This reverts commit e17acbbb.
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

This reverts commit 9514ff19.
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

This reverts commit 0c22db43.
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

This reverts commit e350e246.
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

Utilize runtime_pm for driving tpm crb idle states.
The framework calls cmd_ready from the pm_runtime_resume handler
and go idle from the pm_runtime_suspend handler.
The TPM framework should wake the device before transmit and receive.
In case the runtime_pm framework is not enabled, the device will be in
ready state.

[jarkko.sakkinen@linux.intel.com: changed pm_runtime_put_sync()
 to pm_runtime_put()]
Signed-off-by: NTomas Winkler <tomas.winkler@intel.com>
Reviewed-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

This is preparation step for implementing tpm crb
runtime pm. We need to have tpm chip allocated
and populated before we access the runtime handlers.
Signed-off-by: NTomas Winkler <tomas.winkler@intel.com>
Tested-by: NJarkko Sakkinen <jarkko.sakkinn@linux.intel.com>

There is a HW bug in Skylake, and Broxton PCH Intel PTT device, where
most of the registers in the control area except START, REQUEST, CANCEL,
and LOC_CTRL lost retention when the device is in the idle state. Hence
we need to bring the device to ready state before accessing the other
registers. The fix brings device to ready state before trying to read
command and response buffer addresses in order to remap the for access.
Signed-off-by: NTomas Winkler <tomas.winkler@intel.com>
Tested-by: NJarkko Sakkinen <jarkko.sakkinn@linux.intel.com>
Reviewed-by: NJarkko Sakkinen <jarkko.sakkinn@linux.intel.com>

The register TPM_CRB_CTRL_REQ_x contains bits goIdle and cmdReady for
SW to indicate that the device can enter or should exit the idle state.

The legacy ACPI-start (SMI + DMA) based devices do not support these
bits and the idle state management is not exposed to the host SW.
Thus, this functionality only is enabled only for a CRB start (MMIO)
based devices.

Based on Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
original patch:
'tpm_crb: implement power tpm crb power management'

To keep the implementation local to the hw we don't use wait_for_tpm_stat
for polling the TPM_CRB_CTRL_REQ.
Signed-off-by: NTomas Winkler <tomas.winkler@intel.com>
Reviewed-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

tpm_transmit() does not check that bufsiz is at least TPM_HEADER_SIZE
before accessing data. This commit adds this check and returns -EINVAL
if it fails.
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

Constify TPM 1.x header structures in order to move them to rodata
section as they are meant to be never changed during runtime.
Signed-off-by: NJulia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

Because of the line break in the debug print the chackpatch is
not silent on 80 characters limitation.

The easiest fix is to straighten the lines, it's also more readable.

WARNING: line over 80 characters
+                       FW_BUG "TPM2 ACPI table does not define a memory
resource\n");
Signed-off-by: NTomas Winkler <tomas.winkler@intel.com>
Reviewed-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

Don't apply endianity conversion when writing to the registers
this is already handled by the system.
Signed-off-by: NTomas Winkler <tomas.winkler@intel.com>
Reviewed-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

Instead of expensive register access on retrieving cmd_size
on each send, save the value during initialization in the private
context. The value doesn't change.
Signed-off-by: NTomas Winkler <tomas.winkler@intel.com>
Reviewed-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

The platform device is not used in this driver, drop the
include to linux/platform_device.h
Signed-off-by: NTomas Winkler <tomas.winkler@intel.com>
Reviewed-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

Fixes the warning:
drivers/char/tpm/tpm_tis_core.c:443:7: warning: variable ‘itpm’ set but
not used [-Wunused-but-set-variable]
  bool itpm;
       ^~~~
Signed-off-by: NTomas Winkler <tomas.winkler@intel.com>
Acked-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

CRB_CTRL_CMD_READY and CRB_CTRL_GO_IDLE have incorrect values.
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

Renamed CRB protocol specific constants to match the TCG PC Client
Platform TPM Profile (PTP) Specification and driver status constants
to be explicit that they are driver specific.
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

wmb()'s are not needed as iowrite32() is used.
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

The req_canceled() callback is used by tpm_transmit() periodically to
check whether the request has been canceled while it is receiving a
response from the TPM.

The TPM_CRB_CTRL_CANCEL register was cleared already in the crb_cancel
callback, which has two consequences:

* Cancel might not happen.
* req_canceled() always returns zero.

A better place to clear the register is when starting to send a new
command. The behavior of TPM_CRB_CTRL_CANCEL is described in the
section 5.5.3.6 of the PTP specification.

CC: stable@vger.kernel.org
Fixes: 30fc8d13 ("tpm: TPM 2.0 CRB Interface")
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

Instead of a ad-hoc protocol message construction it is better to
call tpm_pcr_read_dev().
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: NJason Gunthorpe <jgunthorpe@obsidianresearch.com>

It is better to tpm_transmit_cmd() in tpm2_probe() in order to get
consistent command handling throughout the subsystem.
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: NJason Gunthorpe <jgunthorpe@obsidianresearch.com>

Since tpm_gen_interrupt() is only used in tpm_tis_core.c this commit
replaces it with an internal tpm_tis_gen_interrupt(). The semantics
also changed in a way that on a system error the driver initialization
is failed.
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: NJason Gunthorpe <jgunthorpe@obsidianresearch.com>

Removed unnecessary externs from tpm.h.
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: NJason Gunthorpe <jgunthorpe@obsidianresearch.com>

This function should only be called as part of an IRQ probing protocol
and st33 does not have any code to detect that the IRQ it tries to
generate was not generated and disable the IRQ.

Since st33 is primarily a DT binding driver it should not be doing
IRQ probing anyhow, so let us just delete this useless call.
Signed-off-by: NJason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

Unseal and load operations should be done as an atomic operation. This
commit introduces unlocked tpm_transmit() so that tpm2_unseal_trusted()
can do the locking by itself.

Fixes: 0fe54803 ("keys, trusted: seal/unseal with TPM 2.0 chips")
Cc: stable@vger.kernel.org
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: NJason Gunthorpe <jgunthorpe@obsidianresearch.com>

The driver emits invalid self test error message even though the init
succeeds.
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Fixes: cae8b441 ("tpm: Factor out common startup code")
Reviewed-by: NJames Morris <james.l.morris@oracle.com>

The code is a bit obscure.

Simplify it by using a single routine to flush the tpk_buffer and
emit the buffer prefixed with "[U] ".
Signed-off-by: NJoe Perches <joe@perches.com>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>

virtio_console uses a small DMA buffer for control requests.  Move
that buffer into heap memory.

Doing virtio DMA on the stack is normally okay on non-DMA-API virtio
systems (which is currently most of them), but it breaks completely
if the stack is virtually mapped.

Tested by typing both directions using picocom aimed at /dev/hvc0.
Signed-off-by: NAndy Lutomirski <luto@kernel.org>
Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
Reviewed-by: NAmit Shah <amit.shah@redhat.com>

virtio_console uses a small DMA buffer for control requests.  Move
that buffer into heap memory.

Doing virtio DMA on the stack is normally okay on non-DMA-API virtio
systems (which is currently most of them), but it breaks completely
if the stack is virtually mapped (CONFIG_VMAP_STACK=y).

Tested by typing both directions using picocom aimed at /dev/hvc0.
Signed-off-by: NAndy Lutomirski <luto@kernel.org>
Reviewed-by: NAmit Shah <amit.shah@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: virtualization@lists.linux-foundation.org
Link: http://lkml.kernel.org/r/0afe68f9b4be6c95af9e7672b07acd0274c26dfe.1472569320.git.luto@kernel.orgSigned-off-by: NIngo Molnar <mingo@kernel.org>

The driver emits invalid self test error message even though the init
succeeds.
Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Fixes: cae8b441 ("tpm: Factor out common startup code")
Reviewed-by: NJames Morris <james.l.morris@oracle.com>
Signed-off-by: NJames Morris <james.l.morris@oracle.com>

Arriving at read_kmem() with an offset representing a bogus kernel
address (e.g. 0 from a simple "cat /dev/kmem") leads to copy_to_user
faulting on the kernel-side read.

x86_64 happens to get away with this since the optimised implementation
uses "rep movs*", thus the user write (which is allowed to fault) and
the kernel read are the same instruction, the kernel-side fault falls
into the user-side fixup handler and the chain of events which
transpires ends up returning an error as one might expect, even if it's
an inappropriate -EFAULT. On other architectures, though, the read is
not covered by the fixup entry for the write, and we get a big scary
"Unable to hande kernel paging request..." dump.

The more typical use-case of mmap_kmem() has always (within living
memory at least) returned -EIO for addresses which don't satisfy
pfn_valid(), so let's make that consistent across {read,write}_kem()
too.
Reported-by: NKefeng Wang <wangkefeng.wang@huawei.com>
Signed-off-by: NRobin Murphy <robin.murphy@arm.com>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>

This patch fixes two minor issues:

(1) An inaccurate comment
(2) A spelling mistake in dev_err message ("upgarde" -> "upgrade")
Reported-by: NJoe Perches <joe@perches.com>
Reported-by: NColin Ian King <colin.king@canonical.com>
Signed-off-by: NEli Billauer <eli.billauer@gmail.com>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>

	 return value of class_create should be considered in
module init function.
Signed-off-by: NZhouyi Zhou <zhouzhouyi@gmail.com>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>

The mwave driver has its own macros for the BOOLEAN type and the
TRUE/FALSE values. This is redundant because the kernel already
has bool/true/false, and it clashes with the ACPI headers that
also define these types. The linux/acpi.h header is now included
implicitly from mwave through the mc146818rtc.h header, as
reported by Stephen Rothwell:

In file included from drivers/char/mwave/smapi.c:51:0:
drivers/char/mwave/smapi.h:52:0: warning: "TRUE" redefined
 #define TRUE 1
 ^
In file included from include/acpi/acpi.h:58:0,
                 from include/linux/acpi.h:33,
                 from include/linux/mc146818rtc.h:21,
                 from drivers/char/mwave/smapi.c:50:
include/acpi/actypes.h:438:0: note: this is the location of the previous definition
 #define TRUE                            (1 == 1)
 ^

This removes the private types from mwave and uses the standard
types instead.
Signed-off-by: NArnd Bergmann <arnd@arndb.de>
Reviewed-by: NAlexandre Belloni <alexandre.belloni@free-electrons.com>
Fixes: fd09cc80165c ("rtc: cmos: move mc146818rtc code out of asm-generic/rtc.h")
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>

Modify ppdev driver to use the new parallel port device model.

Initially submitted and committed as:
e7223f18 ("ppdev: use new parport device model")

But due to some regression it was reverted by:
1701f680 ("Revert "ppdev: use new parport device model"")

Now that the original source of regression is fixed by:
bbca503b ("parport: use subsys_initcall") we can again modify ppdev
to use device model.
Signed-off-by: NSudip Mukherjee <sudip.mukherjee@codethink.co.uk>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>

This patch removes module_init()/module_exit() from driver code by using
module_misc_device() macro. All modules in this patch has a print
statement which is removed when module_misc_device() macro is used.
If undesirable this patch can be dropped entirely, this is the only
purpose of making this as a separate patch.
Signed-off-by: NPrasannaKumar Muralidharan <prasannatsmkumar@gmail.com>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>

Joe Perches points out [1] that this pattern isn't currently safe.
This driver doesn't really need the zeroing semantic anyway;
by restructuring the code slightly we can initialize all the
fields of the structure up front instead.

[1] https://lkml.kernel.org/r/1469729491.3998.58.camel@perches.comSigned-off-by: NChris Metcalf <cmetcalf@mellanox.com>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>

We can directly depend on SOC_IMX31 since commit c9ee9496
("ARM: imx: deconstruct mxc_rnga initialization")

Since that commit, CONFIG_HW_RANDOM_MXC_RNGA could not be switched on
with unknown symbol ARCH_HAS_RNGA and mxc-rnga.o can't be generated with
ARCH=arm make M=drivers/char/hw_random
Previously, HW_RANDOM_MXC_RNGA required ARCH_HAS_RNGA
which was based on IMX_HAVE_PLATFORM_MXC_RNGA  && ARCH_MXC.
IMX_HAVE_PLATFORM_MXC_RNGA  was based on SOC_IMX31.

Fixes: c9ee9496 ("ARM: imx: deconstruct mxc_rnga initialization")
Signed-off-by: NFabian Frederick <fabf@skynet.be>
Acked-by: NArnd Bergmann <arnd@arndb.de>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

On a system with sparse node ids, eg. a powerpc system with 4 nodes
numbered like so:

  node   0: [mem 0x0000000000000000-0x00000007ffffffff]
  node   1: [mem 0x0000000800000000-0x0000000fffffffff]
  node  16: [mem 0x0000001000000000-0x00000017ffffffff]
  node  17: [mem 0x0000001800000000-0x0000001fffffffff]

The code in rand_initialize() will allocate 4 pointers for the pool
array, and initialise them correctly.

However when go to use the pool, in eg. extract_crng(), we use the
numa_node_id() to index into the array. For the higher numbered node ids
this leads to random memory corruption, depending on what was kmalloc'ed
adjacent to the pool array.

Fix it by using nr_node_ids to size the pool array.

Fixes: 1e7f583a ("random: make /dev/urandom scalable for silly userspace programs")
Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

This fixes a crash on s390 with fake NUMA enabled.
Reported-by: NHeiko Carstens <heiko.carstens@de.ibm.com>
Fixes: 1e7f583a ("random: make /dev/urandom scalable for silly userspace programs")
Signed-off-by: NTheodore Ts'o <tytso@mit.edu>