Added 'hash=' option for selecting the hash algorithm for add_key()
syscall and documentation for it.

Added entry for sm3-256 to the following tables in order to support
TPM_ALG_SM3_256:

* hash_algo_name
* hash_digest_size

Includes support for the following hash algorithms:

* sha1
* sha256
* sha384
* sha512
* sm3-256
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: NColin Ian King <colin.king@canonical.com>
Reviewed-by: NJames Morris <james.l.morris@oracle.com>
Reviewed-by: NMimi Zohar <zohar@linux.vnet.ibm.com>
Acked-by: NPeter Huewe <peterhuewe@gmx.de>

The 'migratable' flag was not added to the key payload. This patch
fixes the problem.

Fixes: 0fe54803 ("keys, trusted: seal/unseal with TPM 2.0 chips")
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: NPeter Huewe <PeterHuewe@gmx.de>

Added tpm_trusted_seal() and tpm_trusted_unseal() API for sealing
trusted keys.

This patch implements basic sealing and unsealing functionality for
TPM 2.0:

* Seal with a parent key using a 20 byte auth value.
* Unseal with a parent key using a 20 byte auth value.
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>

If during transmission system error was returned, the logic was to
incorrectly deduce that chip is a TPM 1.x chip. This patch fixes this
issue. Also, this patch changes probing so that message tag is used as the
measure for TPM 2.x, which should be much more stable. A separate function
called tpm2_probe() is encapsulated because it can be used with any
chipset.

Fixes: aec04cbd ("tpm: TPM 2.0 FIFO Interface")
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
Reviewed-by: NPeter Huewe <peterhuewe@gmx.de>
Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>

Fixed suspend/resume paths for TPM 2.0 and consolidated all the
associated code to the tpm_pm_suspend() and tpm_pm_resume()
functions. Resume path should be handled by the firmware, i.e.
Startup(CLEAR) for hibernate and Startup(STATE) for suspend.

There might be some non-PC embedded devices in the future where
Startup() is not the handled by the FW but fixing the code for
those IMHO should be postponed until there is hardware available
to test the fixes although extra Startup in the driver code is
essentially a NOP.

Added Shutdown(CLEAR) to the remove paths of TIS and CRB drivers.
Changed tpm2_shutdown() to a void function because there isn't
much you can do except print an error message if this fails with
a system error.

Fixes: aec04cbd ("tpm: TPM 2.0 FIFO Interface")
Fixes: 30fc8d13 ("tpm: TPM 2.0 CRB Interface")
[phuewe: both did send TPM_Shutdown on resume which 'disables' the TPM
and did not send TPM2_Shutdown on teardown which leads some TPM2.0 to
believe there was an attack (no TPM2_Shutdown = no orderly shutdown =
attack)]
Reported-by: NPeter Hüwe <PeterHuewe@gmx.de>
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: NScot Doyle <lkml14@scotdoyle.com>
Reviewed-by: NPeter Huewe <peterhuewe@gmx.de>
Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>

TPM 2.0 devices are separated by adding a field 'flags' to struct
tpm_chip and defining a flag TPM_CHIP_FLAG_TPM2 for tagging them.

This patch adds the following internal functions:

- tpm2_get_random()
- tpm2_get_tpm_pt()
- tpm2_pcr_extend()
- tpm2_pcr_read()
- tpm2_startup()

Additionally, the following exported functions are implemented for
implementing TPM 2.0 device drivers:

- tpm2_do_selftest()
- tpm2_calc_ordinal_durations()
- tpm2_gen_interrupt()

The existing functions that are exported for the use for existing
subsystems have been changed to check the flags field in struct
tpm_chip and use appropriate TPM 2.0 counterpart if
TPM_CHIP_FLAG_TPM2 is est.

The code for tpm2_calc_ordinal_duration() and tpm2_startup() were
originally written by Will Arthur.
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: NWill Arthur <will.c.arthur@intel.com>
Reviewed-by: NJasob Gunthorpe <jason.gunthorpe@obsidianresearch.com>
Reviewed-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
Reviewed-by: NPeter Huewe <peterhuewe@gmx.de>
Tested-by: NPeter Huewe <peterhuewe@gmx.de>

[phuewe: Fixed copy paste error * 2]
Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>