1 /*
2 * Copyright (C) 2014, 2015 Intel Corporation
3 *
4 * Authors:
5 * Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
6 *
7 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
8 *
9 * This file contains TPM2 protocol implementations of the commands
10 * used by the kernel internally.
11 *
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; version 2
15 * of the License.
16 */
17
18 #include "tpm.h"
19 #include <keys/trusted-type.h>
20
21 enum tpm2_object_attributes {
22 TPM2_ATTR_USER_WITH_AUTH = BIT(6),
23 };
24
25 struct tpm2_startup_in {
26 __be16 startup_type;
27 } __packed;
28
29 struct tpm2_self_test_in {
30 u8 full_test;
31 } __packed;
32
33 struct tpm2_pcr_read_in {
34 __be32 pcr_selects_cnt;
35 __be16 hash_alg;
36 u8 pcr_select_size;
37 u8 pcr_select[TPM2_PCR_SELECT_MIN];
38 } __packed;
39
40 struct tpm2_pcr_read_out {
41 __be32 update_cnt;
42 __be32 pcr_selects_cnt;
43 __be16 hash_alg;
44 u8 pcr_select_size;
45 u8 pcr_select[TPM2_PCR_SELECT_MIN];
46 __be32 digests_cnt;
47 __be16 digest_size;
48 u8 digest[TPM_DIGEST_SIZE];
49 } __packed;
50
51 struct tpm2_null_auth_area {
52 __be32 handle;
53 __be16 nonce_size;
54 u8 attributes;
55 __be16 auth_size;
56 } __packed;
57
58 struct tpm2_pcr_extend_in {
59 __be32 pcr_idx;
60 __be32 auth_area_size;
61 struct tpm2_null_auth_area auth_area;
62 __be32 digest_cnt;
63 __be16 hash_alg;
64 u8 digest[TPM_DIGEST_SIZE];
65 } __packed;
66
67 struct tpm2_get_tpm_pt_in {
68 __be32 cap_id;
69 __be32 property_id;
70 __be32 property_cnt;
71 } __packed;
72
73 struct tpm2_get_tpm_pt_out {
74 u8 more_data;
75 __be32 subcap_id;
76 __be32 property_cnt;
77 __be32 property_id;
78 __be32 value;
79 } __packed;
80
81 struct tpm2_get_random_in {
82 __be16 size;
83 } __packed;
84
85 struct tpm2_get_random_out {
86 __be16 size;
87 u8 buffer[TPM_MAX_RNG_DATA];
88 } __packed;
89
90 union tpm2_cmd_params {
91 struct tpm2_startup_in startup_in;
92 struct tpm2_self_test_in selftest_in;
93 struct tpm2_pcr_read_in pcrread_in;
94 struct tpm2_pcr_read_out pcrread_out;
95 struct tpm2_pcr_extend_in pcrextend_in;
96 struct tpm2_get_tpm_pt_in get_tpm_pt_in;
97 struct tpm2_get_tpm_pt_out get_tpm_pt_out;
98 struct tpm2_get_random_in getrandom_in;
99 struct tpm2_get_random_out getrandom_out;
100 };
101
102 struct tpm2_cmd {
103 tpm_cmd_header header;
104 union tpm2_cmd_params params;
105 } __packed;
106
107 /*
108 * Array with one entry per ordinal defining the maximum amount
109 * of time the chip could take to return the result. The values
110 * of the SHORT, MEDIUM, and LONG durations are taken from the
111 * PC Client Profile (PTP) specification.
112 */
113 static const u8 tpm2_ordinal_duration[TPM2_CC_LAST - TPM2_CC_FIRST + 1] = {
114 TPM_UNDEFINED, /* 11F */
115 TPM_UNDEFINED, /* 120 */
116 TPM_LONG, /* 121 */
117 TPM_UNDEFINED, /* 122 */
118 TPM_UNDEFINED, /* 123 */
119 TPM_UNDEFINED, /* 124 */
120 TPM_UNDEFINED, /* 125 */
121 TPM_UNDEFINED, /* 126 */
122 TPM_UNDEFINED, /* 127 */
123 TPM_UNDEFINED, /* 128 */
124 TPM_LONG, /* 129 */
125 TPM_UNDEFINED, /* 12a */
126 TPM_UNDEFINED, /* 12b */
127 TPM_UNDEFINED, /* 12c */
128 TPM_UNDEFINED, /* 12d */
129 TPM_UNDEFINED, /* 12e */
130 TPM_UNDEFINED, /* 12f */
131 TPM_UNDEFINED, /* 130 */
132 TPM_UNDEFINED, /* 131 */
133 TPM_UNDEFINED, /* 132 */
134 TPM_UNDEFINED, /* 133 */
135 TPM_UNDEFINED, /* 134 */
136 TPM_UNDEFINED, /* 135 */
137 TPM_UNDEFINED, /* 136 */
138 TPM_UNDEFINED, /* 137 */
139 TPM_UNDEFINED, /* 138 */
140 TPM_UNDEFINED, /* 139 */
141 TPM_UNDEFINED, /* 13a */
142 TPM_UNDEFINED, /* 13b */
143 TPM_UNDEFINED, /* 13c */
144 TPM_UNDEFINED, /* 13d */
145 TPM_MEDIUM, /* 13e */
146 TPM_UNDEFINED, /* 13f */
147 TPM_UNDEFINED, /* 140 */
148 TPM_UNDEFINED, /* 141 */
149 TPM_UNDEFINED, /* 142 */
150 TPM_LONG, /* 143 */
151 TPM_MEDIUM, /* 144 */
152 TPM_UNDEFINED, /* 145 */
153 TPM_UNDEFINED, /* 146 */
154 TPM_UNDEFINED, /* 147 */
155 TPM_UNDEFINED, /* 148 */
156 TPM_UNDEFINED, /* 149 */
157 TPM_UNDEFINED, /* 14a */
158 TPM_UNDEFINED, /* 14b */
159 TPM_UNDEFINED, /* 14c */
160 TPM_UNDEFINED, /* 14d */
161 TPM_LONG, /* 14e */
162 TPM_UNDEFINED, /* 14f */
163 TPM_UNDEFINED, /* 150 */
164 TPM_UNDEFINED, /* 151 */
165 TPM_UNDEFINED, /* 152 */
166 TPM_UNDEFINED, /* 153 */
167 TPM_UNDEFINED, /* 154 */
168 TPM_UNDEFINED, /* 155 */
169 TPM_UNDEFINED, /* 156 */
170 TPM_UNDEFINED, /* 157 */
171 TPM_UNDEFINED, /* 158 */
172 TPM_UNDEFINED, /* 159 */
173 TPM_UNDEFINED, /* 15a */
174 TPM_UNDEFINED, /* 15b */
175 TPM_MEDIUM, /* 15c */
176 TPM_UNDEFINED, /* 15d */
177 TPM_UNDEFINED, /* 15e */
178 TPM_UNDEFINED, /* 15f */
179 TPM_UNDEFINED, /* 160 */
180 TPM_UNDEFINED, /* 161 */
181 TPM_UNDEFINED, /* 162 */
182 TPM_UNDEFINED, /* 163 */
183 TPM_UNDEFINED, /* 164 */
184 TPM_UNDEFINED, /* 165 */
185 TPM_UNDEFINED, /* 166 */
186 TPM_UNDEFINED, /* 167 */
187 TPM_UNDEFINED, /* 168 */
188 TPM_UNDEFINED, /* 169 */
189 TPM_UNDEFINED, /* 16a */
190 TPM_UNDEFINED, /* 16b */
191 TPM_UNDEFINED, /* 16c */
192 TPM_UNDEFINED, /* 16d */
193 TPM_UNDEFINED, /* 16e */
194 TPM_UNDEFINED, /* 16f */
195 TPM_UNDEFINED, /* 170 */
196 TPM_UNDEFINED, /* 171 */
197 TPM_UNDEFINED, /* 172 */
198 TPM_UNDEFINED, /* 173 */
199 TPM_UNDEFINED, /* 174 */
200 TPM_UNDEFINED, /* 175 */
201 TPM_UNDEFINED, /* 176 */
202 TPM_LONG, /* 177 */
203 TPM_UNDEFINED, /* 178 */
204 TPM_UNDEFINED, /* 179 */
205 TPM_MEDIUM, /* 17a */
206 TPM_LONG, /* 17b */
207 TPM_UNDEFINED, /* 17c */
208 TPM_UNDEFINED, /* 17d */
209 TPM_UNDEFINED, /* 17e */
210 TPM_UNDEFINED, /* 17f */
211 TPM_UNDEFINED, /* 180 */
212 TPM_UNDEFINED, /* 181 */
213 TPM_MEDIUM, /* 182 */
214 TPM_UNDEFINED, /* 183 */
215 TPM_UNDEFINED, /* 184 */
216 TPM_MEDIUM, /* 185 */
217 TPM_MEDIUM, /* 186 */
218 TPM_UNDEFINED, /* 187 */
219 TPM_UNDEFINED, /* 188 */
220 TPM_UNDEFINED, /* 189 */
221 TPM_UNDEFINED, /* 18a */
222 TPM_UNDEFINED, /* 18b */
223 TPM_UNDEFINED, /* 18c */
224 TPM_UNDEFINED, /* 18d */
225 TPM_UNDEFINED, /* 18e */
226 TPM_UNDEFINED /* 18f */
227 };
228
229 #define TPM2_PCR_READ_IN_SIZE \
230 (sizeof(struct tpm_input_header) + \
231 sizeof(struct tpm2_pcr_read_in))
232
233 static const struct tpm_input_header tpm2_pcrread_header = {
234 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
235 .length = cpu_to_be32(TPM2_PCR_READ_IN_SIZE),
236 .ordinal = cpu_to_be32(TPM2_CC_PCR_READ)
237 };
238
239 /**
240 * tpm2_pcr_read() - read a PCR value
241 * @chip: TPM chip to use.
242 * @pcr_idx: index of the PCR to read.
243 * @ref_buf: buffer to store the resulting hash,
244 *
245 * 0 is returned when the operation is successful. If a negative number is
246 * returned it remarks a POSIX error code. If a positive number is returned
247 * it remarks a TPM error.
248 */
tpm2_pcr_read(struct tpm_chip * chip,int pcr_idx,u8 * res_buf)249 int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
250 {
251 int rc;
252 struct tpm2_cmd cmd;
253 u8 *buf;
254
255 if (pcr_idx >= TPM2_PLATFORM_PCR)
256 return -EINVAL;
257
258 cmd.header.in = tpm2_pcrread_header;
259 cmd.params.pcrread_in.pcr_selects_cnt = cpu_to_be32(1);
260 cmd.params.pcrread_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
261 cmd.params.pcrread_in.pcr_select_size = TPM2_PCR_SELECT_MIN;
262
263 memset(cmd.params.pcrread_in.pcr_select, 0,
264 sizeof(cmd.params.pcrread_in.pcr_select));
265 cmd.params.pcrread_in.pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7);
266
267 rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0,
268 "attempting to read a pcr value");
269 if (rc == 0) {
270 buf = cmd.params.pcrread_out.digest;
271 memcpy(res_buf, buf, TPM_DIGEST_SIZE);
272 }
273
274 return rc;
275 }
276
277 #define TPM2_GET_PCREXTEND_IN_SIZE \
278 (sizeof(struct tpm_input_header) + \
279 sizeof(struct tpm2_pcr_extend_in))
280
281 static const struct tpm_input_header tpm2_pcrextend_header = {
282 .tag = cpu_to_be16(TPM2_ST_SESSIONS),
283 .length = cpu_to_be32(TPM2_GET_PCREXTEND_IN_SIZE),
284 .ordinal = cpu_to_be32(TPM2_CC_PCR_EXTEND)
285 };
286
287 /**
288 * tpm2_pcr_extend() - extend a PCR value
289 * @chip: TPM chip to use.
290 * @pcr_idx: index of the PCR.
291 * @hash: hash value to use for the extend operation.
292 *
293 * 0 is returned when the operation is successful. If a negative number is
294 * returned it remarks a POSIX error code. If a positive number is returned
295 * it remarks a TPM error.
296 */
tpm2_pcr_extend(struct tpm_chip * chip,int pcr_idx,const u8 * hash)297 int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
298 {
299 struct tpm2_cmd cmd;
300 int rc;
301
302 cmd.header.in = tpm2_pcrextend_header;
303 cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
304 cmd.params.pcrextend_in.auth_area_size =
305 cpu_to_be32(sizeof(struct tpm2_null_auth_area));
306 cmd.params.pcrextend_in.auth_area.handle =
307 cpu_to_be32(TPM2_RS_PW);
308 cmd.params.pcrextend_in.auth_area.nonce_size = 0;
309 cmd.params.pcrextend_in.auth_area.attributes = 0;
310 cmd.params.pcrextend_in.auth_area.auth_size = 0;
311 cmd.params.pcrextend_in.digest_cnt = cpu_to_be32(1);
312 cmd.params.pcrextend_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
313 memcpy(cmd.params.pcrextend_in.digest, hash, TPM_DIGEST_SIZE);
314
315 rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0,
316 "attempting extend a PCR value");
317
318 return rc;
319 }
320
321 #define TPM2_GETRANDOM_IN_SIZE \
322 (sizeof(struct tpm_input_header) + \
323 sizeof(struct tpm2_get_random_in))
324
325 static const struct tpm_input_header tpm2_getrandom_header = {
326 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
327 .length = cpu_to_be32(TPM2_GETRANDOM_IN_SIZE),
328 .ordinal = cpu_to_be32(TPM2_CC_GET_RANDOM)
329 };
330
331 /**
332 * tpm2_get_random() - get random bytes from the TPM RNG
333 * @chip: TPM chip to use
334 * @out: destination buffer for the random bytes
335 * @max: the max number of bytes to write to @out
336 *
337 * 0 is returned when the operation is successful. If a negative number is
338 * returned it remarks a POSIX error code. If a positive number is returned
339 * it remarks a TPM error.
340 */
tpm2_get_random(struct tpm_chip * chip,u8 * out,size_t max)341 int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max)
342 {
343 struct tpm2_cmd cmd;
344 u32 recd;
345 u32 num_bytes;
346 int err;
347 int total = 0;
348 int retries = 5;
349 u8 *dest = out;
350
351 num_bytes = min_t(u32, max, sizeof(cmd.params.getrandom_out.buffer));
352
353 if (!out || !num_bytes ||
354 max > sizeof(cmd.params.getrandom_out.buffer))
355 return -EINVAL;
356
357 do {
358 cmd.header.in = tpm2_getrandom_header;
359 cmd.params.getrandom_in.size = cpu_to_be16(num_bytes);
360
361 err = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0,
362 "attempting get random");
363 if (err)
364 break;
365
366 recd = min_t(u32, be16_to_cpu(cmd.params.getrandom_out.size),
367 num_bytes);
368 memcpy(dest, cmd.params.getrandom_out.buffer, recd);
369
370 dest += recd;
371 total += recd;
372 num_bytes -= recd;
373 } while (retries-- && total < max);
374
375 return total ? total : -EIO;
376 }
377
378 #define TPM2_GET_TPM_PT_IN_SIZE \
379 (sizeof(struct tpm_input_header) + \
380 sizeof(struct tpm2_get_tpm_pt_in))
381
382 static const struct tpm_input_header tpm2_get_tpm_pt_header = {
383 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
384 .length = cpu_to_be32(TPM2_GET_TPM_PT_IN_SIZE),
385 .ordinal = cpu_to_be32(TPM2_CC_GET_CAPABILITY)
386 };
387
388 /**
389 * Append TPMS_AUTH_COMMAND to the buffer. The buffer must be allocated with
390 * tpm_buf_alloc().
391 *
392 * @param buf: an allocated tpm_buf instance
393 * @param nonce: the session nonce, may be NULL if not used
394 * @param nonce_len: the session nonce length, may be 0 if not used
395 * @param attributes: the session attributes
396 * @param hmac: the session HMAC or password, may be NULL if not used
397 * @param hmac_len: the session HMAC or password length, maybe 0 if not used
398 */
tpm2_buf_append_auth(struct tpm_buf * buf,u32 session_handle,const u8 * nonce,u16 nonce_len,u8 attributes,const u8 * hmac,u16 hmac_len)399 static void tpm2_buf_append_auth(struct tpm_buf *buf, u32 session_handle,
400 const u8 *nonce, u16 nonce_len,
401 u8 attributes,
402 const u8 *hmac, u16 hmac_len)
403 {
404 tpm_buf_append_u32(buf, 9 + nonce_len + hmac_len);
405 tpm_buf_append_u32(buf, session_handle);
406 tpm_buf_append_u16(buf, nonce_len);
407
408 if (nonce && nonce_len)
409 tpm_buf_append(buf, nonce, nonce_len);
410
411 tpm_buf_append_u8(buf, attributes);
412 tpm_buf_append_u16(buf, hmac_len);
413
414 if (hmac && hmac_len)
415 tpm_buf_append(buf, hmac, hmac_len);
416 }
417
418 /**
419 * tpm2_seal_trusted() - seal the payload of a trusted key
420 * @chip_num: TPM chip to use
421 * @payload: the key data in clear and encrypted form
422 * @options: authentication values and other options
423 *
424 * Return: < 0 on error and 0 on success.
425 */
tpm2_seal_trusted(struct tpm_chip * chip,struct trusted_key_payload * payload,struct trusted_key_options * options)426 int tpm2_seal_trusted(struct tpm_chip *chip,
427 struct trusted_key_payload *payload,
428 struct trusted_key_options *options)
429 {
430 unsigned int blob_len;
431 struct tpm_buf buf;
432 int rc;
433
434 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CREATE);
435 if (rc)
436 return rc;
437
438 tpm_buf_append_u32(&buf, options->keyhandle);
439 tpm2_buf_append_auth(&buf, TPM2_RS_PW,
440 NULL /* nonce */, 0,
441 0 /* session_attributes */,
442 options->keyauth /* hmac */,
443 TPM_DIGEST_SIZE);
444
445 /* sensitive */
446 tpm_buf_append_u16(&buf, 4 + TPM_DIGEST_SIZE + payload->key_len + 1);
447
448 tpm_buf_append_u16(&buf, TPM_DIGEST_SIZE);
449 tpm_buf_append(&buf, options->blobauth, TPM_DIGEST_SIZE);
450 tpm_buf_append_u16(&buf, payload->key_len + 1);
451 tpm_buf_append(&buf, payload->key, payload->key_len);
452 tpm_buf_append_u8(&buf, payload->migratable);
453
454 /* public */
455 tpm_buf_append_u16(&buf, 14);
456
457 tpm_buf_append_u16(&buf, TPM2_ALG_KEYEDHASH);
458 tpm_buf_append_u16(&buf, TPM2_ALG_SHA256);
459 tpm_buf_append_u32(&buf, TPM2_ATTR_USER_WITH_AUTH);
460 tpm_buf_append_u16(&buf, 0); /* policy digest size */
461 tpm_buf_append_u16(&buf, TPM2_ALG_NULL);
462 tpm_buf_append_u16(&buf, 0);
463
464 /* outside info */
465 tpm_buf_append_u16(&buf, 0);
466
467 /* creation PCR */
468 tpm_buf_append_u32(&buf, 0);
469
470 if (buf.flags & TPM_BUF_OVERFLOW) {
471 rc = -E2BIG;
472 goto out;
473 }
474
475 rc = tpm_transmit_cmd(chip, buf.data, PAGE_SIZE, 0, "sealing data");
476 if (rc)
477 goto out;
478
479 blob_len = be32_to_cpup((__be32 *) &buf.data[TPM_HEADER_SIZE]);
480 if (blob_len > MAX_BLOB_SIZE) {
481 rc = -E2BIG;
482 goto out;
483 }
484
485 memcpy(payload->blob, &buf.data[TPM_HEADER_SIZE + 4], blob_len);
486 payload->blob_len = blob_len;
487
488 out:
489 tpm_buf_destroy(&buf);
490
491 if (rc > 0)
492 rc = -EPERM;
493
494 return rc;
495 }
496
497 /**
498 * tpm2_load_cmd() - execute a TPM2_Load command
499 * @chip_num: TPM chip to use
500 * @payload: the key data in clear and encrypted form
501 * @options: authentication values and other options
502 *
503 * Return: same as with tpm_transmit_cmd
504 */
tpm2_load_cmd(struct tpm_chip * chip,struct trusted_key_payload * payload,struct trusted_key_options * options,u32 * blob_handle,unsigned int flags)505 static int tpm2_load_cmd(struct tpm_chip *chip,
506 struct trusted_key_payload *payload,
507 struct trusted_key_options *options,
508 u32 *blob_handle, unsigned int flags)
509 {
510 struct tpm_buf buf;
511 unsigned int private_len;
512 unsigned int public_len;
513 unsigned int blob_len;
514 int rc;
515
516 private_len = be16_to_cpup((__be16 *) &payload->blob[0]);
517 if (private_len > (payload->blob_len - 2))
518 return -E2BIG;
519
520 public_len = be16_to_cpup((__be16 *) &payload->blob[2 + private_len]);
521 blob_len = private_len + public_len + 4;
522 if (blob_len > payload->blob_len)
523 return -E2BIG;
524
525 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_LOAD);
526 if (rc)
527 return rc;
528
529 tpm_buf_append_u32(&buf, options->keyhandle);
530 tpm2_buf_append_auth(&buf, TPM2_RS_PW,
531 NULL /* nonce */, 0,
532 0 /* session_attributes */,
533 options->keyauth /* hmac */,
534 TPM_DIGEST_SIZE);
535
536 tpm_buf_append(&buf, payload->blob, blob_len);
537
538 if (buf.flags & TPM_BUF_OVERFLOW) {
539 rc = -E2BIG;
540 goto out;
541 }
542
543 rc = tpm_transmit_cmd(chip, buf.data, PAGE_SIZE, flags, "loading blob");
544 if (!rc)
545 *blob_handle = be32_to_cpup(
546 (__be32 *) &buf.data[TPM_HEADER_SIZE]);
547
548 out:
549 tpm_buf_destroy(&buf);
550
551 if (rc > 0)
552 rc = -EPERM;
553
554 return rc;
555 }
556
557 /**
558 * tpm2_flush_context_cmd() - execute a TPM2_FlushContext command
559 * @chip_num: TPM chip to use
560 * @payload: the key data in clear and encrypted form
561 * @options: authentication values and other options
562 *
563 * Return: same as with tpm_transmit_cmd
564 */
tpm2_flush_context_cmd(struct tpm_chip * chip,u32 handle,unsigned int flags)565 static void tpm2_flush_context_cmd(struct tpm_chip *chip, u32 handle,
566 unsigned int flags)
567 {
568 struct tpm_buf buf;
569 int rc;
570
571 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_FLUSH_CONTEXT);
572 if (rc) {
573 dev_warn(&chip->dev, "0x%08x was not flushed, out of memory\n",
574 handle);
575 return;
576 }
577
578 tpm_buf_append_u32(&buf, handle);
579
580 rc = tpm_transmit_cmd(chip, buf.data, PAGE_SIZE, flags,
581 "flushing context");
582 if (rc)
583 dev_warn(&chip->dev, "0x%08x was not flushed, rc=%d\n", handle,
584 rc);
585
586 tpm_buf_destroy(&buf);
587 }
588
589 /**
590 * tpm2_unseal_cmd() - execute a TPM2_Unload command
591 * @chip_num: TPM chip to use
592 * @payload: the key data in clear and encrypted form
593 * @options: authentication values and other options
594 *
595 * Return: same as with tpm_transmit_cmd
596 */
tpm2_unseal_cmd(struct tpm_chip * chip,struct trusted_key_payload * payload,struct trusted_key_options * options,u32 blob_handle,unsigned int flags)597 static int tpm2_unseal_cmd(struct tpm_chip *chip,
598 struct trusted_key_payload *payload,
599 struct trusted_key_options *options,
600 u32 blob_handle, unsigned int flags)
601 {
602 struct tpm_buf buf;
603 u16 data_len;
604 u8 *data;
605 int rc;
606
607 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_UNSEAL);
608 if (rc)
609 return rc;
610
611 tpm_buf_append_u32(&buf, blob_handle);
612 tpm2_buf_append_auth(&buf, TPM2_RS_PW,
613 NULL /* nonce */, 0,
614 0 /* session_attributes */,
615 options->blobauth /* hmac */,
616 TPM_DIGEST_SIZE);
617
618 rc = tpm_transmit_cmd(chip, buf.data, PAGE_SIZE, flags, "unsealing");
619 if (rc > 0)
620 rc = -EPERM;
621
622 if (!rc) {
623 data_len = be16_to_cpup(
624 (__be16 *) &buf.data[TPM_HEADER_SIZE + 4]);
625 if (data_len < MIN_KEY_SIZE || data_len > MAX_KEY_SIZE + 1) {
626 rc = -EFAULT;
627 goto out;
628 }
629
630 data = &buf.data[TPM_HEADER_SIZE + 6];
631
632 memcpy(payload->key, data, data_len - 1);
633 payload->key_len = data_len - 1;
634 payload->migratable = data[data_len - 1];
635 }
636
637 out:
638 tpm_buf_destroy(&buf);
639 return rc;
640 }
641
642 /**
643 * tpm_unseal_trusted() - unseal the payload of a trusted key
644 * @chip_num: TPM chip to use
645 * @payload: the key data in clear and encrypted form
646 * @options: authentication values and other options
647 *
648 * Return: < 0 on error and 0 on success.
649 */
tpm2_unseal_trusted(struct tpm_chip * chip,struct trusted_key_payload * payload,struct trusted_key_options * options)650 int tpm2_unseal_trusted(struct tpm_chip *chip,
651 struct trusted_key_payload *payload,
652 struct trusted_key_options *options)
653 {
654 u32 blob_handle;
655 int rc;
656
657 mutex_lock(&chip->tpm_mutex);
658 rc = tpm2_load_cmd(chip, payload, options, &blob_handle,
659 TPM_TRANSMIT_UNLOCKED);
660 if (rc)
661 goto out;
662
663 rc = tpm2_unseal_cmd(chip, payload, options, blob_handle,
664 TPM_TRANSMIT_UNLOCKED);
665 tpm2_flush_context_cmd(chip, blob_handle, TPM_TRANSMIT_UNLOCKED);
666 out:
667 mutex_unlock(&chip->tpm_mutex);
668 return rc;
669 }
670
671 /**
672 * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property
673 * @chip: TPM chip to use.
674 * @property_id: property ID.
675 * @value: output variable.
676 * @desc: passed to tpm_transmit_cmd()
677 *
678 * 0 is returned when the operation is successful. If a negative number is
679 * returned it remarks a POSIX error code. If a positive number is returned
680 * it remarks a TPM error.
681 */
tpm2_get_tpm_pt(struct tpm_chip * chip,u32 property_id,u32 * value,const char * desc)682 ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, u32 *value,
683 const char *desc)
684 {
685 struct tpm2_cmd cmd;
686 int rc;
687
688 cmd.header.in = tpm2_get_tpm_pt_header;
689 cmd.params.get_tpm_pt_in.cap_id = cpu_to_be32(TPM2_CAP_TPM_PROPERTIES);
690 cmd.params.get_tpm_pt_in.property_id = cpu_to_be32(property_id);
691 cmd.params.get_tpm_pt_in.property_cnt = cpu_to_be32(1);
692
693 rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0, desc);
694 if (!rc)
695 *value = be32_to_cpu(cmd.params.get_tpm_pt_out.value);
696
697 return rc;
698 }
699
700 #define TPM2_STARTUP_IN_SIZE \
701 (sizeof(struct tpm_input_header) + \
702 sizeof(struct tpm2_startup_in))
703
704 static const struct tpm_input_header tpm2_startup_header = {
705 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
706 .length = cpu_to_be32(TPM2_STARTUP_IN_SIZE),
707 .ordinal = cpu_to_be32(TPM2_CC_STARTUP)
708 };
709
710 /**
711 * tpm2_startup() - send startup command to the TPM chip
712 * @chip: TPM chip to use.
713 * @startup_type startup type. The value is either
714 * TPM_SU_CLEAR or TPM_SU_STATE.
715 *
716 * 0 is returned when the operation is successful. If a negative number is
717 * returned it remarks a POSIX error code. If a positive number is returned
718 * it remarks a TPM error.
719 */
tpm2_startup(struct tpm_chip * chip,u16 startup_type)720 int tpm2_startup(struct tpm_chip *chip, u16 startup_type)
721 {
722 struct tpm2_cmd cmd;
723
724 cmd.header.in = tpm2_startup_header;
725
726 cmd.params.startup_in.startup_type = cpu_to_be16(startup_type);
727 return tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0,
728 "attempting to start the TPM");
729 }
730 EXPORT_SYMBOL_GPL(tpm2_startup);
731
732 #define TPM2_SHUTDOWN_IN_SIZE \
733 (sizeof(struct tpm_input_header) + \
734 sizeof(struct tpm2_startup_in))
735
736 static const struct tpm_input_header tpm2_shutdown_header = {
737 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
738 .length = cpu_to_be32(TPM2_SHUTDOWN_IN_SIZE),
739 .ordinal = cpu_to_be32(TPM2_CC_SHUTDOWN)
740 };
741
742 /**
743 * tpm2_shutdown() - send shutdown command to the TPM chip
744 * @chip: TPM chip to use.
745 * @shutdown_type shutdown type. The value is either
746 * TPM_SU_CLEAR or TPM_SU_STATE.
747 */
tpm2_shutdown(struct tpm_chip * chip,u16 shutdown_type)748 void tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type)
749 {
750 struct tpm2_cmd cmd;
751 int rc;
752
753 cmd.header.in = tpm2_shutdown_header;
754 cmd.params.startup_in.startup_type = cpu_to_be16(shutdown_type);
755
756 rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0, "stopping the TPM");
757
758 /* In places where shutdown command is sent there's no much we can do
759 * except print the error code on a system failure.
760 */
761 if (rc < 0)
762 dev_warn(&chip->dev, "transmit returned %d while stopping the TPM",
763 rc);
764 }
765 EXPORT_SYMBOL_GPL(tpm2_shutdown);
766
767 /*
768 * tpm2_calc_ordinal_duration() - maximum duration for a command
769 * @chip: TPM chip to use.
770 * @ordinal: command code number.
771 *
772 * 0 is returned when the operation is successful. If a negative number is
773 * returned it remarks a POSIX error code. If a positive number is returned
774 * it remarks a TPM error.
775 */
tpm2_calc_ordinal_duration(struct tpm_chip * chip,u32 ordinal)776 unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
777 {
778 int index = TPM_UNDEFINED;
779 int duration = 0;
780
781 if (ordinal >= TPM2_CC_FIRST && ordinal <= TPM2_CC_LAST)
782 index = tpm2_ordinal_duration[ordinal - TPM2_CC_FIRST];
783
784 if (index != TPM_UNDEFINED)
785 duration = chip->vendor.duration[index];
786
787 if (duration <= 0)
788 duration = 2 * 60 * HZ;
789
790 return duration;
791 }
792 EXPORT_SYMBOL_GPL(tpm2_calc_ordinal_duration);
793
794 #define TPM2_SELF_TEST_IN_SIZE \
795 (sizeof(struct tpm_input_header) + \
796 sizeof(struct tpm2_self_test_in))
797
798 static const struct tpm_input_header tpm2_selftest_header = {
799 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
800 .length = cpu_to_be32(TPM2_SELF_TEST_IN_SIZE),
801 .ordinal = cpu_to_be32(TPM2_CC_SELF_TEST)
802 };
803
804 /**
805 * tpm2_continue_selftest() - start a self test
806 * @chip: TPM chip to use
807 * @full: test all commands instead of testing only those that were not
808 * previously tested.
809 *
810 * 0 is returned when the operation is successful. If a negative number is
811 * returned it remarks a POSIX error code. If a positive number is returned
812 * it remarks a TPM error.
813 */
tpm2_start_selftest(struct tpm_chip * chip,bool full)814 static int tpm2_start_selftest(struct tpm_chip *chip, bool full)
815 {
816 int rc;
817 struct tpm2_cmd cmd;
818
819 cmd.header.in = tpm2_selftest_header;
820 cmd.params.selftest_in.full_test = full;
821
822 rc = tpm_transmit_cmd(chip, &cmd, TPM2_SELF_TEST_IN_SIZE, 0,
823 "continue selftest");
824
825 /* At least some prototype chips seem to give RC_TESTING error
826 * immediately. This is a workaround for that.
827 */
828 if (rc == TPM2_RC_TESTING) {
829 dev_warn(&chip->dev, "Got RC_TESTING, ignoring\n");
830 rc = 0;
831 }
832
833 return rc;
834 }
835
836 /**
837 * tpm2_do_selftest() - run a full self test
838 * @chip: TPM chip to use
839 *
840 * During the self test TPM2 commands return with the error code RC_TESTING.
841 * Waiting is done by issuing PCR read until it executes successfully.
842 *
843 * 0 is returned when the operation is successful. If a negative number is
844 * returned it remarks a POSIX error code. If a positive number is returned
845 * it remarks a TPM error.
846 */
tpm2_do_selftest(struct tpm_chip * chip)847 int tpm2_do_selftest(struct tpm_chip *chip)
848 {
849 int rc;
850 unsigned int loops;
851 unsigned int delay_msec = 100;
852 unsigned long duration;
853 struct tpm2_cmd cmd;
854 int i;
855
856 duration = tpm2_calc_ordinal_duration(chip, TPM2_CC_SELF_TEST);
857
858 loops = jiffies_to_msecs(duration) / delay_msec;
859
860 rc = tpm2_start_selftest(chip, true);
861 if (rc)
862 return rc;
863
864 for (i = 0; i < loops; i++) {
865 /* Attempt to read a PCR value */
866 cmd.header.in = tpm2_pcrread_header;
867 cmd.params.pcrread_in.pcr_selects_cnt = cpu_to_be32(1);
868 cmd.params.pcrread_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
869 cmd.params.pcrread_in.pcr_select_size = TPM2_PCR_SELECT_MIN;
870 cmd.params.pcrread_in.pcr_select[0] = 0x01;
871 cmd.params.pcrread_in.pcr_select[1] = 0x00;
872 cmd.params.pcrread_in.pcr_select[2] = 0x00;
873
874 rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0, NULL);
875 if (rc < 0)
876 break;
877
878 rc = be32_to_cpu(cmd.header.out.return_code);
879 if (rc != TPM2_RC_TESTING)
880 break;
881
882 msleep(delay_msec);
883 }
884
885 return rc;
886 }
887 EXPORT_SYMBOL_GPL(tpm2_do_selftest);
888
889 /**
890 * tpm2_gen_interrupt() - generate an interrupt
891 * @chip: TPM chip to use
892 *
893 * 0 is returned when the operation is successful. If a negative number is
894 * returned it remarks a POSIX error code. If a positive number is returned
895 * it remarks a TPM error.
896 */
tpm2_gen_interrupt(struct tpm_chip * chip)897 int tpm2_gen_interrupt(struct tpm_chip *chip)
898 {
899 u32 dummy;
900
901 return tpm2_get_tpm_pt(chip, 0x100, &dummy,
902 "attempting to generate an interrupt");
903 }
904 EXPORT_SYMBOL_GPL(tpm2_gen_interrupt);
905
906 /**
907 * tpm2_probe() - probe TPM 2.0
908 * @chip: TPM chip to use
909 *
910 * Send idempotent TPM 2.0 command and see whether TPM 2.0 chip replied based on
911 * the reply tag.
912 */
tpm2_probe(struct tpm_chip * chip)913 int tpm2_probe(struct tpm_chip *chip)
914 {
915 struct tpm2_cmd cmd;
916 int rc;
917
918 cmd.header.in = tpm2_get_tpm_pt_header;
919 cmd.params.get_tpm_pt_in.cap_id = cpu_to_be32(TPM2_CAP_TPM_PROPERTIES);
920 cmd.params.get_tpm_pt_in.property_id = cpu_to_be32(0x100);
921 cmd.params.get_tpm_pt_in.property_cnt = cpu_to_be32(1);
922
923 rc = tpm_transmit(chip, (const u8 *)&cmd, sizeof(cmd), 0);
924 if (rc < 0)
925 return rc;
926 else if (rc < TPM_HEADER_SIZE)
927 return -EFAULT;
928
929 if (be16_to_cpu(cmd.header.out.tag) == TPM2_ST_NO_SESSIONS)
930 chip->flags |= TPM_CHIP_FLAG_TPM2;
931
932 return 0;
933 }
934 EXPORT_SYMBOL_GPL(tpm2_probe);
935