1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2014, 2015 Intel Corporation 4 * 5 * Authors: 6 * Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> 7 * 8 * Maintained by: <tpmdd-devel@lists.sourceforge.net> 9 * 10 * This file contains TPM2 protocol implementations of the commands 11 * used by the kernel internally. 12 */ 13 14 #include "tpm.h" 15 #include <crypto/hash_info.h> 16 #include <keys/trusted-type.h> 17 18 enum tpm2_object_attributes { 19 TPM2_OA_USER_WITH_AUTH = BIT(6), 20 }; 21 22 enum tpm2_session_attributes { 23 TPM2_SA_CONTINUE_SESSION = BIT(0), 24 }; 25 26 struct tpm2_hash { 27 unsigned int crypto_id; 28 unsigned int tpm_id; 29 }; 30 31 static struct tpm2_hash tpm2_hash_map[] = { 32 {HASH_ALGO_SHA1, TPM_ALG_SHA1}, 33 {HASH_ALGO_SHA256, TPM_ALG_SHA256}, 34 {HASH_ALGO_SHA384, TPM_ALG_SHA384}, 35 {HASH_ALGO_SHA512, TPM_ALG_SHA512}, 36 {HASH_ALGO_SM3_256, TPM_ALG_SM3_256}, 37 }; 38 39 int tpm2_get_timeouts(struct tpm_chip *chip) 40 { 41 /* Fixed timeouts for TPM2 */ 42 chip->timeout_a = msecs_to_jiffies(TPM2_TIMEOUT_A); 43 chip->timeout_b = msecs_to_jiffies(TPM2_TIMEOUT_B); 44 chip->timeout_c = msecs_to_jiffies(TPM2_TIMEOUT_C); 45 chip->timeout_d = msecs_to_jiffies(TPM2_TIMEOUT_D); 46 47 /* PTP spec timeouts */ 48 chip->duration[TPM_SHORT] = msecs_to_jiffies(TPM2_DURATION_SHORT); 49 chip->duration[TPM_MEDIUM] = msecs_to_jiffies(TPM2_DURATION_MEDIUM); 50 chip->duration[TPM_LONG] = msecs_to_jiffies(TPM2_DURATION_LONG); 51 52 /* Key creation commands long timeouts */ 53 chip->duration[TPM_LONG_LONG] = 54 msecs_to_jiffies(TPM2_DURATION_LONG_LONG); 55 56 chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS; 57 58 return 0; 59 } 60 61 /** 62 * tpm2_ordinal_duration_index() - returns an index to the chip duration table 63 * @ordinal: TPM command ordinal. 64 * 65 * The function returns an index to the chip duration table 66 * (enum tpm_duration), that describes the maximum amount of 67 * time the chip could take to return the result for a particular ordinal. 68 * 69 * The values of the MEDIUM, and LONG durations are taken 70 * from the PC Client Profile (PTP) specification (750, 2000 msec) 71 * 72 * LONG_LONG is for commands that generates keys which empirically takes 73 * a longer time on some systems. 74 * 75 * Return: 76 * * TPM_MEDIUM 77 * * TPM_LONG 78 * * TPM_LONG_LONG 79 * * TPM_UNDEFINED 80 */ 81 static u8 tpm2_ordinal_duration_index(u32 ordinal) 82 { 83 switch (ordinal) { 84 /* Startup */ 85 case TPM2_CC_STARTUP: /* 144 */ 86 return TPM_MEDIUM; 87 88 case TPM2_CC_SELF_TEST: /* 143 */ 89 return TPM_LONG; 90 91 case TPM2_CC_GET_RANDOM: /* 17B */ 92 return TPM_LONG; 93 94 case TPM2_CC_SEQUENCE_UPDATE: /* 15C */ 95 return TPM_MEDIUM; 96 case TPM2_CC_SEQUENCE_COMPLETE: /* 13E */ 97 return TPM_MEDIUM; 98 case TPM2_CC_EVENT_SEQUENCE_COMPLETE: /* 185 */ 99 return TPM_MEDIUM; 100 case TPM2_CC_HASH_SEQUENCE_START: /* 186 */ 101 return TPM_MEDIUM; 102 103 case TPM2_CC_VERIFY_SIGNATURE: /* 177 */ 104 return TPM_LONG; 105 106 case TPM2_CC_PCR_EXTEND: /* 182 */ 107 return TPM_MEDIUM; 108 109 case TPM2_CC_HIERARCHY_CONTROL: /* 121 */ 110 return TPM_LONG; 111 case TPM2_CC_HIERARCHY_CHANGE_AUTH: /* 129 */ 112 return TPM_LONG; 113 114 case TPM2_CC_GET_CAPABILITY: /* 17A */ 115 return TPM_MEDIUM; 116 117 case TPM2_CC_NV_READ: /* 14E */ 118 return TPM_LONG; 119 120 case TPM2_CC_CREATE_PRIMARY: /* 131 */ 121 return TPM_LONG_LONG; 122 case TPM2_CC_CREATE: /* 153 */ 123 return TPM_LONG_LONG; 124 case TPM2_CC_CREATE_LOADED: /* 191 */ 125 return TPM_LONG_LONG; 126 127 default: 128 return TPM_UNDEFINED; 129 } 130 } 131 132 /** 133 * tpm2_calc_ordinal_duration() - calculate the maximum command duration 134 * @chip: TPM chip to use. 135 * @ordinal: TPM command ordinal. 136 * 137 * The function returns the maximum amount of time the chip could take 138 * to return the result for a particular ordinal in jiffies. 139 * 140 * Return: A maximal duration time for an ordinal in jiffies. 141 */ 142 unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal) 143 { 144 unsigned int index; 145 146 index = tpm2_ordinal_duration_index(ordinal); 147 148 if (index != TPM_UNDEFINED) 149 return chip->duration[index]; 150 else 151 return msecs_to_jiffies(TPM2_DURATION_DEFAULT); 152 } 153 154 155 struct tpm2_pcr_read_out { 156 __be32 update_cnt; 157 __be32 pcr_selects_cnt; 158 __be16 hash_alg; 159 u8 pcr_select_size; 160 u8 pcr_select[TPM2_PCR_SELECT_MIN]; 161 __be32 digests_cnt; 162 __be16 digest_size; 163 u8 digest[]; 164 } __packed; 165 166 /** 167 * tpm2_pcr_read() - read a PCR value 168 * @chip: TPM chip to use. 169 * @pcr_idx: index of the PCR to read. 170 * @digest: PCR bank and buffer current PCR value is written to. 171 * @digest_size_ptr: pointer to variable that stores the digest size. 172 * 173 * Return: Same as with tpm_transmit_cmd. 174 */ 175 int tpm2_pcr_read(struct tpm_chip *chip, u32 pcr_idx, 176 struct tpm_digest *digest, u16 *digest_size_ptr) 177 { 178 int i; 179 int rc; 180 struct tpm_buf buf; 181 struct tpm2_pcr_read_out *out; 182 u8 pcr_select[TPM2_PCR_SELECT_MIN] = {0}; 183 u16 digest_size; 184 u16 expected_digest_size = 0; 185 186 if (pcr_idx >= TPM2_PLATFORM_PCR) 187 return -EINVAL; 188 189 if (!digest_size_ptr) { 190 for (i = 0; i < chip->nr_allocated_banks && 191 chip->allocated_banks[i].alg_id != digest->alg_id; i++) 192 ; 193 194 if (i == chip->nr_allocated_banks) 195 return -EINVAL; 196 197 expected_digest_size = chip->allocated_banks[i].digest_size; 198 } 199 200 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_PCR_READ); 201 if (rc) 202 return rc; 203 204 pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7); 205 206 tpm_buf_append_u32(&buf, 1); 207 tpm_buf_append_u16(&buf, digest->alg_id); 208 tpm_buf_append_u8(&buf, TPM2_PCR_SELECT_MIN); 209 tpm_buf_append(&buf, (const unsigned char *)pcr_select, 210 sizeof(pcr_select)); 211 212 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to read a pcr value"); 213 if (rc) 214 goto out; 215 216 out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE]; 217 digest_size = be16_to_cpu(out->digest_size); 218 if (digest_size > sizeof(digest->digest) || 219 (!digest_size_ptr && digest_size != expected_digest_size)) { 220 rc = -EINVAL; 221 goto out; 222 } 223 224 if (digest_size_ptr) 225 *digest_size_ptr = digest_size; 226 227 memcpy(digest->digest, out->digest, digest_size); 228 out: 229 tpm_buf_destroy(&buf); 230 return rc; 231 } 232 233 struct tpm2_null_auth_area { 234 __be32 handle; 235 __be16 nonce_size; 236 u8 attributes; 237 __be16 auth_size; 238 } __packed; 239 240 /** 241 * tpm2_pcr_extend() - extend a PCR value 242 * 243 * @chip: TPM chip to use. 244 * @pcr_idx: index of the PCR. 245 * @digests: list of pcr banks and corresponding digest values to extend. 246 * 247 * Return: Same as with tpm_transmit_cmd. 248 */ 249 int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, 250 struct tpm_digest *digests) 251 { 252 struct tpm_buf buf; 253 struct tpm2_null_auth_area auth_area; 254 int rc; 255 int i; 256 257 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND); 258 if (rc) 259 return rc; 260 261 tpm_buf_append_u32(&buf, pcr_idx); 262 263 auth_area.handle = cpu_to_be32(TPM2_RS_PW); 264 auth_area.nonce_size = 0; 265 auth_area.attributes = 0; 266 auth_area.auth_size = 0; 267 268 tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area)); 269 tpm_buf_append(&buf, (const unsigned char *)&auth_area, 270 sizeof(auth_area)); 271 tpm_buf_append_u32(&buf, chip->nr_allocated_banks); 272 273 for (i = 0; i < chip->nr_allocated_banks; i++) { 274 tpm_buf_append_u16(&buf, digests[i].alg_id); 275 tpm_buf_append(&buf, (const unsigned char *)&digests[i].digest, 276 chip->allocated_banks[i].digest_size); 277 } 278 279 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting extend a PCR value"); 280 281 tpm_buf_destroy(&buf); 282 283 return rc; 284 } 285 286 struct tpm2_get_random_out { 287 __be16 size; 288 u8 buffer[TPM_MAX_RNG_DATA]; 289 } __packed; 290 291 /** 292 * tpm2_get_random() - get random bytes from the TPM RNG 293 * 294 * @chip: a &tpm_chip instance 295 * @dest: destination buffer 296 * @max: the max number of random bytes to pull 297 * 298 * Return: 299 * size of the buffer on success, 300 * -errno otherwise (positive TPM return codes are masked to -EIO) 301 */ 302 int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max) 303 { 304 struct tpm2_get_random_out *out; 305 struct tpm_buf buf; 306 u32 recd; 307 u32 num_bytes = max; 308 int err; 309 int total = 0; 310 int retries = 5; 311 u8 *dest_ptr = dest; 312 313 if (!num_bytes || max > TPM_MAX_RNG_DATA) 314 return -EINVAL; 315 316 err = tpm_buf_init(&buf, 0, 0); 317 if (err) 318 return err; 319 320 do { 321 tpm_buf_reset(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_RANDOM); 322 tpm_buf_append_u16(&buf, num_bytes); 323 err = tpm_transmit_cmd(chip, &buf, 324 offsetof(struct tpm2_get_random_out, 325 buffer), 326 "attempting get random"); 327 if (err) { 328 if (err > 0) 329 err = -EIO; 330 goto out; 331 } 332 333 out = (struct tpm2_get_random_out *) 334 &buf.data[TPM_HEADER_SIZE]; 335 recd = min_t(u32, be16_to_cpu(out->size), num_bytes); 336 if (tpm_buf_length(&buf) < 337 TPM_HEADER_SIZE + 338 offsetof(struct tpm2_get_random_out, buffer) + 339 recd) { 340 err = -EFAULT; 341 goto out; 342 } 343 memcpy(dest_ptr, out->buffer, recd); 344 345 dest_ptr += recd; 346 total += recd; 347 num_bytes -= recd; 348 } while (retries-- && total < max); 349 350 tpm_buf_destroy(&buf); 351 return total ? total : -EIO; 352 out: 353 tpm_buf_destroy(&buf); 354 return err; 355 } 356 357 /** 358 * tpm2_flush_context() - execute a TPM2_FlushContext command 359 * @chip: TPM chip to use 360 * @handle: context handle 361 */ 362 void tpm2_flush_context(struct tpm_chip *chip, u32 handle) 363 { 364 struct tpm_buf buf; 365 int rc; 366 367 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_FLUSH_CONTEXT); 368 if (rc) { 369 dev_warn(&chip->dev, "0x%08x was not flushed, out of memory\n", 370 handle); 371 return; 372 } 373 374 tpm_buf_append_u32(&buf, handle); 375 376 tpm_transmit_cmd(chip, &buf, 0, "flushing context"); 377 tpm_buf_destroy(&buf); 378 } 379 380 /** 381 * tpm_buf_append_auth() - append TPMS_AUTH_COMMAND to the buffer. 382 * 383 * @buf: an allocated tpm_buf instance 384 * @session_handle: session handle 385 * @nonce: the session nonce, may be NULL if not used 386 * @nonce_len: the session nonce length, may be 0 if not used 387 * @attributes: the session attributes 388 * @hmac: the session HMAC or password, may be NULL if not used 389 * @hmac_len: the session HMAC or password length, maybe 0 if not used 390 */ 391 static void tpm2_buf_append_auth(struct tpm_buf *buf, u32 session_handle, 392 const u8 *nonce, u16 nonce_len, 393 u8 attributes, 394 const u8 *hmac, u16 hmac_len) 395 { 396 tpm_buf_append_u32(buf, 9 + nonce_len + hmac_len); 397 tpm_buf_append_u32(buf, session_handle); 398 tpm_buf_append_u16(buf, nonce_len); 399 400 if (nonce && nonce_len) 401 tpm_buf_append(buf, nonce, nonce_len); 402 403 tpm_buf_append_u8(buf, attributes); 404 tpm_buf_append_u16(buf, hmac_len); 405 406 if (hmac && hmac_len) 407 tpm_buf_append(buf, hmac, hmac_len); 408 } 409 410 /** 411 * tpm2_seal_trusted() - seal the payload of a trusted key 412 * 413 * @chip: TPM chip to use 414 * @payload: the key data in clear and encrypted form 415 * @options: authentication values and other options 416 * 417 * Return: < 0 on error and 0 on success. 418 */ 419 int tpm2_seal_trusted(struct tpm_chip *chip, 420 struct trusted_key_payload *payload, 421 struct trusted_key_options *options) 422 { 423 unsigned int blob_len; 424 struct tpm_buf buf; 425 u32 hash; 426 int i; 427 int rc; 428 429 for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) { 430 if (options->hash == tpm2_hash_map[i].crypto_id) { 431 hash = tpm2_hash_map[i].tpm_id; 432 break; 433 } 434 } 435 436 if (i == ARRAY_SIZE(tpm2_hash_map)) 437 return -EINVAL; 438 439 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CREATE); 440 if (rc) 441 return rc; 442 443 tpm_buf_append_u32(&buf, options->keyhandle); 444 tpm2_buf_append_auth(&buf, TPM2_RS_PW, 445 NULL /* nonce */, 0, 446 0 /* session_attributes */, 447 options->keyauth /* hmac */, 448 TPM_DIGEST_SIZE); 449 450 /* sensitive */ 451 tpm_buf_append_u16(&buf, 4 + TPM_DIGEST_SIZE + payload->key_len + 1); 452 453 tpm_buf_append_u16(&buf, TPM_DIGEST_SIZE); 454 tpm_buf_append(&buf, options->blobauth, TPM_DIGEST_SIZE); 455 tpm_buf_append_u16(&buf, payload->key_len + 1); 456 tpm_buf_append(&buf, payload->key, payload->key_len); 457 tpm_buf_append_u8(&buf, payload->migratable); 458 459 /* public */ 460 tpm_buf_append_u16(&buf, 14 + options->policydigest_len); 461 tpm_buf_append_u16(&buf, TPM_ALG_KEYEDHASH); 462 tpm_buf_append_u16(&buf, hash); 463 464 /* policy */ 465 if (options->policydigest_len) { 466 tpm_buf_append_u32(&buf, 0); 467 tpm_buf_append_u16(&buf, options->policydigest_len); 468 tpm_buf_append(&buf, options->policydigest, 469 options->policydigest_len); 470 } else { 471 tpm_buf_append_u32(&buf, TPM2_OA_USER_WITH_AUTH); 472 tpm_buf_append_u16(&buf, 0); 473 } 474 475 /* public parameters */ 476 tpm_buf_append_u16(&buf, TPM_ALG_NULL); 477 tpm_buf_append_u16(&buf, 0); 478 479 /* outside info */ 480 tpm_buf_append_u16(&buf, 0); 481 482 /* creation PCR */ 483 tpm_buf_append_u32(&buf, 0); 484 485 if (buf.flags & TPM_BUF_OVERFLOW) { 486 rc = -E2BIG; 487 goto out; 488 } 489 490 rc = tpm_transmit_cmd(chip, &buf, 4, "sealing data"); 491 if (rc) 492 goto out; 493 494 blob_len = be32_to_cpup((__be32 *) &buf.data[TPM_HEADER_SIZE]); 495 if (blob_len > MAX_BLOB_SIZE) { 496 rc = -E2BIG; 497 goto out; 498 } 499 if (tpm_buf_length(&buf) < TPM_HEADER_SIZE + 4 + blob_len) { 500 rc = -EFAULT; 501 goto out; 502 } 503 504 memcpy(payload->blob, &buf.data[TPM_HEADER_SIZE + 4], blob_len); 505 payload->blob_len = blob_len; 506 507 out: 508 tpm_buf_destroy(&buf); 509 510 if (rc > 0) { 511 if (tpm2_rc_value(rc) == TPM2_RC_HASH) 512 rc = -EINVAL; 513 else 514 rc = -EPERM; 515 } 516 517 return rc; 518 } 519 520 /** 521 * tpm2_load_cmd() - execute a TPM2_Load command 522 * 523 * @chip: TPM chip to use 524 * @payload: the key data in clear and encrypted form 525 * @options: authentication values and other options 526 * @blob_handle: returned blob handle 527 * 528 * Return: 0 on success. 529 * -E2BIG on wrong payload size. 530 * -EPERM on tpm error status. 531 * < 0 error from tpm_transmit_cmd. 532 */ 533 static int tpm2_load_cmd(struct tpm_chip *chip, 534 struct trusted_key_payload *payload, 535 struct trusted_key_options *options, 536 u32 *blob_handle) 537 { 538 struct tpm_buf buf; 539 unsigned int private_len; 540 unsigned int public_len; 541 unsigned int blob_len; 542 int rc; 543 544 private_len = be16_to_cpup((__be16 *) &payload->blob[0]); 545 if (private_len > (payload->blob_len - 2)) 546 return -E2BIG; 547 548 public_len = be16_to_cpup((__be16 *) &payload->blob[2 + private_len]); 549 blob_len = private_len + public_len + 4; 550 if (blob_len > payload->blob_len) 551 return -E2BIG; 552 553 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_LOAD); 554 if (rc) 555 return rc; 556 557 tpm_buf_append_u32(&buf, options->keyhandle); 558 tpm2_buf_append_auth(&buf, TPM2_RS_PW, 559 NULL /* nonce */, 0, 560 0 /* session_attributes */, 561 options->keyauth /* hmac */, 562 TPM_DIGEST_SIZE); 563 564 tpm_buf_append(&buf, payload->blob, blob_len); 565 566 if (buf.flags & TPM_BUF_OVERFLOW) { 567 rc = -E2BIG; 568 goto out; 569 } 570 571 rc = tpm_transmit_cmd(chip, &buf, 4, "loading blob"); 572 if (!rc) 573 *blob_handle = be32_to_cpup( 574 (__be32 *) &buf.data[TPM_HEADER_SIZE]); 575 576 out: 577 tpm_buf_destroy(&buf); 578 579 if (rc > 0) 580 rc = -EPERM; 581 582 return rc; 583 } 584 585 /** 586 * tpm2_unseal_cmd() - execute a TPM2_Unload command 587 * 588 * @chip: TPM chip to use 589 * @payload: the key data in clear and encrypted form 590 * @options: authentication values and other options 591 * @blob_handle: blob handle 592 * 593 * Return: 0 on success 594 * -EPERM on tpm error status 595 * < 0 error from tpm_transmit_cmd 596 */ 597 static int tpm2_unseal_cmd(struct tpm_chip *chip, 598 struct trusted_key_payload *payload, 599 struct trusted_key_options *options, 600 u32 blob_handle) 601 { 602 struct tpm_buf buf; 603 u16 data_len; 604 u8 *data; 605 int rc; 606 607 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_UNSEAL); 608 if (rc) 609 return rc; 610 611 tpm_buf_append_u32(&buf, blob_handle); 612 tpm2_buf_append_auth(&buf, 613 options->policyhandle ? 614 options->policyhandle : TPM2_RS_PW, 615 NULL /* nonce */, 0, 616 TPM2_SA_CONTINUE_SESSION, 617 options->blobauth /* hmac */, 618 TPM_DIGEST_SIZE); 619 620 rc = tpm_transmit_cmd(chip, &buf, 6, "unsealing"); 621 if (rc > 0) 622 rc = -EPERM; 623 624 if (!rc) { 625 data_len = be16_to_cpup( 626 (__be16 *) &buf.data[TPM_HEADER_SIZE + 4]); 627 if (data_len < MIN_KEY_SIZE || data_len > MAX_KEY_SIZE + 1) { 628 rc = -EFAULT; 629 goto out; 630 } 631 632 if (tpm_buf_length(&buf) < TPM_HEADER_SIZE + 6 + data_len) { 633 rc = -EFAULT; 634 goto out; 635 } 636 data = &buf.data[TPM_HEADER_SIZE + 6]; 637 638 memcpy(payload->key, data, data_len - 1); 639 payload->key_len = data_len - 1; 640 payload->migratable = data[data_len - 1]; 641 } 642 643 out: 644 tpm_buf_destroy(&buf); 645 return rc; 646 } 647 648 /** 649 * tpm2_unseal_trusted() - unseal the payload of a trusted key 650 * 651 * @chip: TPM chip to use 652 * @payload: the key data in clear and encrypted form 653 * @options: authentication values and other options 654 * 655 * Return: Same as with tpm_transmit_cmd. 656 */ 657 int tpm2_unseal_trusted(struct tpm_chip *chip, 658 struct trusted_key_payload *payload, 659 struct trusted_key_options *options) 660 { 661 u32 blob_handle; 662 int rc; 663 664 rc = tpm2_load_cmd(chip, payload, options, &blob_handle); 665 if (rc) 666 return rc; 667 668 rc = tpm2_unseal_cmd(chip, payload, options, blob_handle); 669 tpm2_flush_context(chip, blob_handle); 670 return rc; 671 } 672 673 struct tpm2_get_cap_out { 674 u8 more_data; 675 __be32 subcap_id; 676 __be32 property_cnt; 677 __be32 property_id; 678 __be32 value; 679 } __packed; 680 681 /** 682 * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property 683 * @chip: a &tpm_chip instance 684 * @property_id: property ID. 685 * @value: output variable. 686 * @desc: passed to tpm_transmit_cmd() 687 * 688 * Return: 689 * 0 on success, 690 * -errno or a TPM return code otherwise 691 */ 692 ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, u32 *value, 693 const char *desc) 694 { 695 struct tpm2_get_cap_out *out; 696 struct tpm_buf buf; 697 int rc; 698 699 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 700 if (rc) 701 return rc; 702 tpm_buf_append_u32(&buf, TPM2_CAP_TPM_PROPERTIES); 703 tpm_buf_append_u32(&buf, property_id); 704 tpm_buf_append_u32(&buf, 1); 705 rc = tpm_transmit_cmd(chip, &buf, 0, NULL); 706 if (!rc) { 707 out = (struct tpm2_get_cap_out *) 708 &buf.data[TPM_HEADER_SIZE]; 709 *value = be32_to_cpu(out->value); 710 } 711 tpm_buf_destroy(&buf); 712 return rc; 713 } 714 EXPORT_SYMBOL_GPL(tpm2_get_tpm_pt); 715 716 /** 717 * tpm2_shutdown() - send a TPM shutdown command 718 * 719 * Sends a TPM shutdown command. The shutdown command is used in call 720 * sites where the system is going down. If it fails, there is not much 721 * that can be done except print an error message. 722 * 723 * @chip: a &tpm_chip instance 724 * @shutdown_type: TPM_SU_CLEAR or TPM_SU_STATE. 725 */ 726 void tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type) 727 { 728 struct tpm_buf buf; 729 int rc; 730 731 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_SHUTDOWN); 732 if (rc) 733 return; 734 tpm_buf_append_u16(&buf, shutdown_type); 735 tpm_transmit_cmd(chip, &buf, 0, "stopping the TPM"); 736 tpm_buf_destroy(&buf); 737 } 738 739 /** 740 * tpm2_do_selftest() - ensure that all self tests have passed 741 * 742 * @chip: TPM chip to use 743 * 744 * Return: Same as with tpm_transmit_cmd. 745 * 746 * The TPM can either run all self tests synchronously and then return 747 * RC_SUCCESS once all tests were successful. Or it can choose to run the tests 748 * asynchronously and return RC_TESTING immediately while the self tests still 749 * execute in the background. This function handles both cases and waits until 750 * all tests have completed. 751 */ 752 static int tpm2_do_selftest(struct tpm_chip *chip) 753 { 754 struct tpm_buf buf; 755 int full; 756 int rc; 757 758 for (full = 0; full < 2; full++) { 759 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_SELF_TEST); 760 if (rc) 761 return rc; 762 763 tpm_buf_append_u8(&buf, full); 764 rc = tpm_transmit_cmd(chip, &buf, 0, 765 "attempting the self test"); 766 tpm_buf_destroy(&buf); 767 768 if (rc == TPM2_RC_TESTING) 769 rc = TPM2_RC_SUCCESS; 770 if (rc == TPM2_RC_INITIALIZE || rc == TPM2_RC_SUCCESS) 771 return rc; 772 } 773 774 return rc; 775 } 776 777 /** 778 * tpm2_probe() - probe for the TPM 2.0 protocol 779 * @chip: a &tpm_chip instance 780 * 781 * Send an idempotent TPM 2.0 command and see whether there is TPM2 chip in the 782 * other end based on the response tag. The flag TPM_CHIP_FLAG_TPM2 is set by 783 * this function if this is the case. 784 * 785 * Return: 786 * 0 on success, 787 * -errno otherwise 788 */ 789 int tpm2_probe(struct tpm_chip *chip) 790 { 791 struct tpm_header *out; 792 struct tpm_buf buf; 793 int rc; 794 795 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 796 if (rc) 797 return rc; 798 tpm_buf_append_u32(&buf, TPM2_CAP_TPM_PROPERTIES); 799 tpm_buf_append_u32(&buf, TPM_PT_TOTAL_COMMANDS); 800 tpm_buf_append_u32(&buf, 1); 801 rc = tpm_transmit_cmd(chip, &buf, 0, NULL); 802 /* We ignore TPM return codes on purpose. */ 803 if (rc >= 0) { 804 out = (struct tpm_header *)buf.data; 805 if (be16_to_cpu(out->tag) == TPM2_ST_NO_SESSIONS) 806 chip->flags |= TPM_CHIP_FLAG_TPM2; 807 } 808 tpm_buf_destroy(&buf); 809 return 0; 810 } 811 EXPORT_SYMBOL_GPL(tpm2_probe); 812 813 static int tpm2_init_bank_info(struct tpm_chip *chip, u32 bank_index) 814 { 815 struct tpm_bank_info *bank = chip->allocated_banks + bank_index; 816 struct tpm_digest digest = { .alg_id = bank->alg_id }; 817 int i; 818 819 /* 820 * Avoid unnecessary PCR read operations to reduce overhead 821 * and obtain identifiers of the crypto subsystem. 822 */ 823 for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) { 824 enum hash_algo crypto_algo = tpm2_hash_map[i].crypto_id; 825 826 if (bank->alg_id != tpm2_hash_map[i].tpm_id) 827 continue; 828 829 bank->digest_size = hash_digest_size[crypto_algo]; 830 bank->crypto_id = crypto_algo; 831 return 0; 832 } 833 834 return tpm2_pcr_read(chip, 0, &digest, &bank->digest_size); 835 } 836 837 struct tpm2_pcr_selection { 838 __be16 hash_alg; 839 u8 size_of_select; 840 u8 pcr_select[3]; 841 } __packed; 842 843 ssize_t tpm2_get_pcr_allocation(struct tpm_chip *chip) 844 { 845 struct tpm2_pcr_selection pcr_selection; 846 struct tpm_buf buf; 847 void *marker; 848 void *end; 849 void *pcr_select_offset; 850 u32 sizeof_pcr_selection; 851 u32 nr_possible_banks; 852 u32 nr_alloc_banks = 0; 853 u16 hash_alg; 854 u32 rsp_len; 855 int rc; 856 int i = 0; 857 858 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 859 if (rc) 860 return rc; 861 862 tpm_buf_append_u32(&buf, TPM2_CAP_PCRS); 863 tpm_buf_append_u32(&buf, 0); 864 tpm_buf_append_u32(&buf, 1); 865 866 rc = tpm_transmit_cmd(chip, &buf, 9, "get tpm pcr allocation"); 867 if (rc) 868 goto out; 869 870 nr_possible_banks = be32_to_cpup( 871 (__be32 *)&buf.data[TPM_HEADER_SIZE + 5]); 872 873 chip->allocated_banks = kcalloc(nr_possible_banks, 874 sizeof(*chip->allocated_banks), 875 GFP_KERNEL); 876 if (!chip->allocated_banks) { 877 rc = -ENOMEM; 878 goto out; 879 } 880 881 marker = &buf.data[TPM_HEADER_SIZE + 9]; 882 883 rsp_len = be32_to_cpup((__be32 *)&buf.data[2]); 884 end = &buf.data[rsp_len]; 885 886 for (i = 0; i < nr_possible_banks; i++) { 887 pcr_select_offset = marker + 888 offsetof(struct tpm2_pcr_selection, size_of_select); 889 if (pcr_select_offset >= end) { 890 rc = -EFAULT; 891 break; 892 } 893 894 memcpy(&pcr_selection, marker, sizeof(pcr_selection)); 895 hash_alg = be16_to_cpu(pcr_selection.hash_alg); 896 897 pcr_select_offset = memchr_inv(pcr_selection.pcr_select, 0, 898 pcr_selection.size_of_select); 899 if (pcr_select_offset) { 900 chip->allocated_banks[nr_alloc_banks].alg_id = hash_alg; 901 902 rc = tpm2_init_bank_info(chip, nr_alloc_banks); 903 if (rc < 0) 904 break; 905 906 nr_alloc_banks++; 907 } 908 909 sizeof_pcr_selection = sizeof(pcr_selection.hash_alg) + 910 sizeof(pcr_selection.size_of_select) + 911 pcr_selection.size_of_select; 912 marker = marker + sizeof_pcr_selection; 913 } 914 915 chip->nr_allocated_banks = nr_alloc_banks; 916 out: 917 tpm_buf_destroy(&buf); 918 919 return rc; 920 } 921 922 static int tpm2_get_cc_attrs_tbl(struct tpm_chip *chip) 923 { 924 struct tpm_buf buf; 925 u32 nr_commands; 926 __be32 *attrs; 927 u32 cc; 928 int i; 929 int rc; 930 931 rc = tpm2_get_tpm_pt(chip, TPM_PT_TOTAL_COMMANDS, &nr_commands, NULL); 932 if (rc) 933 goto out; 934 935 if (nr_commands > 0xFFFFF) { 936 rc = -EFAULT; 937 goto out; 938 } 939 940 chip->cc_attrs_tbl = devm_kcalloc(&chip->dev, 4, nr_commands, 941 GFP_KERNEL); 942 943 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 944 if (rc) 945 goto out; 946 947 tpm_buf_append_u32(&buf, TPM2_CAP_COMMANDS); 948 tpm_buf_append_u32(&buf, TPM2_CC_FIRST); 949 tpm_buf_append_u32(&buf, nr_commands); 950 951 rc = tpm_transmit_cmd(chip, &buf, 9 + 4 * nr_commands, NULL); 952 if (rc) { 953 tpm_buf_destroy(&buf); 954 goto out; 955 } 956 957 if (nr_commands != 958 be32_to_cpup((__be32 *)&buf.data[TPM_HEADER_SIZE + 5])) { 959 tpm_buf_destroy(&buf); 960 goto out; 961 } 962 963 chip->nr_commands = nr_commands; 964 965 attrs = (__be32 *)&buf.data[TPM_HEADER_SIZE + 9]; 966 for (i = 0; i < nr_commands; i++, attrs++) { 967 chip->cc_attrs_tbl[i] = be32_to_cpup(attrs); 968 cc = chip->cc_attrs_tbl[i] & 0xFFFF; 969 970 if (cc == TPM2_CC_CONTEXT_SAVE || cc == TPM2_CC_FLUSH_CONTEXT) { 971 chip->cc_attrs_tbl[i] &= 972 ~(GENMASK(2, 0) << TPM2_CC_ATTR_CHANDLES); 973 chip->cc_attrs_tbl[i] |= 1 << TPM2_CC_ATTR_CHANDLES; 974 } 975 } 976 977 tpm_buf_destroy(&buf); 978 979 out: 980 if (rc > 0) 981 rc = -ENODEV; 982 return rc; 983 } 984 985 /** 986 * tpm2_startup - turn on the TPM 987 * @chip: TPM chip to use 988 * 989 * Normally the firmware should start the TPM. This function is provided as a 990 * workaround if this does not happen. A legal case for this could be for 991 * example when a TPM emulator is used. 992 * 993 * Return: same as tpm_transmit_cmd() 994 */ 995 996 static int tpm2_startup(struct tpm_chip *chip) 997 { 998 struct tpm_buf buf; 999 int rc; 1000 1001 dev_info(&chip->dev, "starting up the TPM manually\n"); 1002 1003 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_STARTUP); 1004 if (rc < 0) 1005 return rc; 1006 1007 tpm_buf_append_u16(&buf, TPM2_SU_CLEAR); 1008 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to start the TPM"); 1009 tpm_buf_destroy(&buf); 1010 1011 return rc; 1012 } 1013 1014 /** 1015 * tpm2_auto_startup - Perform the standard automatic TPM initialization 1016 * sequence 1017 * @chip: TPM chip to use 1018 * 1019 * Returns 0 on success, < 0 in case of fatal error. 1020 */ 1021 int tpm2_auto_startup(struct tpm_chip *chip) 1022 { 1023 int rc; 1024 1025 rc = tpm2_get_timeouts(chip); 1026 if (rc) 1027 goto out; 1028 1029 rc = tpm2_do_selftest(chip); 1030 if (rc && rc != TPM2_RC_INITIALIZE) 1031 goto out; 1032 1033 if (rc == TPM2_RC_INITIALIZE) { 1034 rc = tpm2_startup(chip); 1035 if (rc) 1036 goto out; 1037 1038 rc = tpm2_do_selftest(chip); 1039 if (rc) 1040 goto out; 1041 } 1042 1043 rc = tpm2_get_cc_attrs_tbl(chip); 1044 1045 out: 1046 if (rc > 0) 1047 rc = -ENODEV; 1048 return rc; 1049 } 1050 1051 int tpm2_find_cc(struct tpm_chip *chip, u32 cc) 1052 { 1053 int i; 1054 1055 for (i = 0; i < chip->nr_commands; i++) 1056 if (cc == (chip->cc_attrs_tbl[i] & GENMASK(15, 0))) 1057 return i; 1058 1059 return -1; 1060 } 1061