1 /* 2 * Copyright (C) 2014, 2015 Intel Corporation 3 * 4 * Authors: 5 * Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> 6 * 7 * Maintained by: <tpmdd-devel@lists.sourceforge.net> 8 * 9 * This file contains TPM2 protocol implementations of the commands 10 * used by the kernel internally. 11 * 12 * This program is free software; you can redistribute it and/or 13 * modify it under the terms of the GNU General Public License 14 * as published by the Free Software Foundation; version 2 15 * of the License. 16 */ 17 18 #include "tpm.h" 19 #include <crypto/hash_info.h> 20 #include <keys/trusted-type.h> 21 22 enum tpm2_object_attributes { 23 TPM2_OA_USER_WITH_AUTH = BIT(6), 24 }; 25 26 enum tpm2_session_attributes { 27 TPM2_SA_CONTINUE_SESSION = BIT(0), 28 }; 29 30 struct tpm2_hash { 31 unsigned int crypto_id; 32 unsigned int tpm_id; 33 }; 34 35 static struct tpm2_hash tpm2_hash_map[] = { 36 {HASH_ALGO_SHA1, TPM2_ALG_SHA1}, 37 {HASH_ALGO_SHA256, TPM2_ALG_SHA256}, 38 {HASH_ALGO_SHA384, TPM2_ALG_SHA384}, 39 {HASH_ALGO_SHA512, TPM2_ALG_SHA512}, 40 {HASH_ALGO_SM3_256, TPM2_ALG_SM3_256}, 41 }; 42 43 /* 44 * Array with one entry per ordinal defining the maximum amount 45 * of time the chip could take to return the result. The values 46 * of the SHORT, MEDIUM, and LONG durations are taken from the 47 * PC Client Profile (PTP) specification. 48 * LONG_LONG is for commands that generates keys which empirically 49 * takes longer time on some systems. 50 */ 51 static const u8 tpm2_ordinal_duration[TPM2_CC_LAST - TPM2_CC_FIRST + 1] = { 52 TPM_UNDEFINED, /* 11F */ 53 TPM_UNDEFINED, /* 120 */ 54 TPM_LONG, /* 121 */ 55 TPM_UNDEFINED, /* 122 */ 56 TPM_UNDEFINED, /* 123 */ 57 TPM_UNDEFINED, /* 124 */ 58 TPM_UNDEFINED, /* 125 */ 59 TPM_UNDEFINED, /* 126 */ 60 TPM_UNDEFINED, /* 127 */ 61 TPM_UNDEFINED, /* 128 */ 62 TPM_LONG, /* 129 */ 63 TPM_UNDEFINED, /* 12a */ 64 TPM_UNDEFINED, /* 12b */ 65 TPM_UNDEFINED, /* 12c */ 66 TPM_UNDEFINED, /* 12d */ 67 TPM_UNDEFINED, /* 12e */ 68 TPM_UNDEFINED, /* 12f */ 69 TPM_UNDEFINED, /* 130 */ 70 TPM_LONG_LONG, /* 131 */ 71 TPM_UNDEFINED, /* 132 */ 72 TPM_UNDEFINED, /* 133 */ 73 TPM_UNDEFINED, /* 134 */ 74 TPM_UNDEFINED, /* 135 */ 75 TPM_UNDEFINED, /* 136 */ 76 TPM_UNDEFINED, /* 137 */ 77 TPM_UNDEFINED, /* 138 */ 78 TPM_UNDEFINED, /* 139 */ 79 TPM_UNDEFINED, /* 13a */ 80 TPM_UNDEFINED, /* 13b */ 81 TPM_UNDEFINED, /* 13c */ 82 TPM_UNDEFINED, /* 13d */ 83 TPM_MEDIUM, /* 13e */ 84 TPM_UNDEFINED, /* 13f */ 85 TPM_UNDEFINED, /* 140 */ 86 TPM_UNDEFINED, /* 141 */ 87 TPM_UNDEFINED, /* 142 */ 88 TPM_LONG, /* 143 */ 89 TPM_MEDIUM, /* 144 */ 90 TPM_UNDEFINED, /* 145 */ 91 TPM_UNDEFINED, /* 146 */ 92 TPM_UNDEFINED, /* 147 */ 93 TPM_UNDEFINED, /* 148 */ 94 TPM_UNDEFINED, /* 149 */ 95 TPM_UNDEFINED, /* 14a */ 96 TPM_UNDEFINED, /* 14b */ 97 TPM_UNDEFINED, /* 14c */ 98 TPM_UNDEFINED, /* 14d */ 99 TPM_LONG, /* 14e */ 100 TPM_UNDEFINED, /* 14f */ 101 TPM_UNDEFINED, /* 150 */ 102 TPM_UNDEFINED, /* 151 */ 103 TPM_UNDEFINED, /* 152 */ 104 TPM_LONG_LONG, /* 153 */ 105 TPM_UNDEFINED, /* 154 */ 106 TPM_UNDEFINED, /* 155 */ 107 TPM_UNDEFINED, /* 156 */ 108 TPM_UNDEFINED, /* 157 */ 109 TPM_UNDEFINED, /* 158 */ 110 TPM_UNDEFINED, /* 159 */ 111 TPM_UNDEFINED, /* 15a */ 112 TPM_UNDEFINED, /* 15b */ 113 TPM_MEDIUM, /* 15c */ 114 TPM_UNDEFINED, /* 15d */ 115 TPM_UNDEFINED, /* 15e */ 116 TPM_UNDEFINED, /* 15f */ 117 TPM_UNDEFINED, /* 160 */ 118 TPM_UNDEFINED, /* 161 */ 119 TPM_UNDEFINED, /* 162 */ 120 TPM_UNDEFINED, /* 163 */ 121 TPM_UNDEFINED, /* 164 */ 122 TPM_UNDEFINED, /* 165 */ 123 TPM_UNDEFINED, /* 166 */ 124 TPM_UNDEFINED, /* 167 */ 125 TPM_UNDEFINED, /* 168 */ 126 TPM_UNDEFINED, /* 169 */ 127 TPM_UNDEFINED, /* 16a */ 128 TPM_UNDEFINED, /* 16b */ 129 TPM_UNDEFINED, /* 16c */ 130 TPM_UNDEFINED, /* 16d */ 131 TPM_UNDEFINED, /* 16e */ 132 TPM_UNDEFINED, /* 16f */ 133 TPM_UNDEFINED, /* 170 */ 134 TPM_UNDEFINED, /* 171 */ 135 TPM_UNDEFINED, /* 172 */ 136 TPM_UNDEFINED, /* 173 */ 137 TPM_UNDEFINED, /* 174 */ 138 TPM_UNDEFINED, /* 175 */ 139 TPM_UNDEFINED, /* 176 */ 140 TPM_LONG, /* 177 */ 141 TPM_UNDEFINED, /* 178 */ 142 TPM_UNDEFINED, /* 179 */ 143 TPM_MEDIUM, /* 17a */ 144 TPM_LONG, /* 17b */ 145 TPM_UNDEFINED, /* 17c */ 146 TPM_UNDEFINED, /* 17d */ 147 TPM_UNDEFINED, /* 17e */ 148 TPM_UNDEFINED, /* 17f */ 149 TPM_UNDEFINED, /* 180 */ 150 TPM_UNDEFINED, /* 181 */ 151 TPM_MEDIUM, /* 182 */ 152 TPM_UNDEFINED, /* 183 */ 153 TPM_UNDEFINED, /* 184 */ 154 TPM_MEDIUM, /* 185 */ 155 TPM_MEDIUM, /* 186 */ 156 TPM_UNDEFINED, /* 187 */ 157 TPM_UNDEFINED, /* 188 */ 158 TPM_UNDEFINED, /* 189 */ 159 TPM_UNDEFINED, /* 18a */ 160 TPM_UNDEFINED, /* 18b */ 161 TPM_UNDEFINED, /* 18c */ 162 TPM_UNDEFINED, /* 18d */ 163 TPM_UNDEFINED, /* 18e */ 164 TPM_UNDEFINED /* 18f */ 165 }; 166 167 struct tpm2_pcr_read_out { 168 __be32 update_cnt; 169 __be32 pcr_selects_cnt; 170 __be16 hash_alg; 171 u8 pcr_select_size; 172 u8 pcr_select[TPM2_PCR_SELECT_MIN]; 173 __be32 digests_cnt; 174 __be16 digest_size; 175 u8 digest[]; 176 } __packed; 177 178 /** 179 * tpm2_pcr_read() - read a PCR value 180 * @chip: TPM chip to use. 181 * @pcr_idx: index of the PCR to read. 182 * @res_buf: buffer to store the resulting hash. 183 * 184 * Return: Same as with tpm_transmit_cmd. 185 */ 186 int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) 187 { 188 int rc; 189 struct tpm_buf buf; 190 struct tpm2_pcr_read_out *out; 191 u8 pcr_select[TPM2_PCR_SELECT_MIN] = {0}; 192 193 if (pcr_idx >= TPM2_PLATFORM_PCR) 194 return -EINVAL; 195 196 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_PCR_READ); 197 if (rc) 198 return rc; 199 200 pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7); 201 202 tpm_buf_append_u32(&buf, 1); 203 tpm_buf_append_u16(&buf, TPM2_ALG_SHA1); 204 tpm_buf_append_u8(&buf, TPM2_PCR_SELECT_MIN); 205 tpm_buf_append(&buf, (const unsigned char *)pcr_select, 206 sizeof(pcr_select)); 207 208 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0, 209 res_buf ? "attempting to read a pcr value" : NULL); 210 if (rc == 0 && res_buf) { 211 out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE]; 212 memcpy(res_buf, out->digest, SHA1_DIGEST_SIZE); 213 } 214 215 tpm_buf_destroy(&buf); 216 return rc; 217 } 218 219 struct tpm2_null_auth_area { 220 __be32 handle; 221 __be16 nonce_size; 222 u8 attributes; 223 __be16 auth_size; 224 } __packed; 225 226 /** 227 * tpm2_pcr_extend() - extend a PCR value 228 * 229 * @chip: TPM chip to use. 230 * @pcr_idx: index of the PCR. 231 * @count: number of digests passed. 232 * @digests: list of pcr banks and corresponding digest values to extend. 233 * 234 * Return: Same as with tpm_transmit_cmd. 235 */ 236 int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count, 237 struct tpm2_digest *digests) 238 { 239 struct tpm_buf buf; 240 struct tpm2_null_auth_area auth_area; 241 int rc; 242 int i; 243 int j; 244 245 if (count > ARRAY_SIZE(chip->active_banks)) 246 return -EINVAL; 247 248 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND); 249 if (rc) 250 return rc; 251 252 tpm_buf_append_u32(&buf, pcr_idx); 253 254 auth_area.handle = cpu_to_be32(TPM2_RS_PW); 255 auth_area.nonce_size = 0; 256 auth_area.attributes = 0; 257 auth_area.auth_size = 0; 258 259 tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area)); 260 tpm_buf_append(&buf, (const unsigned char *)&auth_area, 261 sizeof(auth_area)); 262 tpm_buf_append_u32(&buf, count); 263 264 for (i = 0; i < count; i++) { 265 for (j = 0; j < ARRAY_SIZE(tpm2_hash_map); j++) { 266 if (digests[i].alg_id != tpm2_hash_map[j].tpm_id) 267 continue; 268 tpm_buf_append_u16(&buf, digests[i].alg_id); 269 tpm_buf_append(&buf, (const unsigned char 270 *)&digests[i].digest, 271 hash_digest_size[tpm2_hash_map[j].crypto_id]); 272 } 273 } 274 275 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0, 276 "attempting extend a PCR value"); 277 278 tpm_buf_destroy(&buf); 279 280 return rc; 281 } 282 283 284 struct tpm2_get_random_out { 285 __be16 size; 286 u8 buffer[TPM_MAX_RNG_DATA]; 287 } __packed; 288 289 /** 290 * tpm2_get_random() - get random bytes from the TPM RNG 291 * 292 * @chip: a &tpm_chip instance 293 * @dest: destination buffer 294 * @max: the max number of random bytes to pull 295 * 296 * Return: 297 * size of the buffer on success, 298 * -errno otherwise 299 */ 300 int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max) 301 { 302 struct tpm2_get_random_out *out; 303 struct tpm_buf buf; 304 u32 recd; 305 u32 num_bytes = max; 306 int err; 307 int total = 0; 308 int retries = 5; 309 u8 *dest_ptr = dest; 310 311 if (!num_bytes || max > TPM_MAX_RNG_DATA) 312 return -EINVAL; 313 314 err = tpm_buf_init(&buf, 0, 0); 315 if (err) 316 return err; 317 318 do { 319 tpm_buf_reset(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_RANDOM); 320 tpm_buf_append_u16(&buf, num_bytes); 321 err = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 322 offsetof(struct tpm2_get_random_out, 323 buffer), 324 0, "attempting get random"); 325 if (err) 326 goto out; 327 328 out = (struct tpm2_get_random_out *) 329 &buf.data[TPM_HEADER_SIZE]; 330 recd = min_t(u32, be16_to_cpu(out->size), num_bytes); 331 if (tpm_buf_length(&buf) < 332 TPM_HEADER_SIZE + 333 offsetof(struct tpm2_get_random_out, buffer) + 334 recd) { 335 err = -EFAULT; 336 goto out; 337 } 338 memcpy(dest_ptr, out->buffer, recd); 339 340 dest_ptr += recd; 341 total += recd; 342 num_bytes -= recd; 343 } while (retries-- && total < max); 344 345 tpm_buf_destroy(&buf); 346 return total ? total : -EIO; 347 out: 348 tpm_buf_destroy(&buf); 349 return err; 350 } 351 352 /** 353 * tpm2_flush_context_cmd() - execute a TPM2_FlushContext command 354 * @chip: TPM chip to use 355 * @payload: the key data in clear and encrypted form 356 * @options: authentication values and other options 357 * 358 * Return: same as with tpm_transmit_cmd 359 */ 360 void tpm2_flush_context_cmd(struct tpm_chip *chip, u32 handle, 361 unsigned int flags) 362 { 363 struct tpm_buf buf; 364 int rc; 365 366 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_FLUSH_CONTEXT); 367 if (rc) { 368 dev_warn(&chip->dev, "0x%08x was not flushed, out of memory\n", 369 handle); 370 return; 371 } 372 373 tpm_buf_append_u32(&buf, handle); 374 375 (void) tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, flags, 376 "flushing context"); 377 378 tpm_buf_destroy(&buf); 379 } 380 381 /** 382 * tpm_buf_append_auth() - append TPMS_AUTH_COMMAND to the buffer. 383 * 384 * @buf: an allocated tpm_buf instance 385 * @session_handle: session handle 386 * @nonce: the session nonce, may be NULL if not used 387 * @nonce_len: the session nonce length, may be 0 if not used 388 * @attributes: the session attributes 389 * @hmac: the session HMAC or password, may be NULL if not used 390 * @hmac_len: the session HMAC or password length, maybe 0 if not used 391 */ 392 static void tpm2_buf_append_auth(struct tpm_buf *buf, u32 session_handle, 393 const u8 *nonce, u16 nonce_len, 394 u8 attributes, 395 const u8 *hmac, u16 hmac_len) 396 { 397 tpm_buf_append_u32(buf, 9 + nonce_len + hmac_len); 398 tpm_buf_append_u32(buf, session_handle); 399 tpm_buf_append_u16(buf, nonce_len); 400 401 if (nonce && nonce_len) 402 tpm_buf_append(buf, nonce, nonce_len); 403 404 tpm_buf_append_u8(buf, attributes); 405 tpm_buf_append_u16(buf, hmac_len); 406 407 if (hmac && hmac_len) 408 tpm_buf_append(buf, hmac, hmac_len); 409 } 410 411 /** 412 * tpm2_seal_trusted() - seal the payload of a trusted key 413 * 414 * @chip: TPM chip to use 415 * @payload: the key data in clear and encrypted form 416 * @options: authentication values and other options 417 * 418 * Return: < 0 on error and 0 on success. 419 */ 420 int tpm2_seal_trusted(struct tpm_chip *chip, 421 struct trusted_key_payload *payload, 422 struct trusted_key_options *options) 423 { 424 unsigned int blob_len; 425 struct tpm_buf buf; 426 u32 hash; 427 int i; 428 int rc; 429 430 for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) { 431 if (options->hash == tpm2_hash_map[i].crypto_id) { 432 hash = tpm2_hash_map[i].tpm_id; 433 break; 434 } 435 } 436 437 if (i == ARRAY_SIZE(tpm2_hash_map)) 438 return -EINVAL; 439 440 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CREATE); 441 if (rc) 442 return rc; 443 444 tpm_buf_append_u32(&buf, options->keyhandle); 445 tpm2_buf_append_auth(&buf, TPM2_RS_PW, 446 NULL /* nonce */, 0, 447 0 /* session_attributes */, 448 options->keyauth /* hmac */, 449 TPM_DIGEST_SIZE); 450 451 /* sensitive */ 452 tpm_buf_append_u16(&buf, 4 + TPM_DIGEST_SIZE + payload->key_len + 1); 453 454 tpm_buf_append_u16(&buf, TPM_DIGEST_SIZE); 455 tpm_buf_append(&buf, options->blobauth, TPM_DIGEST_SIZE); 456 tpm_buf_append_u16(&buf, payload->key_len + 1); 457 tpm_buf_append(&buf, payload->key, payload->key_len); 458 tpm_buf_append_u8(&buf, payload->migratable); 459 460 /* public */ 461 tpm_buf_append_u16(&buf, 14 + options->policydigest_len); 462 tpm_buf_append_u16(&buf, TPM2_ALG_KEYEDHASH); 463 tpm_buf_append_u16(&buf, hash); 464 465 /* policy */ 466 if (options->policydigest_len) { 467 tpm_buf_append_u32(&buf, 0); 468 tpm_buf_append_u16(&buf, options->policydigest_len); 469 tpm_buf_append(&buf, options->policydigest, 470 options->policydigest_len); 471 } else { 472 tpm_buf_append_u32(&buf, TPM2_OA_USER_WITH_AUTH); 473 tpm_buf_append_u16(&buf, 0); 474 } 475 476 /* public parameters */ 477 tpm_buf_append_u16(&buf, TPM2_ALG_NULL); 478 tpm_buf_append_u16(&buf, 0); 479 480 /* outside info */ 481 tpm_buf_append_u16(&buf, 0); 482 483 /* creation PCR */ 484 tpm_buf_append_u32(&buf, 0); 485 486 if (buf.flags & TPM_BUF_OVERFLOW) { 487 rc = -E2BIG; 488 goto out; 489 } 490 491 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 4, 0, 492 "sealing data"); 493 if (rc) 494 goto out; 495 496 blob_len = be32_to_cpup((__be32 *) &buf.data[TPM_HEADER_SIZE]); 497 if (blob_len > MAX_BLOB_SIZE) { 498 rc = -E2BIG; 499 goto out; 500 } 501 if (tpm_buf_length(&buf) < TPM_HEADER_SIZE + 4 + blob_len) { 502 rc = -EFAULT; 503 goto out; 504 } 505 506 memcpy(payload->blob, &buf.data[TPM_HEADER_SIZE + 4], blob_len); 507 payload->blob_len = blob_len; 508 509 out: 510 tpm_buf_destroy(&buf); 511 512 if (rc > 0) { 513 if (tpm2_rc_value(rc) == TPM2_RC_HASH) 514 rc = -EINVAL; 515 else 516 rc = -EPERM; 517 } 518 519 return rc; 520 } 521 522 /** 523 * tpm2_load_cmd() - execute a TPM2_Load command 524 * 525 * @chip: TPM chip to use 526 * @payload: the key data in clear and encrypted form 527 * @options: authentication values and other options 528 * @blob_handle: returned blob handle 529 * @flags: tpm transmit flags 530 * 531 * Return: 0 on success. 532 * -E2BIG on wrong payload size. 533 * -EPERM on tpm error status. 534 * < 0 error from tpm_transmit_cmd. 535 */ 536 static int tpm2_load_cmd(struct tpm_chip *chip, 537 struct trusted_key_payload *payload, 538 struct trusted_key_options *options, 539 u32 *blob_handle, unsigned int flags) 540 { 541 struct tpm_buf buf; 542 unsigned int private_len; 543 unsigned int public_len; 544 unsigned int blob_len; 545 int rc; 546 547 private_len = be16_to_cpup((__be16 *) &payload->blob[0]); 548 if (private_len > (payload->blob_len - 2)) 549 return -E2BIG; 550 551 public_len = be16_to_cpup((__be16 *) &payload->blob[2 + private_len]); 552 blob_len = private_len + public_len + 4; 553 if (blob_len > payload->blob_len) 554 return -E2BIG; 555 556 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_LOAD); 557 if (rc) 558 return rc; 559 560 tpm_buf_append_u32(&buf, options->keyhandle); 561 tpm2_buf_append_auth(&buf, TPM2_RS_PW, 562 NULL /* nonce */, 0, 563 0 /* session_attributes */, 564 options->keyauth /* hmac */, 565 TPM_DIGEST_SIZE); 566 567 tpm_buf_append(&buf, payload->blob, blob_len); 568 569 if (buf.flags & TPM_BUF_OVERFLOW) { 570 rc = -E2BIG; 571 goto out; 572 } 573 574 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 4, flags, 575 "loading blob"); 576 if (!rc) 577 *blob_handle = be32_to_cpup( 578 (__be32 *) &buf.data[TPM_HEADER_SIZE]); 579 580 out: 581 tpm_buf_destroy(&buf); 582 583 if (rc > 0) 584 rc = -EPERM; 585 586 return rc; 587 } 588 589 /** 590 * tpm2_unseal_cmd() - execute a TPM2_Unload command 591 * 592 * @chip: TPM chip to use 593 * @payload: the key data in clear and encrypted form 594 * @options: authentication values and other options 595 * @blob_handle: blob handle 596 * @flags: tpm_transmit_cmd flags 597 * 598 * Return: 0 on success 599 * -EPERM on tpm error status 600 * < 0 error from tpm_transmit_cmd 601 */ 602 static int tpm2_unseal_cmd(struct tpm_chip *chip, 603 struct trusted_key_payload *payload, 604 struct trusted_key_options *options, 605 u32 blob_handle, unsigned int flags) 606 { 607 struct tpm_buf buf; 608 u16 data_len; 609 u8 *data; 610 int rc; 611 612 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_UNSEAL); 613 if (rc) 614 return rc; 615 616 tpm_buf_append_u32(&buf, blob_handle); 617 tpm2_buf_append_auth(&buf, 618 options->policyhandle ? 619 options->policyhandle : TPM2_RS_PW, 620 NULL /* nonce */, 0, 621 TPM2_SA_CONTINUE_SESSION, 622 options->blobauth /* hmac */, 623 TPM_DIGEST_SIZE); 624 625 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 6, flags, 626 "unsealing"); 627 if (rc > 0) 628 rc = -EPERM; 629 630 if (!rc) { 631 data_len = be16_to_cpup( 632 (__be16 *) &buf.data[TPM_HEADER_SIZE + 4]); 633 if (data_len < MIN_KEY_SIZE || data_len > MAX_KEY_SIZE + 1) { 634 rc = -EFAULT; 635 goto out; 636 } 637 638 if (tpm_buf_length(&buf) < TPM_HEADER_SIZE + 6 + data_len) { 639 rc = -EFAULT; 640 goto out; 641 } 642 data = &buf.data[TPM_HEADER_SIZE + 6]; 643 644 memcpy(payload->key, data, data_len - 1); 645 payload->key_len = data_len - 1; 646 payload->migratable = data[data_len - 1]; 647 } 648 649 out: 650 tpm_buf_destroy(&buf); 651 return rc; 652 } 653 654 /** 655 * tpm2_unseal_trusted() - unseal the payload of a trusted key 656 * 657 * @chip: TPM chip to use 658 * @payload: the key data in clear and encrypted form 659 * @options: authentication values and other options 660 * 661 * Return: Same as with tpm_transmit_cmd. 662 */ 663 int tpm2_unseal_trusted(struct tpm_chip *chip, 664 struct trusted_key_payload *payload, 665 struct trusted_key_options *options) 666 { 667 u32 blob_handle; 668 int rc; 669 670 mutex_lock(&chip->tpm_mutex); 671 rc = tpm2_load_cmd(chip, payload, options, &blob_handle, 672 TPM_TRANSMIT_UNLOCKED); 673 if (rc) 674 goto out; 675 676 rc = tpm2_unseal_cmd(chip, payload, options, blob_handle, 677 TPM_TRANSMIT_UNLOCKED); 678 tpm2_flush_context_cmd(chip, blob_handle, TPM_TRANSMIT_UNLOCKED); 679 out: 680 mutex_unlock(&chip->tpm_mutex); 681 return rc; 682 } 683 684 struct tpm2_get_cap_out { 685 u8 more_data; 686 __be32 subcap_id; 687 __be32 property_cnt; 688 __be32 property_id; 689 __be32 value; 690 } __packed; 691 692 /** 693 * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property 694 * @chip: a &tpm_chip instance 695 * @property_id: property ID. 696 * @value: output variable. 697 * @desc: passed to tpm_transmit_cmd() 698 * 699 * Return: 700 * 0 on success, 701 * -errno or a TPM return code otherwise 702 */ 703 ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, u32 *value, 704 const char *desc) 705 { 706 struct tpm2_get_cap_out *out; 707 struct tpm_buf buf; 708 int rc; 709 710 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 711 if (rc) 712 return rc; 713 tpm_buf_append_u32(&buf, TPM2_CAP_TPM_PROPERTIES); 714 tpm_buf_append_u32(&buf, property_id); 715 tpm_buf_append_u32(&buf, 1); 716 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0, NULL); 717 if (!rc) { 718 out = (struct tpm2_get_cap_out *) 719 &buf.data[TPM_HEADER_SIZE]; 720 *value = be32_to_cpu(out->value); 721 } 722 tpm_buf_destroy(&buf); 723 return rc; 724 } 725 EXPORT_SYMBOL_GPL(tpm2_get_tpm_pt); 726 727 /** 728 * tpm2_shutdown() - send a TPM shutdown command 729 * 730 * Sends a TPM shutdown command. The shutdown command is used in call 731 * sites where the system is going down. If it fails, there is not much 732 * that can be done except print an error message. 733 * 734 * @chip: a &tpm_chip instance 735 * @shutdown_type: TPM_SU_CLEAR or TPM_SU_STATE. 736 */ 737 void tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type) 738 { 739 struct tpm_buf buf; 740 int rc; 741 742 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_SHUTDOWN); 743 if (rc) 744 return; 745 tpm_buf_append_u16(&buf, shutdown_type); 746 tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0, 747 "stopping the TPM"); 748 tpm_buf_destroy(&buf); 749 } 750 751 /* 752 * tpm2_calc_ordinal_duration() - maximum duration for a command 753 * 754 * @chip: TPM chip to use. 755 * @ordinal: command code number. 756 * 757 * Return: maximum duration for a command 758 */ 759 unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal) 760 { 761 int index = TPM_UNDEFINED; 762 int duration = 0; 763 764 if (ordinal >= TPM2_CC_FIRST && ordinal <= TPM2_CC_LAST) 765 index = tpm2_ordinal_duration[ordinal - TPM2_CC_FIRST]; 766 767 if (index != TPM_UNDEFINED) 768 duration = chip->duration[index]; 769 770 if (duration <= 0) 771 duration = msecs_to_jiffies(TPM2_DURATION_DEFAULT); 772 773 return duration; 774 } 775 EXPORT_SYMBOL_GPL(tpm2_calc_ordinal_duration); 776 777 /** 778 * tpm2_do_selftest() - ensure that all self tests have passed 779 * 780 * @chip: TPM chip to use 781 * 782 * Return: Same as with tpm_transmit_cmd. 783 * 784 * The TPM can either run all self tests synchronously and then return 785 * RC_SUCCESS once all tests were successful. Or it can choose to run the tests 786 * asynchronously and return RC_TESTING immediately while the self tests still 787 * execute in the background. This function handles both cases and waits until 788 * all tests have completed. 789 */ 790 static int tpm2_do_selftest(struct tpm_chip *chip) 791 { 792 struct tpm_buf buf; 793 int full; 794 int rc; 795 796 for (full = 0; full < 2; full++) { 797 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_SELF_TEST); 798 if (rc) 799 return rc; 800 801 tpm_buf_append_u8(&buf, full); 802 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0, 803 "attempting the self test"); 804 tpm_buf_destroy(&buf); 805 806 if (rc == TPM2_RC_TESTING) 807 rc = TPM2_RC_SUCCESS; 808 if (rc == TPM2_RC_INITIALIZE || rc == TPM2_RC_SUCCESS) 809 return rc; 810 } 811 812 return rc; 813 } 814 815 /** 816 * tpm2_probe() - probe for the TPM 2.0 protocol 817 * @chip: a &tpm_chip instance 818 * 819 * Send an idempotent TPM 2.0 command and see whether there is TPM2 chip in the 820 * other end based on the response tag. The flag TPM_CHIP_FLAG_TPM2 is set by 821 * this function if this is the case. 822 * 823 * Return: 824 * 0 on success, 825 * -errno otherwise 826 */ 827 int tpm2_probe(struct tpm_chip *chip) 828 { 829 struct tpm_output_header *out; 830 struct tpm_buf buf; 831 int rc; 832 833 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 834 if (rc) 835 return rc; 836 tpm_buf_append_u32(&buf, TPM2_CAP_TPM_PROPERTIES); 837 tpm_buf_append_u32(&buf, TPM_PT_TOTAL_COMMANDS); 838 tpm_buf_append_u32(&buf, 1); 839 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0, NULL); 840 /* We ignore TPM return codes on purpose. */ 841 if (rc >= 0) { 842 out = (struct tpm_output_header *)buf.data; 843 if (be16_to_cpu(out->tag) == TPM2_ST_NO_SESSIONS) 844 chip->flags |= TPM_CHIP_FLAG_TPM2; 845 } 846 tpm_buf_destroy(&buf); 847 return 0; 848 } 849 EXPORT_SYMBOL_GPL(tpm2_probe); 850 851 struct tpm2_pcr_selection { 852 __be16 hash_alg; 853 u8 size_of_select; 854 u8 pcr_select[3]; 855 } __packed; 856 857 static ssize_t tpm2_get_pcr_allocation(struct tpm_chip *chip) 858 { 859 struct tpm2_pcr_selection pcr_selection; 860 struct tpm_buf buf; 861 void *marker; 862 void *end; 863 void *pcr_select_offset; 864 unsigned int count; 865 u32 sizeof_pcr_selection; 866 u32 rsp_len; 867 int rc; 868 int i = 0; 869 870 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 871 if (rc) 872 return rc; 873 874 tpm_buf_append_u32(&buf, TPM2_CAP_PCRS); 875 tpm_buf_append_u32(&buf, 0); 876 tpm_buf_append_u32(&buf, 1); 877 878 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 9, 0, 879 "get tpm pcr allocation"); 880 if (rc) 881 goto out; 882 883 count = be32_to_cpup( 884 (__be32 *)&buf.data[TPM_HEADER_SIZE + 5]); 885 886 if (count > ARRAY_SIZE(chip->active_banks)) { 887 rc = -ENODEV; 888 goto out; 889 } 890 891 marker = &buf.data[TPM_HEADER_SIZE + 9]; 892 893 rsp_len = be32_to_cpup((__be32 *)&buf.data[2]); 894 end = &buf.data[rsp_len]; 895 896 for (i = 0; i < count; i++) { 897 pcr_select_offset = marker + 898 offsetof(struct tpm2_pcr_selection, size_of_select); 899 if (pcr_select_offset >= end) { 900 rc = -EFAULT; 901 break; 902 } 903 904 memcpy(&pcr_selection, marker, sizeof(pcr_selection)); 905 chip->active_banks[i] = be16_to_cpu(pcr_selection.hash_alg); 906 sizeof_pcr_selection = sizeof(pcr_selection.hash_alg) + 907 sizeof(pcr_selection.size_of_select) + 908 pcr_selection.size_of_select; 909 marker = marker + sizeof_pcr_selection; 910 } 911 912 out: 913 if (i < ARRAY_SIZE(chip->active_banks)) 914 chip->active_banks[i] = TPM2_ALG_ERROR; 915 916 tpm_buf_destroy(&buf); 917 918 return rc; 919 } 920 921 static int tpm2_get_cc_attrs_tbl(struct tpm_chip *chip) 922 { 923 struct tpm_buf buf; 924 u32 nr_commands; 925 __be32 *attrs; 926 u32 cc; 927 int i; 928 int rc; 929 930 rc = tpm2_get_tpm_pt(chip, TPM_PT_TOTAL_COMMANDS, &nr_commands, NULL); 931 if (rc) 932 goto out; 933 934 if (nr_commands > 0xFFFFF) { 935 rc = -EFAULT; 936 goto out; 937 } 938 939 chip->cc_attrs_tbl = devm_kcalloc(&chip->dev, 4, nr_commands, 940 GFP_KERNEL); 941 942 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 943 if (rc) 944 goto out; 945 946 tpm_buf_append_u32(&buf, TPM2_CAP_COMMANDS); 947 tpm_buf_append_u32(&buf, TPM2_CC_FIRST); 948 tpm_buf_append_u32(&buf, nr_commands); 949 950 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 951 9 + 4 * nr_commands, 0, NULL); 952 if (rc) { 953 tpm_buf_destroy(&buf); 954 goto out; 955 } 956 957 if (nr_commands != 958 be32_to_cpup((__be32 *)&buf.data[TPM_HEADER_SIZE + 5])) { 959 tpm_buf_destroy(&buf); 960 goto out; 961 } 962 963 chip->nr_commands = nr_commands; 964 965 attrs = (__be32 *)&buf.data[TPM_HEADER_SIZE + 9]; 966 for (i = 0; i < nr_commands; i++, attrs++) { 967 chip->cc_attrs_tbl[i] = be32_to_cpup(attrs); 968 cc = chip->cc_attrs_tbl[i] & 0xFFFF; 969 970 if (cc == TPM2_CC_CONTEXT_SAVE || cc == TPM2_CC_FLUSH_CONTEXT) { 971 chip->cc_attrs_tbl[i] &= 972 ~(GENMASK(2, 0) << TPM2_CC_ATTR_CHANDLES); 973 chip->cc_attrs_tbl[i] |= 1 << TPM2_CC_ATTR_CHANDLES; 974 } 975 } 976 977 tpm_buf_destroy(&buf); 978 979 out: 980 if (rc > 0) 981 rc = -ENODEV; 982 return rc; 983 } 984 985 /** 986 * tpm2_auto_startup - Perform the standard automatic TPM initialization 987 * sequence 988 * @chip: TPM chip to use 989 * 990 * Returns 0 on success, < 0 in case of fatal error. 991 */ 992 int tpm2_auto_startup(struct tpm_chip *chip) 993 { 994 int rc; 995 996 rc = tpm_get_timeouts(chip); 997 if (rc) 998 goto out; 999 1000 rc = tpm2_do_selftest(chip); 1001 if (rc && rc != TPM2_RC_INITIALIZE) 1002 goto out; 1003 1004 if (rc == TPM2_RC_INITIALIZE) { 1005 rc = tpm_startup(chip); 1006 if (rc) 1007 goto out; 1008 1009 rc = tpm2_do_selftest(chip); 1010 if (rc) 1011 goto out; 1012 } 1013 1014 rc = tpm2_get_pcr_allocation(chip); 1015 if (rc) 1016 goto out; 1017 1018 rc = tpm2_get_cc_attrs_tbl(chip); 1019 1020 out: 1021 if (rc > 0) 1022 rc = -ENODEV; 1023 return rc; 1024 } 1025 1026 int tpm2_find_cc(struct tpm_chip *chip, u32 cc) 1027 { 1028 int i; 1029 1030 for (i = 0; i < chip->nr_commands; i++) 1031 if (cc == (chip->cc_attrs_tbl[i] & GENMASK(15, 0))) 1032 return i; 1033 1034 return -1; 1035 } 1036