diff --git a/centos_pkg_dirs b/centos_pkg_dirs index d6aebc3e4..37596095a 100644 --- a/centos_pkg_dirs +++ b/centos_pkg_dirs @@ -122,3 +122,4 @@ kernel/kernel-modules/intel-i40e kernel/kernel-modules/intel-ixgbevf kernel/kernel-modules/intel-ixgbe kernel/kernel-modules/qat17 +kernel/kernel-modules/tpmdd diff --git a/centos_pkg_dirs_rt b/centos_pkg_dirs_rt index 18423bc44..8cacf3102 100644 --- a/centos_pkg_dirs_rt +++ b/centos_pkg_dirs_rt @@ -8,3 +8,4 @@ kernel/kernel-modules/intel-i40e kernel/kernel-modules/intel-ixgbevf kernel/kernel-modules/intel-ixgbe kernel/kernel-modules/qat17 +kernel/kernel-modules/tpmdd diff --git a/kernel/kernel-modules/tpmdd/PKG-INFO b/kernel/kernel-modules/tpmdd/PKG-INFO new file mode 100644 index 000000000..f43900427 --- /dev/null +++ b/kernel/kernel-modules/tpmdd/PKG-INFO @@ -0,0 +1,13 @@ +Metadata-Version: 1.1 +Name: tpm-kmod +Version: 4.12 +Summary: TPM Linux* Base Driver and Kernel Module +Home-page: http://tpmdd.sourceforge.net/ +Author: +Author-email: +License: GPL +Description: +This package contains the Linux driver and modules for the TPM 1.2 and 2.0 +Family of devices. + +Platform: UNKNOWN diff --git a/kernel/kernel-modules/tpmdd/centos/build_srpm.data b/kernel/kernel-modules/tpmdd/centos/build_srpm.data new file mode 100644 index 000000000..cb44fe866 --- /dev/null +++ b/kernel/kernel-modules/tpmdd/centos/build_srpm.data @@ -0,0 +1,5 @@ +COPY_LIST=" \ + $FILES_BASE/* \ + $CGCS_BASE/mwa-gplv2/tpmdd/patches/* \ + $CGCS_BASE/downloads/tpm-kmod-668a8270.tar.gz" +TIS_PATCH_VER=5 diff --git a/kernel/kernel-modules/tpmdd/centos/files/COPYING b/kernel/kernel-modules/tpmdd/centos/files/COPYING new file mode 100644 index 000000000..e2fed1bf7 --- /dev/null +++ b/kernel/kernel-modules/tpmdd/centos/files/COPYING @@ -0,0 +1,344 @@ + +"This software program is licensed subject to the GNU General Public License +(GPL). Version 2, June 1991, available at +" + + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/kernel/kernel-modules/tpmdd/centos/files/README b/kernel/kernel-modules/tpmdd/centos/files/README new file mode 100644 index 000000000..9b1703ad4 --- /dev/null +++ b/kernel/kernel-modules/tpmdd/centos/files/README @@ -0,0 +1,184 @@ + +TPM Device Driver for CentOS 7 (Linux version 3.10) +=============================================================================== + +=============================================================================== + +Kam Nasim +Copyright (c) 2017 Wind River Systems, Inc. + +SPDX-License-Identifier: Apache-2.0 + + +April, 2017 + +=============================================================================== + +Contents +-------- + +- Overview +- Rebasing Guidelines +- Changesets + +================================================================================ + + +Important Notes +--------------- + +Out-of-tree tpmdd now supported for RT Kernel +---------------------------------------------- + +The RT Kernel also uses the TPM kernel module. The out of kernel +tpmdd (kmod-tpm) package is installed on the RT kernel + +Supports both TPM 1.2 and TPM 2.0 TCG Specifications +------------------------------------------------------------- + +The entire TPM device driver set is now built out of tree, and supports both +TPM v1.2 and v2.0 TCG version of the device + +IMA support disabled in Kernel +------------------------------------------------ + +TPM based Integrity Measurement Architecture (IMA) has been disabled in the Kernel, +since it requires the TPM driver to be built-in to the kernel so that it is available +during bootup to set up the PCR banks. Since the in-kernel TPM driver will trump our +out-of-tree TPM kernel modules, IMA support has been disabled and would require some +refactoring if it is to be used with this driver pack. + +No support for legacy STMicroelectronics ST33ZP24 TPM drivers +-------------------------------------------------------------- + +Owing to a large number of dependency issues in the v3.10 Kernel, this driver +pack excludes the STM (ST33ZP24) drivers. These are legacy drivers for the +TPM 1.2 specification only, and would not apply to TPM 2.0 devices. + + +Overview +-------- + +This driver pack build TPM kernel modules for the 3.10 kernel version. +If newer kernel version are to be supported in the future then the COMPAT +layer (kcompat.h) will need to be adjusted to address kernel-driver compatibility +issues. + +It supports Linux supported x86_64 systems. + +These drivers are only supported as a loadable module at this time. + + +Rebasing Guidelines +-------------------- + +On rebasing TiC software heed the following: +- always rebase the Kernel first before rebasing this package +- get the HEAD from the tpmdd repo and generate a tarball, the tarball +should follow the naming convention: tpm-kmod-; use the short-hand +form of the git commit ID (8 characters) +- update the tpm-kmod spec to Source the new tarball +- apply all existing patches against the new tarball, and adjust the kcompat +layer (kcompat.h and common.mk) accordingly + + +================================================================================ + + +Change Sets +------------------------- + +This driver is a fork from the tpmdd repo: +https://sourceforge.net/projects/tpmdd/ +http://git.infradead.org/users/jjs/linux-tpmdd.git/ + +Sync Head: 668a827057187403999b7ecfcf86b59979c8c3b2 + +COMPAT NOTES: + +1. In newer kernels, IDR has been re-implemented using Radix trees: + + commit 0a835c4f090af2c76fc2932c539c3b32fd21fbbb + Author: Matthew Wilcox + Date: Tue Dec 20 10:27:56 2016 -0500 + + Reimplement IDR and IDA using the radix tree + + The IDR is very similar to the radix tree. It has some functionality that + the radix tree did not have (alloc next free, cyclic allocation, a + callback-based for_each, destroy tree), which is readily implementable on + top of the radix tree. A few small changes were needed in order to use a + tag to represent nodes with free space below them. More extensive + changes were needed to support storing NULL as a valid entry in an IDR. + Plain radix trees still interpret NULL as a not-present entry. + + The IDA is reimplemented as a client of the newly enhanced radix tree. As + in the current implementation, it uses a bitmap at the last level of the + tree. + + Signed-off-by: Matthew Wilcox + Signed-off-by: Matthew Wilcox + Tested-by: Kirill A. Shutemov + Cc: Konstantin Khlebnikov + Cc: Ross Zwisler + Cc: Tejun Heo + Signed-off-by: Andrew Morton + + The compat layer therefore needs to redefine the idr_destroy() to + use the original idr.h based defination and not the one found in radix-trees.h + + +2. In newer kernels, a wrapper has been developed around inode mutex un/lock + + commit 5955102c9984fa081b2d570cfac75c97eecf8f3b + Author: Al Viro + Date: Fri Jan 22 15:40:57 2016 -0500 + + wrappers for ->i_mutex access + + parallel to mutex_{lock,unlock,trylock,is_locked,lock_nested}, + inode_foo(inode) being mutex_foo(&inode->i_mutex). + + Please, use those for access to ->i_mutex; over the coming cycle + ->i_mutex will become rwsem, with ->lookup() done with it held + only shared. + + Signed-off-by: Al Viro + + The compat layer needs to replace all instances of inode locking + with the underlying mutex locking/unlocking calls + + +3. In newer kernels, ACPI memory map cleanup routines have changed + + commit a238317ce8185519ed083e81e84260907fbbcf7f + Author: Lv Zheng + Date: Tue May 20 15:39:41 2014 +0800 + + ACPI: Clean up acpi_os_map/unmap_memory() to eliminate __iomem. + + ACPICA doesn't include protections around address space checking, Linux + build tests always complain increased sparse warnings around ACPICA + internal acpi_os_map/unmap_memory() invocations. This patch tries to fix + this issue permanently. + + The compat layer needs to replace all instances of ACPI iomem map/unmapping with + the legacy os memory mapping/unmapping calls + + +4. In newer kernels, Infineon PNP module loading/unloading ops have changed + + commit 1551660369d00a7e8cdfa12e9af132053eb67140 + Author: Peter Huewe + Date: Mon Mar 16 21:46:31 2015 +0100 + + PNP: tpm/tpm_infineon: Use module_pnp_driver to register driver + + Removing some boilerplate by using module_pnp_driver instead of calling + register and unregister in the otherwise empty init/exit functions + + Signed-off-by: Peter Huewe + Signed-off-by: Rafael J. Wysocki + + The compat layer needs to continue loading the PNP module the old way + using explicit init() and exit() functions diff --git a/kernel/kernel-modules/tpmdd/centos/files/modules-load.conf b/kernel/kernel-modules/tpmdd/centos/files/modules-load.conf new file mode 100644 index 000000000..298f940ff --- /dev/null +++ b/kernel/kernel-modules/tpmdd/centos/files/modules-load.conf @@ -0,0 +1,3 @@ +tpm +tpm_tis_core +tpm_tis diff --git a/kernel/kernel-modules/tpmdd/centos/tpm-kmod.spec b/kernel/kernel-modules/tpmdd/centos/tpm-kmod.spec new file mode 100644 index 000000000..65c9fd79b --- /dev/null +++ b/kernel/kernel-modules/tpmdd/centos/tpm-kmod.spec @@ -0,0 +1,145 @@ +%if "%{?_tis_build_type}" == "rt" +%define bt_ext -rt +%else +%undefine bt_ext +%endif + +# Define the kmod package name here. +%define kmod_name tpm + +Name: %{kmod_name}-kmod%{?bt_ext} +# the version is the Kernel version from which +# this driver is extracted +Version: 4.12 +Release: 0%{?_tis_dist}.%{tis_patch_ver} +Group: System Environment/Kernel +License: GPLv2 +Summary: %{kmod_name}%{?bt_ext} kernel module(s) + +BuildRequires: kernel%{?bt_ext}-devel, redhat-rpm-config, perl, openssl +ExclusiveArch: x86_64 + +# Sources. +# the tpmdd is available as a tarball, with +# the git commit Id referenced in the name +Source0: %{kmod_name}-kmod-668a8270.tar.gz +Source1: modules-load.conf +Source2: COPYING +Source3: README + +# Patches +Patch01: 0001-disable-arm64-acpi-command.patch +Patch02: 0002-tpmdd-kcompat-support.patch +Patch03: UPSTREAM-0001-tpm-replace-msleep-with-usleep_range.patch +Patch04: UPSTREAM-0002-tpm-reduce-tpm-polling-delay-in-tpm_tis_core.patch +Patch05: UPSTREAM-0003-tpm-use-tpm_msleep-value-as-max-delay.patch +Patch06: UPSTREAM-0004-tpm-wait-for-stat-to-specify-variable-polling-time.patch +Patch07: UPSTREAM-0005-tpm-ignore-burstcount-to-improve-send-performance.patch + +%define kversion %(rpm -q kernel%{?bt_ext}-devel | sort --version-sort | tail -1 | sed 's/kernel%{?bt_ext}-devel-//') + +%package -n kmod-tpm%{?bt_ext} +Summary: TPM kernel module(s) and drivers +Group: System Environment/Kernel +%global _use_internal_dependency_generator 0 +Provides: kernel-modules >= %{kversion} +Provides: tpm-kmod = %{?epoch:%{epoch}:}%{version}-%{release} +Requires(post): /usr/sbin/depmod +Requires(postun): /usr/sbin/depmod +%description -n kmod-tpm%{?bt_ext} +This package provides the %{version} TPM kernel module(s) and drivers built +for the Linux kernel using the %{_target_cpu} family of processors. + +%package symbols +Summary: Contains the Module.symvers file for this module +Group: Development/System +%description symbols +This package provides the Module.symvers file which will be used +by other dependant Kernel modules, if they use Kernel symbols that +this module exports +%files symbols +%defattr(-,root,root) +%{_usrsrc}/debug/tpm/Module.symvers + + +%post -n kmod-tpm%{?bt_ext} +echo "Working. This may take some time ..." +if [ -e "/boot/System.map-%{kversion}" ]; then + /usr/sbin/depmod -aeF "/boot/System.map-%{kversion}" "%{kversion}" > /dev/null || : +fi +modules=( $(find /lib/modules/%{kversion}/kernel/drivers/char/tpm | grep '\.ko$') ) +if [ -x "/sbin/weak-modules" ]; then + printf '%s\n' "${modules[@]}" | /sbin/weak-modules --add-modules +fi +echo "Done." + +%preun -n kmod-tpm%{?bt_ext} +rpm -ql kmod-tpm%{?bt_ext}-%{version}-%{release}.x86_64 | grep '\.ko$' > /var/run/rpm-kmod-tpm%{?bt_ext}-modules + +%postun -n kmod-tpm%{?bt_ext} +echo "Working. This may take some time ..." +if [ -e "/boot/System.map-%{kversion}" ]; then + /usr/sbin/depmod -aeF "/boot/System.map-%{kversion}" "%{kversion}" > /dev/null || : +fi +modules=( $(cat /var/run/rpm-kmod-tpm%{?bt_ext}-modules) ) +rm /var/run/rpm-kmod-tpm%{?bt_ext}-modules +if [ -x "/sbin/weak-modules" ]; then + printf '%s\n' "${modules[@]}" | /sbin/weak-modules --remove-modules +fi +echo "Done." + +%files -n kmod-tpm%{?bt_ext} +%defattr(644,root,root,755) +/lib/modules/%{kversion}/ +%doc /usr/share/doc/kmod-tpm/ +%{_sysconfdir}/modules-load.d/tpm_tis.conf + +# Disable the building of the debug package(s). +%define debug_package %{nil} + +%description +This package provides the %{kmod_name} kernel module(s). +It is built to depend upon the specific ABI provided by a range of releases +of the same variant of the Linux kernel and not on any one specific build. + +%prep +%autosetup -p 1 -n %{kmod_name} + +%build +# build out all the TPM kernel modules +%{__make} KSRC=%{_usrsrc}/kernels/%{kversion} + +%install +%{__install} -d %{buildroot}/lib/modules/%{kversion}/kernel/drivers/char/%{kmod_name}/ +%{__install} *.ko %{buildroot}/lib/modules/%{kversion}/kernel/drivers/char/%{kmod_name}/ + +# install the Module.symvers file +%{__install} -d %{buildroot}%{_usrsrc}/debug/%{kmod_name}/ +%{__install} Module.symvers %{buildroot}%{_usrsrc}/debug/%{kmod_name}/ + +%{__install} -d %{buildroot}%{_sysconfdir}/modules-load.d +%{__install} -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/modules-load.d/tpm_tis.conf + +%{__install} -d %{buildroot}%{_defaultdocdir}/kmod-%{kmod_name}/ +%{__install} %{SOURCE2} %{buildroot}%{_defaultdocdir}/kmod-%{kmod_name}/ +%{__install} %{SOURCE3} %{buildroot}%{_defaultdocdir}/kmod-%{kmod_name}/ + +# Strip the modules(s). +find %{buildroot} -type f -name \*.ko -exec %{__strip} --strip-debug \{\} \; + +# Always Sign the modules(s). +# If the module signing keys are not defined, define them here. +%{!?privkey: %define privkey /usr/src/kernels/%{kversion}/signing_key.priv} +%{!?pubkey: %define pubkey /usr/src/kernels/%{kversion}/signing_key.x509} +for module in $(find %{buildroot} -type f -name \*.ko); +do %{__perl} /usr/src/kernels/%{kversion}/scripts/sign-file \ + sha256 %{privkey} %{pubkey} $module; +done + +%clean +%{__rm} -rf %{buildroot} + +%changelog +* Wed Apr 19 2017 Kam Nasim 4.12 +- Initial RPM package. + diff --git a/kernel/kernel-modules/tpmdd/patches/0001-disable-arm64-acpi-command.patch b/kernel/kernel-modules/tpmdd/patches/0001-disable-arm64-acpi-command.patch new file mode 100644 index 000000000..b6d508888 --- /dev/null +++ b/kernel/kernel-modules/tpmdd/patches/0001-disable-arm64-acpi-command.patch @@ -0,0 +1,40 @@ +From: Kam Nasim +Date: Tue, 26 Apr 2017 12:23:03 -0400 +Subject: [PATCH] ARM64 based ACPI commands should not be compiled + +--- + tpm_crb.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/tpm_crb.c ++++ b/tpm_crb.c +@@ -531,7 +531,6 @@ static int crb_acpi_add(struct acpi_devi + struct crb_priv *priv; + struct tpm_chip *chip; + struct device *dev = &device->dev; +- struct tpm2_crb_smc *crb_smc; + acpi_status status; + u32 sm; + int rc; +@@ -564,6 +563,7 @@ static int crb_acpi_add(struct acpi_devi + sm == ACPI_TPM2_COMMAND_BUFFER_WITH_START_METHOD) + priv->flags |= CRB_FL_ACPI_START; + ++#ifdef CONFIG_ARM64 + if (sm == ACPI_TPM2_COMMAND_BUFFER_WITH_SMC) { + if (buf->header.length < (sizeof(*buf) + sizeof(*crb_smc))) { + dev_err(dev, +@@ -572,11 +572,12 @@ static int crb_acpi_add(struct acpi_devi + ACPI_TPM2_COMMAND_BUFFER_WITH_SMC); + return -EINVAL; + } +- crb_smc = ACPI_ADD_PTR(struct tpm2_crb_smc, buf, ++ struct tpm2_crb_smc *crb_smc = ACPI_ADD_PTR(struct tpm2_crb_smc, buf, + ACPI_TPM2_START_METHOD_PARAMETER_OFFSET); + priv->smc_func_id = crb_smc->smc_func_id; + priv->flags |= CRB_FL_CRB_SMC_START; + } ++#endif + + rc = crb_map_io(device, priv, buf); + if (rc) diff --git a/kernel/kernel-modules/tpmdd/patches/0002-tpmdd-kcompat-support.patch b/kernel/kernel-modules/tpmdd/patches/0002-tpmdd-kcompat-support.patch new file mode 100644 index 000000000..4dab81f9d --- /dev/null +++ b/kernel/kernel-modules/tpmdd/patches/0002-tpmdd-kcompat-support.patch @@ -0,0 +1,543 @@ +From 70386017de51483cfc9c0fc3e809d6f9867c4c5f Mon Sep 17 00:00:00 2001 +Message-Id: <70386017de51483cfc9c0fc3e809d6f9867c4c5f.1507751678.git.Jim.Somerville@windriver.com> +From: Kam Nasim +Date: Wed, 26 Apr 2017 12:23:03 -0400 +Subject: [PATCH 1/1] compat changes for building tpmdd out-of-tree + +Signed-off-by: Jim Somerville +--- + Makefile | 110 ++++++++++++++++++++- + common.mk | 332 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + kcompat.h | 39 ++++++++ + tpm.h | 3 + + 4 files changed, 482 insertions(+), 2 deletions(-) + create mode 100644 common.mk + create mode 100644 kcompat.h + +diff --git a/Makefile b/Makefile +index 23681f0..f3250cc 100644 +--- a/Makefile ++++ b/Makefile +@@ -1,6 +1,9 @@ +-# ++ ++ifneq ($(KERNELRELEASE),) ++# kbuild part of makefile + # Makefile for the kernel tpm device drivers. + # ++ + obj-$(CONFIG_TCG_TPM) += tpm.o + tpm-y := tpm-interface.o tpm-dev.o tpm-sysfs.o tpm-chip.o tpm2-cmd.o \ + tpm-dev-common.o tpmrm-dev.o tpm1_eventlog.o tpm2_eventlog.o \ +@@ -17,7 +20,110 @@ obj-$(CONFIG_TCG_NSC) += tpm_nsc.o + obj-$(CONFIG_TCG_ATMEL) += tpm_atmel.o + obj-$(CONFIG_TCG_INFINEON) += tpm_infineon.o + obj-$(CONFIG_TCG_IBMVTPM) += tpm_ibmvtpm.o +-obj-$(CONFIG_TCG_TIS_ST33ZP24) += st33zp24/ + obj-$(CONFIG_TCG_XEN) += xen-tpmfront.o + obj-$(CONFIG_TCG_CRB) += tpm_crb.o + obj-$(CONFIG_TCG_VTPM_PROXY) += tpm_vtpm_proxy.o ++ ++else # ifneq($(KERNELRELEASE),) ++# normal makefile ++ ++# driver will be provided by the spec file ++DRIVER= ++ ++ifeq (,$(wildcard common.mk)) ++ $(error Cannot find common.mk build rules) ++else ++ include common.mk ++endif ++ ++############### ++# Build rules # ++############### ++ ++# Standard compilation, with regular output ++default: ++ @+$(call kernelbuild,modules) ++ ++# Noisy output, for extra debugging ++noisy: ++ @+$(call kernelbuild,modules,V=1) ++ ++# Silence any output generated ++silent: ++ @+$(call kernelbuild,modules,>/dev/null) ++ ++# Enable higher warning level ++checkwarnings: clean ++ @+$(call kernelbuild,modules,W=1) ++ ++# Run sparse static analyzer ++sparse: clean ++ @+$(call kernelbuild,modules,C=2 CF="-D__CHECK_ENDIAN__ -Wbitwise -Wcontext") ++ ++# Run coccicheck static analyzer ++ccc: clean ++ @+$(call kernelbuild,modules,coccicheck MODE=report) ++ ++# Clean the module subdirectories ++clean: ++ @+$(call kernelbuild,clean) ++ @-rm -rf *.ko ++ ++# Install the modules ++install: default ++ @echo "Installing modules..." ++ @+$(call kernelbuild,modules_install) ++ @echo "Running depmod..." ++ @$(call cmd_depmod) ++ifeq (${cmd_initrd},) ++ @echo "Unable to update initrd. You may need to do this manually." ++else ++ @echo "Updating initrd..." ++ -@$(call cmd_initrd) ++endif ++ ++# Target used by rpmbuild spec file ++rpm: default ++ @install -D -m 644 ${DRIVER}.ko ${INSTALL_MOD_PATH}/lib/modules/${KVER}/${INSTALL_MOD_DIR}/${DRIVER}.ko ++ ++uninstall: ++ rm -f ${INSTALL_MOD_PATH}/lib/modules/${KVER}/${INSTALL_MOD_DIR}/${DRIVER}.ko; ++ $(call cmd_depmod) ++ifeq (${cmd_initrd},) ++ @echo "Unable to update initrd. You may need to do this manually." ++else ++ @echo "Updating initrd..." ++ -@$(call cmd_initrd) ++endif ++ ++######## ++# Help # ++######## ++help: ++ @echo 'Cleaning targets:' ++ @echo ' clean - Clean files generated by kernel module build' ++ @echo 'Build targets:' ++ @echo ' default - Build module(s) with standard verbosity' ++ @echo ' noisy - Build module(s) with V=1 verbosity -- very noisy' ++ @echo ' silent - Build module(s), squelching all output' ++ @echo 'Static Analysis:' ++ @echo ' checkwarnings - Clean, then build module(s) with W=1 warnings enabled' ++ @echo ' sparse - Clean, then check module(s) using sparse' ++ @echo ' ccc - Clean, then check module(s) using coccicheck' ++ @echo 'Other targets:' ++ @echo ' install - Build then install the module(s)' ++ @echo ' uninstall - Uninstall the module(s)' ++ @echo ' help - Display this help message' ++ @echo 'Variables:' ++ @echo ' LINUX_VERSION - Debug tool to force kernel LINUX_VERSION_CODE. Use at your own risk.' ++ @echo ' W=N - Kernel variable for setting warning levels' ++ @echo ' V=N - Kernel variable for setting output verbosity' ++ @echo ' INSTALL_MOD_PATH - Add prefix for the module and manpage installation path' ++ @echo ' INSTALL_MOD_DIR - Use module directory other than updates/drivers/char/tpm/${DRIVER}' ++ @echo ' KSRC - Specifies the full path to the kernel tree to build against' ++ @echo ' Other variables may be available for tuning make process, see' ++ @echo ' Kernel Kbuild documentation for more information' ++ ++.PHONY: default noisy clean silent sparse ccc install uninstall help ++ ++endif # ifneq($(KERNELRELEASE),) +diff --git a/common.mk b/common.mk +new file mode 100644 +index 0000000..671ca33 +--- /dev/null ++++ b/common.mk +@@ -0,0 +1,332 @@ ++################################################################################ ++# ++# Linux TPM Driver ++# Copyright(c) 2013 - 2017 Intel Corporation. ++# Copyright (c) 2017 Wind River Systems, Inc. ++# ++# This program is free software; you can redistribute it and/or modify it ++# under the terms and conditions of the GNU General Public License, ++# version 2, as published by the Free Software Foundation. ++# ++# This program is distributed in the hope it will be useful, but WITHOUT ++# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for ++# more details. ++# ++# The full GNU General Public License is included in this distribution in ++# the file called "COPYING". ++# ++# Contact Information: ++# e1000-devel Mailing List ++# Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497 ++################################################################################ ++ ++ ++# common Makefile rules useful for out-of-tree Linux driver builds ++# ++# Usage: include common.mk ++# ++# After including, you probably want to add a minimum_kver_check call ++# ++# Required Variables: ++# DRIVER ++# -- Set to the lowercase driver name ++ ++##################### ++# Helpful functions # ++##################### ++ ++readlink = $(shell readlink -f ${1}) ++ ++# helper functions for converting kernel version to version codes ++get_kver = $(or $(word ${2},$(subst ., ,${1})),0) ++get_kvercode = $(shell [ "${1}" -ge 0 -a "${1}" -le 255 2>/dev/null ] && \ ++ [ "${2}" -ge 0 -a "${2}" -le 255 2>/dev/null ] && \ ++ [ "${3}" -ge 0 -a "${3}" -le 255 2>/dev/null ] && \ ++ printf %d $$(( ( ${1} << 16 ) + ( ${2} << 8 ) + ( ${3} ) )) ) ++ ++################ ++# depmod Macro # ++################ ++ ++cmd_depmod = /sbin/depmod $(if ${SYSTEM_MAP_FILE},-e -F ${SYSTEM_MAP_FILE}) \ ++ $(if $(strip ${INSTALL_MOD_PATH}),-b ${INSTALL_MOD_PATH}) \ ++ -a ${KVER} ++ ++################ ++# dracut Macro # ++################ ++ ++cmd_initrd := $(shell \ ++ if which dracut > /dev/null 2>&1 ; then \ ++ echo "dracut --force"; \ ++ elif which update-initramfs > /dev/null 2>&1 ; then \ ++ echo "update-initramfs -u"; \ ++ fi ) ++ ++##################### ++# Environment tests # ++##################### ++ ++DRIVER_UPPERCASE := $(shell echo ${DRIVER} | tr "[:lower:]" "[:upper:]" | tr "TPM" "TCG") ++ ++ifeq (,${BUILD_KERNEL}) ++BUILD_KERNEL=$(shell uname -r) ++endif ++ ++# Kernel Search Path ++# All the places we look for kernel source ++KSP := /lib/modules/${BUILD_KERNEL}/source \ ++ /lib/modules/${BUILD_KERNEL}/build \ ++ /usr/src/linux-${BUILD_KERNEL} \ ++ /usr/src/linux-$(${BUILD_KERNEL} | sed 's/-.*//') \ ++ /usr/src/kernel-headers-${BUILD_KERNEL} \ ++ /usr/src/kernel-source-${BUILD_KERNEL} \ ++ /usr/src/linux-$(${BUILD_KERNEL} | sed 's/\([0-9]*\.[0-9]*\)\..*/\1/') \ ++ /usr/src/linux \ ++ /usr/src/kernels/${BUILD_KERNEL} \ ++ /usr/src/kernels ++ ++# prune the list down to only values that exist and have an include/linux ++# sub-directory. We can't use include/config because some older kernels don't ++# have this. ++test_dir = $(shell [ -e ${dir}/include/linux ] && echo ${dir}) ++KSP := $(foreach dir, ${KSP}, ${test_dir}) ++ ++# we will use this first valid entry in the search path ++ifeq (,${KSRC}) ++ KSRC := $(firstword ${KSP}) ++endif ++ ++ifeq (,${KSRC}) ++ $(warning *** Kernel header files not in any of the expected locations.) ++ $(warning *** Install the appropriate kernel development package, e.g.) ++ $(error kernel-devel, for building kernel modules and try again) ++else ++ifeq (/lib/modules/${BUILD_KERNEL}/source, ${KSRC}) ++ KOBJ := /lib/modules/${BUILD_KERNEL}/build ++else ++ KOBJ := ${KSRC} ++endif ++endif ++ ++# Version file Search Path ++VSP := ${KOBJ}/include/generated/utsrelease.h \ ++ ${KOBJ}/include/linux/utsrelease.h \ ++ ${KOBJ}/include/linux/version.h \ ++ ${KOBJ}/include/generated/uapi/linux/version.h \ ++ /boot/vmlinuz.version.h ++ ++# Config file Search Path ++CSP := ${KOBJ}/include/generated/autoconf.h \ ++ ${KOBJ}/include/linux/autoconf.h \ ++ /boot/vmlinuz.autoconf.h ++ ++# System.map Search Path (for depmod) ++MSP := ${KSRC}/System.map \ ++ /boot/System.map-${BUILD_KERNEL} ++ ++# prune the lists down to only files that exist ++test_file = $(shell [ -f ${file} ] && echo ${file}) ++VSP := $(foreach file, ${VSP}, ${test_file}) ++CSP := $(foreach file, ${CSP}, ${test_file}) ++MSP := $(foreach file, ${MSP}, ${test_file}) ++ ++ ++# and use the first valid entry in the Search Paths ++ifeq (,${VERSION_FILE}) ++ VERSION_FILE := $(firstword ${VSP}) ++endif ++ ++ifeq (,${CONFIG_FILE}) ++ CONFIG_FILE := $(firstword ${CSP}) ++endif ++ ++ifeq (,${SYSTEM_MAP_FILE}) ++ SYSTEM_MAP_FILE := $(firstword ${MSP}) ++endif ++ ++ifeq (,$(wildcard ${VERSION_FILE})) ++ $(error Linux kernel source not configured - missing version header file) ++endif ++ ++ifeq (,$(wildcard ${CONFIG_FILE})) ++ $(error Linux kernel source not configured - missing autoconf.h) ++endif ++ ++ifeq (,$(wildcard ${SYSTEM_MAP_FILE})) ++ $(warning Missing System.map file - depmod will not check for missing symbols) ++endif ++ ++####################### ++# Linux Version Setup # ++####################### ++ ++# The following command line parameter is intended for development of KCOMPAT ++# against upstream kernels such as net-next which have broken or non-updated ++# version codes in their Makefile. They are intended for debugging and ++# development purpose only so that we can easily test new KCOMPAT early. If you ++# don't know what this means, you do not need to set this flag. There is no ++# arcane magic here. ++ ++# Convert LINUX_VERSION into LINUX_VERSION_CODE ++ifneq (${LINUX_VERSION},) ++ LINUX_VERSION_CODE=$(call get_kvercode,$(call get_kver,${LINUX_VERSION},1),$(call get_kver,${LINUX_VERSION},2),$(call get_kver,${LINUX_VERSION},3)) ++endif ++ ++# Honor LINUX_VERSION_CODE ++ifneq (${LINUX_VERSION_CODE},) ++ $(warning Forcing target kernel to build with LINUX_VERSION_CODE of ${LINUX_VERSION_CODE}$(if ${LINUX_VERSION}, from LINUX_VERSION=${LINUX_VERSION}). Do this at your own risk.) ++ KVER_CODE := ${LINUX_VERSION_CODE} ++ EXTRA_CFLAGS += -DLINUX_VERSION_CODE=${LINUX_VERSION_CODE} ++endif ++ ++# Determine SLE_LOCALVERSION_CODE for SuSE SLE >= 11 (needed by kcompat) ++# This assumes SuSE will continue setting CONFIG_LOCALVERSION to the string ++# appended to the stable kernel version on which their kernel is based with ++# additional versioning information (up to 3 numbers), a possible abbreviated ++# git SHA1 commit id and a kernel type, e.g. CONFIG_LOCALVERSION=-1.2.3-default ++# or CONFIG_LOCALVERSION=-999.gdeadbee-default ++ifeq (1,$(shell ${CC} -E -dM ${CONFIG_FILE} 2> /dev/null |\ ++ grep -m 1 CONFIG_SUSE_KERNEL | awk '{ print $$3 }')) ++ ++ifneq (10,$(shell ${CC} -E -dM ${CONFIG_FILE} 2> /dev/null |\ ++ grep -m 1 CONFIG_SLE_VERSION | awk '{ print $$3 }')) ++ ++ LOCALVERSION := $(shell ${CC} -E -dM ${CONFIG_FILE} 2> /dev/null |\ ++ grep -m 1 CONFIG_LOCALVERSION | awk '{ print $$3 }' |\ ++ cut -d'-' -f2 | sed 's/\.g[[:xdigit:]]\{7\}//') ++ LOCALVER_A := $(shell echo ${LOCALVERSION} | cut -d'.' -f1) ++ LOCALVER_B := $(shell echo ${LOCALVERSION} | cut -s -d'.' -f2) ++ LOCALVER_C := $(shell echo ${LOCALVERSION} | cut -s -d'.' -f3) ++ SLE_LOCALVERSION_CODE := $(shell expr ${LOCALVER_A} \* 65536 + \ ++ 0${LOCALVER_B} \* 256 + 0${LOCALVER_C}) ++ EXTRA_CFLAGS += -DSLE_LOCALVERSION_CODE=${SLE_LOCALVERSION_CODE} ++endif ++endif ++ ++EXTRA_CFLAGS += ${CFLAGS_EXTRA} ++ ++# get the kernel version - we use this to find the correct install path ++KVER := $(shell ${CC} ${EXTRA_CFLAGS} -E -dM ${VERSION_FILE} | grep UTS_RELEASE | \ ++ awk '{ print $$3 }' | sed 's/\"//g') ++ ++# assume source symlink is the same as build, otherwise adjust KOBJ ++ifneq (,$(wildcard /lib/modules/${KVER}/build)) ++ ifneq (${KSRC},$(call readlink,/lib/modules/${KVER}/build)) ++ KOBJ=/lib/modules/${KVER}/build ++ endif ++endif ++ ++ifeq (${KVER_CODE},) ++ KVER_CODE := $(shell ${CC} ${EXTRA_CFLAGS} -E -dM ${VSP} 2> /dev/null |\ ++ grep -m 1 LINUX_VERSION_CODE | awk '{ print $$3 }' | sed 's/\"//g') ++endif ++ ++# minimum_kver_check ++# ++# helper function to provide uniform output for different drivers to abort the ++# build based on kernel version check. Usage: "$(call minimum_kver_check,2,6,XX)". ++define _minimum_kver_check ++ifeq (0,$(shell [ ${KVER_CODE} -lt $(call get_kvercode,${1},${2},${3}) ]; echo "$$?")) ++ $$(warning *** Aborting the build.) ++ $$(error This driver is not supported on kernel versions older than ${1}.${2}.${3}) ++endif ++endef ++minimum_kver_check = $(eval $(call _minimum_kver_check,${1},${2},${3})) ++ ++################ ++# Manual Pages # ++################ ++ ++MANSECTION = 7 ++ ++ifeq (,${MANDIR}) ++ # find the best place to install the man page ++ MANPATH := $(shell (manpath 2>/dev/null || echo $MANPATH) | sed 's/:/ /g') ++ ifneq (,${MANPATH}) ++ # test based on inclusion in MANPATH ++ test_dir = $(findstring ${dir}, ${MANPATH}) ++ else ++ # no MANPATH, test based on directory existence ++ test_dir = $(shell [ -e ${dir} ] && echo ${dir}) ++ endif ++ # our preferred install path ++ # should /usr/local/man be in here ? ++ MANDIR := /usr/share/man /usr/man ++ MANDIR := $(foreach dir, ${MANDIR}, ${test_dir}) ++ MANDIR := $(firstword ${MANDIR}) ++endif ++ifeq (,${MANDIR}) ++ # fallback to /usr/man ++ MANDIR := /usr/man ++endif ++ ++#################### ++# CCFLAGS variable # ++#################### ++ ++# set correct CCFLAGS variable for kernels older than 2.6.24 ++ifeq (0,$(shell [ ${KVER_CODE} -lt $(call get_kvercode,2,6,24) ]; echo $$?)) ++CCFLAGS_VAR := EXTRA_CFLAGS ++else ++CCFLAGS_VAR := ccflags-y ++endif ++ ++################# ++# KBUILD_OUTPUT # ++################# ++ ++# Only set KBUILD_OUTPUT if KOBJ differs from KSRC ++ifneq (${KSRC},${KOBJ}) ++export KBUILD_OUTPUT ?= ${KOBJ} ++endif ++ ++############################ ++# Module Install Directory # ++############################ ++ ++# Default to using updates/drivers/char/tpm/ path, since depmod since ++# v3.1 defaults to checking updates folder first, and only checking kernels/ ++# and extra afterwards. We use updates instead of kernel/* due to desire to ++# prevent over-writing built-in modules files. ++export INSTALL_MOD_DIR ?= updates/drivers/char/tpm/ ++ ++ ++###################### ++# Kernel Build Macro # ++###################### ++ ++# kernel build function ++# ${1} is the kernel build target ++# ${2} may contain any extra rules to pass directly to the sub-make process ++# ++# This function is expected to be executed by ++# @+$(call kernelbuild,,) ++# from within a Makefile recipe. ++# ++# The following variables are expected to be defined for its use: ++# GCC_I_SYS -- if set it will enable use of gcc-i-sys.sh wrapper to use -isystem ++# CCFLAGS_VAR -- the CCFLAGS variable to set extra CFLAGS ++# EXTRA_CFLAGS -- a set of extra CFLAGS to pass into the ccflags-y variable ++# KSRC -- the location of the kernel source tree to build against ++# DRIVER_UPPERCASE -- the uppercase name of the kernel module, set from DRIVER ++# ++kernelbuild = ${MAKE} $(if ${GCC_I_SYS},CC="${GCC_I_SYS}") \ ++ ${CCFLAGS_VAR}="${EXTRA_CFLAGS}" \ ++ -C "${KSRC}" \ ++ CONFIG_TCG_TPM=m \ ++ CONFIG_ACPI=y \ ++ CONFIG_TCG_TIS_CORE=m \ ++ CONFIG_TCG_TIS=m \ ++ CONFIG_TCG_TIS_I2C_ATMEL=m \ ++ CONFIG_TCG_TIS_I2C_INFINEON=m \ ++ CONFIG_TCG_TIS_I2C_NUVOTON=m \ ++ CONFIG_TCG_NSC=m \ ++ CONFIG_TCG_ATMEL=m \ ++ CONFIG_TCG_INFINEON=m \ ++ CONFIG_TCG_CRB=m \ ++ CONFIG_${DRIVER_UPPERCASE}=m \ ++ modules \ ++ M="${CURDIR}" \ ++ ${2} ${1} +diff --git a/kcompat.h b/kcompat.h +new file mode 100644 +index 0000000..cd9578a +--- /dev/null ++++ b/kcompat.h +@@ -0,0 +1,39 @@ ++/********************************************************************** ++ * ++ * Copyright (c) 2017 Wind River Systems, Inc. ++* SPDX-License-Identifier: Apache-2.0 ++* ++* ++* ++ **********************************************************************/ ++ ++#ifndef _KCOMPAT_H_ ++#define _KCOMPAT_H_ ++ ++#ifndef LINUX_VERSION_CODE ++#include ++#else ++#define KERNEL_VERSION(a,b,c) (((a) << 16) + ((b) << 8) + (c)) ++#endif ++#include ++#include ++ ++#if ( LINUX_VERSION_CODE <= KERNEL_VERSION(3,10,0) ) ++#include ++#include ++ ++// would normally be passed in from the Kernel, had ++// we set CONFIG_TCG_TPM=y in the KConfig, however ++// that has the added disadvantage of building the ++// TPM driver in-kernel. ++#define CONFIG_TCG_TPM_MODULE 1 ++ ++#define acpi_os_map_iomem(x, y) acpi_os_map_memory(x, y) ++#define acpi_os_unmap_iomem(x, y) acpi_os_unmap_memory(x, y) ++ ++#define module_pnp_driver(__pnp_driver) \ ++ module_driver(__pnp_driver, pnp_register_driver, \ ++ pnp_unregister_driver) ++ ++#endif ++#endif +diff --git a/tpm.h b/tpm.h +index 4b4c8de..b744e2f 100644 +--- a/tpm.h ++++ b/tpm.h +@@ -23,6 +23,9 @@ + #ifndef __TPM_H__ + #define __TPM_H__ + ++// WRS: the kernel compat layer ++#include "kcompat.h" ++ + #include + #include + #include +-- +1.8.3.1 + diff --git a/kernel/kernel-modules/tpmdd/patches/UPSTREAM-0001-tpm-replace-msleep-with-usleep_range.patch b/kernel/kernel-modules/tpmdd/patches/UPSTREAM-0001-tpm-replace-msleep-with-usleep_range.patch new file mode 100644 index 000000000..ac9b453fc --- /dev/null +++ b/kernel/kernel-modules/tpmdd/patches/UPSTREAM-0001-tpm-replace-msleep-with-usleep_range.patch @@ -0,0 +1,200 @@ +From 9f3fc7bcddcb51234e23494531f93ab60475e1c3 Mon Sep 17 00:00:00 2001 +From: Hamza Attak +Date: Mon, 14 Aug 2017 19:09:16 +0100 +Subject: [PATCH] tpm: replace msleep() with usleep_range() in TPM 1.2/2.0 + generic drivers + +The patch simply replaces all msleep function calls with usleep_range calls +in the generic drivers. + +Tested with an Infineon TPM 1.2, using the generic tpm-tis module, for a +thousand PCR extends, we see results going from 1m57s unpatched to 40s +with the new patch. We obtain similar results when using the original and +patched tpm_infineon driver, which is also part of the patch. +Similarly with a STM TPM 2.0, using the CRB driver, it takes about 20ms per +extend unpatched and around 7ms with the new patch. + +Note that the PCR consistency is untouched with this patch, each TPM has +been tested with 10 million extends and the aggregated PCR value is +continuously verified to be correct. + +As an extension of this work, this could potentially and easily be applied +to other vendor's drivers. Still, these changes are not included in the +proposed patch as they are untested. + +Signed-off-by: Hamza Attak +Reviewed-by: Jarkko Sakkinen +Tested-by: Jarkko Sakkinen +Signed-off-by: Jarkko Sakkinen +Signed-off-by: James Morris +--- +tpm-interface.c | 10 +++++----- +tpm.h | 9 ++++++++- +tpm2-cmd.c | 2 +- +tpm_infineon.c | 6 +++--- +tpm_tis_core.c | 8 ++++---- + 5 files changed, 21 insertions(+), 14 deletions(-) + +diff --git a/tpm-interface.c b/tpm-interface.c +index fe597e6..1d6729b 100644 +--- a/tpm-interface.c ++++ b/tpm-interface.c +@@ -455,7 +455,7 @@ ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space, + goto out; + } + +- msleep(TPM_TIMEOUT); /* CHECK */ ++ tpm_msleep(TPM_TIMEOUT); + rmb(); + } while (time_before(jiffies, stop)); + +@@ -970,7 +970,7 @@ int tpm_do_selftest(struct tpm_chip *chip) + dev_info( + &chip->dev, HW_ERR + "TPM command timed out during continue self test"); +- msleep(delay_msec); ++ tpm_msleep(delay_msec); + continue; + } + +@@ -985,7 +985,7 @@ int tpm_do_selftest(struct tpm_chip *chip) + } + if (rc != TPM_WARN_DOING_SELFTEST) + return rc; +- msleep(delay_msec); ++ tpm_msleep(delay_msec); + } while (--loops > 0); + + return rc; +@@ -1085,7 +1085,7 @@ int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout, + } + } else { + do { +- msleep(TPM_TIMEOUT); ++ tpm_msleep(TPM_TIMEOUT); + status = chip->ops->status(chip); + if ((status & mask) == mask) + return 0; +@@ -1150,7 +1150,7 @@ int tpm_pm_suspend(struct device *dev) + */ + if (rc != TPM_WARN_RETRY) + break; +- msleep(TPM_TIMEOUT_RETRY); ++ tpm_msleep(TPM_TIMEOUT_RETRY); + } + + if (rc) +diff --git a/tpm.h b/tpm.h +index 04fbff2..2d5466a 100644 +--- a/tpm.h ++++ b/tpm.h +@@ -50,7 +50,8 @@ enum tpm_const { + + enum tpm_timeout { + TPM_TIMEOUT = 5, /* msecs */ +- TPM_TIMEOUT_RETRY = 100 /* msecs */ ++ TPM_TIMEOUT_RETRY = 100, /* msecs */ ++ TPM_TIMEOUT_RANGE_US = 300 /* usecs */ + }; + + /* TPM addresses */ +@@ -527,6 +528,12 @@ ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap, + int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout, + wait_queue_head_t *queue, bool check_cancel); + ++static inline void tpm_msleep(unsigned int delay_msec) ++{ ++ usleep_range(delay_msec * 1000, ++ (delay_msec * 1000) + TPM_TIMEOUT_RANGE_US); ++}; ++ + struct tpm_chip *tpm_chip_find_get(int chip_num); + __must_check int tpm_try_get_ops(struct tpm_chip *chip); + void tpm_put_ops(struct tpm_chip *chip); +diff --git a/tpm2-cmd.c b/tpm2-cmd.c +index f7f34b2a..e1a41b7 100644 +--- a/tpm2-cmd.c ++++ b/tpm2-cmd.c +@@ -899,7 +899,7 @@ static int tpm2_do_selftest(struct tpm_chip *chip) + if (rc != TPM2_RC_TESTING) + break; + +- msleep(delay_msec); ++ tpm_msleep(delay_msec); + } + + return rc; +diff --git a/tpm_infineon.c b/tpm_infineon.c +index 3b1b9f9..d8f1004 100644 +--- a/tpm_infineon.c ++++ b/tpm_infineon.c +@@ -191,7 +191,7 @@ static int wait(struct tpm_chip *chip, int wait_for_bit) + /* check the status-register if wait_for_bit is set */ + if (status & 1 << wait_for_bit) + break; +- msleep(TPM_MSLEEP_TIME); ++ tpm_msleep(TPM_MSLEEP_TIME); + } + if (i == TPM_MAX_TRIES) { /* timeout occurs */ + if (wait_for_bit == STAT_XFE) +@@ -226,7 +226,7 @@ static void tpm_wtx(struct tpm_chip *chip) + wait_and_send(chip, TPM_CTRL_WTX); + wait_and_send(chip, 0x00); + wait_and_send(chip, 0x00); +- msleep(TPM_WTX_MSLEEP_TIME); ++ tpm_msleep(TPM_WTX_MSLEEP_TIME); + } + + static void tpm_wtx_abort(struct tpm_chip *chip) +@@ -237,7 +237,7 @@ static void tpm_wtx_abort(struct tpm_chip *chip) + wait_and_send(chip, 0x00); + wait_and_send(chip, 0x00); + number_of_wtx = 0; +- msleep(TPM_WTX_MSLEEP_TIME); ++ tpm_msleep(TPM_WTX_MSLEEP_TIME); + } + + static int tpm_inf_recv(struct tpm_chip *chip, u8 * buf, size_t count) +diff --git a/tpm_tis_core.c b/tpm_tis_core.c +index b617b2e..63bc6c3 100644 +--- a/tpm_tis_core.c ++++ b/tpm_tis_core.c +@@ -51,7 +51,7 @@ static int wait_startup(struct tpm_chip *chip, int l) + + if (access & TPM_ACCESS_VALID) + return 0; +- msleep(TPM_TIMEOUT); ++ tpm_msleep(TPM_TIMEOUT); + } while (time_before(jiffies, stop)); + return -1; + } +@@ -117,7 +117,7 @@ static int request_locality(struct tpm_chip *chip, int l) + do { + if (check_locality(chip, l)) + return l; +- msleep(TPM_TIMEOUT); ++ tpm_msleep(TPM_TIMEOUT); + } while (time_before(jiffies, stop)); + } + return -1; +@@ -164,7 +164,7 @@ static int get_burstcount(struct tpm_chip *chip) + burstcnt = (value >> 8) & 0xFFFF; + if (burstcnt) + return burstcnt; +- msleep(TPM_TIMEOUT); ++ tpm_msleep(TPM_TIMEOUT); + } while (time_before(jiffies, stop)); + return -EBUSY; + } +@@ -396,7 +396,7 @@ static int tpm_tis_send(struct tpm_chip *chip, u8 *buf, size_t len) + priv->irq = irq; + chip->flags |= TPM_CHIP_FLAG_IRQ; + if (!priv->irq_tested) +- msleep(1); ++ tpm_msleep(1); + if (!priv->irq_tested) + disable_interrupts(chip); + priv->irq_tested = true; +-- +1.8.3.1 + diff --git a/kernel/kernel-modules/tpmdd/patches/UPSTREAM-0002-tpm-reduce-tpm-polling-delay-in-tpm_tis_core.patch b/kernel/kernel-modules/tpmdd/patches/UPSTREAM-0002-tpm-reduce-tpm-polling-delay-in-tpm_tis_core.patch new file mode 100644 index 000000000..dc12fb71b --- /dev/null +++ b/kernel/kernel-modules/tpmdd/patches/UPSTREAM-0002-tpm-reduce-tpm-polling-delay-in-tpm_tis_core.patch @@ -0,0 +1,59 @@ +From 19b460f3fe98b0513bf5a52f63e19bc120bd8093 Mon Sep 17 00:00:00 2001 +From: Nayna Jain +Date: Fri, 10 Nov 2017 16:33:06 -0500 +Subject: [PATCH] =?UTF-8?q?tpm:=20reduce=C2=A0tpm=C2=A0polling=C2=A0delay?= + =?UTF-8?q?=C2=A0in=C2=A0tpm=5Ftis=5Fcore?= +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The existing wait_for_tpm_stat() polls for the chip status after +5msec sleep. As per TCG ddwg input, it is expected that tpm might +return status in few usec. So, reducing the delay in polling to +1msec. +Similarly, get_burstcount() function sleeps for 5msec before +retrying for next query to burstcount in a loop. If it takes +lesser time for TPM to return, this 5msec delay is longer than +necessary. + +After this change, performance on a TPM 1.2 with an 8 byte +burstcount for 1000 extends improved from ~14sec to ~9sec. + +Signed-off-by: Nayna Jain +Reviewed-by: Jarkko Sakkinen +Tested-by: Jarkko Sakkinen +Signed-off-by: Jarkko Sakkinen +--- + tpm-interface.c | 2 +- + tpm_tis_core.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/tpm-interface.c b/tpm-interface.c +index 66d671b..9971422 100644 +--- a/tpm-interface.c ++++ b/tpm-interface.c +@@ -1050,7 +1050,7 @@ again: + } + } else { + do { +- tpm_msleep(TPM_TIMEOUT); ++ tpm_msleep(1); + status = chip->ops->status(chip); + if ((status & mask) == mask) + return 0; +diff --git a/tpm_tis_core.c b/tpm_tis_core.c +index 63bc6c3..d87255f 100644 +--- a/tpm_tis_core.c ++++ b/tpm_tis_core.c +@@ -164,7 +164,7 @@ static int get_burstcount(struct tpm_chip *chip) + burstcnt = (value >> 8) & 0xFFFF; + if (burstcnt) + return burstcnt; +- tpm_msleep(TPM_TIMEOUT); ++ tpm_msleep(1); + } while (time_before(jiffies, stop)); + return -EBUSY; + } +-- +1.8.3.1 + diff --git a/kernel/kernel-modules/tpmdd/patches/UPSTREAM-0003-tpm-use-tpm_msleep-value-as-max-delay.patch b/kernel/kernel-modules/tpmdd/patches/UPSTREAM-0003-tpm-use-tpm_msleep-value-as-max-delay.patch new file mode 100644 index 000000000..06022b583 --- /dev/null +++ b/kernel/kernel-modules/tpmdd/patches/UPSTREAM-0003-tpm-use-tpm_msleep-value-as-max-delay.patch @@ -0,0 +1,37 @@ +From 86d94390d9b97639fecb3e032120b93004a3036d Mon Sep 17 00:00:00 2001 +From: Nayna Jain +Date: Fri, 10 Nov 2017 16:42:19 -0500 +Subject: [PATCH] tpm: use tpm_msleep() value as max delay + +Currently, tpm_msleep() uses delay_msec as the minimum value in +usleep_range. However, that is the maximum time we want to wait. +The function is modified to use the delay_msec as the maximum +value, not the minimum value. + +After this change, performance on a TPM 1.2 with an 8 byte +burstcount for 1000 extends improved from ~9sec to ~8sec. + +Signed-off-by: Nayna Jain +Acked-by: Mimi Zohar +--- + tpm.h | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/tpm.h b/tpm.h +index d9c3659..6f3297e 100644 +--- a/tpm.h ++++ b/tpm.h +@@ -550,8 +550,8 @@ int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout, + + static inline void tpm_msleep(unsigned int delay_msec) + { +- usleep_range(delay_msec * 1000, +- (delay_msec * 1000) + TPM_TIMEOUT_RANGE_US); ++ usleep_range((delay_msec * 1000) - TPM_TIMEOUT_RANGE_US, ++ delay_msec * 1000); + }; + + struct tpm_chip *tpm_chip_find_get(int chip_num); +-- +1.8.3.1 + diff --git a/kernel/kernel-modules/tpmdd/patches/UPSTREAM-0004-tpm-wait-for-stat-to-specify-variable-polling-time.patch b/kernel/kernel-modules/tpmdd/patches/UPSTREAM-0004-tpm-wait-for-stat-to-specify-variable-polling-time.patch new file mode 100644 index 000000000..2ea33cc2c --- /dev/null +++ b/kernel/kernel-modules/tpmdd/patches/UPSTREAM-0004-tpm-wait-for-stat-to-specify-variable-polling-time.patch @@ -0,0 +1,123 @@ +From 2e23fe68b72638a1185f6243528f05f7dc665a3a Mon Sep 17 00:00:00 2001 +From: Nayna Jain +Date: Tue, 14 Nov 2017 11:01:56 -0500 +Subject: [PATCH] tpm: define __wait_for_tpm_stat to specify variable polling + sleep time + +The existing wait_for_tpm_stat() checks the chip status before +sleeping for 5 msec in a polling loop. For some functions although +the status isn't ready immediately, the status returns extremely +quickly. Waiting for 5 msec causes an unnecessary delay. An +example is the send() call in the tpms_tis driver. + +This patch defines __wait_for_tpm_stat(), allowing the caller +to specify the polling sleep timeout value within the loop. +The existing wait_for_tpm_stat() becomes a wrapper for this +function. + +After this change, performance on a TPM 1.2 with an 8 byte +burstcount for 1000 extends improved from ~14sec to ~10sec. + +Signed-off-by: Nayna Jain +Acked-by: Mimi Zohar +--- + tpm-interface.c | 15 ++++++++++++--- + tpm.h | 3 +++ + tpm_tis_core.c | 13 +++++++------ + 3 files changed, 22 insertions(+), 9 deletions(-) + +diff --git a/tpm-interface.c b/tpm-interface.c +index 9971422..69041ec 100644 +--- a/tpm-interface.c ++++ b/tpm-interface.c +@@ -1015,8 +1015,9 @@ static bool wait_for_tpm_stat_cond(struct tpm_chip *chip, u8 mask, + return false; + } + +-int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout, +- wait_queue_head_t *queue, bool check_cancel) ++int __wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout, ++ unsigned int poll_sleep, wait_queue_head_t *queue, ++ bool check_cancel) + { + unsigned long stop; + long rc; +@@ -1050,7 +1051,7 @@ again: + } + } else { + do { +- tpm_msleep(1); ++ tpm_msleep(poll_sleep); + status = chip->ops->status(chip); + if ((status & mask) == mask) + return 0; +@@ -1058,6 +1059,14 @@ again: + } + return -ETIME; + } ++EXPORT_SYMBOL_GPL(__wait_for_tpm_stat); ++ ++int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout, ++ wait_queue_head_t *queue, bool check_cancel) ++{ ++ return __wait_for_tpm_stat(chip, mask, timeout, TPM_TIMEOUT, ++ queue, check_cancel); ++} + EXPORT_SYMBOL_GPL(wait_for_tpm_stat); + + #define TPM_ORD_SAVESTATE cpu_to_be32(152) +diff --git a/tpm.h b/tpm.h +index 6f3297e..e2c9f06 100644 +--- a/tpm.h ++++ b/tpm.h +@@ -545,6 +545,9 @@ int tpm_do_selftest(struct tpm_chip *chip); + unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal); + int tpm_pm_suspend(struct device *dev); + int tpm_pm_resume(struct device *dev); ++int __wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, ++ unsigned long timeout, unsigned int poll_sleep, ++ wait_queue_head_t *queue, bool check_cancel); + int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout, + wait_queue_head_t *queue, bool check_cancel); + +diff --git a/tpm_tis_core.c b/tpm_tis_core.c +index d87255f..330b1a7 100644 +--- a/tpm_tis_core.c ++++ b/tpm_tis_core.c +@@ -262,9 +262,9 @@ static int tpm_tis_send_data(struct tpm_chip *chip, u8 *buf, size_t len) + status = tpm_tis_status(chip); + if ((status & TPM_STS_COMMAND_READY) == 0) { + tpm_tis_ready(chip); +- if (wait_for_tpm_stat +- (chip, TPM_STS_COMMAND_READY, chip->timeout_b, +- &priv->int_queue, false) < 0) { ++ if (__wait_for_tpm_stat ++ (chip, TPM_STS_COMMAND_READY, chip->timeout_b, 1, ++ &priv->int_queue, false) < 0) { + rc = -ETIME; + goto out_err; + } +@@ -285,7 +285,8 @@ static int tpm_tis_send_data(struct tpm_chip *chip, u8 *buf, size_t len) + + count += burstcnt; + +- if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c, ++ if (__wait_for_tpm_stat(chip, TPM_STS_VALID, ++ chip->timeout_c, 1, + &priv->int_queue, false) < 0) { + rc = -ETIME; + goto out_err; +@@ -302,8 +303,8 @@ static int tpm_tis_send_data(struct tpm_chip *chip, u8 *buf, size_t len) + if (rc < 0) + goto out_err; + +- if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c, +- &priv->int_queue, false) < 0) { ++ if (__wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c, ++ 1, &priv->int_queue, false) < 0) { + rc = -ETIME; + goto out_err; + } +-- +1.8.3.1 + diff --git a/kernel/kernel-modules/tpmdd/patches/UPSTREAM-0005-tpm-ignore-burstcount-to-improve-send-performance.patch b/kernel/kernel-modules/tpmdd/patches/UPSTREAM-0005-tpm-ignore-burstcount-to-improve-send-performance.patch new file mode 100644 index 000000000..bf030b9e4 --- /dev/null +++ b/kernel/kernel-modules/tpmdd/patches/UPSTREAM-0005-tpm-ignore-burstcount-to-improve-send-performance.patch @@ -0,0 +1,97 @@ +From e82060f0cf390ba8e4f79a54e68cef9a38088104 Mon Sep 17 00:00:00 2001 +From: Nayna Jain +Date: Fri, 10 Nov 2017 17:16:35 -0500 +Subject: [PATCH] tpm: ignore burstcount to improve tpm_tis send() performance +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The TPM burstcount status indicates the number of bytes that can +be sent to the TPM without causing bus wait states.  Effectively, +it is the number of empty bytes in the command FIFO. + +This patch optimizes the tpm_tis_send_data() function by checking +the burstcount only once. And if the burstcount is valid, it writes +all the bytes at once, permitting wait state. + +After this change, performance on a TPM 1.2 with an 8 byte +burstcount for 1000 extends improved from ~41sec to ~14sec. + +Suggested-by: Ken Goldman in +conjunction with the TPM Device Driver work group. +Signed-off-by: Nayna Jain +Acked-by: Mimi Zohar +Reviewed-by: Jarkko Sakkinen +Tested-by: Jarkko Sakkinen +Signed-off-by: Jarkko Sakkinen +--- + tpm_tis_core.c | 42 +++++++++++++++--------------------------- + 1 file changed, 15 insertions(+), 27 deletions(-) + +diff --git a/tpm_tis_core.c b/tpm_tis_core.c +index a338701..a6b4149 100644 +--- a/tpm_tis_core.c ++++ b/tpm_tis_core.c +@@ -256,7 +256,6 @@ static int tpm_tis_send_data(struct tpm_chip *chip, u8 *buf, size_t len) + { + struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev); + int rc, status, burstcnt; +- size_t count = 0; + bool itpm = priv->flags & TPM_TIS_ITPM_WORKAROUND; + + status = tpm_tis_status(chip); +@@ -270,36 +269,25 @@ static int tpm_tis_send_data(struct tpm_chip *chip, u8 *buf, size_t len) + } + } + +- while (count < len - 1) { +- burstcnt = get_burstcount(chip); +- if (burstcnt < 0) { +- dev_err(&chip->dev, "Unable to read burstcount\n"); +- rc = burstcnt; +- goto out_err; +- } +- burstcnt = min_t(int, burstcnt, len - count - 1); +- rc = tpm_tis_write_bytes(priv, TPM_DATA_FIFO(priv->locality), +- burstcnt, buf + count); +- if (rc < 0) +- goto out_err; + +- count += burstcnt; +- +- if (__wait_for_tpm_stat(chip, TPM_STS_VALID, +- chip->timeout_c, 1, +- &priv->int_queue, false) < 0) { +- rc = -ETIME; +- goto out_err; +- } +- status = tpm_tis_status(chip); +- if (!itpm && (status & TPM_STS_DATA_EXPECT) == 0) { +- rc = -EIO; +- goto out_err; +- } ++ /* ++ * Get the initial burstcount to ensure TPM is ready to ++ * accept data, even when waiting for burstcount is disabled. ++ */ ++ burstcnt = get_burstcount(chip); ++ if (burstcnt < 0) { ++ dev_err(&chip->dev, "Unable to read burstcount\n"); ++ rc = burstcnt; ++ goto out_err; + } + ++ rc = tpm_tis_write_bytes(priv, TPM_DATA_FIFO(priv->locality), ++ len -1, buf); ++ if (rc < 0) ++ goto out_err; ++ + /* write last byte */ +- rc = tpm_tis_write8(priv, TPM_DATA_FIFO(priv->locality), buf[count]); ++ rc = tpm_tis_write8(priv, TPM_DATA_FIFO(priv->locality), buf[len-1]); + if (rc < 0) + goto out_err; + +-- +1.8.3.1 + diff --git a/kernel/kernel-modules/tpmdd/patches/tpm-kmod.spec.patchlist b/kernel/kernel-modules/tpmdd/patches/tpm-kmod.spec.patchlist new file mode 100644 index 000000000..e49200c68 --- /dev/null +++ b/kernel/kernel-modules/tpmdd/patches/tpm-kmod.spec.patchlist @@ -0,0 +1,7 @@ +0001-disable-arm64-acpi-command.patch +0002-tpmdd-kcompat-support.patch +UPSTREAM-0001-tpm-replace-msleep-with-usleep_range.patch +UPSTREAM-0002-tpm-reduce-tpm-polling-delay-in-tpm_tis_core.patch +UPSTREAM-0003-tpm-use-tpm_msleep-value-as-max-delay.patch +UPSTREAM-0004-tpm-wait-for-stat-to-specify-variable-polling-time.patch +UPSTREAM-0005-tpm-ignore-burstcount-to-improve-send-performance.patch