracle.com Subject: [PATCH 3/4] tpm: Move TPM2 specific definitions to the command header Date: Tue, 17 Mar 2026 16:03:34 +0000 Message-ID: <20260317160613.2899129-4-alec.r.brown@oracle.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20260317160613.2899129-1-alec.r.brown@oracle.com> References: <20260317160613.2899129-1-alec.r.brown@oracle.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-03-17_03,2026-03-17_01,2025-10-01_01 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 adultscore=0 bulkscore=0 phishscore=0 mlxscore=0 mlxlogscore=999 malwarescore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2603050001 definitions=main-2603170142 X-Proofpoint-GUID: V3h44JkB6XCdpRrs8J9e9-tENqGARyK2 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMzE3MDE0MiBTYWx0ZWRfXylH3SPbWGgDo 740SoDCMFgZbV3sfra+Qvr2WXt9X1ykyeqVCA8opsITZPbzamK3JHDfMPEVQ6LOBzprBZK0kvYN 3GJEvLYlFMSTXd6WpK62cj0Aj9uhXTlzzS0+7jh+THW5bBZBKORKVG2IoZTgpZazk+BIpK9Wge4 4bXt1nkWmiGRfkYeGARvCi0wijcTWigTF51R0vN8RsXMMAttyfMIz65pAXaNDqJNEfZDPhIFC7T qVYyYkVo3AHc2+HUiL9ajpMjhDVXXoV9MrIjCFf3p4T+BC4jvzw6/QeRgD8AaMJ3Jn+P6r2TBY+ EWerJ0HJvoOsZg7z6kinnW03lPM6wI7LheiQVtKH2/1darQsXRN9l9tMTkB2oCe4rBFWo0tfRqP HGzZkPfLzU+UD26vfEii/xE4gR9Lw8p27b0rTkDMU214KyG+mu2nSZbTH77HOdOA7aou540oNct M7mYtQgtlOblFBngsuA== X-Authority-Analysis: v=2.4 cv=dJmrWeZb c=1 sm=1 tr=0 ts=69b97c10 cx=c_pps a=OOZaFjgC48PWsiFpTAqLcw==:117 a=OOZaFjgC48PWsiFpTAqLcw==:17 a=Yq5XynenixoA:10 a=VkNPw1HP01LnGYTKEx00:22 a=jiCTI4zE5U7BLdzWsZGv:22 a=RD47p0oAkeU5bO7t-o6f:22 a=xt6ew7UTAAAA:8 a=yPCof4ZbAAAA:8 a=UN5060LkAAAA:8 a=gcEkvpJgjdfwdMcMbXkA:9 a=tn93DeGZTgJ6DdWMtdD4:22 a=E6eXv-vVeS7VqOnxGRGn:22 X-Proofpoint-ORIG-GUID: V3h44JkB6XCdpRrs8J9e9-tENqGARyK2 Content-Type: text/plain; charset="utf-8" From: Ross Philipson From: Ross Philipson Gather all the TPM2 definitions and structures in the internal header file drivers/char/tpm/tpm.h into the command header, including: - Command codes, return codes and definitions from the public and internal tpm.h files. - Structures defined in numerous TPM driver C modules. The definitions moved to these files correspond to the TCG specification for TPM 2 family: TPM 2.0 Library - https://trustedcomputinggroup.org/resource/tpm-library-specification/ Signed-off-by: Daniel P. Smith Signed-off-by: Ross Philipson Signed-off-by: Alec Brown --- drivers/char/tpm/tpm.h | 77 ---------- drivers/char/tpm/tpm2-cmd.c | 30 ---- drivers/char/tpm/tpm2-space.c | 13 -- include/linux/tpm.h | 145 ------------------ include/linux/tpm_command.h | 273 ++++++++++++++++++++++++++++++++++ 5 files changed, 273 insertions(+), 265 deletions(-) diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h index 1a9a46a921fe..147e57c0e7bb 100644 --- a/drivers/char/tpm/tpm.h +++ b/drivers/char/tpm/tpm.h @@ -51,83 +51,6 @@ enum tpm_addr { TPM_ADDR =3D 0x4E, }; =20 -/* TPM2 specific constants. */ -#define TPM2_SPACE_BUFFER_SIZE 16384 /* 16 kB */ - -enum tpm2_pt_props { - TPM2_PT_NONE =3D 0x00000000, - TPM2_PT_GROUP =3D 0x00000100, - TPM2_PT_FIXED =3D TPM2_PT_GROUP * 1, - TPM2_PT_FAMILY_INDICATOR =3D TPM2_PT_FIXED + 0, - TPM2_PT_LEVEL =3D TPM2_PT_FIXED + 1, - TPM2_PT_REVISION =3D TPM2_PT_FIXED + 2, - TPM2_PT_DAY_OF_YEAR =3D TPM2_PT_FIXED + 3, - TPM2_PT_YEAR =3D TPM2_PT_FIXED + 4, - TPM2_PT_MANUFACTURER =3D TPM2_PT_FIXED + 5, - TPM2_PT_VENDOR_STRING_1 =3D TPM2_PT_FIXED + 6, - TPM2_PT_VENDOR_STRING_2 =3D TPM2_PT_FIXED + 7, - TPM2_PT_VENDOR_STRING_3 =3D TPM2_PT_FIXED + 8, - TPM2_PT_VENDOR_STRING_4 =3D TPM2_PT_FIXED + 9, - TPM2_PT_VENDOR_TPM_TYPE =3D TPM2_PT_FIXED + 10, - TPM2_PT_FIRMWARE_VERSION_1 =3D TPM2_PT_FIXED + 11, - TPM2_PT_FIRMWARE_VERSION_2 =3D TPM2_PT_FIXED + 12, - TPM2_PT_INPUT_BUFFER =3D TPM2_PT_FIXED + 13, - TPM2_PT_HR_TRANSIENT_MIN =3D TPM2_PT_FIXED + 14, - TPM2_PT_HR_PERSISTENT_MIN =3D TPM2_PT_FIXED + 15, - TPM2_PT_HR_LOADED_MIN =3D TPM2_PT_FIXED + 16, - TPM2_PT_ACTIVE_SESSIONS_MAX =3D TPM2_PT_FIXED + 17, - TPM2_PT_PCR_COUNT =3D TPM2_PT_FIXED + 18, - TPM2_PT_PCR_SELECT_MIN =3D TPM2_PT_FIXED + 19, - TPM2_PT_CONTEXT_GAP_MAX =3D TPM2_PT_FIXED + 20, - TPM2_PT_NV_COUNTERS_MAX =3D TPM2_PT_FIXED + 22, - TPM2_PT_NV_INDEX_MAX =3D TPM2_PT_FIXED + 23, - TPM2_PT_MEMORY =3D TPM2_PT_FIXED + 24, - TPM2_PT_CLOCK_UPDATE =3D TPM2_PT_FIXED + 25, - TPM2_PT_CONTEXT_HASH =3D TPM2_PT_FIXED + 26, - TPM2_PT_CONTEXT_SYM =3D TPM2_PT_FIXED + 27, - TPM2_PT_CONTEXT_SYM_SIZE =3D TPM2_PT_FIXED + 28, - TPM2_PT_ORDERLY_COUNT =3D TPM2_PT_FIXED + 29, - TPM2_PT_MAX_COMMAND_SIZE =3D TPM2_PT_FIXED + 30, - TPM2_PT_MAX_RESPONSE_SIZE =3D TPM2_PT_FIXED + 31, - TPM2_PT_MAX_DIGEST =3D TPM2_PT_FIXED + 32, - TPM2_PT_MAX_OBJECT_CONTEXT =3D TPM2_PT_FIXED + 33, - TPM2_PT_MAX_SESSION_CONTEXT =3D TPM2_PT_FIXED + 34, - TPM2_PT_PS_FAMILY_INDICATOR =3D TPM2_PT_FIXED + 35, - TPM2_PT_PS_LEVEL =3D TPM2_PT_FIXED + 36, - TPM2_PT_PS_REVISION =3D TPM2_PT_FIXED + 37, - TPM2_PT_PS_DAY_OF_YEAR =3D TPM2_PT_FIXED + 38, - TPM2_PT_PS_YEAR =3D TPM2_PT_FIXED + 39, - TPM2_PT_SPLIT_MAX =3D TPM2_PT_FIXED + 40, - TPM2_PT_TOTAL_COMMANDS =3D TPM2_PT_FIXED + 41, - TPM2_PT_LIBRARY_COMMANDS =3D TPM2_PT_FIXED + 42, - TPM2_PT_VENDOR_COMMANDS =3D TPM2_PT_FIXED + 43, - TPM2_PT_NV_BUFFER_MAX =3D TPM2_PT_FIXED + 44, - TPM2_PT_MODES =3D TPM2_PT_FIXED + 45, - TPM2_PT_MAX_CAP_BUFFER =3D TPM2_PT_FIXED + 46, - TPM2_PT_VAR =3D TPM2_PT_GROUP * 2, - TPM2_PT_PERMANENT =3D TPM2_PT_VAR + 0, - TPM2_PT_STARTUP_CLEAR =3D TPM2_PT_VAR + 1, - TPM2_PT_HR_NV_INDEX =3D TPM2_PT_VAR + 2, - TPM2_PT_HR_LOADED =3D TPM2_PT_VAR + 3, - TPM2_PT_HR_LOADED_AVAIL =3D TPM2_PT_VAR + 4, - TPM2_PT_HR_ACTIVE =3D TPM2_PT_VAR + 5, - TPM2_PT_HR_ACTIVE_AVAIL =3D TPM2_PT_VAR + 6, - TPM2_PT_HR_TRANSIENT_AVAIL =3D TPM2_PT_VAR + 7, - TPM2_PT_HR_PERSISTENT =3D TPM2_PT_VAR + 8, - TPM2_PT_HR_PERSISTENT_AVAIL =3D TPM2_PT_VAR + 9, - TPM2_PT_NV_COUNTERS =3D TPM2_PT_VAR + 10, - TPM2_PT_NV_COUNTERS_AVAIL =3D TPM2_PT_VAR + 11, - TPM2_PT_ALGORITHM_SET =3D TPM2_PT_VAR + 12, - TPM2_PT_LOADED_CURVES =3D TPM2_PT_VAR + 13, - TPM2_PT_LOCKOUT_COUNTER =3D TPM2_PT_VAR + 14, - TPM2_PT_MAX_AUTH_FAIL =3D TPM2_PT_VAR + 15, - TPM2_PT_LOCKOUT_INTERVAL =3D TPM2_PT_VAR + 16, - TPM2_PT_LOCKOUT_RECOVERY =3D TPM2_PT_VAR + 17, - TPM2_PT_NV_WRITE_RECOVERY =3D TPM2_PT_VAR + 18, - TPM2_PT_AUDIT_COUNTER_0 =3D TPM2_PT_VAR + 19, - TPM2_PT_AUDIT_COUNTER_1 =3D TPM2_PT_VAR + 20, -}; - extern const struct class tpm_class; extern const struct class tpmrm_class; extern dev_t tpm_devt; diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c index 3a77be7ebf4a..1fa3e8a43c79 100644 --- a/drivers/char/tpm/tpm2-cmd.c +++ b/drivers/char/tpm/tpm2-cmd.c @@ -94,17 +94,6 @@ unsigned long tpm2_calc_ordinal_duration(u32 ordinal) return msecs_to_jiffies(TPM2_DURATION_DEFAULT); } =20 -struct tpm2_pcr_read_out { - __be32 update_cnt; - __be32 pcr_selects_cnt; - __be16 hash_alg; - u8 pcr_select_size; - u8 pcr_select[TPM2_PCR_SELECT_MIN]; - __be32 digests_cnt; - __be16 digest_size; - u8 digest[]; -} __packed; - /** * tpm2_pcr_read() - read a PCR value * @chip: TPM chip to use. @@ -238,11 +227,6 @@ int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, return rc; } =20 -struct tpm2_get_random_out { - __be16 size; - u8 buffer[TPM_MAX_RNG_DATA]; -} __packed; - /** * tpm2_get_random() - get random bytes from the TPM RNG * @@ -366,14 +350,6 @@ void tpm2_flush_context(struct tpm_chip *chip, u32 han= dle) } EXPORT_SYMBOL_GPL(tpm2_flush_context); =20 -struct tpm2_get_cap_out { - u8 more_data; - __be32 subcap_id; - __be32 property_cnt; - __be32 property_id; - __be32 value; -} __packed; - /** * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property * @chip: a &tpm_chip instance @@ -541,12 +517,6 @@ static int tpm2_init_bank_info(struct tpm_chip *chip, = u32 bank_index) return tpm2_pcr_read(chip, 0, &digest, &bank->digest_size); } =20 -struct tpm2_pcr_selection { - __be16 hash_alg; - u8 size_of_select; - u8 pcr_select[3]; -} __packed; - ssize_t tpm2_get_pcr_allocation(struct tpm_chip *chip) { struct tpm2_pcr_selection pcr_selection; diff --git a/drivers/char/tpm/tpm2-space.c b/drivers/char/tpm/tpm2-space.c index 60354cd53b5c..7c1c0a174a2b 100644 --- a/drivers/char/tpm/tpm2-space.c +++ b/drivers/char/tpm/tpm2-space.c @@ -15,19 +15,6 @@ #include #include "tpm.h" =20 -enum tpm2_handle_types { - TPM2_HT_HMAC_SESSION =3D 0x02000000, - TPM2_HT_POLICY_SESSION =3D 0x03000000, - TPM2_HT_TRANSIENT =3D 0x80000000, -}; - -struct tpm2_context { - __be64 sequence; - __be32 saved_handle; - __be32 hierarchy; - __be16 blob_size; -} __packed; - static void tpm2_flush_sessions(struct tpm_chip *chip, struct tpm_space *s= pace) { int i; diff --git a/include/linux/tpm.h b/include/linux/tpm.h index 18dcf0ef46f6..92957452f7a7 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -38,12 +38,6 @@ struct trusted_key_options; /* opaque structure, holds auth session parameters like the session key */ struct tpm2_auth; =20 -enum tpm2_session_types { - TPM2_SE_HMAC =3D 0x00, - TPM2_SE_POLICY =3D 0x01, - TPM2_SE_TRIAL =3D 0x02, -}; - /* if you add a new hash to this, increment TPM_MAX_HASHES below */ enum tpm_algorithms { TPM_ALG_ERROR =3D 0x0000, @@ -65,11 +59,6 @@ enum tpm_algorithms { */ #define TPM_MAX_HASHES 5 =20 -enum tpm2_curves { - TPM2_ECC_NONE =3D 0x0000, - TPM2_ECC_NIST_P256 =3D 0x0003, -}; - struct tpm_digest { u16 alg_id; u8 digest[TPM2_MAX_DIGEST_SIZE]; @@ -222,122 +211,11 @@ struct tpm_chip { =20 #define TPM_HEADER_SIZE 10 =20 -enum tpm2_const { - TPM2_PLATFORM_PCR =3D 24, - TPM2_PCR_SELECT_MIN =3D ((TPM2_PLATFORM_PCR + 7) / 8), -}; - -enum tpm2_timeouts { - TPM2_TIMEOUT_A =3D 750, - TPM2_TIMEOUT_B =3D 4000, - TPM2_TIMEOUT_C =3D 200, - TPM2_TIMEOUT_D =3D 30, -}; - -enum tpm2_durations { - TPM2_DURATION_SHORT =3D 20, - TPM2_DURATION_LONG =3D 2000, - TPM2_DURATION_DEFAULT =3D 120000, -}; - -enum tpm2_structures { - TPM2_ST_NO_SESSIONS =3D 0x8001, - TPM2_ST_SESSIONS =3D 0x8002, - TPM2_ST_CREATION =3D 0x8021, -}; - -/* Indicates from what layer of the software stack the error comes from */ -#define TSS2_RC_LAYER_SHIFT 16 -#define TSS2_RESMGR_TPM_RC_LAYER (11 << TSS2_RC_LAYER_SHIFT) - -enum tpm2_return_codes { - TPM2_RC_SUCCESS =3D 0x0000, - TPM2_RC_HASH =3D 0x0083, /* RC_FMT1 */ - TPM2_RC_HANDLE =3D 0x008B, - TPM2_RC_INTEGRITY =3D 0x009F, - TPM2_RC_INITIALIZE =3D 0x0100, /* RC_VER1 */ - TPM2_RC_FAILURE =3D 0x0101, - TPM2_RC_DISABLED =3D 0x0120, - TPM2_RC_UPGRADE =3D 0x012D, - TPM2_RC_COMMAND_CODE =3D 0x0143, - TPM2_RC_TESTING =3D 0x090A, /* RC_WARN */ - TPM2_RC_REFERENCE_H0 =3D 0x0910, - TPM2_RC_RETRY =3D 0x0922, - TPM2_RC_SESSION_MEMORY =3D 0x0903, -}; - -enum tpm2_command_codes { - TPM2_CC_FIRST =3D 0x011F, - TPM2_CC_HIERARCHY_CONTROL =3D 0x0121, - TPM2_CC_HIERARCHY_CHANGE_AUTH =3D 0x0129, - TPM2_CC_CREATE_PRIMARY =3D 0x0131, - TPM2_CC_SEQUENCE_COMPLETE =3D 0x013E, - TPM2_CC_SELF_TEST =3D 0x0143, - TPM2_CC_STARTUP =3D 0x0144, - TPM2_CC_SHUTDOWN =3D 0x0145, - TPM2_CC_NV_READ =3D 0x014E, - TPM2_CC_CREATE =3D 0x0153, - TPM2_CC_LOAD =3D 0x0157, - TPM2_CC_SEQUENCE_UPDATE =3D 0x015C, - TPM2_CC_UNSEAL =3D 0x015E, - TPM2_CC_CONTEXT_LOAD =3D 0x0161, - TPM2_CC_CONTEXT_SAVE =3D 0x0162, - TPM2_CC_FLUSH_CONTEXT =3D 0x0165, - TPM2_CC_READ_PUBLIC =3D 0x0173, - TPM2_CC_START_AUTH_SESS =3D 0x0176, - TPM2_CC_VERIFY_SIGNATURE =3D 0x0177, - TPM2_CC_GET_CAPABILITY =3D 0x017A, - TPM2_CC_GET_RANDOM =3D 0x017B, - TPM2_CC_PCR_READ =3D 0x017E, - TPM2_CC_PCR_EXTEND =3D 0x0182, - TPM2_CC_EVENT_SEQUENCE_COMPLETE =3D 0x0185, - TPM2_CC_HASH_SEQUENCE_START =3D 0x0186, - TPM2_CC_CREATE_LOADED =3D 0x0191, - TPM2_CC_LAST =3D 0x0193, /* Spec 1.36 */ -}; - -enum tpm2_permanent_handles { - TPM2_RH_NULL =3D 0x40000007, - TPM2_RS_PW =3D 0x40000009, -}; - -/* Most Significant Octet for key types */ -enum tpm2_mso_type { - TPM2_MSO_NVRAM =3D 0x01, - TPM2_MSO_SESSION =3D 0x02, - TPM2_MSO_POLICY =3D 0x03, - TPM2_MSO_PERMANENT =3D 0x40, - TPM2_MSO_VOLATILE =3D 0x80, - TPM2_MSO_PERSISTENT =3D 0x81, -}; - static inline enum tpm2_mso_type tpm2_handle_mso(u32 handle) { return handle >> 24; } =20 -enum tpm2_capabilities { - TPM2_CAP_HANDLES =3D 1, - TPM2_CAP_COMMANDS =3D 2, - TPM2_CAP_PCRS =3D 5, - TPM2_CAP_TPM_PROPERTIES =3D 6, -}; - -enum tpm2_properties { - TPM_PT_TOTAL_COMMANDS =3D 0x0129, -}; - -enum tpm2_startup_types { - TPM2_SU_CLEAR =3D 0x0000, - TPM2_SU_STATE =3D 0x0001, -}; - -enum tpm2_cc_attrs { - TPM2_CC_ATTR_CHANDLES =3D 25, - TPM2_CC_ATTR_RHANDLE =3D 28, - TPM2_CC_ATTR_VENDOR =3D 29, -}; - #define TPM_VID_INTEL 0x8086 #define TPM_VID_WINBOND 0x1050 #define TPM_VID_STM 0x104A @@ -389,29 +267,6 @@ struct tpm_buf { u8 handles; }; =20 -enum tpm2_object_attributes { - TPM2_OA_FIXED_TPM =3D BIT(1), - TPM2_OA_ST_CLEAR =3D BIT(2), - TPM2_OA_FIXED_PARENT =3D BIT(4), - TPM2_OA_SENSITIVE_DATA_ORIGIN =3D BIT(5), - TPM2_OA_USER_WITH_AUTH =3D BIT(6), - TPM2_OA_ADMIN_WITH_POLICY =3D BIT(7), - TPM2_OA_NO_DA =3D BIT(10), - TPM2_OA_ENCRYPTED_DUPLICATION =3D BIT(11), - TPM2_OA_RESTRICTED =3D BIT(16), - TPM2_OA_DECRYPT =3D BIT(17), - TPM2_OA_SIGN =3D BIT(18), -}; - -enum tpm2_session_attributes { - TPM2_SA_CONTINUE_SESSION =3D BIT(0), - TPM2_SA_AUDIT_EXCLUSIVE =3D BIT(1), - TPM2_SA_AUDIT_RESET =3D BIT(3), - TPM2_SA_DECRYPT =3D BIT(5), - TPM2_SA_ENCRYPT =3D BIT(6), - TPM2_SA_AUDIT =3D BIT(7), -}; - struct tpm2_hash { unsigned int crypto_id; unsigned int tpm_id; diff --git a/include/linux/tpm_command.h b/include/linux/tpm_command.h index 20b634591fb1..ee76fcd5ecef 100644 --- a/include/linux/tpm_command.h +++ b/include/linux/tpm_command.h @@ -158,4 +158,277 @@ struct tpm1_get_random_out { #define TPM_NONCE_SIZE 20 #define TPM_ST_CLEAR 1 =20 +/************************************************/ +/* TPM 2 Family Chips */ +/************************************************/ + +/* + * TPM 2.0 Library + * https://trustedcomputinggroup.org/resource/tpm-library-specification/ + */ + +/* TPM2 specific constants. */ +#define TPM2_SPACE_BUFFER_SIZE 16384 /* 16 kB */ + +enum tpm2_session_types { + TPM2_SE_HMAC =3D 0x00, + TPM2_SE_POLICY =3D 0x01, + TPM2_SE_TRIAL =3D 0x02, +}; + +enum tpm2_timeouts { + TPM2_TIMEOUT_A =3D 750, + TPM2_TIMEOUT_B =3D 4000, + TPM2_TIMEOUT_C =3D 200, + TPM2_TIMEOUT_D =3D 30, + TPM2_DURATION_SHORT =3D 20, + TPM2_DURATION_MEDIUM =3D 750, + TPM2_DURATION_LONG =3D 2000, + TPM2_DURATION_LONG_LONG =3D 300000, + TPM2_DURATION_DEFAULT =3D 120000, +}; + +enum tpm2_structures { + TPM2_ST_NO_SESSIONS =3D 0x8001, + TPM2_ST_SESSIONS =3D 0x8002, + TPM2_ST_CREATION =3D 0x8021, +}; + +/* Indicates from what layer of the software stack the error comes from */ +#define TSS2_RC_LAYER_SHIFT 16 +#define TSS2_RESMGR_TPM_RC_LAYER (11 << TSS2_RC_LAYER_SHIFT) + +enum tpm2_return_codes { + TPM2_RC_SUCCESS =3D 0x0000, + TPM2_RC_HASH =3D 0x0083, /* RC_FMT1 */ + TPM2_RC_HANDLE =3D 0x008B, + TPM2_RC_INTEGRITY =3D 0x009F, + TPM2_RC_INITIALIZE =3D 0x0100, /* RC_VER1 */ + TPM2_RC_FAILURE =3D 0x0101, + TPM2_RC_DISABLED =3D 0x0120, + TPM2_RC_UPGRADE =3D 0x012D, + TPM2_RC_COMMAND_CODE =3D 0x0143, + TPM2_RC_TESTING =3D 0x090A, /* RC_WARN */ + TPM2_RC_REFERENCE_H0 =3D 0x0910, + TPM2_RC_RETRY =3D 0x0922, + TPM2_RC_SESSION_MEMORY =3D 0x0903, +}; + +enum tpm2_command_codes { + TPM2_CC_FIRST =3D 0x011F, + TPM2_CC_HIERARCHY_CONTROL =3D 0x0121, + TPM2_CC_HIERARCHY_CHANGE_AUTH =3D 0x0129, + TPM2_CC_CREATE_PRIMARY =3D 0x0131, + TPM2_CC_SEQUENCE_COMPLETE =3D 0x013E, + TPM2_CC_SELF_TEST =3D 0x0143, + TPM2_CC_STARTUP =3D 0x0144, + TPM2_CC_SHUTDOWN =3D 0x0145, + TPM2_CC_NV_READ =3D 0x014E, + TPM2_CC_CREATE =3D 0x0153, + TPM2_CC_LOAD =3D 0x0157, + TPM2_CC_SEQUENCE_UPDATE =3D 0x015C, + TPM2_CC_UNSEAL =3D 0x015E, + TPM2_CC_CONTEXT_LOAD =3D 0x0161, + TPM2_CC_CONTEXT_SAVE =3D 0x0162, + TPM2_CC_FLUSH_CONTEXT =3D 0x0165, + TPM2_CC_READ_PUBLIC =3D 0x0173, + TPM2_CC_START_AUTH_SESS =3D 0x0176, + TPM2_CC_VERIFY_SIGNATURE =3D 0x0177, + TPM2_CC_GET_CAPABILITY =3D 0x017A, + TPM2_CC_GET_RANDOM =3D 0x017B, + TPM2_CC_PCR_READ =3D 0x017E, + TPM2_CC_PCR_EXTEND =3D 0x0182, + TPM2_CC_EVENT_SEQUENCE_COMPLETE =3D 0x0185, + TPM2_CC_HASH_SEQUENCE_START =3D 0x0186, + TPM2_CC_CREATE_LOADED =3D 0x0191, + TPM2_CC_LAST =3D 0x0193, /* Spec 1.36 */ +}; + +enum tpm2_capabilities { + TPM2_CAP_HANDLES =3D 1, + TPM2_CAP_COMMANDS =3D 2, + TPM2_CAP_PCRS =3D 5, + TPM2_CAP_TPM_PROPERTIES =3D 6, +}; + +enum tpm2_properties { + TPM_PT_TOTAL_COMMANDS =3D 0x0129, +}; + +enum tpm2_startup_types { + TPM2_SU_CLEAR =3D 0x0000, + TPM2_SU_STATE =3D 0x0001, +}; + +enum tpm2_cc_attrs { + TPM2_CC_ATTR_CHANDLES =3D 25, + TPM2_CC_ATTR_RHANDLE =3D 28, + TPM2_CC_ATTR_VENDOR =3D 29, +}; + +enum tpm2_permanent_handles { + TPM2_RH_NULL =3D 0x40000007, + TPM2_RS_PW =3D 0x40000009, +}; + +/* Most Significant Octet for key types */ +enum tpm2_mso_type { + TPM2_MSO_NVRAM =3D 0x01, + TPM2_MSO_SESSION =3D 0x02, + TPM2_MSO_POLICY =3D 0x03, + TPM2_MSO_PERMANENT =3D 0x40, + TPM2_MSO_VOLATILE =3D 0x80, + TPM2_MSO_PERSISTENT =3D 0x81, +}; + +enum tpm2_curves { + TPM2_ECC_NONE =3D 0x0000, + TPM2_ECC_NIST_P256 =3D 0x0003, +}; + +enum tpm2_object_attributes { + TPM2_OA_FIXED_TPM =3D BIT(1), + TPM2_OA_ST_CLEAR =3D BIT(2), + TPM2_OA_FIXED_PARENT =3D BIT(4), + TPM2_OA_SENSITIVE_DATA_ORIGIN =3D BIT(5), + TPM2_OA_USER_WITH_AUTH =3D BIT(6), + TPM2_OA_ADMIN_WITH_POLICY =3D BIT(7), + TPM2_OA_NO_DA =3D BIT(10), + TPM2_OA_ENCRYPTED_DUPLICATION =3D BIT(11), + TPM2_OA_RESTRICTED =3D BIT(16), + TPM2_OA_DECRYPT =3D BIT(17), + TPM2_OA_SIGN =3D BIT(18), +}; + +enum tpm2_session_attributes { + TPM2_SA_CONTINUE_SESSION =3D BIT(0), + TPM2_SA_AUDIT_EXCLUSIVE =3D BIT(1), + TPM2_SA_AUDIT_RESET =3D BIT(3), + TPM2_SA_DECRYPT =3D BIT(5), + TPM2_SA_ENCRYPT =3D BIT(6), + TPM2_SA_AUDIT =3D BIT(7), +}; + +enum tpm2_pcr_select { + TPM2_PLATFORM_PCR =3D 24, + TPM2_PCR_SELECT_MIN =3D ((TPM2_PLATFORM_PCR + 7) / 8), +}; + +enum tpm2_handle_types { + TPM2_HT_HMAC_SESSION =3D 0x02000000, + TPM2_HT_POLICY_SESSION =3D 0x03000000, + TPM2_HT_TRANSIENT =3D 0x80000000, +}; + +enum tpm2_pt_props { + TPM2_PT_NONE =3D 0x00000000, + TPM2_PT_GROUP =3D 0x00000100, + TPM2_PT_FIXED =3D TPM2_PT_GROUP * 1, + TPM2_PT_FAMILY_INDICATOR =3D TPM2_PT_FIXED + 0, + TPM2_PT_LEVEL =3D TPM2_PT_FIXED + 1, + TPM2_PT_REVISION =3D TPM2_PT_FIXED + 2, + TPM2_PT_DAY_OF_YEAR =3D TPM2_PT_FIXED + 3, + TPM2_PT_YEAR =3D TPM2_PT_FIXED + 4, + TPM2_PT_MANUFACTURER =3D TPM2_PT_FIXED + 5, + TPM2_PT_VENDOR_STRING_1 =3D TPM2_PT_FIXED + 6, + TPM2_PT_VENDOR_STRING_2 =3D TPM2_PT_FIXED + 7, + TPM2_PT_VENDOR_STRING_3 =3D TPM2_PT_FIXED + 8, + TPM2_PT_VENDOR_STRING_4 =3D TPM2_PT_FIXED + 9, + TPM2_PT_VENDOR_TPM_TYPE =3D TPM2_PT_FIXED + 10, + TPM2_PT_FIRMWARE_VERSION_1 =3D TPM2_PT_FIXED + 11, + TPM2_PT_FIRMWARE_VERSION_2 =3D TPM2_PT_FIXED + 12, + TPM2_PT_INPUT_BUFFER =3D TPM2_PT_FIXED + 13, + TPM2_PT_HR_TRANSIENT_MIN =3D TPM2_PT_FIXED + 14, + TPM2_PT_HR_PERSISTENT_MIN =3D TPM2_PT_FIXED + 15, + TPM2_PT_HR_LOADED_MIN =3D TPM2_PT_FIXED + 16, + TPM2_PT_ACTIVE_SESSIONS_MAX =3D TPM2_PT_FIXED + 17, + TPM2_PT_PCR_COUNT =3D TPM2_PT_FIXED + 18, + TPM2_PT_PCR_SELECT_MIN =3D TPM2_PT_FIXED + 19, + TPM2_PT_CONTEXT_GAP_MAX =3D TPM2_PT_FIXED + 20, + TPM2_PT_NV_COUNTERS_MAX =3D TPM2_PT_FIXED + 22, + TPM2_PT_NV_INDEX_MAX =3D TPM2_PT_FIXED + 23, + TPM2_PT_MEMORY =3D TPM2_PT_FIXED + 24, + TPM2_PT_CLOCK_UPDATE =3D TPM2_PT_FIXED + 25, + TPM2_PT_CONTEXT_HASH =3D TPM2_PT_FIXED + 26, + TPM2_PT_CONTEXT_SYM =3D TPM2_PT_FIXED + 27, + TPM2_PT_CONTEXT_SYM_SIZE =3D TPM2_PT_FIXED + 28, + TPM2_PT_ORDERLY_COUNT =3D TPM2_PT_FIXED + 29, + TPM2_PT_MAX_COMMAND_SIZE =3D TPM2_PT_FIXED + 30, + TPM2_PT_MAX_RESPONSE_SIZE =3D TPM2_PT_FIXED + 31, + TPM2_PT_MAX_DIGEST =3D TPM2_PT_FIXED + 32, + TPM2_PT_MAX_OBJECT_CONTEXT =3D TPM2_PT_FIXED + 33, + TPM2_PT_MAX_SESSION_CONTEXT =3D TPM2_PT_FIXED + 34, + TPM2_PT_PS_FAMILY_INDICATOR =3D TPM2_PT_FIXED + 35, + TPM2_PT_PS_LEVEL =3D TPM2_PT_FIXED + 36, + TPM2_PT_PS_REVISION =3D TPM2_PT_FIXED + 37, + TPM2_PT_PS_DAY_OF_YEAR =3D TPM2_PT_FIXED + 38, + TPM2_PT_PS_YEAR =3D TPM2_PT_FIXED + 39, + TPM2_PT_SPLIT_MAX =3D TPM2_PT_FIXED + 40, + TPM2_PT_TOTAL_COMMANDS =3D TPM2_PT_FIXED + 41, + TPM2_PT_LIBRARY_COMMANDS =3D TPM2_PT_FIXED + 42, + TPM2_PT_VENDOR_COMMANDS =3D TPM2_PT_FIXED + 43, + TPM2_PT_NV_BUFFER_MAX =3D TPM2_PT_FIXED + 44, + TPM2_PT_MODES =3D TPM2_PT_FIXED + 45, + TPM2_PT_MAX_CAP_BUFFER =3D TPM2_PT_FIXED + 46, + TPM2_PT_VAR =3D TPM2_PT_GROUP * 2, + TPM2_PT_PERMANENT =3D TPM2_PT_VAR + 0, + TPM2_PT_STARTUP_CLEAR =3D TPM2_PT_VAR + 1, + TPM2_PT_HR_NV_INDEX =3D TPM2_PT_VAR + 2, + TPM2_PT_HR_LOADED =3D TPM2_PT_VAR + 3, + TPM2_PT_HR_LOADED_AVAIL =3D TPM2_PT_VAR + 4, + TPM2_PT_HR_ACTIVE =3D TPM2_PT_VAR + 5, + TPM2_PT_HR_ACTIVE_AVAIL =3D TPM2_PT_VAR + 6, + TPM2_PT_HR_TRANSIENT_AVAIL =3D TPM2_PT_VAR + 7, + TPM2_PT_HR_PERSISTENT =3D TPM2_PT_VAR + 8, + TPM2_PT_HR_PERSISTENT_AVAIL =3D TPM2_PT_VAR + 9, + TPM2_PT_NV_COUNTERS =3D TPM2_PT_VAR + 10, + TPM2_PT_NV_COUNTERS_AVAIL =3D TPM2_PT_VAR + 11, + TPM2_PT_ALGORITHM_SET =3D TPM2_PT_VAR + 12, + TPM2_PT_LOADED_CURVES =3D TPM2_PT_VAR + 13, + TPM2_PT_LOCKOUT_COUNTER =3D TPM2_PT_VAR + 14, + TPM2_PT_MAX_AUTH_FAIL =3D TPM2_PT_VAR + 15, + TPM2_PT_LOCKOUT_INTERVAL =3D TPM2_PT_VAR + 16, + TPM2_PT_LOCKOUT_RECOVERY =3D TPM2_PT_VAR + 17, + TPM2_PT_NV_WRITE_RECOVERY =3D TPM2_PT_VAR + 18, + TPM2_PT_AUDIT_COUNTER_0 =3D TPM2_PT_VAR + 19, + TPM2_PT_AUDIT_COUNTER_1 =3D TPM2_PT_VAR + 20, +}; + +struct tpm2_pcr_read_out { + __be32 update_cnt; + __be32 pcr_selects_cnt; + __be16 hash_alg; + u8 pcr_select_size; + u8 pcr_select[TPM2_PCR_SELECT_MIN]; + __be32 digests_cnt; + __be16 digest_size; + u8 digest[]; +} __packed; + +struct tpm2_get_random_out { + __be16 size; + u8 buffer[TPM_MAX_RNG_DATA]; +} __packed; + +struct tpm2_get_cap_out { + u8 more_data; + __be32 subcap_id; + __be32 property_cnt; + __be32 property_id; + __be32 value; +} __packed; + +struct tpm2_pcr_selection { + __be16 hash_alg; + u8 size_of_select; + u8 pcr_select[3]; +} __packed; + +struct tpm2_context { + __be64 sequence; + __be32 saved_handle; + __be32 hierarchy; + __be16 blob_size; +} __packed; + #endif --=20 2.47.3 From nobody Mon Apr 6 22:03:30 2026 Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C6E0026F293; Tue, 17 Mar 2026 16:06:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.165.32 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773763617; cv=none; b=FVpQotqeGYK2cL/x8vNaJ93466UGR4yGwVIu4y6pZFcssZqQL3fchEZiwIZ0mwHk86RFaDXR7Fjj6lT/wQFp+jPXPeVQ/41O6U03hBaF5shSO+cxik5ncz+ihWYDtty7Vp/j8ovBuN8LkmGK4yDJ7iZ1a5N+W5YlgsXOxd1Txo4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773763617; c=relaxed/simple; bh=wrzci2Meegi1bKuXCl6+mRdzgZT0jW/C1Kb+skqurLs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ZQCmUMa7I614szBZB9pnC7+snbvg6V7j2SjHrzB30vZ8ZYaOisjA5DPh+1gMJFkrAD8w+UVPdapBaN5RuDygGzw600q2q/4AbW7EdQYfH2WYVWzcRF3Xp+nwG92BRcZboTxYS4thqU/QgbminUXcO13TzZSFzpFLnKJheg/vZY4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oracle.com; spf=pass smtp.mailfrom=oracle.com; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b=X8q65HHz; arc=none smtp.client-ip=205.220.165.32 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oracle.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oracle.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b="X8q65HHz" Received: from pps.filterd (m0246627.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 62HE4BRs104304; Tue, 17 Mar 2026 16:06:42 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=corp-2025-04-25; bh=vy8KW SDHCCeTGCwkFTZCGK5NcEj8xZNfPUiYETykNRo=; b=X8q65HHzQaQ2csvKn2Yxw hFieQfnKUZcxNkCE38XkCAaCP2H6D4sKwM1aQ3pyhLFh30WIpVtAxeFHycCz3Q8u XmVx/gklIXRFwlS/+ohSXPJac9WT0uAPZWYHYDySSyvjX2SQampRBgP177p3h+hF rn/lnRUKMIb5zPguz89u/W5qlcDKmWwgaR2OcZdJOSnno9EEnKo8QwyfE1HQuCmq OZK+mwSw6PayVtNxlWmESNN7spFbXizpeI6XELseQGcDA3HINN8je740Tla6yEw3 hWBMGcXLXF3IzU9bRVuH/L/aB9aDtDWds1+zqbICsQW7txYluDs22s847xbXJ0hP Q== Received: from phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta02.appoci.oracle.com [147.154.114.232]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 4cvx8x4fet-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 17 Mar 2026 16:06:42 +0000 (GMT) Received: from pps.filterd (phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (8.18.1.2/8.18.1.2) with ESMTP id 62HEcgmW014108; Tue, 17 Mar 2026 16:06:41 GMT Received: from pps.reinject (localhost [127.0.0.1]) by phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTPS id 4cvx4aag40-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 17 Mar 2026 16:06:41 +0000 Received: from phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 62HG6Pvk031124; Tue, 17 Mar 2026 16:06:41 GMT Received: from localhost (alecbro-ol9.allregionaliads.osdevelopmeniad.oraclevcn.com [100.100.255.11]) by phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTP id 4cvx4aag0r-1; Tue, 17 Mar 2026 16:06:40 +0000 From: Alec Brown To: linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, jarkko@kernel.org Cc: peterhuewe@gmx.de, jarkko.sakkinen@iki.fi, jgg@ziepe.ca, ross.philipson@oracle.com, dpsmith@apertussolutions.com, daniel.kiper@oracle.com, kanth.ghatraju@oracle.com, trenchboot-devel@googlegroups.com, ardb@kernel.org, alec.r.brown@oracle.com Subject: [PATCH 4/4] tpm: Move TPM common base definitions to the command header Date: Tue, 17 Mar 2026 16:03:35 +0000 Message-ID: <20260317160613.2899129-5-alec.r.brown@oracle.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20260317160613.2899129-1-alec.r.brown@oracle.com> References: <20260317160613.2899129-1-alec.r.brown@oracle.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-03-17_03,2026-03-17_01,2025-10-01_01 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 adultscore=0 bulkscore=0 phishscore=0 mlxscore=0 mlxlogscore=999 malwarescore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2603050001 definitions=main-2603170142 X-Proofpoint-GUID: E6JBUFNjpcHBobTqDCDcu7BsSoQxqWL8 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMzE3MDE0MiBTYWx0ZWRfX7tZXo5RrF0xl K/jYP9r+k1QNl3rRfTi/pnTsmTgtWZXWBAKge8XFMiTQZTdtXZeE8Uqw0OkEFCn/eVGuiM7vTG7 ycuwgLDjJ4iNJwX/VTtwSuPLMEo/I+P6TDjWN9Vfs9mHqBwe9JYaDf39X6wSPDiEwMcwPl8PZne tohI/dkMJnWzsa1VsXV8gMiPDc8PGLxnBhrLQryp43KdoqXDLfIscFf2QVU1T7BTGLJzySEEAbZ iVVtIfNYe8Rxzy79Ac1wUsdlzJQYkhra7O7JXXV2fumU0lqGJZvTAHyqi9o51GoEkgGJ8jPo97N eycSE7/SiI26eFok4Belvtkoj9RCVJF3mxiay9cTlUEJlskcNTwH+x1MdYe4PBlYUTmR1o+6JJG 7qzjPaMNRRx7zJOzpuOJ77fuv3WuSK5IB+Oqf4y3FbNLT4Z29/gLgKRlRcSz2JDG9O5D5HKscLA Ygba7dz/AcfhU/hiy9g== X-Authority-Analysis: v=2.4 cv=dJmrWeZb c=1 sm=1 tr=0 ts=69b97c12 cx=c_pps a=OOZaFjgC48PWsiFpTAqLcw==:117 a=OOZaFjgC48PWsiFpTAqLcw==:17 a=Yq5XynenixoA:10 a=VkNPw1HP01LnGYTKEx00:22 a=jiCTI4zE5U7BLdzWsZGv:22 a=RD47p0oAkeU5bO7t-o6f:22 a=yPCof4ZbAAAA:8 a=UN5060LkAAAA:8 a=9u39xqQJ7Ymw5X7hPw4A:9 a=E6eXv-vVeS7VqOnxGRGn:22 X-Proofpoint-ORIG-GUID: E6JBUFNjpcHBobTqDCDcu7BsSoQxqWL8 Content-Type: text/plain; charset="utf-8" From: Ross Philipson From: Ross Philipson These are top level definitions shared by both TPM 1 and 2 family chips. This includes core definitions like TPM localities, common crypto algorithm IDs, and the base TPM command header. Signed-off-by: Daniel P. Smith Signed-off-by: Ross Philipson Signed-off-by: Alec Brown --- include/linux/tpm.h | 50 +-------------------- include/linux/tpm_command.h | 89 +++++++++++++++++++++++++++++++++++++ 2 files changed, 90 insertions(+), 49 deletions(-) diff --git a/include/linux/tpm.h b/include/linux/tpm.h index 92957452f7a7..a282b7045a24 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -27,49 +27,12 @@ =20 #include "tpm_command.h" =20 -#define TPM_DIGEST_SIZE 20 /* Max TPM v1.2 PCR size */ - -#define TPM2_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE -#define TPM2_MAX_PCR_BANKS 8 - struct tpm_chip; struct trusted_key_payload; struct trusted_key_options; /* opaque structure, holds auth session parameters like the session key */ struct tpm2_auth; =20 -/* if you add a new hash to this, increment TPM_MAX_HASHES below */ -enum tpm_algorithms { - TPM_ALG_ERROR =3D 0x0000, - TPM_ALG_SHA1 =3D 0x0004, - TPM_ALG_AES =3D 0x0006, - TPM_ALG_KEYEDHASH =3D 0x0008, - TPM_ALG_SHA256 =3D 0x000B, - TPM_ALG_SHA384 =3D 0x000C, - TPM_ALG_SHA512 =3D 0x000D, - TPM_ALG_NULL =3D 0x0010, - TPM_ALG_SM3_256 =3D 0x0012, - TPM_ALG_ECC =3D 0x0023, - TPM_ALG_CFB =3D 0x0043, -}; - -/* - * maximum number of hashing algorithms a TPM can have. This is - * basically a count of every hash in tpm_algorithms above - */ -#define TPM_MAX_HASHES 5 - -struct tpm_digest { - u16 alg_id; - u8 digest[TPM2_MAX_DIGEST_SIZE]; -} __packed; - -struct tpm_bank_info { - u16 alg_id; - u16 digest_size; - u16 crypto_id; -}; - enum TPM_OPS_FLAGS { TPM_OPS_AUTO_STARTUP =3D BIT(0), }; @@ -127,7 +90,7 @@ struct tpm_chip_seqops { const struct seq_operations *seqops; }; =20 -/* fixed define for the curve we use which is NIST_P256 */ +/* Fixed define for the curve we use which is NIST_P256 */ #define EC_PT_SZ 32 =20 /* @@ -209,8 +172,6 @@ struct tpm_chip { #endif }; =20 -#define TPM_HEADER_SIZE 10 - static inline enum tpm2_mso_type tpm2_handle_mso(u32 handle) { return handle >> 24; @@ -239,15 +200,6 @@ enum tpm_chip_flags { =20 #define to_tpm_chip(d) container_of(d, struct tpm_chip, dev) =20 -struct tpm_header { - __be16 tag; - __be32 length; - union { - __be32 ordinal; - __be32 return_code; - }; -} __packed; - enum tpm_buf_flags { /* the capacity exceeded: */ TPM_BUF_OVERFLOW =3D BIT(0), diff --git a/include/linux/tpm_command.h b/include/linux/tpm_command.h index ee76fcd5ecef..25a247254140 100644 --- a/include/linux/tpm_command.h +++ b/include/linux/tpm_command.h @@ -431,4 +431,93 @@ struct tpm2_context { __be16 blob_size; } __packed; =20 +/************************************************/ +/* TPM Common Defs */ +/************************************************/ + +#define TPM_DIGEST_SIZE 20 /* Max TPM v1.2 PCR size */ +#define TPM_BUFSIZE 4096 + +/* + * SHA-512 is, as of today, the largest digest in the TCG algorithm reposi= tory. + */ +#define TPM2_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE + +/* + * A TPM name digest i.e., TPMT_HA, is a concatenation of TPM_ALG_ID of the + * name algorithm and hash of TPMT_PUBLIC. + */ +#define TPM2_MAX_NAME_SIZE (TPM2_MAX_DIGEST_SIZE + 2) + +/* + * Fixed define for the size of a name. This is actually HASHALG size + * plus 2, so 32 for SHA256 + */ +#define TPM2_NULL_NAME_SIZE 34 + +/* + * The maximum number of PCR banks. + */ +#define TPM2_MAX_PCR_BANKS 8 + +/* If you add a new hash to this, increment TPM_MAX_HASHES below */ +enum tpm_algorithms { + TPM_ALG_ERROR =3D 0x0000, + TPM_ALG_SHA1 =3D 0x0004, + TPM_ALG_AES =3D 0x0006, + TPM_ALG_KEYEDHASH =3D 0x0008, + TPM_ALG_SHA256 =3D 0x000B, + TPM_ALG_SHA384 =3D 0x000C, + TPM_ALG_SHA512 =3D 0x000D, + TPM_ALG_NULL =3D 0x0010, + TPM_ALG_SM3_256 =3D 0x0012, + TPM_ALG_ECC =3D 0x0023, + TPM_ALG_CFB =3D 0x0043, +}; + +/* + * The locality (0 - 4) for a TPM, as defined in section 3.2 of the + * Client Platform Profile Specification. + */ +enum tpm_localities { + TPM_LOCALITY_0 =3D 0, /* Static RTM */ + TPM_LOCALITY_1 =3D 1, /* Dynamic OS */ + TPM_LOCALITY_2 =3D 2, /* DRTM Environment */ + TPM_LOCALITY_3 =3D 3, /* Aux Components */ + TPM_LOCALITY_4 =3D 4, /* CPU DRTM Establishment */ + TPM_MAX_LOCALITY =3D TPM_LOCALITY_4 +}; + +/* + * Structure to represent active PCR algorithm banks usable by the + * TPM chip. + */ +struct tpm_bank_info { + u16 alg_id; + u16 digest_size; + u16 crypto_id; +}; + +/* + * Maximum number of hashing algorithms a TPM can have. This is + * basically a count of every hash in tpm_algorithms above + */ +#define TPM_MAX_HASHES 5 + +struct tpm_digest { + u16 alg_id; + u8 digest[TPM2_MAX_DIGEST_SIZE]; +} __packed; + +#define TPM_HEADER_SIZE 10 + +struct tpm_header { + __be16 tag; + __be32 length; + union { + __be32 ordinal; + __be32 return_code; + }; +} __packed; + #endif --=20 2.47.3