search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
btrfs: Don't clear SGID when inheriting ACLs
[linux/fpc-iii.git] / drivers / char / tpm / tpm2-cmd.c
blob3ee6883f26c190a757ed571913ec56eaa0297ad6
1 /*
2 * Copyright (C) 2014, 2015 Intel Corporation
3 *
4 * Authors:
5 * Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
6 *
7 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
8 *
9 * This file contains TPM2 protocol implementations of the commands
10 * used by the kernel internally.
11 *
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; version 2
15 * of the License.
16 */
17
18 #include "tpm.h"
19 #include <crypto/hash_info.h>
20 #include <keys/trusted-type.h>
21
22 enum tpm2_object_attributes {
23 TPM2_OA_USER_WITH_AUTH = BIT(6),
24 };
25
26 enum tpm2_session_attributes {
27 TPM2_SA_CONTINUE_SESSION = BIT(0),
28 };
29
30 struct tpm2_startup_in {
31 __be16 startup_type;
32 } __packed;
33
34 struct tpm2_self_test_in {
35 u8 full_test;
36 } __packed;
37
38 struct tpm2_pcr_read_in {
39 __be32 pcr_selects_cnt;
40 __be16 hash_alg;
41 u8 pcr_select_size;
42 u8 pcr_select[TPM2_PCR_SELECT_MIN];
43 } __packed;
44
45 struct tpm2_pcr_read_out {
46 __be32 update_cnt;
47 __be32 pcr_selects_cnt;
48 __be16 hash_alg;
49 u8 pcr_select_size;
50 u8 pcr_select[TPM2_PCR_SELECT_MIN];
51 __be32 digests_cnt;
52 __be16 digest_size;
53 u8 digest[TPM_DIGEST_SIZE];
54 } __packed;
55
56 struct tpm2_get_tpm_pt_in {
57 __be32 cap_id;
58 __be32 property_id;
59 __be32 property_cnt;
60 } __packed;
61
62 struct tpm2_get_tpm_pt_out {
63 u8 more_data;
64 __be32 subcap_id;
65 __be32 property_cnt;
66 __be32 property_id;
67 __be32 value;
68 } __packed;
69
70 struct tpm2_get_random_in {
71 __be16 size;
72 } __packed;
73
74 struct tpm2_get_random_out {
75 __be16 size;
76 u8 buffer[TPM_MAX_RNG_DATA];
77 } __packed;
78
79 union tpm2_cmd_params {
80 struct tpm2_startup_in startup_in;
81 struct tpm2_self_test_in selftest_in;
82 struct tpm2_pcr_read_in pcrread_in;
83 struct tpm2_pcr_read_out pcrread_out;
84 struct tpm2_get_tpm_pt_in get_tpm_pt_in;
85 struct tpm2_get_tpm_pt_out get_tpm_pt_out;
86 struct tpm2_get_random_in getrandom_in;
87 struct tpm2_get_random_out getrandom_out;
88 };
89
90 struct tpm2_cmd {
91 tpm_cmd_header header;
92 union tpm2_cmd_params params;
93 } __packed;
94
95 struct tpm2_hash {
96 unsigned int crypto_id;
97 unsigned int tpm_id;
98 };
99
100 static struct tpm2_hash tpm2_hash_map[] = {
101 {HASH_ALGO_SHA1, TPM2_ALG_SHA1},
102 {HASH_ALGO_SHA256, TPM2_ALG_SHA256},
103 {HASH_ALGO_SHA384, TPM2_ALG_SHA384},
104 {HASH_ALGO_SHA512, TPM2_ALG_SHA512},
105 {HASH_ALGO_SM3_256, TPM2_ALG_SM3_256},
106 };
107
108 /*
109 * Array with one entry per ordinal defining the maximum amount
110 * of time the chip could take to return the result. The values
111 * of the SHORT, MEDIUM, and LONG durations are taken from the
112 * PC Client Profile (PTP) specification.
113 */
114 static const u8 tpm2_ordinal_duration[TPM2_CC_LAST - TPM2_CC_FIRST + 1] = {
115 TPM_UNDEFINED, /* 11F */
116 TPM_UNDEFINED, /* 120 */
117 TPM_LONG, /* 121 */
118 TPM_UNDEFINED, /* 122 */
119 TPM_UNDEFINED, /* 123 */
120 TPM_UNDEFINED, /* 124 */
121 TPM_UNDEFINED, /* 125 */
122 TPM_UNDEFINED, /* 126 */
123 TPM_UNDEFINED, /* 127 */
124 TPM_UNDEFINED, /* 128 */
125 TPM_LONG, /* 129 */
126 TPM_UNDEFINED, /* 12a */
127 TPM_UNDEFINED, /* 12b */
128 TPM_UNDEFINED, /* 12c */
129 TPM_UNDEFINED, /* 12d */
130 TPM_UNDEFINED, /* 12e */
131 TPM_UNDEFINED, /* 12f */
132 TPM_UNDEFINED, /* 130 */
133 TPM_UNDEFINED, /* 131 */
134 TPM_UNDEFINED, /* 132 */
135 TPM_UNDEFINED, /* 133 */
136 TPM_UNDEFINED, /* 134 */
137 TPM_UNDEFINED, /* 135 */
138 TPM_UNDEFINED, /* 136 */
139 TPM_UNDEFINED, /* 137 */
140 TPM_UNDEFINED, /* 138 */
141 TPM_UNDEFINED, /* 139 */
142 TPM_UNDEFINED, /* 13a */
143 TPM_UNDEFINED, /* 13b */
144 TPM_UNDEFINED, /* 13c */
145 TPM_UNDEFINED, /* 13d */
146 TPM_MEDIUM, /* 13e */
147 TPM_UNDEFINED, /* 13f */
148 TPM_UNDEFINED, /* 140 */
149 TPM_UNDEFINED, /* 141 */
150 TPM_UNDEFINED, /* 142 */
151 TPM_LONG, /* 143 */
152 TPM_MEDIUM, /* 144 */
153 TPM_UNDEFINED, /* 145 */
154 TPM_UNDEFINED, /* 146 */
155 TPM_UNDEFINED, /* 147 */
156 TPM_UNDEFINED, /* 148 */
157 TPM_UNDEFINED, /* 149 */
158 TPM_UNDEFINED, /* 14a */
159 TPM_UNDEFINED, /* 14b */
160 TPM_UNDEFINED, /* 14c */
161 TPM_UNDEFINED, /* 14d */
162 TPM_LONG, /* 14e */
163 TPM_UNDEFINED, /* 14f */
164 TPM_UNDEFINED, /* 150 */
165 TPM_UNDEFINED, /* 151 */
166 TPM_UNDEFINED, /* 152 */
167 TPM_UNDEFINED, /* 153 */
168 TPM_UNDEFINED, /* 154 */
169 TPM_UNDEFINED, /* 155 */
170 TPM_UNDEFINED, /* 156 */
171 TPM_UNDEFINED, /* 157 */
172 TPM_UNDEFINED, /* 158 */
173 TPM_UNDEFINED, /* 159 */
174 TPM_UNDEFINED, /* 15a */
175 TPM_UNDEFINED, /* 15b */
176 TPM_MEDIUM, /* 15c */
177 TPM_UNDEFINED, /* 15d */
178 TPM_UNDEFINED, /* 15e */
179 TPM_UNDEFINED, /* 15f */
180 TPM_UNDEFINED, /* 160 */
181 TPM_UNDEFINED, /* 161 */
182 TPM_UNDEFINED, /* 162 */
183 TPM_UNDEFINED, /* 163 */
184 TPM_UNDEFINED, /* 164 */
185 TPM_UNDEFINED, /* 165 */
186 TPM_UNDEFINED, /* 166 */
187 TPM_UNDEFINED, /* 167 */
188 TPM_UNDEFINED, /* 168 */
189 TPM_UNDEFINED, /* 169 */
190 TPM_UNDEFINED, /* 16a */
191 TPM_UNDEFINED, /* 16b */
192 TPM_UNDEFINED, /* 16c */
193 TPM_UNDEFINED, /* 16d */
194 TPM_UNDEFINED, /* 16e */
195 TPM_UNDEFINED, /* 16f */
196 TPM_UNDEFINED, /* 170 */
197 TPM_UNDEFINED, /* 171 */
198 TPM_UNDEFINED, /* 172 */
199 TPM_UNDEFINED, /* 173 */
200 TPM_UNDEFINED, /* 174 */
201 TPM_UNDEFINED, /* 175 */
202 TPM_UNDEFINED, /* 176 */
203 TPM_LONG, /* 177 */
204 TPM_UNDEFINED, /* 178 */
205 TPM_UNDEFINED, /* 179 */
206 TPM_MEDIUM, /* 17a */
207 TPM_LONG, /* 17b */
208 TPM_UNDEFINED, /* 17c */
209 TPM_UNDEFINED, /* 17d */
210 TPM_UNDEFINED, /* 17e */
211 TPM_UNDEFINED, /* 17f */
212 TPM_UNDEFINED, /* 180 */
213 TPM_UNDEFINED, /* 181 */
214 TPM_MEDIUM, /* 182 */
215 TPM_UNDEFINED, /* 183 */
216 TPM_UNDEFINED, /* 184 */
217 TPM_MEDIUM, /* 185 */
218 TPM_MEDIUM, /* 186 */
219 TPM_UNDEFINED, /* 187 */
220 TPM_UNDEFINED, /* 188 */
221 TPM_UNDEFINED, /* 189 */
222 TPM_UNDEFINED, /* 18a */
223 TPM_UNDEFINED, /* 18b */
224 TPM_UNDEFINED, /* 18c */
225 TPM_UNDEFINED, /* 18d */
226 TPM_UNDEFINED, /* 18e */
227 TPM_UNDEFINED /* 18f */
228 };
229
230 #define TPM2_PCR_READ_IN_SIZE \
231 (sizeof(struct tpm_input_header) + \
232 sizeof(struct tpm2_pcr_read_in))
233
234 #define TPM2_PCR_READ_RESP_BODY_SIZE \
235 sizeof(struct tpm2_pcr_read_out)
236
237 static const struct tpm_input_header tpm2_pcrread_header = {
238 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
239 .length = cpu_to_be32(TPM2_PCR_READ_IN_SIZE),
240 .ordinal = cpu_to_be32(TPM2_CC_PCR_READ)
241 };
242
243 /**
244 * tpm2_pcr_read() - read a PCR value
245 * @chip: TPM chip to use.
246 * @pcr_idx: index of the PCR to read.
247 * @res_buf: buffer to store the resulting hash.
248 *
249 * Return: Same as with tpm_transmit_cmd.
250 */
251 int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
252 {
253 int rc;
254 struct tpm2_cmd cmd;
255 u8 *buf;
256
257 if (pcr_idx >= TPM2_PLATFORM_PCR)
258 return -EINVAL;
259
260 cmd.header.in = tpm2_pcrread_header;
261 cmd.params.pcrread_in.pcr_selects_cnt = cpu_to_be32(1);
262 cmd.params.pcrread_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
263 cmd.params.pcrread_in.pcr_select_size = TPM2_PCR_SELECT_MIN;
264
265 memset(cmd.params.pcrread_in.pcr_select, 0,
266 sizeof(cmd.params.pcrread_in.pcr_select));
267 cmd.params.pcrread_in.pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7);
268
269 rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd),
270 TPM2_PCR_READ_RESP_BODY_SIZE,
271 0, "attempting to read a pcr value");
272 if (rc == 0) {
273 buf = cmd.params.pcrread_out.digest;
274 memcpy(res_buf, buf, TPM_DIGEST_SIZE);
275 }
276
277 return rc;
278 }
279
280 struct tpm2_null_auth_area {
281 __be32 handle;
282 __be16 nonce_size;
283 u8 attributes;
284 __be16 auth_size;
285 } __packed;
286
287 /**
288 * tpm2_pcr_extend() - extend a PCR value
289 *
290 * @chip: TPM chip to use.
291 * @pcr_idx: index of the PCR.
292 * @count: number of digests passed.
293 * @digests: list of pcr banks and corresponding digest values to extend.
294 *
295 * Return: Same as with tpm_transmit_cmd.
296 */
297 int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
298 struct tpm2_digest *digests)
299 {
300 struct tpm_buf buf;
301 struct tpm2_null_auth_area auth_area;
302 int rc;
303 int i;
304 int j;
305
306 if (count > ARRAY_SIZE(chip->active_banks))
307 return -EINVAL;
308
309 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND);
310 if (rc)
311 return rc;
312
313 tpm_buf_append_u32(&buf, pcr_idx);
314
315 auth_area.handle = cpu_to_be32(TPM2_RS_PW);
316 auth_area.nonce_size = 0;
317 auth_area.attributes = 0;
318 auth_area.auth_size = 0;
319
320 tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area));
321 tpm_buf_append(&buf, (const unsigned char *)&auth_area,
322 sizeof(auth_area));
323 tpm_buf_append_u32(&buf, count);
324
325 for (i = 0; i < count; i++) {
326 for (j = 0; j < ARRAY_SIZE(tpm2_hash_map); j++) {
327 if (digests[i].alg_id != tpm2_hash_map[j].tpm_id)
328 continue;
329 tpm_buf_append_u16(&buf, digests[i].alg_id);
330 tpm_buf_append(&buf, (const unsigned char
331 *)&digests[i].digest,
332 hash_digest_size[tpm2_hash_map[j].crypto_id]);
333 }
334 }
335
336 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0,
337 "attempting extend a PCR value");
338
339 tpm_buf_destroy(&buf);
340
341 return rc;
342 }
343
344
345 #define TPM2_GETRANDOM_IN_SIZE \
346 (sizeof(struct tpm_input_header) + \
347 sizeof(struct tpm2_get_random_in))
348
349 static const struct tpm_input_header tpm2_getrandom_header = {
350 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
351 .length = cpu_to_be32(TPM2_GETRANDOM_IN_SIZE),
352 .ordinal = cpu_to_be32(TPM2_CC_GET_RANDOM)
353 };
354
355 /**
356 * tpm2_get_random() - get random bytes from the TPM RNG
357 *
358 * @chip: TPM chip to use
359 * @out: destination buffer for the random bytes
360 * @max: the max number of bytes to write to @out
361 *
362 * Return:
363 * Size of the output buffer, or -EIO on error.
364 */
365 int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max)
366 {
367 struct tpm2_cmd cmd;
368 u32 recd, rlength;
369 u32 num_bytes;
370 int err;
371 int total = 0;
372 int retries = 5;
373 u8 *dest = out;
374
375 num_bytes = min_t(u32, max, sizeof(cmd.params.getrandom_out.buffer));
376
377 if (!out || !num_bytes ||
378 max > sizeof(cmd.params.getrandom_out.buffer))
379 return -EINVAL;
380
381 do {
382 cmd.header.in = tpm2_getrandom_header;
383 cmd.params.getrandom_in.size = cpu_to_be16(num_bytes);
384
385 err = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd),
386 offsetof(struct tpm2_get_random_out,
387 buffer),
388 0, "attempting get random");
389 if (err)
390 break;
391
392 recd = min_t(u32, be16_to_cpu(cmd.params.getrandom_out.size),
393 num_bytes);
394 rlength = be32_to_cpu(cmd.header.out.length);
395 if (rlength < offsetof(struct tpm2_get_random_out, buffer) +
396 recd)
397 return -EFAULT;
398 memcpy(dest, cmd.params.getrandom_out.buffer, recd);
399
400 dest += recd;
401 total += recd;
402 num_bytes -= recd;
403 } while (retries-- && total < max);
404
405 return total ? total : -EIO;
406 }
407
408 #define TPM2_GET_TPM_PT_IN_SIZE \
409 (sizeof(struct tpm_input_header) + \
410 sizeof(struct tpm2_get_tpm_pt_in))
411
412 #define TPM2_GET_TPM_PT_OUT_BODY_SIZE \
413 sizeof(struct tpm2_get_tpm_pt_out)
414
415 static const struct tpm_input_header tpm2_get_tpm_pt_header = {
416 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
417 .length = cpu_to_be32(TPM2_GET_TPM_PT_IN_SIZE),
418 .ordinal = cpu_to_be32(TPM2_CC_GET_CAPABILITY)
419 };
420
421 /**
422 * tpm2_flush_context_cmd() - execute a TPM2_FlushContext command
423 * @chip: TPM chip to use
424 * @payload: the key data in clear and encrypted form
425 * @options: authentication values and other options
426 *
427 * Return: same as with tpm_transmit_cmd
428 */
429 void tpm2_flush_context_cmd(struct tpm_chip *chip, u32 handle,
430 unsigned int flags)
431 {
432 struct tpm_buf buf;
433 int rc;
434
435 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_FLUSH_CONTEXT);
436 if (rc) {
437 dev_warn(&chip->dev, "0x%08x was not flushed, out of memory\n",
438 handle);
439 return;
440 }
441
442 tpm_buf_append_u32(&buf, handle);
443
444 (void) tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, flags,
445 "flushing context");
446
447 tpm_buf_destroy(&buf);
448 }
449
450 /**
451 * tpm_buf_append_auth() - append TPMS_AUTH_COMMAND to the buffer.
452 *
453 * @buf: an allocated tpm_buf instance
454 * @session_handle: session handle
455 * @nonce: the session nonce, may be NULL if not used
456 * @nonce_len: the session nonce length, may be 0 if not used
457 * @attributes: the session attributes
458 * @hmac: the session HMAC or password, may be NULL if not used
459 * @hmac_len: the session HMAC or password length, maybe 0 if not used
460 */
461 static void tpm2_buf_append_auth(struct tpm_buf *buf, u32 session_handle,
462 const u8 *nonce, u16 nonce_len,
463 u8 attributes,
464 const u8 *hmac, u16 hmac_len)
465 {
466 tpm_buf_append_u32(buf, 9 + nonce_len + hmac_len);
467 tpm_buf_append_u32(buf, session_handle);
468 tpm_buf_append_u16(buf, nonce_len);
469
470 if (nonce && nonce_len)
471 tpm_buf_append(buf, nonce, nonce_len);
472
473 tpm_buf_append_u8(buf, attributes);
474 tpm_buf_append_u16(buf, hmac_len);
475
476 if (hmac && hmac_len)
477 tpm_buf_append(buf, hmac, hmac_len);
478 }
479
480 /**
481 * tpm2_seal_trusted() - seal the payload of a trusted key
482 *
483 * @chip: TPM chip to use
484 * @payload: the key data in clear and encrypted form
485 * @options: authentication values and other options
486 *
487 * Return: < 0 on error and 0 on success.
488 */
489 int tpm2_seal_trusted(struct tpm_chip *chip,
490 struct trusted_key_payload *payload,
491 struct trusted_key_options *options)
492 {
493 unsigned int blob_len;
494 struct tpm_buf buf;
495 u32 hash, rlength;
496 int i;
497 int rc;
498
499 for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) {
500 if (options->hash == tpm2_hash_map[i].crypto_id) {
501 hash = tpm2_hash_map[i].tpm_id;
502 break;
503 }
504 }
505
506 if (i == ARRAY_SIZE(tpm2_hash_map))
507 return -EINVAL;
508
509 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CREATE);
510 if (rc)
511 return rc;
512
513 tpm_buf_append_u32(&buf, options->keyhandle);
514 tpm2_buf_append_auth(&buf, TPM2_RS_PW,
515 NULL /* nonce */, 0,
516 0 /* session_attributes */,
517 options->keyauth /* hmac */,
518 TPM_DIGEST_SIZE);
519
520 /* sensitive */
521 tpm_buf_append_u16(&buf, 4 + TPM_DIGEST_SIZE + payload->key_len + 1);
522
523 tpm_buf_append_u16(&buf, TPM_DIGEST_SIZE);
524 tpm_buf_append(&buf, options->blobauth, TPM_DIGEST_SIZE);
525 tpm_buf_append_u16(&buf, payload->key_len + 1);
526 tpm_buf_append(&buf, payload->key, payload->key_len);
527 tpm_buf_append_u8(&buf, payload->migratable);
528
529 /* public */
530 tpm_buf_append_u16(&buf, 14 + options->policydigest_len);
531 tpm_buf_append_u16(&buf, TPM2_ALG_KEYEDHASH);
532 tpm_buf_append_u16(&buf, hash);
533
534 /* policy */
535 if (options->policydigest_len) {
536 tpm_buf_append_u32(&buf, 0);
537 tpm_buf_append_u16(&buf, options->policydigest_len);
538 tpm_buf_append(&buf, options->policydigest,
539 options->policydigest_len);
540 } else {
541 tpm_buf_append_u32(&buf, TPM2_OA_USER_WITH_AUTH);
542 tpm_buf_append_u16(&buf, 0);
543 }
544
545 /* public parameters */
546 tpm_buf_append_u16(&buf, TPM2_ALG_NULL);
547 tpm_buf_append_u16(&buf, 0);
548
549 /* outside info */
550 tpm_buf_append_u16(&buf, 0);
551
552 /* creation PCR */
553 tpm_buf_append_u32(&buf, 0);
554
555 if (buf.flags & TPM_BUF_OVERFLOW) {
556 rc = -E2BIG;
557 goto out;
558 }
559
560 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 4, 0,
561 "sealing data");
562 if (rc)
563 goto out;
564
565 blob_len = be32_to_cpup((__be32 *) &buf.data[TPM_HEADER_SIZE]);
566 if (blob_len > MAX_BLOB_SIZE) {
567 rc = -E2BIG;
568 goto out;
569 }
570 rlength = be32_to_cpu(((struct tpm2_cmd *)&buf)->header.out.length);
571 if (rlength < TPM_HEADER_SIZE + 4 + blob_len) {
572 rc = -EFAULT;
573 goto out;
574 }
575
576 memcpy(payload->blob, &buf.data[TPM_HEADER_SIZE + 4], blob_len);
577 payload->blob_len = blob_len;
578
579 out:
580 tpm_buf_destroy(&buf);
581
582 if (rc > 0) {
583 if (tpm2_rc_value(rc) == TPM2_RC_HASH)
584 rc = -EINVAL;
585 else
586 rc = -EPERM;
587 }
588
589 return rc;
590 }
591
592 /**
593 * tpm2_load_cmd() - execute a TPM2_Load command
594 *
595 * @chip: TPM chip to use
596 * @payload: the key data in clear and encrypted form
597 * @options: authentication values and other options
598 * @blob_handle: returned blob handle
599 * @flags: tpm transmit flags
600 *
601 * Return: 0 on success.
602 * -E2BIG on wrong payload size.
603 * -EPERM on tpm error status.
604 * < 0 error from tpm_transmit_cmd.
605 */
606 static int tpm2_load_cmd(struct tpm_chip *chip,
607 struct trusted_key_payload *payload,
608 struct trusted_key_options *options,
609 u32 *blob_handle, unsigned int flags)
610 {
611 struct tpm_buf buf;
612 unsigned int private_len;
613 unsigned int public_len;
614 unsigned int blob_len;
615 int rc;
616
617 private_len = be16_to_cpup((__be16 *) &payload->blob[0]);
618 if (private_len > (payload->blob_len - 2))
619 return -E2BIG;
620
621 public_len = be16_to_cpup((__be16 *) &payload->blob[2 + private_len]);
622 blob_len = private_len + public_len + 4;
623 if (blob_len > payload->blob_len)
624 return -E2BIG;
625
626 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_LOAD);
627 if (rc)
628 return rc;
629
630 tpm_buf_append_u32(&buf, options->keyhandle);
631 tpm2_buf_append_auth(&buf, TPM2_RS_PW,
632 NULL /* nonce */, 0,
633 0 /* session_attributes */,
634 options->keyauth /* hmac */,
635 TPM_DIGEST_SIZE);
636
637 tpm_buf_append(&buf, payload->blob, blob_len);
638
639 if (buf.flags & TPM_BUF_OVERFLOW) {
640 rc = -E2BIG;
641 goto out;
642 }
643
644 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 4, flags,
645 "loading blob");
646 if (!rc)
647 *blob_handle = be32_to_cpup(
648 (__be32 *) &buf.data[TPM_HEADER_SIZE]);
649
650 out:
651 tpm_buf_destroy(&buf);
652
653 if (rc > 0)
654 rc = -EPERM;
655
656 return rc;
657 }
658
659 /**
660 * tpm2_unseal_cmd() - execute a TPM2_Unload command
661 *
662 * @chip: TPM chip to use
663 * @payload: the key data in clear and encrypted form
664 * @options: authentication values and other options
665 * @blob_handle: blob handle
666 * @flags: tpm_transmit_cmd flags
667 *
668 * Return: 0 on success
669 * -EPERM on tpm error status
670 * < 0 error from tpm_transmit_cmd
671 */
672 static int tpm2_unseal_cmd(struct tpm_chip *chip,
673 struct trusted_key_payload *payload,
674 struct trusted_key_options *options,
675 u32 blob_handle, unsigned int flags)
676 {
677 struct tpm_buf buf;
678 u16 data_len;
679 u8 *data;
680 int rc;
681 u32 rlength;
682
683 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_UNSEAL);
684 if (rc)
685 return rc;
686
687 tpm_buf_append_u32(&buf, blob_handle);
688 tpm2_buf_append_auth(&buf,
689 options->policyhandle ?
690 options->policyhandle : TPM2_RS_PW,
691 NULL /* nonce */, 0,
692 TPM2_SA_CONTINUE_SESSION,
693 options->blobauth /* hmac */,
694 TPM_DIGEST_SIZE);
695
696 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 6, flags,
697 "unsealing");
698 if (rc > 0)
699 rc = -EPERM;
700
701 if (!rc) {
702 data_len = be16_to_cpup(
703 (__be16 *) &buf.data[TPM_HEADER_SIZE + 4]);
704
705 rlength = be32_to_cpu(((struct tpm2_cmd *)&buf)
706 ->header.out.length);
707 if (rlength < TPM_HEADER_SIZE + 6 + data_len) {
708 rc = -EFAULT;
709 goto out;
710 }
711 data = &buf.data[TPM_HEADER_SIZE + 6];
712
713 memcpy(payload->key, data, data_len - 1);
714 payload->key_len = data_len - 1;
715 payload->migratable = data[data_len - 1];
716 }
717
718 out:
719 tpm_buf_destroy(&buf);
720 return rc;
721 }
722
723 /**
724 * tpm2_unseal_trusted() - unseal the payload of a trusted key
725 *
726 * @chip: TPM chip to use
727 * @payload: the key data in clear and encrypted form
728 * @options: authentication values and other options
729 *
730 * Return: Same as with tpm_transmit_cmd.
731 */
732 int tpm2_unseal_trusted(struct tpm_chip *chip,
733 struct trusted_key_payload *payload,
734 struct trusted_key_options *options)
735 {
736 u32 blob_handle;
737 int rc;
738
739 mutex_lock(&chip->tpm_mutex);
740 rc = tpm2_load_cmd(chip, payload, options, &blob_handle,
741 TPM_TRANSMIT_UNLOCKED);
742 if (rc)
743 goto out;
744
745 rc = tpm2_unseal_cmd(chip, payload, options, blob_handle,
746 TPM_TRANSMIT_UNLOCKED);
747 tpm2_flush_context_cmd(chip, blob_handle, TPM_TRANSMIT_UNLOCKED);
748 out:
749 mutex_unlock(&chip->tpm_mutex);
750 return rc;
751 }
752
753 /**
754 * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property
755 * @chip: TPM chip to use.
756 * @property_id: property ID.
757 * @value: output variable.
758 * @desc: passed to tpm_transmit_cmd()
759 *
760 * Return: Same as with tpm_transmit_cmd.
761 */
762 ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, u32 *value,
763 const char *desc)
764 {
765 struct tpm2_cmd cmd;
766 int rc;
767
768 cmd.header.in = tpm2_get_tpm_pt_header;
769 cmd.params.get_tpm_pt_in.cap_id = cpu_to_be32(TPM2_CAP_TPM_PROPERTIES);
770 cmd.params.get_tpm_pt_in.property_id = cpu_to_be32(property_id);
771 cmd.params.get_tpm_pt_in.property_cnt = cpu_to_be32(1);
772
773 rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd),
774 TPM2_GET_TPM_PT_OUT_BODY_SIZE, 0, desc);
775 if (!rc)
776 *value = be32_to_cpu(cmd.params.get_tpm_pt_out.value);
777
778 return rc;
779 }
780 EXPORT_SYMBOL_GPL(tpm2_get_tpm_pt);
781
782 #define TPM2_STARTUP_IN_SIZE \
783 (sizeof(struct tpm_input_header) + \
784 sizeof(struct tpm2_startup_in))
785
786 static const struct tpm_input_header tpm2_startup_header = {
787 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
788 .length = cpu_to_be32(TPM2_STARTUP_IN_SIZE),
789 .ordinal = cpu_to_be32(TPM2_CC_STARTUP)
790 };
791
792 /**
793 * tpm2_startup() - send startup command to the TPM chip
794 *
795 * @chip: TPM chip to use.
796 * @startup_type: startup type. The value is either
797 * TPM_SU_CLEAR or TPM_SU_STATE.
798 *
799 * Return: Same as with tpm_transmit_cmd.
800 */
801 static int tpm2_startup(struct tpm_chip *chip, u16 startup_type)
802 {
803 struct tpm2_cmd cmd;
804
805 cmd.header.in = tpm2_startup_header;
806
807 cmd.params.startup_in.startup_type = cpu_to_be16(startup_type);
808 return tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd), 0, 0,
809 "attempting to start the TPM");
810 }
811
812 #define TPM2_SHUTDOWN_IN_SIZE \
813 (sizeof(struct tpm_input_header) + \
814 sizeof(struct tpm2_startup_in))
815
816 static const struct tpm_input_header tpm2_shutdown_header = {
817 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
818 .length = cpu_to_be32(TPM2_SHUTDOWN_IN_SIZE),
819 .ordinal = cpu_to_be32(TPM2_CC_SHUTDOWN)
820 };
821
822 /**
823 * tpm2_shutdown() - send shutdown command to the TPM chip
824 *
825 * @chip: TPM chip to use.
826 * @shutdown_type: shutdown type. The value is either
827 * TPM_SU_CLEAR or TPM_SU_STATE.
828 */
829 void tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type)
830 {
831 struct tpm2_cmd cmd;
832 int rc;
833
834 cmd.header.in = tpm2_shutdown_header;
835 cmd.params.startup_in.startup_type = cpu_to_be16(shutdown_type);
836
837 rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd), 0, 0,
838 "stopping the TPM");
839
840 /* In places where shutdown command is sent there's no much we can do
841 * except print the error code on a system failure.
842 */
843 if (rc < 0)
844 dev_warn(&chip->dev, "transmit returned %d while stopping the TPM",
845 rc);
846 }
847
848 /*
849 * tpm2_calc_ordinal_duration() - maximum duration for a command
850 *
851 * @chip: TPM chip to use.
852 * @ordinal: command code number.
853 *
854 * Return: maximum duration for a command
855 */
856 unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
857 {
858 int index = TPM_UNDEFINED;
859 int duration = 0;
860
861 if (ordinal >= TPM2_CC_FIRST && ordinal <= TPM2_CC_LAST)
862 index = tpm2_ordinal_duration[ordinal - TPM2_CC_FIRST];
863
864 if (index != TPM_UNDEFINED)
865 duration = chip->duration[index];
866
867 if (duration <= 0)
868 duration = 2 * 60 * HZ;
869
870 return duration;
871 }
872 EXPORT_SYMBOL_GPL(tpm2_calc_ordinal_duration);
873
874 #define TPM2_SELF_TEST_IN_SIZE \
875 (sizeof(struct tpm_input_header) + \
876 sizeof(struct tpm2_self_test_in))
877
878 static const struct tpm_input_header tpm2_selftest_header = {
879 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
880 .length = cpu_to_be32(TPM2_SELF_TEST_IN_SIZE),
881 .ordinal = cpu_to_be32(TPM2_CC_SELF_TEST)
882 };
883
884 /**
885 * tpm2_continue_selftest() - start a self test
886 *
887 * @chip: TPM chip to use
888 * @full: test all commands instead of testing only those that were not
889 * previously tested.
890 *
891 * Return: Same as with tpm_transmit_cmd with exception of RC_TESTING.
892 */
893 static int tpm2_start_selftest(struct tpm_chip *chip, bool full)
894 {
895 int rc;
896 struct tpm2_cmd cmd;
897
898 cmd.header.in = tpm2_selftest_header;
899 cmd.params.selftest_in.full_test = full;
900
901 rc = tpm_transmit_cmd(chip, NULL, &cmd, TPM2_SELF_TEST_IN_SIZE, 0, 0,
902 "continue selftest");
903
904 /* At least some prototype chips seem to give RC_TESTING error
905 * immediately. This is a workaround for that.
906 */
907 if (rc == TPM2_RC_TESTING) {
908 dev_warn(&chip->dev, "Got RC_TESTING, ignoring\n");
909 rc = 0;
910 }
911
912 return rc;
913 }
914
915 /**
916 * tpm2_do_selftest() - run a full self test
917 *
918 * @chip: TPM chip to use
919 *
920 * Return: Same as with tpm_transmit_cmd.
921 *
922 * During the self test TPM2 commands return with the error code RC_TESTING.
923 * Waiting is done by issuing PCR read until it executes successfully.
924 */
925 static int tpm2_do_selftest(struct tpm_chip *chip)
926 {
927 int rc;
928 unsigned int loops;
929 unsigned int delay_msec = 100;
930 unsigned long duration;
931 struct tpm2_cmd cmd;
932 int i;
933
934 duration = tpm2_calc_ordinal_duration(chip, TPM2_CC_SELF_TEST);
935
936 loops = jiffies_to_msecs(duration) / delay_msec;
937
938 rc = tpm2_start_selftest(chip, true);
939 if (rc)
940 return rc;
941
942 for (i = 0; i < loops; i++) {
943 /* Attempt to read a PCR value */
944 cmd.header.in = tpm2_pcrread_header;
945 cmd.params.pcrread_in.pcr_selects_cnt = cpu_to_be32(1);
946 cmd.params.pcrread_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
947 cmd.params.pcrread_in.pcr_select_size = TPM2_PCR_SELECT_MIN;
948 cmd.params.pcrread_in.pcr_select[0] = 0x01;
949 cmd.params.pcrread_in.pcr_select[1] = 0x00;
950 cmd.params.pcrread_in.pcr_select[2] = 0x00;
951
952 rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd), 0, 0,
953 NULL);
954 if (rc < 0)
955 break;
956
957 rc = be32_to_cpu(cmd.header.out.return_code);
958 if (rc != TPM2_RC_TESTING)
959 break;
960
961 msleep(delay_msec);
962 }
963
964 return rc;
965 }
966
967 /**
968 * tpm2_probe() - probe TPM 2.0
969 * @chip: TPM chip to use
970 *
971 * Return: < 0 error and 0 on success.
972 *
973 * Send idempotent TPM 2.0 command and see whether TPM 2.0 chip replied based on
974 * the reply tag.
975 */
976 int tpm2_probe(struct tpm_chip *chip)
977 {
978 struct tpm2_cmd cmd;
979 int rc;
980
981 cmd.header.in = tpm2_get_tpm_pt_header;
982 cmd.params.get_tpm_pt_in.cap_id = cpu_to_be32(TPM2_CAP_TPM_PROPERTIES);
983 cmd.params.get_tpm_pt_in.property_id = cpu_to_be32(0x100);
984 cmd.params.get_tpm_pt_in.property_cnt = cpu_to_be32(1);
985
986 rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd), 0, 0, NULL);
987 if (rc < 0)
988 return rc;
989
990 if (be16_to_cpu(cmd.header.out.tag) == TPM2_ST_NO_SESSIONS)
991 chip->flags |= TPM_CHIP_FLAG_TPM2;
992
993 return 0;
994 }
995 EXPORT_SYMBOL_GPL(tpm2_probe);
996
997 struct tpm2_pcr_selection {
998 __be16 hash_alg;
999 u8 size_of_select;
1000 u8 pcr_select[3];
1001 } __packed;
1002
1003 static ssize_t tpm2_get_pcr_allocation(struct tpm_chip *chip)
1004 {
1005 struct tpm2_pcr_selection pcr_selection;
1006 struct tpm_buf buf;
1007 void *marker;
1008 void *end;
1009 void *pcr_select_offset;
1010 unsigned int count;
1011 u32 sizeof_pcr_selection;
1012 u32 rsp_len;
1013 int rc;
1014 int i = 0;
1015
1016 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
1017 if (rc)
1018 return rc;
1019
1020 tpm_buf_append_u32(&buf, TPM2_CAP_PCRS);
1021 tpm_buf_append_u32(&buf, 0);
1022 tpm_buf_append_u32(&buf, 1);
1023
1024 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 9, 0,
1025 "get tpm pcr allocation");
1026 if (rc)
1027 goto out;
1028
1029 count = be32_to_cpup(
1030 (__be32 *)&buf.data[TPM_HEADER_SIZE + 5]);
1031
1032 if (count > ARRAY_SIZE(chip->active_banks)) {
1033 rc = -ENODEV;
1034 goto out;
1035 }
1036
1037 marker = &buf.data[TPM_HEADER_SIZE + 9];
1038
1039 rsp_len = be32_to_cpup((__be32 *)&buf.data[2]);
1040 end = &buf.data[rsp_len];
1041
1042 for (i = 0; i < count; i++) {
1043 pcr_select_offset = marker +
1044 offsetof(struct tpm2_pcr_selection, size_of_select);
1045 if (pcr_select_offset >= end) {
1046 rc = -EFAULT;
1047 break;
1048 }
1049
1050 memcpy(&pcr_selection, marker, sizeof(pcr_selection));
1051 chip->active_banks[i] = be16_to_cpu(pcr_selection.hash_alg);
1052 sizeof_pcr_selection = sizeof(pcr_selection.hash_alg) +
1053 sizeof(pcr_selection.size_of_select) +
1054 pcr_selection.size_of_select;
1055 marker = marker + sizeof_pcr_selection;
1056 }
1057
1058 out:
1059 if (i < ARRAY_SIZE(chip->active_banks))
1060 chip->active_banks[i] = TPM2_ALG_ERROR;
1061
1062 tpm_buf_destroy(&buf);
1063
1064 return rc;
1065 }
1066
1067 static int tpm2_get_cc_attrs_tbl(struct tpm_chip *chip)
1068 {
1069 struct tpm_buf buf;
1070 u32 nr_commands;
1071 u32 *attrs;
1072 u32 cc;
1073 int i;
1074 int rc;
1075
1076 rc = tpm2_get_tpm_pt(chip, TPM_PT_TOTAL_COMMANDS, &nr_commands, NULL);
1077 if (rc)
1078 goto out;
1079
1080 if (nr_commands > 0xFFFFF) {
1081 rc = -EFAULT;
1082 goto out;
1083 }
1084
1085 chip->cc_attrs_tbl = devm_kzalloc(&chip->dev, 4 * nr_commands,
1086 GFP_KERNEL);
1087
1088 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
1089 if (rc)
1090 goto out;
1091
1092 tpm_buf_append_u32(&buf, TPM2_CAP_COMMANDS);
1093 tpm_buf_append_u32(&buf, TPM2_CC_FIRST);
1094 tpm_buf_append_u32(&buf, nr_commands);
1095
1096 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE,
1097 9 + 4 * nr_commands, 0, NULL);
1098 if (rc) {
1099 tpm_buf_destroy(&buf);
1100 goto out;
1101 }
1102
1103 if (nr_commands !=
1104 be32_to_cpup((__be32 *)&buf.data[TPM_HEADER_SIZE + 5])) {
1105 tpm_buf_destroy(&buf);
1106 goto out;
1107 }
1108
1109 chip->nr_commands = nr_commands;
1110
1111 attrs = (u32 *)&buf.data[TPM_HEADER_SIZE + 9];
1112 for (i = 0; i < nr_commands; i++, attrs++) {
1113 chip->cc_attrs_tbl[i] = be32_to_cpup(attrs);
1114 cc = chip->cc_attrs_tbl[i] & 0xFFFF;
1115
1116 if (cc == TPM2_CC_CONTEXT_SAVE || cc == TPM2_CC_FLUSH_CONTEXT) {
1117 chip->cc_attrs_tbl[i] &=
1118 ~(GENMASK(2, 0) << TPM2_CC_ATTR_CHANDLES);
1119 chip->cc_attrs_tbl[i] |= 1 << TPM2_CC_ATTR_CHANDLES;
1120 }
1121 }
1122
1123 tpm_buf_destroy(&buf);
1124
1125 out:
1126 if (rc > 0)
1127 rc = -ENODEV;
1128 return rc;
1129 }
1130
1131 /**
1132 * tpm2_auto_startup - Perform the standard automatic TPM initialization
1133 * sequence
1134 * @chip: TPM chip to use
1135 *
1136 * Returns 0 on success, < 0 in case of fatal error.
1137 */
1138 int tpm2_auto_startup(struct tpm_chip *chip)
1139 {
1140 int rc;
1141
1142 rc = tpm_get_timeouts(chip);
1143 if (rc)
1144 goto out;
1145
1146 rc = tpm2_do_selftest(chip);
1147 if (rc != 0 && rc != TPM2_RC_INITIALIZE) {
1148 dev_err(&chip->dev, "TPM self test failed\n");
1149 goto out;
1150 }
1151
1152 if (rc == TPM2_RC_INITIALIZE) {
1153 rc = tpm2_startup(chip, TPM2_SU_CLEAR);
1154 if (rc)
1155 goto out;
1156
1157 rc = tpm2_do_selftest(chip);
1158 if (rc) {
1159 dev_err(&chip->dev, "TPM self test failed\n");
1160 goto out;
1161 }
1162 }
1163
1164 rc = tpm2_get_pcr_allocation(chip);
1165 if (rc)
1166 goto out;
1167
1168 rc = tpm2_get_cc_attrs_tbl(chip);
1169
1170 out:
1171 if (rc > 0)
1172 rc = -ENODEV;
1173 return rc;
1174 }
1175
1176 int tpm2_find_cc(struct tpm_chip *chip, u32 cc)
1177 {
1178 int i;
1179
1180 for (i = 0; i < chip->nr_commands; i++)
1181 if (cc == (chip->cc_attrs_tbl[i] & GENMASK(15, 0)))
1182 return i;
1183
1184 return -1;
1185 }
Linux with added FPC-III support