Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2e1deaad authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 

Pull security subsystem update from James Morris:
 "Just some minor updates across the subsystem"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
  ima: eliminate passing d_name.name to process_measurement()
  TPM: Retry SaveState command in suspend path
  tpm/tpm_i2c_infineon: Add small comment about return value of __i2c_transfer
  tpm/tpm_i2c_infineon.c: Add OF attributes type and name to the of_device_id table entries
  tpm_i2c_stm_st33: Remove duplicate inclusion of header files
  tpm: Add support for new Infineon I2C TPM (SLB 9645 TT 1.2 I2C)
  char/tpm: Convert struct i2c_msg initialization to C99 format
  drivers/char/tpm/tpm_ppi: use strlcpy instead of strncpy
  tpm/tpm_i2c_stm_st33: formatting and white space changes
  Smack: include magic.h in smackfs.c
  selinux: make security_sb_clone_mnt_opts return an error on context mismatch
  seccomp: allow BPF_XOR based ALU instructions.
  Fix NULL pointer dereference in smack_inode_unlink() and smack_inode_rmdir()
  Smack: add support for modification of existing rules
  smack: SMACK_MAGIC to include/uapi/linux/magic.h
  Smack: add missing support for transmute bit in smack_str_from_perm()
  Smack: prevent revoke-subject from failing when unseen label is written to it
  tomoyo: use DEFINE_SRCU() to define tomoyo_ss
  tomoyo: use DEFINE_SRCU() to define tomoyo_ss
parents 50528fab b7ae9f06

Documentation/devicetree/bindings/i2c/trivial-devices.txt

+2 −0
Original line number Diff line number Diff line
@@ -35,6 +35,8 @@ fsl,mc13892 MC13892: Power Management Integrated Circuit (PMIC) for i.MX35/51 
fsl,mma8450		MMA8450Q: Xtrinsic Low-power, 3-axis Xtrinsic Accelerometer

fsl,mpr121		MPR121: Proximity Capacitive Touch Sensor Controller

fsl,sgtl5000		SGTL5000: Ultra Low-Power Audio Codec

infineon,slb9635tt	Infineon SLB9635 (Soft-) I2C TPM (old protocol, max 100khz)

infineon,slb9645tt	Infineon SLB9645 I2C TPM (new protocol, max 400khz)

maxim,ds1050		5 Bit Programmable, Pulse-Width Modulator

maxim,max1237		Low-Power, 4-/12-Channel, 2-Wire Serial, 12-Bit ADCs

maxim,max6625		9-Bit/12-Bit Temperature Sensors with I²C-Compatible Serial Interface

Documentation/security/Smack.txt

+11 −0
Original line number Diff line number Diff line
@@ -117,6 +117,17 @@ access2 
ambient

	This contains the Smack label applied to unlabeled network

	packets.

change-rule

	This interface allows modification of existing access control rules.

	The format accepted on write is:

		"%s %s %s %s"

	where the first string is the subject label, the second the

	object label, the third the access to allow and the fourth the

	access to deny. The access strings may contain only the characters

	"rwxat-". If a rule for a given subject and object exists it will be

	modified by enabling the permissions in the third string and disabling

	those in the fourth string. If there is no such rule it will be

	created using the access specified in the third and the fourth strings.

cipso

	This interface allows a specific CIPSO header to be assigned

	to a Smack label. The format accepted on write is:

drivers/char/tpm/tpm.c

+27 −4
Original line number Diff line number Diff line
@@ -1337,7 +1337,7 @@ int tpm_pm_suspend(struct device *dev) 
{

	struct tpm_chip *chip = dev_get_drvdata(dev);

	struct tpm_cmd_t cmd;

	int rc;

	int rc, try;



	u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 };
@@ -1355,9 +1355,32 @@ int tpm_pm_suspend(struct device *dev) 
	}



	/* now do the actual savestate */

	for (try = 0; try < TPM_RETRY; try++) {

		cmd.header.in = savestate_header;

	rc = transmit_cmd(chip, &cmd, SAVESTATE_RESULT_SIZE,

			  "sending savestate before suspend");

		rc = transmit_cmd(chip, &cmd, SAVESTATE_RESULT_SIZE, NULL);



		/*

		 * If the TPM indicates that it is too busy to respond to

		 * this command then retry before giving up.  It can take

		 * several seconds for this TPM to be ready.

		 *

		 * This can happen if the TPM has already been sent the

		 * SaveState command before the driver has loaded.  TCG 1.2

		 * specification states that any communication after SaveState

		 * may cause the TPM to invalidate previously saved state.

		 */

		if (rc != TPM_WARN_RETRY)

			break;

		msleep(TPM_TIMEOUT_RETRY);

	}



	if (rc)

		dev_err(chip->dev,

			"Error (%d) sending savestate before suspend\n", rc);

	else if (try > 0)

		dev_warn(chip->dev, "TPM savestate took %dms\n",

			 try * TPM_TIMEOUT_RETRY);



	return rc;

}

EXPORT_SYMBOL_GPL(tpm_pm_suspend);

drivers/char/tpm/tpm.h

+3 −0
Original line number Diff line number Diff line
@@ -32,10 +32,12 @@ enum tpm_const { 
	TPM_MINOR = 224,	/* officially assigned */

	TPM_BUFSIZE = 4096,

	TPM_NUM_DEVICES = 256,

	TPM_RETRY = 50,		/* 5 seconds */

};



enum tpm_timeout {

	TPM_TIMEOUT = 5,	/* msecs */

	TPM_TIMEOUT_RETRY = 100 /* msecs */

};



/* TPM addresses */
@@ -44,6 +46,7 @@ enum tpm_addr { 
	TPM_ADDR = 0x4E,

};



#define TPM_WARN_RETRY          0x800

#define TPM_WARN_DOING_SELFTEST 0x802

#define TPM_ERR_DEACTIVATED     0x6

#define TPM_ERR_DISABLED        0x7

drivers/char/tpm/tpm_i2c_infineon.c

+137 −43
Original line number Diff line number Diff line 
/*

 * Copyright (C) 2012 Infineon Technologies

 * Copyright (C) 2012,2013 Infineon Technologies

 *

 * Authors:

 * Peter Huewe <peter.huewe@infineon.com>
@@ -56,13 +56,21 @@ 
#define TPM_TIMEOUT_US_HI  (TPM_TIMEOUT_US_LOW + 2000)



/* expected value for DIDVID register */

#define TPM_TIS_I2C_DID_VID 0x000b15d1L

#define TPM_TIS_I2C_DID_VID_9635 0xd1150b00L

#define TPM_TIS_I2C_DID_VID_9645 0x001a15d1L



enum i2c_chip_type {

	SLB9635,

	SLB9645,

	UNKNOWN,

};



/* Structure to store I2C TPM specific stuff */

struct tpm_inf_dev {

	struct i2c_client *client;

	u8 buf[TPM_BUFSIZE + sizeof(u8)]; /* max. buffer size + addr */

	struct tpm_chip *chip;

	enum i2c_chip_type chip_type;

};



static struct tpm_inf_dev tpm_dev;
@@ -90,10 +98,20 @@ static struct i2c_driver tpm_tis_i2c_driver; 
static int iic_tpm_read(u8 addr, u8 *buffer, size_t len)

{



	struct i2c_msg msg1 = { tpm_dev.client->addr, 0, 1, &addr };

	struct i2c_msg msg2 = { tpm_dev.client->addr, I2C_M_RD, len, buffer };

	struct i2c_msg msg1 = {

		.addr = tpm_dev.client->addr,

		.len = 1,

		.buf = &addr

	};

	struct i2c_msg msg2 = {

		.addr = tpm_dev.client->addr,

		.flags = I2C_M_RD,

		.len = len,

		.buf = buffer

	};

	struct i2c_msg msgs[] = {msg1, msg2};



	int rc;

	int rc = 0;

	int count;



	/* Lock the adapter for the duration of the whole sequence. */
@@ -101,6 +119,21 @@ static int iic_tpm_read(u8 addr, u8 *buffer, size_t len) 
		return -EOPNOTSUPP;

	i2c_lock_adapter(tpm_dev.client->adapter);



	if (tpm_dev.chip_type == SLB9645) {

		/* use a combined read for newer chips

		 * unfortunately the smbus functions are not suitable due to

		 * the 32 byte limit of the smbus.

		 * retries should usually not be needed, but are kept just to

		 * be on the safe side.

		 */

		for (count = 0; count < MAX_COUNT; count++) {

			rc = __i2c_transfer(tpm_dev.client->adapter, msgs, 2);

			if (rc > 0)

				break;	/* break here to skip sleep */

			usleep_range(SLEEP_DURATION_LOW, SLEEP_DURATION_HI);

		}

	} else {

		/* slb9635 protocol should work in all cases */

		for (count = 0; count < MAX_COUNT; count++) {

			rc = __i2c_transfer(tpm_dev.client->adapter, &msg1, 1);

			if (rc > 0)
@@ -112,19 +145,27 @@ static int iic_tpm_read(u8 addr, u8 *buffer, size_t len) 
		if (rc <= 0)

			goto out;



	/* After the TPM has successfully received the register address it needs

	 * some time, thus we're sleeping here again, before retrieving the data

		/* After the TPM has successfully received the register address

		 * it needs some time, thus we're sleeping here again, before

		 * retrieving the data

		 */

		for (count = 0; count < MAX_COUNT; count++) {

			usleep_range(SLEEP_DURATION_LOW, SLEEP_DURATION_HI);

			rc = __i2c_transfer(tpm_dev.client->adapter, &msg2, 1);

			if (rc > 0)

				break;



		}

	}



out:

	i2c_unlock_adapter(tpm_dev.client->adapter);

	/* take care of 'guard time' */

	usleep_range(SLEEP_DURATION_LOW, SLEEP_DURATION_HI);



	/* __i2c_transfer returns the number of successfully transferred

	 * messages.

	 * So rc should be greater than 0 here otherwise we have an error.

	 */

	if (rc <= 0)

		return -EIO;
@@ -138,7 +179,11 @@ static int iic_tpm_write_generic(u8 addr, u8 *buffer, size_t len, 
	int rc = -EIO;

	int count;



	struct i2c_msg msg1 = { tpm_dev.client->addr, 0, len + 1, tpm_dev.buf };

	struct i2c_msg msg1 = {

		.addr = tpm_dev.client->addr,

		.len = len + 1,

		.buf = tpm_dev.buf

	};



	if (len > TPM_BUFSIZE)

		return -EINVAL;
@@ -154,16 +199,24 @@ static int iic_tpm_write_generic(u8 addr, u8 *buffer, size_t len, 
	/*

	 * NOTE: We have to use these special mechanisms here and unfortunately

	 * cannot rely on the standard behavior of i2c_transfer.

	 * Even for newer chips the smbus functions are not

	 * suitable due to the 32 byte limit of the smbus.

	 */

	for (count = 0; count < max_count; count++) {

		rc = __i2c_transfer(tpm_dev.client->adapter, &msg1, 1);

		if (rc > 0)

			break;



		usleep_range(sleep_low, sleep_hi);

	}



	i2c_unlock_adapter(tpm_dev.client->adapter);

	/* take care of 'guard time' */

	usleep_range(SLEEP_DURATION_LOW, SLEEP_DURATION_HI);



	/* __i2c_transfer returns the number of successfully transferred

	 * messages.

	 * So rc should be greater than 0 here otherwise we have an error.

	 */

	if (rc <= 0)

		return -EIO;
@@ -283,10 +336,17 @@ static int request_locality(struct tpm_chip *chip, int loc) 
static u8 tpm_tis_i2c_status(struct tpm_chip *chip)

{

	/* NOTE: since I2C read may fail, return 0 in this case --> time-out */

	u8 buf;

	u8 buf = 0xFF;

	u8 i = 0;



	do {

		if (iic_tpm_read(TPM_STS(chip->vendor.locality), &buf, 1) < 0)

			return 0;

	else



		i++;

	/* if locallity is set STS should not be 0xFF */

	} while ((buf == 0xFF) && i < 10);



	return buf;

}
@@ -328,7 +388,7 @@ static int wait_for_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout, 


	/* check current status */

	*status = tpm_tis_i2c_status(chip);

	if ((*status & mask) == mask)

	if ((*status != 0xFF) && (*status & mask) == mask)

		return 0;



	stop = jiffies + timeout;
@@ -372,7 +432,6 @@ static int recv_data(struct tpm_chip *chip, u8 *buf, size_t count) 
		/* avoid endless loop in case of broken HW */

		if (retries > MAX_COUNT_LONG)

			return -EIO;



	}

	return size;

}
@@ -480,7 +539,6 @@ static int tpm_tis_i2c_send(struct tpm_chip *chip, u8 *buf, size_t len) 
			rc = -EIO;

			goto out_err;

		}



	}



	/* write last byte */
@@ -568,6 +626,7 @@ static int tpm_tis_i2c_init(struct device *dev) 


	chip = tpm_register_hardware(dev, &tpm_tis_i2c);

	if (!chip) {

		dev_err(dev, "could not register hardware\n");

		rc = -ENODEV;

		goto out_err;

	}
@@ -582,20 +641,24 @@ static int tpm_tis_i2c_init(struct device *dev) 
	chip->vendor.timeout_d = msecs_to_jiffies(TIS_SHORT_TIMEOUT);



	if (request_locality(chip, 0) != 0) {

		dev_err(dev, "could not request locality\n");

		rc = -ENODEV;

		goto out_vendor;

	}



	/* read four bytes from DID_VID register */

	if (iic_tpm_read(TPM_DID_VID(0), (u8 *)&vendor, 4) < 0) {

		dev_err(dev, "could not read vendor id\n");

		rc = -EIO;

		goto out_release;

	}



	/* create DID_VID register value, after swapping to little-endian */

	vendor = be32_to_cpu((__be32) vendor);



	if (vendor != TPM_TIS_I2C_DID_VID) {

	if (vendor == TPM_TIS_I2C_DID_VID_9645) {

		tpm_dev.chip_type = SLB9645;

	} else if (vendor == TPM_TIS_I2C_DID_VID_9635) {

		tpm_dev.chip_type = SLB9635;

	} else {

		dev_err(dev, "vendor id did not match! ID was %08x\n", vendor);

		rc = -ENODEV;

		goto out_release;

	}
@@ -631,22 +694,53 @@ out_err: 


static const struct i2c_device_id tpm_tis_i2c_table[] = {

	{"tpm_i2c_infineon", 0},

	{"slb9635tt", 0},

	{"slb9645tt", 1},

	{},

};



MODULE_DEVICE_TABLE(i2c, tpm_tis_i2c_table);



#ifdef CONFIG_OF

static const struct of_device_id tpm_tis_i2c_of_match[] = {

	{

		.name = "tpm_i2c_infineon",

		.type = "tpm",

		.compatible = "infineon,tpm_i2c_infineon",

		.data = (void *)0

	},

	{

		.name = "slb9635tt",

		.type = "tpm",

		.compatible = "infineon,slb9635tt",

		.data = (void *)0

	},

	{

		.name = "slb9645tt",

		.type = "tpm",

		.compatible = "infineon,slb9645tt",

		.data = (void *)1

	},

	{},

};

MODULE_DEVICE_TABLE(of, tpm_tis_i2c_of_match);

#endif



static SIMPLE_DEV_PM_OPS(tpm_tis_i2c_ops, tpm_pm_suspend, tpm_pm_resume);



static int tpm_tis_i2c_probe(struct i2c_client *client,

			     const struct i2c_device_id *id)

{

	int rc;

	if (tpm_dev.client != NULL)

	struct device *dev = &(client->dev);



	if (tpm_dev.client != NULL) {

		dev_err(dev, "This driver only supports one client at a time\n");

		return -EBUSY;	/* We only support one client */

	}



	if (!i2c_check_functionality(client->adapter, I2C_FUNC_I2C)) {

		dev_err(&client->dev,

			"no algorithms associated to the i2c bus\n");

		dev_err(dev, "no algorithms associated to the i2c bus\n");

		return -ENODEV;

	}
@@ -682,7 +776,6 @@ static int tpm_tis_i2c_remove(struct i2c_client *client) 
}



static struct i2c_driver tpm_tis_i2c_driver = {



	.id_table = tpm_tis_i2c_table,

	.probe = tpm_tis_i2c_probe,

	.remove = tpm_tis_i2c_remove,
@@ -690,11 +783,12 @@ static struct i2c_driver tpm_tis_i2c_driver = { 
		   .name = "tpm_i2c_infineon",

		   .owner = THIS_MODULE,

		   .pm = &tpm_tis_i2c_ops,

		   .of_match_table = of_match_ptr(tpm_tis_i2c_of_match),

		   },

};



module_i2c_driver(tpm_tis_i2c_driver);

MODULE_AUTHOR("Peter Huewe <peter.huewe@infineon.com>");

MODULE_DESCRIPTION("TPM TIS I2C Infineon Driver");

MODULE_VERSION("2.1.5");

MODULE_VERSION("2.2.0");

MODULE_LICENSE("GPL");