1 /* 2 * Copyright (C) 2014, 2015 Intel Corporation 3 * 4 * Authors: 5 * Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> 6 * 7 * Maintained by: <tpmdd-devel@lists.sourceforge.net> 8 * 9 * This file contains TPM2 protocol implementations of the commands 10 * used by the kernel internally. 11 * 12 * This program is free software; you can redistribute it and/or 13 * modify it under the terms of the GNU General Public License 14 * as published by the Free Software Foundation; version 2 15 * of the License. 16 */ 17 18 #include "tpm.h" 19 #include <crypto/hash_info.h> 20 #include <keys/trusted-type.h> 21 22 enum tpm2_object_attributes { 23 TPM2_OA_USER_WITH_AUTH = BIT(6), 24 }; 25 26 enum tpm2_session_attributes { 27 TPM2_SA_CONTINUE_SESSION = BIT(0), 28 }; 29 30 struct tpm2_startup_in { 31 __be16 startup_type; 32 } __packed; 33 34 struct tpm2_get_tpm_pt_in { 35 __be32 cap_id; 36 __be32 property_id; 37 __be32 property_cnt; 38 } __packed; 39 40 struct tpm2_get_tpm_pt_out { 41 u8 more_data; 42 __be32 subcap_id; 43 __be32 property_cnt; 44 __be32 property_id; 45 __be32 value; 46 } __packed; 47 48 struct tpm2_get_random_in { 49 __be16 size; 50 } __packed; 51 52 struct tpm2_get_random_out { 53 __be16 size; 54 u8 buffer[TPM_MAX_RNG_DATA]; 55 } __packed; 56 57 union tpm2_cmd_params { 58 struct tpm2_startup_in startup_in; 59 struct tpm2_get_tpm_pt_in get_tpm_pt_in; 60 struct tpm2_get_tpm_pt_out get_tpm_pt_out; 61 struct tpm2_get_random_in getrandom_in; 62 struct tpm2_get_random_out getrandom_out; 63 }; 64 65 struct tpm2_cmd { 66 tpm_cmd_header header; 67 union tpm2_cmd_params params; 68 } __packed; 69 70 struct tpm2_hash { 71 unsigned int crypto_id; 72 unsigned int tpm_id; 73 }; 74 75 static struct tpm2_hash tpm2_hash_map[] = { 76 {HASH_ALGO_SHA1, TPM2_ALG_SHA1}, 77 {HASH_ALGO_SHA256, TPM2_ALG_SHA256}, 78 {HASH_ALGO_SHA384, TPM2_ALG_SHA384}, 79 {HASH_ALGO_SHA512, TPM2_ALG_SHA512}, 80 {HASH_ALGO_SM3_256, TPM2_ALG_SM3_256}, 81 }; 82 83 /* 84 * Array with one entry per ordinal defining the maximum amount 85 * of time the chip could take to return the result. The values 86 * of the SHORT, MEDIUM, and LONG durations are taken from the 87 * PC Client Profile (PTP) specification. 88 * LONG_LONG is for commands that generates keys which empirically 89 * takes longer time on some systems. 90 */ 91 static const u8 tpm2_ordinal_duration[TPM2_CC_LAST - TPM2_CC_FIRST + 1] = { 92 TPM_UNDEFINED, /* 11F */ 93 TPM_UNDEFINED, /* 120 */ 94 TPM_LONG, /* 121 */ 95 TPM_UNDEFINED, /* 122 */ 96 TPM_UNDEFINED, /* 123 */ 97 TPM_UNDEFINED, /* 124 */ 98 TPM_UNDEFINED, /* 125 */ 99 TPM_UNDEFINED, /* 126 */ 100 TPM_UNDEFINED, /* 127 */ 101 TPM_UNDEFINED, /* 128 */ 102 TPM_LONG, /* 129 */ 103 TPM_UNDEFINED, /* 12a */ 104 TPM_UNDEFINED, /* 12b */ 105 TPM_UNDEFINED, /* 12c */ 106 TPM_UNDEFINED, /* 12d */ 107 TPM_UNDEFINED, /* 12e */ 108 TPM_UNDEFINED, /* 12f */ 109 TPM_UNDEFINED, /* 130 */ 110 TPM_LONG_LONG, /* 131 */ 111 TPM_UNDEFINED, /* 132 */ 112 TPM_UNDEFINED, /* 133 */ 113 TPM_UNDEFINED, /* 134 */ 114 TPM_UNDEFINED, /* 135 */ 115 TPM_UNDEFINED, /* 136 */ 116 TPM_UNDEFINED, /* 137 */ 117 TPM_UNDEFINED, /* 138 */ 118 TPM_UNDEFINED, /* 139 */ 119 TPM_UNDEFINED, /* 13a */ 120 TPM_UNDEFINED, /* 13b */ 121 TPM_UNDEFINED, /* 13c */ 122 TPM_UNDEFINED, /* 13d */ 123 TPM_MEDIUM, /* 13e */ 124 TPM_UNDEFINED, /* 13f */ 125 TPM_UNDEFINED, /* 140 */ 126 TPM_UNDEFINED, /* 141 */ 127 TPM_UNDEFINED, /* 142 */ 128 TPM_LONG, /* 143 */ 129 TPM_MEDIUM, /* 144 */ 130 TPM_UNDEFINED, /* 145 */ 131 TPM_UNDEFINED, /* 146 */ 132 TPM_UNDEFINED, /* 147 */ 133 TPM_UNDEFINED, /* 148 */ 134 TPM_UNDEFINED, /* 149 */ 135 TPM_UNDEFINED, /* 14a */ 136 TPM_UNDEFINED, /* 14b */ 137 TPM_UNDEFINED, /* 14c */ 138 TPM_UNDEFINED, /* 14d */ 139 TPM_LONG, /* 14e */ 140 TPM_UNDEFINED, /* 14f */ 141 TPM_UNDEFINED, /* 150 */ 142 TPM_UNDEFINED, /* 151 */ 143 TPM_UNDEFINED, /* 152 */ 144 TPM_LONG_LONG, /* 153 */ 145 TPM_UNDEFINED, /* 154 */ 146 TPM_UNDEFINED, /* 155 */ 147 TPM_UNDEFINED, /* 156 */ 148 TPM_UNDEFINED, /* 157 */ 149 TPM_UNDEFINED, /* 158 */ 150 TPM_UNDEFINED, /* 159 */ 151 TPM_UNDEFINED, /* 15a */ 152 TPM_UNDEFINED, /* 15b */ 153 TPM_MEDIUM, /* 15c */ 154 TPM_UNDEFINED, /* 15d */ 155 TPM_UNDEFINED, /* 15e */ 156 TPM_UNDEFINED, /* 15f */ 157 TPM_UNDEFINED, /* 160 */ 158 TPM_UNDEFINED, /* 161 */ 159 TPM_UNDEFINED, /* 162 */ 160 TPM_UNDEFINED, /* 163 */ 161 TPM_UNDEFINED, /* 164 */ 162 TPM_UNDEFINED, /* 165 */ 163 TPM_UNDEFINED, /* 166 */ 164 TPM_UNDEFINED, /* 167 */ 165 TPM_UNDEFINED, /* 168 */ 166 TPM_UNDEFINED, /* 169 */ 167 TPM_UNDEFINED, /* 16a */ 168 TPM_UNDEFINED, /* 16b */ 169 TPM_UNDEFINED, /* 16c */ 170 TPM_UNDEFINED, /* 16d */ 171 TPM_UNDEFINED, /* 16e */ 172 TPM_UNDEFINED, /* 16f */ 173 TPM_UNDEFINED, /* 170 */ 174 TPM_UNDEFINED, /* 171 */ 175 TPM_UNDEFINED, /* 172 */ 176 TPM_UNDEFINED, /* 173 */ 177 TPM_UNDEFINED, /* 174 */ 178 TPM_UNDEFINED, /* 175 */ 179 TPM_UNDEFINED, /* 176 */ 180 TPM_LONG, /* 177 */ 181 TPM_UNDEFINED, /* 178 */ 182 TPM_UNDEFINED, /* 179 */ 183 TPM_MEDIUM, /* 17a */ 184 TPM_LONG, /* 17b */ 185 TPM_UNDEFINED, /* 17c */ 186 TPM_UNDEFINED, /* 17d */ 187 TPM_UNDEFINED, /* 17e */ 188 TPM_UNDEFINED, /* 17f */ 189 TPM_UNDEFINED, /* 180 */ 190 TPM_UNDEFINED, /* 181 */ 191 TPM_MEDIUM, /* 182 */ 192 TPM_UNDEFINED, /* 183 */ 193 TPM_UNDEFINED, /* 184 */ 194 TPM_MEDIUM, /* 185 */ 195 TPM_MEDIUM, /* 186 */ 196 TPM_UNDEFINED, /* 187 */ 197 TPM_UNDEFINED, /* 188 */ 198 TPM_UNDEFINED, /* 189 */ 199 TPM_UNDEFINED, /* 18a */ 200 TPM_UNDEFINED, /* 18b */ 201 TPM_UNDEFINED, /* 18c */ 202 TPM_UNDEFINED, /* 18d */ 203 TPM_UNDEFINED, /* 18e */ 204 TPM_UNDEFINED /* 18f */ 205 }; 206 207 struct tpm2_pcr_read_out { 208 __be32 update_cnt; 209 __be32 pcr_selects_cnt; 210 __be16 hash_alg; 211 u8 pcr_select_size; 212 u8 pcr_select[TPM2_PCR_SELECT_MIN]; 213 __be32 digests_cnt; 214 __be16 digest_size; 215 u8 digest[]; 216 } __packed; 217 218 /** 219 * tpm2_pcr_read() - read a PCR value 220 * @chip: TPM chip to use. 221 * @pcr_idx: index of the PCR to read. 222 * @res_buf: buffer to store the resulting hash. 223 * 224 * Return: Same as with tpm_transmit_cmd. 225 */ 226 int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) 227 { 228 int rc; 229 struct tpm_buf buf; 230 struct tpm2_pcr_read_out *out; 231 u8 pcr_select[TPM2_PCR_SELECT_MIN] = {0}; 232 233 if (pcr_idx >= TPM2_PLATFORM_PCR) 234 return -EINVAL; 235 236 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_PCR_READ); 237 if (rc) 238 return rc; 239 240 pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7); 241 242 tpm_buf_append_u32(&buf, 1); 243 tpm_buf_append_u16(&buf, TPM2_ALG_SHA1); 244 tpm_buf_append_u8(&buf, TPM2_PCR_SELECT_MIN); 245 tpm_buf_append(&buf, (const unsigned char *)pcr_select, 246 sizeof(pcr_select)); 247 248 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0, 249 res_buf ? "attempting to read a pcr value" : NULL); 250 if (rc == 0 && res_buf) { 251 out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE]; 252 memcpy(res_buf, out->digest, SHA1_DIGEST_SIZE); 253 } 254 255 tpm_buf_destroy(&buf); 256 return rc; 257 } 258 259 struct tpm2_null_auth_area { 260 __be32 handle; 261 __be16 nonce_size; 262 u8 attributes; 263 __be16 auth_size; 264 } __packed; 265 266 /** 267 * tpm2_pcr_extend() - extend a PCR value 268 * 269 * @chip: TPM chip to use. 270 * @pcr_idx: index of the PCR. 271 * @count: number of digests passed. 272 * @digests: list of pcr banks and corresponding digest values to extend. 273 * 274 * Return: Same as with tpm_transmit_cmd. 275 */ 276 int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count, 277 struct tpm2_digest *digests) 278 { 279 struct tpm_buf buf; 280 struct tpm2_null_auth_area auth_area; 281 int rc; 282 int i; 283 int j; 284 285 if (count > ARRAY_SIZE(chip->active_banks)) 286 return -EINVAL; 287 288 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND); 289 if (rc) 290 return rc; 291 292 tpm_buf_append_u32(&buf, pcr_idx); 293 294 auth_area.handle = cpu_to_be32(TPM2_RS_PW); 295 auth_area.nonce_size = 0; 296 auth_area.attributes = 0; 297 auth_area.auth_size = 0; 298 299 tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area)); 300 tpm_buf_append(&buf, (const unsigned char *)&auth_area, 301 sizeof(auth_area)); 302 tpm_buf_append_u32(&buf, count); 303 304 for (i = 0; i < count; i++) { 305 for (j = 0; j < ARRAY_SIZE(tpm2_hash_map); j++) { 306 if (digests[i].alg_id != tpm2_hash_map[j].tpm_id) 307 continue; 308 tpm_buf_append_u16(&buf, digests[i].alg_id); 309 tpm_buf_append(&buf, (const unsigned char 310 *)&digests[i].digest, 311 hash_digest_size[tpm2_hash_map[j].crypto_id]); 312 } 313 } 314 315 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0, 316 "attempting extend a PCR value"); 317 318 tpm_buf_destroy(&buf); 319 320 return rc; 321 } 322 323 324 #define TPM2_GETRANDOM_IN_SIZE \ 325 (sizeof(struct tpm_input_header) + \ 326 sizeof(struct tpm2_get_random_in)) 327 328 static const struct tpm_input_header tpm2_getrandom_header = { 329 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 330 .length = cpu_to_be32(TPM2_GETRANDOM_IN_SIZE), 331 .ordinal = cpu_to_be32(TPM2_CC_GET_RANDOM) 332 }; 333 334 /** 335 * tpm2_get_random() - get random bytes from the TPM RNG 336 * 337 * @chip: TPM chip to use 338 * @out: destination buffer for the random bytes 339 * @max: the max number of bytes to write to @out 340 * 341 * Return: 342 * Size of the output buffer, or -EIO on error. 343 */ 344 int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max) 345 { 346 struct tpm2_cmd cmd; 347 u32 recd, rlength; 348 u32 num_bytes; 349 int err; 350 int total = 0; 351 int retries = 5; 352 u8 *dest = out; 353 354 num_bytes = min_t(u32, max, sizeof(cmd.params.getrandom_out.buffer)); 355 356 if (!out || !num_bytes || 357 max > sizeof(cmd.params.getrandom_out.buffer)) 358 return -EINVAL; 359 360 do { 361 cmd.header.in = tpm2_getrandom_header; 362 cmd.params.getrandom_in.size = cpu_to_be16(num_bytes); 363 364 err = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd), 365 offsetof(struct tpm2_get_random_out, 366 buffer), 367 0, "attempting get random"); 368 if (err) 369 break; 370 371 recd = min_t(u32, be16_to_cpu(cmd.params.getrandom_out.size), 372 num_bytes); 373 rlength = be32_to_cpu(cmd.header.out.length); 374 if (rlength < offsetof(struct tpm2_get_random_out, buffer) + 375 recd) 376 return -EFAULT; 377 memcpy(dest, cmd.params.getrandom_out.buffer, recd); 378 379 dest += recd; 380 total += recd; 381 num_bytes -= recd; 382 } while (retries-- && total < max); 383 384 return total ? total : -EIO; 385 } 386 387 #define TPM2_GET_TPM_PT_IN_SIZE \ 388 (sizeof(struct tpm_input_header) + \ 389 sizeof(struct tpm2_get_tpm_pt_in)) 390 391 #define TPM2_GET_TPM_PT_OUT_BODY_SIZE \ 392 sizeof(struct tpm2_get_tpm_pt_out) 393 394 static const struct tpm_input_header tpm2_get_tpm_pt_header = { 395 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 396 .length = cpu_to_be32(TPM2_GET_TPM_PT_IN_SIZE), 397 .ordinal = cpu_to_be32(TPM2_CC_GET_CAPABILITY) 398 }; 399 400 /** 401 * tpm2_flush_context_cmd() - execute a TPM2_FlushContext command 402 * @chip: TPM chip to use 403 * @payload: the key data in clear and encrypted form 404 * @options: authentication values and other options 405 * 406 * Return: same as with tpm_transmit_cmd 407 */ 408 void tpm2_flush_context_cmd(struct tpm_chip *chip, u32 handle, 409 unsigned int flags) 410 { 411 struct tpm_buf buf; 412 int rc; 413 414 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_FLUSH_CONTEXT); 415 if (rc) { 416 dev_warn(&chip->dev, "0x%08x was not flushed, out of memory\n", 417 handle); 418 return; 419 } 420 421 tpm_buf_append_u32(&buf, handle); 422 423 (void) tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, flags, 424 "flushing context"); 425 426 tpm_buf_destroy(&buf); 427 } 428 429 /** 430 * tpm_buf_append_auth() - append TPMS_AUTH_COMMAND to the buffer. 431 * 432 * @buf: an allocated tpm_buf instance 433 * @session_handle: session handle 434 * @nonce: the session nonce, may be NULL if not used 435 * @nonce_len: the session nonce length, may be 0 if not used 436 * @attributes: the session attributes 437 * @hmac: the session HMAC or password, may be NULL if not used 438 * @hmac_len: the session HMAC or password length, maybe 0 if not used 439 */ 440 static void tpm2_buf_append_auth(struct tpm_buf *buf, u32 session_handle, 441 const u8 *nonce, u16 nonce_len, 442 u8 attributes, 443 const u8 *hmac, u16 hmac_len) 444 { 445 tpm_buf_append_u32(buf, 9 + nonce_len + hmac_len); 446 tpm_buf_append_u32(buf, session_handle); 447 tpm_buf_append_u16(buf, nonce_len); 448 449 if (nonce && nonce_len) 450 tpm_buf_append(buf, nonce, nonce_len); 451 452 tpm_buf_append_u8(buf, attributes); 453 tpm_buf_append_u16(buf, hmac_len); 454 455 if (hmac && hmac_len) 456 tpm_buf_append(buf, hmac, hmac_len); 457 } 458 459 /** 460 * tpm2_seal_trusted() - seal the payload of a trusted key 461 * 462 * @chip: TPM chip to use 463 * @payload: the key data in clear and encrypted form 464 * @options: authentication values and other options 465 * 466 * Return: < 0 on error and 0 on success. 467 */ 468 int tpm2_seal_trusted(struct tpm_chip *chip, 469 struct trusted_key_payload *payload, 470 struct trusted_key_options *options) 471 { 472 unsigned int blob_len; 473 struct tpm_buf buf; 474 u32 hash, rlength; 475 int i; 476 int rc; 477 478 for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) { 479 if (options->hash == tpm2_hash_map[i].crypto_id) { 480 hash = tpm2_hash_map[i].tpm_id; 481 break; 482 } 483 } 484 485 if (i == ARRAY_SIZE(tpm2_hash_map)) 486 return -EINVAL; 487 488 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CREATE); 489 if (rc) 490 return rc; 491 492 tpm_buf_append_u32(&buf, options->keyhandle); 493 tpm2_buf_append_auth(&buf, TPM2_RS_PW, 494 NULL /* nonce */, 0, 495 0 /* session_attributes */, 496 options->keyauth /* hmac */, 497 TPM_DIGEST_SIZE); 498 499 /* sensitive */ 500 tpm_buf_append_u16(&buf, 4 + TPM_DIGEST_SIZE + payload->key_len + 1); 501 502 tpm_buf_append_u16(&buf, TPM_DIGEST_SIZE); 503 tpm_buf_append(&buf, options->blobauth, TPM_DIGEST_SIZE); 504 tpm_buf_append_u16(&buf, payload->key_len + 1); 505 tpm_buf_append(&buf, payload->key, payload->key_len); 506 tpm_buf_append_u8(&buf, payload->migratable); 507 508 /* public */ 509 tpm_buf_append_u16(&buf, 14 + options->policydigest_len); 510 tpm_buf_append_u16(&buf, TPM2_ALG_KEYEDHASH); 511 tpm_buf_append_u16(&buf, hash); 512 513 /* policy */ 514 if (options->policydigest_len) { 515 tpm_buf_append_u32(&buf, 0); 516 tpm_buf_append_u16(&buf, options->policydigest_len); 517 tpm_buf_append(&buf, options->policydigest, 518 options->policydigest_len); 519 } else { 520 tpm_buf_append_u32(&buf, TPM2_OA_USER_WITH_AUTH); 521 tpm_buf_append_u16(&buf, 0); 522 } 523 524 /* public parameters */ 525 tpm_buf_append_u16(&buf, TPM2_ALG_NULL); 526 tpm_buf_append_u16(&buf, 0); 527 528 /* outside info */ 529 tpm_buf_append_u16(&buf, 0); 530 531 /* creation PCR */ 532 tpm_buf_append_u32(&buf, 0); 533 534 if (buf.flags & TPM_BUF_OVERFLOW) { 535 rc = -E2BIG; 536 goto out; 537 } 538 539 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 4, 0, 540 "sealing data"); 541 if (rc) 542 goto out; 543 544 blob_len = be32_to_cpup((__be32 *) &buf.data[TPM_HEADER_SIZE]); 545 if (blob_len > MAX_BLOB_SIZE) { 546 rc = -E2BIG; 547 goto out; 548 } 549 rlength = be32_to_cpu(((struct tpm2_cmd *)&buf)->header.out.length); 550 if (rlength < TPM_HEADER_SIZE + 4 + blob_len) { 551 rc = -EFAULT; 552 goto out; 553 } 554 555 memcpy(payload->blob, &buf.data[TPM_HEADER_SIZE + 4], blob_len); 556 payload->blob_len = blob_len; 557 558 out: 559 tpm_buf_destroy(&buf); 560 561 if (rc > 0) { 562 if (tpm2_rc_value(rc) == TPM2_RC_HASH) 563 rc = -EINVAL; 564 else 565 rc = -EPERM; 566 } 567 568 return rc; 569 } 570 571 /** 572 * tpm2_load_cmd() - execute a TPM2_Load command 573 * 574 * @chip: TPM chip to use 575 * @payload: the key data in clear and encrypted form 576 * @options: authentication values and other options 577 * @blob_handle: returned blob handle 578 * @flags: tpm transmit flags 579 * 580 * Return: 0 on success. 581 * -E2BIG on wrong payload size. 582 * -EPERM on tpm error status. 583 * < 0 error from tpm_transmit_cmd. 584 */ 585 static int tpm2_load_cmd(struct tpm_chip *chip, 586 struct trusted_key_payload *payload, 587 struct trusted_key_options *options, 588 u32 *blob_handle, unsigned int flags) 589 { 590 struct tpm_buf buf; 591 unsigned int private_len; 592 unsigned int public_len; 593 unsigned int blob_len; 594 int rc; 595 596 private_len = be16_to_cpup((__be16 *) &payload->blob[0]); 597 if (private_len > (payload->blob_len - 2)) 598 return -E2BIG; 599 600 public_len = be16_to_cpup((__be16 *) &payload->blob[2 + private_len]); 601 blob_len = private_len + public_len + 4; 602 if (blob_len > payload->blob_len) 603 return -E2BIG; 604 605 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_LOAD); 606 if (rc) 607 return rc; 608 609 tpm_buf_append_u32(&buf, options->keyhandle); 610 tpm2_buf_append_auth(&buf, TPM2_RS_PW, 611 NULL /* nonce */, 0, 612 0 /* session_attributes */, 613 options->keyauth /* hmac */, 614 TPM_DIGEST_SIZE); 615 616 tpm_buf_append(&buf, payload->blob, blob_len); 617 618 if (buf.flags & TPM_BUF_OVERFLOW) { 619 rc = -E2BIG; 620 goto out; 621 } 622 623 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 4, flags, 624 "loading blob"); 625 if (!rc) 626 *blob_handle = be32_to_cpup( 627 (__be32 *) &buf.data[TPM_HEADER_SIZE]); 628 629 out: 630 tpm_buf_destroy(&buf); 631 632 if (rc > 0) 633 rc = -EPERM; 634 635 return rc; 636 } 637 638 /** 639 * tpm2_unseal_cmd() - execute a TPM2_Unload command 640 * 641 * @chip: TPM chip to use 642 * @payload: the key data in clear and encrypted form 643 * @options: authentication values and other options 644 * @blob_handle: blob handle 645 * @flags: tpm_transmit_cmd flags 646 * 647 * Return: 0 on success 648 * -EPERM on tpm error status 649 * < 0 error from tpm_transmit_cmd 650 */ 651 static int tpm2_unseal_cmd(struct tpm_chip *chip, 652 struct trusted_key_payload *payload, 653 struct trusted_key_options *options, 654 u32 blob_handle, unsigned int flags) 655 { 656 struct tpm_buf buf; 657 u16 data_len; 658 u8 *data; 659 int rc; 660 u32 rlength; 661 662 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_UNSEAL); 663 if (rc) 664 return rc; 665 666 tpm_buf_append_u32(&buf, blob_handle); 667 tpm2_buf_append_auth(&buf, 668 options->policyhandle ? 669 options->policyhandle : TPM2_RS_PW, 670 NULL /* nonce */, 0, 671 TPM2_SA_CONTINUE_SESSION, 672 options->blobauth /* hmac */, 673 TPM_DIGEST_SIZE); 674 675 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 6, flags, 676 "unsealing"); 677 if (rc > 0) 678 rc = -EPERM; 679 680 if (!rc) { 681 data_len = be16_to_cpup( 682 (__be16 *) &buf.data[TPM_HEADER_SIZE + 4]); 683 if (data_len < MIN_KEY_SIZE || data_len > MAX_KEY_SIZE + 1) { 684 rc = -EFAULT; 685 goto out; 686 } 687 688 rlength = be32_to_cpu(((struct tpm2_cmd *)&buf) 689 ->header.out.length); 690 if (rlength < TPM_HEADER_SIZE + 6 + data_len) { 691 rc = -EFAULT; 692 goto out; 693 } 694 data = &buf.data[TPM_HEADER_SIZE + 6]; 695 696 memcpy(payload->key, data, data_len - 1); 697 payload->key_len = data_len - 1; 698 payload->migratable = data[data_len - 1]; 699 } 700 701 out: 702 tpm_buf_destroy(&buf); 703 return rc; 704 } 705 706 /** 707 * tpm2_unseal_trusted() - unseal the payload of a trusted key 708 * 709 * @chip: TPM chip to use 710 * @payload: the key data in clear and encrypted form 711 * @options: authentication values and other options 712 * 713 * Return: Same as with tpm_transmit_cmd. 714 */ 715 int tpm2_unseal_trusted(struct tpm_chip *chip, 716 struct trusted_key_payload *payload, 717 struct trusted_key_options *options) 718 { 719 u32 blob_handle; 720 int rc; 721 722 mutex_lock(&chip->tpm_mutex); 723 rc = tpm2_load_cmd(chip, payload, options, &blob_handle, 724 TPM_TRANSMIT_UNLOCKED); 725 if (rc) 726 goto out; 727 728 rc = tpm2_unseal_cmd(chip, payload, options, blob_handle, 729 TPM_TRANSMIT_UNLOCKED); 730 tpm2_flush_context_cmd(chip, blob_handle, TPM_TRANSMIT_UNLOCKED); 731 out: 732 mutex_unlock(&chip->tpm_mutex); 733 return rc; 734 } 735 736 /** 737 * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property 738 * @chip: TPM chip to use. 739 * @property_id: property ID. 740 * @value: output variable. 741 * @desc: passed to tpm_transmit_cmd() 742 * 743 * Return: Same as with tpm_transmit_cmd. 744 */ 745 ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, u32 *value, 746 const char *desc) 747 { 748 struct tpm2_cmd cmd; 749 int rc; 750 751 cmd.header.in = tpm2_get_tpm_pt_header; 752 cmd.params.get_tpm_pt_in.cap_id = cpu_to_be32(TPM2_CAP_TPM_PROPERTIES); 753 cmd.params.get_tpm_pt_in.property_id = cpu_to_be32(property_id); 754 cmd.params.get_tpm_pt_in.property_cnt = cpu_to_be32(1); 755 756 rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd), 757 TPM2_GET_TPM_PT_OUT_BODY_SIZE, 0, desc); 758 if (!rc) 759 *value = be32_to_cpu(cmd.params.get_tpm_pt_out.value); 760 761 return rc; 762 } 763 EXPORT_SYMBOL_GPL(tpm2_get_tpm_pt); 764 765 #define TPM2_SHUTDOWN_IN_SIZE \ 766 (sizeof(struct tpm_input_header) + \ 767 sizeof(struct tpm2_startup_in)) 768 769 static const struct tpm_input_header tpm2_shutdown_header = { 770 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 771 .length = cpu_to_be32(TPM2_SHUTDOWN_IN_SIZE), 772 .ordinal = cpu_to_be32(TPM2_CC_SHUTDOWN) 773 }; 774 775 /** 776 * tpm2_shutdown() - send shutdown command to the TPM chip 777 * 778 * @chip: TPM chip to use. 779 * @shutdown_type: shutdown type. The value is either 780 * TPM_SU_CLEAR or TPM_SU_STATE. 781 */ 782 void tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type) 783 { 784 struct tpm2_cmd cmd; 785 int rc; 786 787 cmd.header.in = tpm2_shutdown_header; 788 cmd.params.startup_in.startup_type = cpu_to_be16(shutdown_type); 789 790 rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd), 0, 0, 791 "stopping the TPM"); 792 793 /* In places where shutdown command is sent there's no much we can do 794 * except print the error code on a system failure. 795 */ 796 if (rc < 0 && rc != -EPIPE) 797 dev_warn(&chip->dev, "transmit returned %d while stopping the TPM", 798 rc); 799 } 800 801 /* 802 * tpm2_calc_ordinal_duration() - maximum duration for a command 803 * 804 * @chip: TPM chip to use. 805 * @ordinal: command code number. 806 * 807 * Return: maximum duration for a command 808 */ 809 unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal) 810 { 811 int index = TPM_UNDEFINED; 812 int duration = 0; 813 814 if (ordinal >= TPM2_CC_FIRST && ordinal <= TPM2_CC_LAST) 815 index = tpm2_ordinal_duration[ordinal - TPM2_CC_FIRST]; 816 817 if (index != TPM_UNDEFINED) 818 duration = chip->duration[index]; 819 820 if (duration <= 0) 821 duration = msecs_to_jiffies(TPM2_DURATION_DEFAULT); 822 823 return duration; 824 } 825 EXPORT_SYMBOL_GPL(tpm2_calc_ordinal_duration); 826 827 /** 828 * tpm2_do_selftest() - ensure that all self tests have passed 829 * 830 * @chip: TPM chip to use 831 * 832 * Return: Same as with tpm_transmit_cmd. 833 * 834 * The TPM can either run all self tests synchronously and then return 835 * RC_SUCCESS once all tests were successful. Or it can choose to run the tests 836 * asynchronously and return RC_TESTING immediately while the self tests still 837 * execute in the background. This function handles both cases and waits until 838 * all tests have completed. 839 */ 840 static int tpm2_do_selftest(struct tpm_chip *chip) 841 { 842 struct tpm_buf buf; 843 int full; 844 int rc; 845 846 for (full = 0; full < 2; full++) { 847 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_SELF_TEST); 848 if (rc) 849 return rc; 850 851 tpm_buf_append_u8(&buf, full); 852 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0, 853 "attempting the self test"); 854 tpm_buf_destroy(&buf); 855 856 if (rc == TPM2_RC_TESTING) 857 rc = TPM2_RC_SUCCESS; 858 if (rc == TPM2_RC_INITIALIZE || rc == TPM2_RC_SUCCESS) 859 return rc; 860 } 861 862 return rc; 863 } 864 865 /** 866 * tpm2_probe() - probe TPM 2.0 867 * @chip: TPM chip to use 868 * 869 * Return: < 0 error and 0 on success. 870 * 871 * Send idempotent TPM 2.0 command and see whether TPM 2.0 chip replied based on 872 * the reply tag. 873 */ 874 int tpm2_probe(struct tpm_chip *chip) 875 { 876 struct tpm2_cmd cmd; 877 int rc; 878 879 cmd.header.in = tpm2_get_tpm_pt_header; 880 cmd.params.get_tpm_pt_in.cap_id = cpu_to_be32(TPM2_CAP_TPM_PROPERTIES); 881 cmd.params.get_tpm_pt_in.property_id = cpu_to_be32(0x100); 882 cmd.params.get_tpm_pt_in.property_cnt = cpu_to_be32(1); 883 884 rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd), 0, 0, NULL); 885 if (rc < 0) 886 return rc; 887 888 if (be16_to_cpu(cmd.header.out.tag) == TPM2_ST_NO_SESSIONS) 889 chip->flags |= TPM_CHIP_FLAG_TPM2; 890 891 return 0; 892 } 893 EXPORT_SYMBOL_GPL(tpm2_probe); 894 895 struct tpm2_pcr_selection { 896 __be16 hash_alg; 897 u8 size_of_select; 898 u8 pcr_select[3]; 899 } __packed; 900 901 static ssize_t tpm2_get_pcr_allocation(struct tpm_chip *chip) 902 { 903 struct tpm2_pcr_selection pcr_selection; 904 struct tpm_buf buf; 905 void *marker; 906 void *end; 907 void *pcr_select_offset; 908 unsigned int count; 909 u32 sizeof_pcr_selection; 910 u32 rsp_len; 911 int rc; 912 int i = 0; 913 914 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 915 if (rc) 916 return rc; 917 918 tpm_buf_append_u32(&buf, TPM2_CAP_PCRS); 919 tpm_buf_append_u32(&buf, 0); 920 tpm_buf_append_u32(&buf, 1); 921 922 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 9, 0, 923 "get tpm pcr allocation"); 924 if (rc) 925 goto out; 926 927 count = be32_to_cpup( 928 (__be32 *)&buf.data[TPM_HEADER_SIZE + 5]); 929 930 if (count > ARRAY_SIZE(chip->active_banks)) { 931 rc = -ENODEV; 932 goto out; 933 } 934 935 marker = &buf.data[TPM_HEADER_SIZE + 9]; 936 937 rsp_len = be32_to_cpup((__be32 *)&buf.data[2]); 938 end = &buf.data[rsp_len]; 939 940 for (i = 0; i < count; i++) { 941 pcr_select_offset = marker + 942 offsetof(struct tpm2_pcr_selection, size_of_select); 943 if (pcr_select_offset >= end) { 944 rc = -EFAULT; 945 break; 946 } 947 948 memcpy(&pcr_selection, marker, sizeof(pcr_selection)); 949 chip->active_banks[i] = be16_to_cpu(pcr_selection.hash_alg); 950 sizeof_pcr_selection = sizeof(pcr_selection.hash_alg) + 951 sizeof(pcr_selection.size_of_select) + 952 pcr_selection.size_of_select; 953 marker = marker + sizeof_pcr_selection; 954 } 955 956 out: 957 if (i < ARRAY_SIZE(chip->active_banks)) 958 chip->active_banks[i] = TPM2_ALG_ERROR; 959 960 tpm_buf_destroy(&buf); 961 962 return rc; 963 } 964 965 static int tpm2_get_cc_attrs_tbl(struct tpm_chip *chip) 966 { 967 struct tpm_buf buf; 968 u32 nr_commands; 969 __be32 *attrs; 970 u32 cc; 971 int i; 972 int rc; 973 974 rc = tpm2_get_tpm_pt(chip, TPM_PT_TOTAL_COMMANDS, &nr_commands, NULL); 975 if (rc) 976 goto out; 977 978 if (nr_commands > 0xFFFFF) { 979 rc = -EFAULT; 980 goto out; 981 } 982 983 chip->cc_attrs_tbl = devm_kzalloc(&chip->dev, 4 * nr_commands, 984 GFP_KERNEL); 985 986 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 987 if (rc) 988 goto out; 989 990 tpm_buf_append_u32(&buf, TPM2_CAP_COMMANDS); 991 tpm_buf_append_u32(&buf, TPM2_CC_FIRST); 992 tpm_buf_append_u32(&buf, nr_commands); 993 994 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 995 9 + 4 * nr_commands, 0, NULL); 996 if (rc) { 997 tpm_buf_destroy(&buf); 998 goto out; 999 } 1000 1001 if (nr_commands != 1002 be32_to_cpup((__be32 *)&buf.data[TPM_HEADER_SIZE + 5])) { 1003 tpm_buf_destroy(&buf); 1004 goto out; 1005 } 1006 1007 chip->nr_commands = nr_commands; 1008 1009 attrs = (__be32 *)&buf.data[TPM_HEADER_SIZE + 9]; 1010 for (i = 0; i < nr_commands; i++, attrs++) { 1011 chip->cc_attrs_tbl[i] = be32_to_cpup(attrs); 1012 cc = chip->cc_attrs_tbl[i] & 0xFFFF; 1013 1014 if (cc == TPM2_CC_CONTEXT_SAVE || cc == TPM2_CC_FLUSH_CONTEXT) { 1015 chip->cc_attrs_tbl[i] &= 1016 ~(GENMASK(2, 0) << TPM2_CC_ATTR_CHANDLES); 1017 chip->cc_attrs_tbl[i] |= 1 << TPM2_CC_ATTR_CHANDLES; 1018 } 1019 } 1020 1021 tpm_buf_destroy(&buf); 1022 1023 out: 1024 if (rc > 0) 1025 rc = -ENODEV; 1026 return rc; 1027 } 1028 1029 /** 1030 * tpm2_auto_startup - Perform the standard automatic TPM initialization 1031 * sequence 1032 * @chip: TPM chip to use 1033 * 1034 * Returns 0 on success, < 0 in case of fatal error. 1035 */ 1036 int tpm2_auto_startup(struct tpm_chip *chip) 1037 { 1038 int rc; 1039 1040 rc = tpm_get_timeouts(chip); 1041 if (rc) 1042 goto out; 1043 1044 rc = tpm2_do_selftest(chip); 1045 if (rc && rc != TPM2_RC_INITIALIZE) 1046 goto out; 1047 1048 if (rc == TPM2_RC_INITIALIZE) { 1049 rc = tpm_startup(chip); 1050 if (rc) 1051 goto out; 1052 1053 rc = tpm2_do_selftest(chip); 1054 if (rc) 1055 goto out; 1056 } 1057 1058 rc = tpm2_get_pcr_allocation(chip); 1059 if (rc) 1060 goto out; 1061 1062 rc = tpm2_get_cc_attrs_tbl(chip); 1063 1064 out: 1065 if (rc > 0) 1066 rc = -ENODEV; 1067 return rc; 1068 } 1069 1070 int tpm2_find_cc(struct tpm_chip *chip, u32 cc) 1071 { 1072 int i; 1073 1074 for (i = 0; i < chip->nr_commands; i++) 1075 if (cc == (chip->cc_attrs_tbl[i] & GENMASK(15, 0))) 1076 return i; 1077 1078 return -1; 1079 } 1080