1 /* 2 * Copyright (C) 2014, 2015 Intel Corporation 3 * 4 * Authors: 5 * Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> 6 * 7 * Maintained by: <tpmdd-devel@lists.sourceforge.net> 8 * 9 * This file contains TPM2 protocol implementations of the commands 10 * used by the kernel internally. 11 * 12 * This program is free software; you can redistribute it and/or 13 * modify it under the terms of the GNU General Public License 14 * as published by the Free Software Foundation; version 2 15 * of the License. 16 */ 17 18 #include "tpm.h" 19 #include <crypto/hash_info.h> 20 #include <keys/trusted-type.h> 21 22 enum tpm2_object_attributes { 23 TPM2_OA_USER_WITH_AUTH = BIT(6), 24 }; 25 26 enum tpm2_session_attributes { 27 TPM2_SA_CONTINUE_SESSION = BIT(0), 28 }; 29 30 struct tpm2_startup_in { 31 __be16 startup_type; 32 } __packed; 33 34 struct tpm2_self_test_in { 35 u8 full_test; 36 } __packed; 37 38 struct tpm2_get_tpm_pt_in { 39 __be32 cap_id; 40 __be32 property_id; 41 __be32 property_cnt; 42 } __packed; 43 44 struct tpm2_get_tpm_pt_out { 45 u8 more_data; 46 __be32 subcap_id; 47 __be32 property_cnt; 48 __be32 property_id; 49 __be32 value; 50 } __packed; 51 52 struct tpm2_get_random_in { 53 __be16 size; 54 } __packed; 55 56 struct tpm2_get_random_out { 57 __be16 size; 58 u8 buffer[TPM_MAX_RNG_DATA]; 59 } __packed; 60 61 union tpm2_cmd_params { 62 struct tpm2_startup_in startup_in; 63 struct tpm2_self_test_in selftest_in; 64 struct tpm2_get_tpm_pt_in get_tpm_pt_in; 65 struct tpm2_get_tpm_pt_out get_tpm_pt_out; 66 struct tpm2_get_random_in getrandom_in; 67 struct tpm2_get_random_out getrandom_out; 68 }; 69 70 struct tpm2_cmd { 71 tpm_cmd_header header; 72 union tpm2_cmd_params params; 73 } __packed; 74 75 struct tpm2_hash { 76 unsigned int crypto_id; 77 unsigned int tpm_id; 78 }; 79 80 static struct tpm2_hash tpm2_hash_map[] = { 81 {HASH_ALGO_SHA1, TPM2_ALG_SHA1}, 82 {HASH_ALGO_SHA256, TPM2_ALG_SHA256}, 83 {HASH_ALGO_SHA384, TPM2_ALG_SHA384}, 84 {HASH_ALGO_SHA512, TPM2_ALG_SHA512}, 85 {HASH_ALGO_SM3_256, TPM2_ALG_SM3_256}, 86 }; 87 88 /* 89 * Array with one entry per ordinal defining the maximum amount 90 * of time the chip could take to return the result. The values 91 * of the SHORT, MEDIUM, and LONG durations are taken from the 92 * PC Client Profile (PTP) specification. 93 */ 94 static const u8 tpm2_ordinal_duration[TPM2_CC_LAST - TPM2_CC_FIRST + 1] = { 95 TPM_UNDEFINED, /* 11F */ 96 TPM_UNDEFINED, /* 120 */ 97 TPM_LONG, /* 121 */ 98 TPM_UNDEFINED, /* 122 */ 99 TPM_UNDEFINED, /* 123 */ 100 TPM_UNDEFINED, /* 124 */ 101 TPM_UNDEFINED, /* 125 */ 102 TPM_UNDEFINED, /* 126 */ 103 TPM_UNDEFINED, /* 127 */ 104 TPM_UNDEFINED, /* 128 */ 105 TPM_LONG, /* 129 */ 106 TPM_UNDEFINED, /* 12a */ 107 TPM_UNDEFINED, /* 12b */ 108 TPM_UNDEFINED, /* 12c */ 109 TPM_UNDEFINED, /* 12d */ 110 TPM_UNDEFINED, /* 12e */ 111 TPM_UNDEFINED, /* 12f */ 112 TPM_UNDEFINED, /* 130 */ 113 TPM_UNDEFINED, /* 131 */ 114 TPM_UNDEFINED, /* 132 */ 115 TPM_UNDEFINED, /* 133 */ 116 TPM_UNDEFINED, /* 134 */ 117 TPM_UNDEFINED, /* 135 */ 118 TPM_UNDEFINED, /* 136 */ 119 TPM_UNDEFINED, /* 137 */ 120 TPM_UNDEFINED, /* 138 */ 121 TPM_UNDEFINED, /* 139 */ 122 TPM_UNDEFINED, /* 13a */ 123 TPM_UNDEFINED, /* 13b */ 124 TPM_UNDEFINED, /* 13c */ 125 TPM_UNDEFINED, /* 13d */ 126 TPM_MEDIUM, /* 13e */ 127 TPM_UNDEFINED, /* 13f */ 128 TPM_UNDEFINED, /* 140 */ 129 TPM_UNDEFINED, /* 141 */ 130 TPM_UNDEFINED, /* 142 */ 131 TPM_LONG, /* 143 */ 132 TPM_MEDIUM, /* 144 */ 133 TPM_UNDEFINED, /* 145 */ 134 TPM_UNDEFINED, /* 146 */ 135 TPM_UNDEFINED, /* 147 */ 136 TPM_UNDEFINED, /* 148 */ 137 TPM_UNDEFINED, /* 149 */ 138 TPM_UNDEFINED, /* 14a */ 139 TPM_UNDEFINED, /* 14b */ 140 TPM_UNDEFINED, /* 14c */ 141 TPM_UNDEFINED, /* 14d */ 142 TPM_LONG, /* 14e */ 143 TPM_UNDEFINED, /* 14f */ 144 TPM_UNDEFINED, /* 150 */ 145 TPM_UNDEFINED, /* 151 */ 146 TPM_UNDEFINED, /* 152 */ 147 TPM_UNDEFINED, /* 153 */ 148 TPM_UNDEFINED, /* 154 */ 149 TPM_UNDEFINED, /* 155 */ 150 TPM_UNDEFINED, /* 156 */ 151 TPM_UNDEFINED, /* 157 */ 152 TPM_UNDEFINED, /* 158 */ 153 TPM_UNDEFINED, /* 159 */ 154 TPM_UNDEFINED, /* 15a */ 155 TPM_UNDEFINED, /* 15b */ 156 TPM_MEDIUM, /* 15c */ 157 TPM_UNDEFINED, /* 15d */ 158 TPM_UNDEFINED, /* 15e */ 159 TPM_UNDEFINED, /* 15f */ 160 TPM_UNDEFINED, /* 160 */ 161 TPM_UNDEFINED, /* 161 */ 162 TPM_UNDEFINED, /* 162 */ 163 TPM_UNDEFINED, /* 163 */ 164 TPM_UNDEFINED, /* 164 */ 165 TPM_UNDEFINED, /* 165 */ 166 TPM_UNDEFINED, /* 166 */ 167 TPM_UNDEFINED, /* 167 */ 168 TPM_UNDEFINED, /* 168 */ 169 TPM_UNDEFINED, /* 169 */ 170 TPM_UNDEFINED, /* 16a */ 171 TPM_UNDEFINED, /* 16b */ 172 TPM_UNDEFINED, /* 16c */ 173 TPM_UNDEFINED, /* 16d */ 174 TPM_UNDEFINED, /* 16e */ 175 TPM_UNDEFINED, /* 16f */ 176 TPM_UNDEFINED, /* 170 */ 177 TPM_UNDEFINED, /* 171 */ 178 TPM_UNDEFINED, /* 172 */ 179 TPM_UNDEFINED, /* 173 */ 180 TPM_UNDEFINED, /* 174 */ 181 TPM_UNDEFINED, /* 175 */ 182 TPM_UNDEFINED, /* 176 */ 183 TPM_LONG, /* 177 */ 184 TPM_UNDEFINED, /* 178 */ 185 TPM_UNDEFINED, /* 179 */ 186 TPM_MEDIUM, /* 17a */ 187 TPM_LONG, /* 17b */ 188 TPM_UNDEFINED, /* 17c */ 189 TPM_UNDEFINED, /* 17d */ 190 TPM_UNDEFINED, /* 17e */ 191 TPM_UNDEFINED, /* 17f */ 192 TPM_UNDEFINED, /* 180 */ 193 TPM_UNDEFINED, /* 181 */ 194 TPM_MEDIUM, /* 182 */ 195 TPM_UNDEFINED, /* 183 */ 196 TPM_UNDEFINED, /* 184 */ 197 TPM_MEDIUM, /* 185 */ 198 TPM_MEDIUM, /* 186 */ 199 TPM_UNDEFINED, /* 187 */ 200 TPM_UNDEFINED, /* 188 */ 201 TPM_UNDEFINED, /* 189 */ 202 TPM_UNDEFINED, /* 18a */ 203 TPM_UNDEFINED, /* 18b */ 204 TPM_UNDEFINED, /* 18c */ 205 TPM_UNDEFINED, /* 18d */ 206 TPM_UNDEFINED, /* 18e */ 207 TPM_UNDEFINED /* 18f */ 208 }; 209 210 struct tpm2_pcr_read_out { 211 __be32 update_cnt; 212 __be32 pcr_selects_cnt; 213 __be16 hash_alg; 214 u8 pcr_select_size; 215 u8 pcr_select[TPM2_PCR_SELECT_MIN]; 216 __be32 digests_cnt; 217 __be16 digest_size; 218 u8 digest[]; 219 } __packed; 220 221 /** 222 * tpm2_pcr_read() - read a PCR value 223 * @chip: TPM chip to use. 224 * @pcr_idx: index of the PCR to read. 225 * @res_buf: buffer to store the resulting hash. 226 * 227 * Return: Same as with tpm_transmit_cmd. 228 */ 229 int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) 230 { 231 int rc; 232 struct tpm_buf buf; 233 struct tpm2_pcr_read_out *out; 234 u8 pcr_select[TPM2_PCR_SELECT_MIN] = {0}; 235 236 if (pcr_idx >= TPM2_PLATFORM_PCR) 237 return -EINVAL; 238 239 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_PCR_READ); 240 if (rc) 241 return rc; 242 243 pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7); 244 245 tpm_buf_append_u32(&buf, 1); 246 tpm_buf_append_u16(&buf, TPM2_ALG_SHA1); 247 tpm_buf_append_u8(&buf, TPM2_PCR_SELECT_MIN); 248 tpm_buf_append(&buf, (const unsigned char *)pcr_select, 249 sizeof(pcr_select)); 250 251 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0, 252 res_buf ? "attempting to read a pcr value" : NULL); 253 if (rc == 0 && res_buf) { 254 out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE]; 255 memcpy(res_buf, out->digest, SHA1_DIGEST_SIZE); 256 } 257 258 tpm_buf_destroy(&buf); 259 return rc; 260 } 261 262 struct tpm2_null_auth_area { 263 __be32 handle; 264 __be16 nonce_size; 265 u8 attributes; 266 __be16 auth_size; 267 } __packed; 268 269 /** 270 * tpm2_pcr_extend() - extend a PCR value 271 * 272 * @chip: TPM chip to use. 273 * @pcr_idx: index of the PCR. 274 * @count: number of digests passed. 275 * @digests: list of pcr banks and corresponding digest values to extend. 276 * 277 * Return: Same as with tpm_transmit_cmd. 278 */ 279 int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count, 280 struct tpm2_digest *digests) 281 { 282 struct tpm_buf buf; 283 struct tpm2_null_auth_area auth_area; 284 int rc; 285 int i; 286 int j; 287 288 if (count > ARRAY_SIZE(chip->active_banks)) 289 return -EINVAL; 290 291 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND); 292 if (rc) 293 return rc; 294 295 tpm_buf_append_u32(&buf, pcr_idx); 296 297 auth_area.handle = cpu_to_be32(TPM2_RS_PW); 298 auth_area.nonce_size = 0; 299 auth_area.attributes = 0; 300 auth_area.auth_size = 0; 301 302 tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area)); 303 tpm_buf_append(&buf, (const unsigned char *)&auth_area, 304 sizeof(auth_area)); 305 tpm_buf_append_u32(&buf, count); 306 307 for (i = 0; i < count; i++) { 308 for (j = 0; j < ARRAY_SIZE(tpm2_hash_map); j++) { 309 if (digests[i].alg_id != tpm2_hash_map[j].tpm_id) 310 continue; 311 tpm_buf_append_u16(&buf, digests[i].alg_id); 312 tpm_buf_append(&buf, (const unsigned char 313 *)&digests[i].digest, 314 hash_digest_size[tpm2_hash_map[j].crypto_id]); 315 } 316 } 317 318 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0, 319 "attempting extend a PCR value"); 320 321 tpm_buf_destroy(&buf); 322 323 return rc; 324 } 325 326 327 #define TPM2_GETRANDOM_IN_SIZE \ 328 (sizeof(struct tpm_input_header) + \ 329 sizeof(struct tpm2_get_random_in)) 330 331 static const struct tpm_input_header tpm2_getrandom_header = { 332 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 333 .length = cpu_to_be32(TPM2_GETRANDOM_IN_SIZE), 334 .ordinal = cpu_to_be32(TPM2_CC_GET_RANDOM) 335 }; 336 337 /** 338 * tpm2_get_random() - get random bytes from the TPM RNG 339 * 340 * @chip: TPM chip to use 341 * @out: destination buffer for the random bytes 342 * @max: the max number of bytes to write to @out 343 * 344 * Return: 345 * Size of the output buffer, or -EIO on error. 346 */ 347 int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max) 348 { 349 struct tpm2_cmd cmd; 350 u32 recd, rlength; 351 u32 num_bytes; 352 int err; 353 int total = 0; 354 int retries = 5; 355 u8 *dest = out; 356 357 num_bytes = min_t(u32, max, sizeof(cmd.params.getrandom_out.buffer)); 358 359 if (!out || !num_bytes || 360 max > sizeof(cmd.params.getrandom_out.buffer)) 361 return -EINVAL; 362 363 do { 364 cmd.header.in = tpm2_getrandom_header; 365 cmd.params.getrandom_in.size = cpu_to_be16(num_bytes); 366 367 err = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd), 368 offsetof(struct tpm2_get_random_out, 369 buffer), 370 0, "attempting get random"); 371 if (err) 372 break; 373 374 recd = min_t(u32, be16_to_cpu(cmd.params.getrandom_out.size), 375 num_bytes); 376 rlength = be32_to_cpu(cmd.header.out.length); 377 if (rlength < offsetof(struct tpm2_get_random_out, buffer) + 378 recd) 379 return -EFAULT; 380 memcpy(dest, cmd.params.getrandom_out.buffer, recd); 381 382 dest += recd; 383 total += recd; 384 num_bytes -= recd; 385 } while (retries-- && total < max); 386 387 return total ? total : -EIO; 388 } 389 390 #define TPM2_GET_TPM_PT_IN_SIZE \ 391 (sizeof(struct tpm_input_header) + \ 392 sizeof(struct tpm2_get_tpm_pt_in)) 393 394 #define TPM2_GET_TPM_PT_OUT_BODY_SIZE \ 395 sizeof(struct tpm2_get_tpm_pt_out) 396 397 static const struct tpm_input_header tpm2_get_tpm_pt_header = { 398 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 399 .length = cpu_to_be32(TPM2_GET_TPM_PT_IN_SIZE), 400 .ordinal = cpu_to_be32(TPM2_CC_GET_CAPABILITY) 401 }; 402 403 /** 404 * tpm2_flush_context_cmd() - execute a TPM2_FlushContext command 405 * @chip: TPM chip to use 406 * @payload: the key data in clear and encrypted form 407 * @options: authentication values and other options 408 * 409 * Return: same as with tpm_transmit_cmd 410 */ 411 void tpm2_flush_context_cmd(struct tpm_chip *chip, u32 handle, 412 unsigned int flags) 413 { 414 struct tpm_buf buf; 415 int rc; 416 417 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_FLUSH_CONTEXT); 418 if (rc) { 419 dev_warn(&chip->dev, "0x%08x was not flushed, out of memory\n", 420 handle); 421 return; 422 } 423 424 tpm_buf_append_u32(&buf, handle); 425 426 (void) tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, flags, 427 "flushing context"); 428 429 tpm_buf_destroy(&buf); 430 } 431 432 /** 433 * tpm_buf_append_auth() - append TPMS_AUTH_COMMAND to the buffer. 434 * 435 * @buf: an allocated tpm_buf instance 436 * @session_handle: session handle 437 * @nonce: the session nonce, may be NULL if not used 438 * @nonce_len: the session nonce length, may be 0 if not used 439 * @attributes: the session attributes 440 * @hmac: the session HMAC or password, may be NULL if not used 441 * @hmac_len: the session HMAC or password length, maybe 0 if not used 442 */ 443 static void tpm2_buf_append_auth(struct tpm_buf *buf, u32 session_handle, 444 const u8 *nonce, u16 nonce_len, 445 u8 attributes, 446 const u8 *hmac, u16 hmac_len) 447 { 448 tpm_buf_append_u32(buf, 9 + nonce_len + hmac_len); 449 tpm_buf_append_u32(buf, session_handle); 450 tpm_buf_append_u16(buf, nonce_len); 451 452 if (nonce && nonce_len) 453 tpm_buf_append(buf, nonce, nonce_len); 454 455 tpm_buf_append_u8(buf, attributes); 456 tpm_buf_append_u16(buf, hmac_len); 457 458 if (hmac && hmac_len) 459 tpm_buf_append(buf, hmac, hmac_len); 460 } 461 462 /** 463 * tpm2_seal_trusted() - seal the payload of a trusted key 464 * 465 * @chip: TPM chip to use 466 * @payload: the key data in clear and encrypted form 467 * @options: authentication values and other options 468 * 469 * Return: < 0 on error and 0 on success. 470 */ 471 int tpm2_seal_trusted(struct tpm_chip *chip, 472 struct trusted_key_payload *payload, 473 struct trusted_key_options *options) 474 { 475 unsigned int blob_len; 476 struct tpm_buf buf; 477 u32 hash, rlength; 478 int i; 479 int rc; 480 481 for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) { 482 if (options->hash == tpm2_hash_map[i].crypto_id) { 483 hash = tpm2_hash_map[i].tpm_id; 484 break; 485 } 486 } 487 488 if (i == ARRAY_SIZE(tpm2_hash_map)) 489 return -EINVAL; 490 491 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CREATE); 492 if (rc) 493 return rc; 494 495 tpm_buf_append_u32(&buf, options->keyhandle); 496 tpm2_buf_append_auth(&buf, TPM2_RS_PW, 497 NULL /* nonce */, 0, 498 0 /* session_attributes */, 499 options->keyauth /* hmac */, 500 TPM_DIGEST_SIZE); 501 502 /* sensitive */ 503 tpm_buf_append_u16(&buf, 4 + TPM_DIGEST_SIZE + payload->key_len + 1); 504 505 tpm_buf_append_u16(&buf, TPM_DIGEST_SIZE); 506 tpm_buf_append(&buf, options->blobauth, TPM_DIGEST_SIZE); 507 tpm_buf_append_u16(&buf, payload->key_len + 1); 508 tpm_buf_append(&buf, payload->key, payload->key_len); 509 tpm_buf_append_u8(&buf, payload->migratable); 510 511 /* public */ 512 tpm_buf_append_u16(&buf, 14 + options->policydigest_len); 513 tpm_buf_append_u16(&buf, TPM2_ALG_KEYEDHASH); 514 tpm_buf_append_u16(&buf, hash); 515 516 /* policy */ 517 if (options->policydigest_len) { 518 tpm_buf_append_u32(&buf, 0); 519 tpm_buf_append_u16(&buf, options->policydigest_len); 520 tpm_buf_append(&buf, options->policydigest, 521 options->policydigest_len); 522 } else { 523 tpm_buf_append_u32(&buf, TPM2_OA_USER_WITH_AUTH); 524 tpm_buf_append_u16(&buf, 0); 525 } 526 527 /* public parameters */ 528 tpm_buf_append_u16(&buf, TPM2_ALG_NULL); 529 tpm_buf_append_u16(&buf, 0); 530 531 /* outside info */ 532 tpm_buf_append_u16(&buf, 0); 533 534 /* creation PCR */ 535 tpm_buf_append_u32(&buf, 0); 536 537 if (buf.flags & TPM_BUF_OVERFLOW) { 538 rc = -E2BIG; 539 goto out; 540 } 541 542 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 4, 0, 543 "sealing data"); 544 if (rc) 545 goto out; 546 547 blob_len = be32_to_cpup((__be32 *) &buf.data[TPM_HEADER_SIZE]); 548 if (blob_len > MAX_BLOB_SIZE) { 549 rc = -E2BIG; 550 goto out; 551 } 552 rlength = be32_to_cpu(((struct tpm2_cmd *)&buf)->header.out.length); 553 if (rlength < TPM_HEADER_SIZE + 4 + blob_len) { 554 rc = -EFAULT; 555 goto out; 556 } 557 558 memcpy(payload->blob, &buf.data[TPM_HEADER_SIZE + 4], blob_len); 559 payload->blob_len = blob_len; 560 561 out: 562 tpm_buf_destroy(&buf); 563 564 if (rc > 0) { 565 if (tpm2_rc_value(rc) == TPM2_RC_HASH) 566 rc = -EINVAL; 567 else 568 rc = -EPERM; 569 } 570 571 return rc; 572 } 573 574 /** 575 * tpm2_load_cmd() - execute a TPM2_Load command 576 * 577 * @chip: TPM chip to use 578 * @payload: the key data in clear and encrypted form 579 * @options: authentication values and other options 580 * @blob_handle: returned blob handle 581 * @flags: tpm transmit flags 582 * 583 * Return: 0 on success. 584 * -E2BIG on wrong payload size. 585 * -EPERM on tpm error status. 586 * < 0 error from tpm_transmit_cmd. 587 */ 588 static int tpm2_load_cmd(struct tpm_chip *chip, 589 struct trusted_key_payload *payload, 590 struct trusted_key_options *options, 591 u32 *blob_handle, unsigned int flags) 592 { 593 struct tpm_buf buf; 594 unsigned int private_len; 595 unsigned int public_len; 596 unsigned int blob_len; 597 int rc; 598 599 private_len = be16_to_cpup((__be16 *) &payload->blob[0]); 600 if (private_len > (payload->blob_len - 2)) 601 return -E2BIG; 602 603 public_len = be16_to_cpup((__be16 *) &payload->blob[2 + private_len]); 604 blob_len = private_len + public_len + 4; 605 if (blob_len > payload->blob_len) 606 return -E2BIG; 607 608 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_LOAD); 609 if (rc) 610 return rc; 611 612 tpm_buf_append_u32(&buf, options->keyhandle); 613 tpm2_buf_append_auth(&buf, TPM2_RS_PW, 614 NULL /* nonce */, 0, 615 0 /* session_attributes */, 616 options->keyauth /* hmac */, 617 TPM_DIGEST_SIZE); 618 619 tpm_buf_append(&buf, payload->blob, blob_len); 620 621 if (buf.flags & TPM_BUF_OVERFLOW) { 622 rc = -E2BIG; 623 goto out; 624 } 625 626 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 4, flags, 627 "loading blob"); 628 if (!rc) 629 *blob_handle = be32_to_cpup( 630 (__be32 *) &buf.data[TPM_HEADER_SIZE]); 631 632 out: 633 tpm_buf_destroy(&buf); 634 635 if (rc > 0) 636 rc = -EPERM; 637 638 return rc; 639 } 640 641 /** 642 * tpm2_unseal_cmd() - execute a TPM2_Unload command 643 * 644 * @chip: TPM chip to use 645 * @payload: the key data in clear and encrypted form 646 * @options: authentication values and other options 647 * @blob_handle: blob handle 648 * @flags: tpm_transmit_cmd flags 649 * 650 * Return: 0 on success 651 * -EPERM on tpm error status 652 * < 0 error from tpm_transmit_cmd 653 */ 654 static int tpm2_unseal_cmd(struct tpm_chip *chip, 655 struct trusted_key_payload *payload, 656 struct trusted_key_options *options, 657 u32 blob_handle, unsigned int flags) 658 { 659 struct tpm_buf buf; 660 u16 data_len; 661 u8 *data; 662 int rc; 663 u32 rlength; 664 665 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_UNSEAL); 666 if (rc) 667 return rc; 668 669 tpm_buf_append_u32(&buf, blob_handle); 670 tpm2_buf_append_auth(&buf, 671 options->policyhandle ? 672 options->policyhandle : TPM2_RS_PW, 673 NULL /* nonce */, 0, 674 TPM2_SA_CONTINUE_SESSION, 675 options->blobauth /* hmac */, 676 TPM_DIGEST_SIZE); 677 678 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 6, flags, 679 "unsealing"); 680 if (rc > 0) 681 rc = -EPERM; 682 683 if (!rc) { 684 data_len = be16_to_cpup( 685 (__be16 *) &buf.data[TPM_HEADER_SIZE + 4]); 686 687 rlength = be32_to_cpu(((struct tpm2_cmd *)&buf) 688 ->header.out.length); 689 if (rlength < TPM_HEADER_SIZE + 6 + data_len) { 690 rc = -EFAULT; 691 goto out; 692 } 693 data = &buf.data[TPM_HEADER_SIZE + 6]; 694 695 memcpy(payload->key, data, data_len - 1); 696 payload->key_len = data_len - 1; 697 payload->migratable = data[data_len - 1]; 698 } 699 700 out: 701 tpm_buf_destroy(&buf); 702 return rc; 703 } 704 705 /** 706 * tpm2_unseal_trusted() - unseal the payload of a trusted key 707 * 708 * @chip: TPM chip to use 709 * @payload: the key data in clear and encrypted form 710 * @options: authentication values and other options 711 * 712 * Return: Same as with tpm_transmit_cmd. 713 */ 714 int tpm2_unseal_trusted(struct tpm_chip *chip, 715 struct trusted_key_payload *payload, 716 struct trusted_key_options *options) 717 { 718 u32 blob_handle; 719 int rc; 720 721 mutex_lock(&chip->tpm_mutex); 722 rc = tpm2_load_cmd(chip, payload, options, &blob_handle, 723 TPM_TRANSMIT_UNLOCKED); 724 if (rc) 725 goto out; 726 727 rc = tpm2_unseal_cmd(chip, payload, options, blob_handle, 728 TPM_TRANSMIT_UNLOCKED); 729 tpm2_flush_context_cmd(chip, blob_handle, TPM_TRANSMIT_UNLOCKED); 730 out: 731 mutex_unlock(&chip->tpm_mutex); 732 return rc; 733 } 734 735 /** 736 * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property 737 * @chip: TPM chip to use. 738 * @property_id: property ID. 739 * @value: output variable. 740 * @desc: passed to tpm_transmit_cmd() 741 * 742 * Return: Same as with tpm_transmit_cmd. 743 */ 744 ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, u32 *value, 745 const char *desc) 746 { 747 struct tpm2_cmd cmd; 748 int rc; 749 750 cmd.header.in = tpm2_get_tpm_pt_header; 751 cmd.params.get_tpm_pt_in.cap_id = cpu_to_be32(TPM2_CAP_TPM_PROPERTIES); 752 cmd.params.get_tpm_pt_in.property_id = cpu_to_be32(property_id); 753 cmd.params.get_tpm_pt_in.property_cnt = cpu_to_be32(1); 754 755 rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd), 756 TPM2_GET_TPM_PT_OUT_BODY_SIZE, 0, desc); 757 if (!rc) 758 *value = be32_to_cpu(cmd.params.get_tpm_pt_out.value); 759 760 return rc; 761 } 762 EXPORT_SYMBOL_GPL(tpm2_get_tpm_pt); 763 764 #define TPM2_SHUTDOWN_IN_SIZE \ 765 (sizeof(struct tpm_input_header) + \ 766 sizeof(struct tpm2_startup_in)) 767 768 static const struct tpm_input_header tpm2_shutdown_header = { 769 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 770 .length = cpu_to_be32(TPM2_SHUTDOWN_IN_SIZE), 771 .ordinal = cpu_to_be32(TPM2_CC_SHUTDOWN) 772 }; 773 774 /** 775 * tpm2_shutdown() - send shutdown command to the TPM chip 776 * 777 * @chip: TPM chip to use. 778 * @shutdown_type: shutdown type. The value is either 779 * TPM_SU_CLEAR or TPM_SU_STATE. 780 */ 781 void tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type) 782 { 783 struct tpm2_cmd cmd; 784 int rc; 785 786 cmd.header.in = tpm2_shutdown_header; 787 cmd.params.startup_in.startup_type = cpu_to_be16(shutdown_type); 788 789 rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd), 0, 0, 790 "stopping the TPM"); 791 792 /* In places where shutdown command is sent there's no much we can do 793 * except print the error code on a system failure. 794 */ 795 if (rc < 0 && rc != -EPIPE) 796 dev_warn(&chip->dev, "transmit returned %d while stopping the TPM", 797 rc); 798 } 799 800 /* 801 * tpm2_calc_ordinal_duration() - maximum duration for a command 802 * 803 * @chip: TPM chip to use. 804 * @ordinal: command code number. 805 * 806 * Return: maximum duration for a command 807 */ 808 unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal) 809 { 810 int index = TPM_UNDEFINED; 811 int duration = 0; 812 813 if (ordinal >= TPM2_CC_FIRST && ordinal <= TPM2_CC_LAST) 814 index = tpm2_ordinal_duration[ordinal - TPM2_CC_FIRST]; 815 816 if (index != TPM_UNDEFINED) 817 duration = chip->duration[index]; 818 819 if (duration <= 0) 820 duration = 2 * 60 * HZ; 821 822 return duration; 823 } 824 EXPORT_SYMBOL_GPL(tpm2_calc_ordinal_duration); 825 826 #define TPM2_SELF_TEST_IN_SIZE \ 827 (sizeof(struct tpm_input_header) + \ 828 sizeof(struct tpm2_self_test_in)) 829 830 static const struct tpm_input_header tpm2_selftest_header = { 831 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 832 .length = cpu_to_be32(TPM2_SELF_TEST_IN_SIZE), 833 .ordinal = cpu_to_be32(TPM2_CC_SELF_TEST) 834 }; 835 836 /** 837 * tpm2_continue_selftest() - start a self test 838 * 839 * @chip: TPM chip to use 840 * @full: test all commands instead of testing only those that were not 841 * previously tested. 842 * 843 * Return: Same as with tpm_transmit_cmd with exception of RC_TESTING. 844 */ 845 static int tpm2_start_selftest(struct tpm_chip *chip, bool full) 846 { 847 int rc; 848 struct tpm2_cmd cmd; 849 850 cmd.header.in = tpm2_selftest_header; 851 cmd.params.selftest_in.full_test = full; 852 853 rc = tpm_transmit_cmd(chip, NULL, &cmd, TPM2_SELF_TEST_IN_SIZE, 0, 0, 854 "continue selftest"); 855 856 /* At least some prototype chips seem to give RC_TESTING error 857 * immediately. This is a workaround for that. 858 */ 859 if (rc == TPM2_RC_TESTING) { 860 dev_warn(&chip->dev, "Got RC_TESTING, ignoring\n"); 861 rc = 0; 862 } 863 864 return rc; 865 } 866 867 /** 868 * tpm2_do_selftest() - run a full self test 869 * 870 * @chip: TPM chip to use 871 * 872 * Return: Same as with tpm_transmit_cmd. 873 * 874 * During the self test TPM2 commands return with the error code RC_TESTING. 875 * Waiting is done by issuing PCR read until it executes successfully. 876 */ 877 static int tpm2_do_selftest(struct tpm_chip *chip) 878 { 879 int rc; 880 unsigned int loops; 881 unsigned int delay_msec = 100; 882 unsigned long duration; 883 int i; 884 885 duration = tpm2_calc_ordinal_duration(chip, TPM2_CC_SELF_TEST); 886 887 loops = jiffies_to_msecs(duration) / delay_msec; 888 889 rc = tpm2_start_selftest(chip, true); 890 if (rc) 891 return rc; 892 893 for (i = 0; i < loops; i++) { 894 /* Attempt to read a PCR value */ 895 rc = tpm2_pcr_read(chip, 0, NULL); 896 if (rc < 0) 897 break; 898 899 if (rc != TPM2_RC_TESTING) 900 break; 901 902 msleep(delay_msec); 903 } 904 905 return rc; 906 } 907 908 /** 909 * tpm2_probe() - probe TPM 2.0 910 * @chip: TPM chip to use 911 * 912 * Return: < 0 error and 0 on success. 913 * 914 * Send idempotent TPM 2.0 command and see whether TPM 2.0 chip replied based on 915 * the reply tag. 916 */ 917 int tpm2_probe(struct tpm_chip *chip) 918 { 919 struct tpm2_cmd cmd; 920 int rc; 921 922 cmd.header.in = tpm2_get_tpm_pt_header; 923 cmd.params.get_tpm_pt_in.cap_id = cpu_to_be32(TPM2_CAP_TPM_PROPERTIES); 924 cmd.params.get_tpm_pt_in.property_id = cpu_to_be32(0x100); 925 cmd.params.get_tpm_pt_in.property_cnt = cpu_to_be32(1); 926 927 rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd), 0, 0, NULL); 928 if (rc < 0) 929 return rc; 930 931 if (be16_to_cpu(cmd.header.out.tag) == TPM2_ST_NO_SESSIONS) 932 chip->flags |= TPM_CHIP_FLAG_TPM2; 933 934 return 0; 935 } 936 EXPORT_SYMBOL_GPL(tpm2_probe); 937 938 struct tpm2_pcr_selection { 939 __be16 hash_alg; 940 u8 size_of_select; 941 u8 pcr_select[3]; 942 } __packed; 943 944 static ssize_t tpm2_get_pcr_allocation(struct tpm_chip *chip) 945 { 946 struct tpm2_pcr_selection pcr_selection; 947 struct tpm_buf buf; 948 void *marker; 949 void *end; 950 void *pcr_select_offset; 951 unsigned int count; 952 u32 sizeof_pcr_selection; 953 u32 rsp_len; 954 int rc; 955 int i = 0; 956 957 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 958 if (rc) 959 return rc; 960 961 tpm_buf_append_u32(&buf, TPM2_CAP_PCRS); 962 tpm_buf_append_u32(&buf, 0); 963 tpm_buf_append_u32(&buf, 1); 964 965 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 9, 0, 966 "get tpm pcr allocation"); 967 if (rc) 968 goto out; 969 970 count = be32_to_cpup( 971 (__be32 *)&buf.data[TPM_HEADER_SIZE + 5]); 972 973 if (count > ARRAY_SIZE(chip->active_banks)) { 974 rc = -ENODEV; 975 goto out; 976 } 977 978 marker = &buf.data[TPM_HEADER_SIZE + 9]; 979 980 rsp_len = be32_to_cpup((__be32 *)&buf.data[2]); 981 end = &buf.data[rsp_len]; 982 983 for (i = 0; i < count; i++) { 984 pcr_select_offset = marker + 985 offsetof(struct tpm2_pcr_selection, size_of_select); 986 if (pcr_select_offset >= end) { 987 rc = -EFAULT; 988 break; 989 } 990 991 memcpy(&pcr_selection, marker, sizeof(pcr_selection)); 992 chip->active_banks[i] = be16_to_cpu(pcr_selection.hash_alg); 993 sizeof_pcr_selection = sizeof(pcr_selection.hash_alg) + 994 sizeof(pcr_selection.size_of_select) + 995 pcr_selection.size_of_select; 996 marker = marker + sizeof_pcr_selection; 997 } 998 999 out: 1000 if (i < ARRAY_SIZE(chip->active_banks)) 1001 chip->active_banks[i] = TPM2_ALG_ERROR; 1002 1003 tpm_buf_destroy(&buf); 1004 1005 return rc; 1006 } 1007 1008 static int tpm2_get_cc_attrs_tbl(struct tpm_chip *chip) 1009 { 1010 struct tpm_buf buf; 1011 u32 nr_commands; 1012 u32 *attrs; 1013 u32 cc; 1014 int i; 1015 int rc; 1016 1017 rc = tpm2_get_tpm_pt(chip, TPM_PT_TOTAL_COMMANDS, &nr_commands, NULL); 1018 if (rc) 1019 goto out; 1020 1021 if (nr_commands > 0xFFFFF) { 1022 rc = -EFAULT; 1023 goto out; 1024 } 1025 1026 chip->cc_attrs_tbl = devm_kzalloc(&chip->dev, 4 * nr_commands, 1027 GFP_KERNEL); 1028 1029 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY); 1030 if (rc) 1031 goto out; 1032 1033 tpm_buf_append_u32(&buf, TPM2_CAP_COMMANDS); 1034 tpm_buf_append_u32(&buf, TPM2_CC_FIRST); 1035 tpm_buf_append_u32(&buf, nr_commands); 1036 1037 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 1038 9 + 4 * nr_commands, 0, NULL); 1039 if (rc) { 1040 tpm_buf_destroy(&buf); 1041 goto out; 1042 } 1043 1044 if (nr_commands != 1045 be32_to_cpup((__be32 *)&buf.data[TPM_HEADER_SIZE + 5])) { 1046 tpm_buf_destroy(&buf); 1047 goto out; 1048 } 1049 1050 chip->nr_commands = nr_commands; 1051 1052 attrs = (u32 *)&buf.data[TPM_HEADER_SIZE + 9]; 1053 for (i = 0; i < nr_commands; i++, attrs++) { 1054 chip->cc_attrs_tbl[i] = be32_to_cpup(attrs); 1055 cc = chip->cc_attrs_tbl[i] & 0xFFFF; 1056 1057 if (cc == TPM2_CC_CONTEXT_SAVE || cc == TPM2_CC_FLUSH_CONTEXT) { 1058 chip->cc_attrs_tbl[i] &= 1059 ~(GENMASK(2, 0) << TPM2_CC_ATTR_CHANDLES); 1060 chip->cc_attrs_tbl[i] |= 1 << TPM2_CC_ATTR_CHANDLES; 1061 } 1062 } 1063 1064 tpm_buf_destroy(&buf); 1065 1066 out: 1067 if (rc > 0) 1068 rc = -ENODEV; 1069 return rc; 1070 } 1071 1072 /** 1073 * tpm2_auto_startup - Perform the standard automatic TPM initialization 1074 * sequence 1075 * @chip: TPM chip to use 1076 * 1077 * Returns 0 on success, < 0 in case of fatal error. 1078 */ 1079 int tpm2_auto_startup(struct tpm_chip *chip) 1080 { 1081 int rc; 1082 1083 rc = tpm_get_timeouts(chip); 1084 if (rc) 1085 goto out; 1086 1087 rc = tpm2_do_selftest(chip); 1088 if (rc != 0 && rc != TPM2_RC_INITIALIZE) { 1089 dev_err(&chip->dev, "TPM self test failed\n"); 1090 goto out; 1091 } 1092 1093 if (rc == TPM2_RC_INITIALIZE) { 1094 rc = tpm_startup(chip); 1095 if (rc) 1096 goto out; 1097 1098 rc = tpm2_do_selftest(chip); 1099 if (rc) { 1100 dev_err(&chip->dev, "TPM self test failed\n"); 1101 goto out; 1102 } 1103 } 1104 1105 rc = tpm2_get_pcr_allocation(chip); 1106 if (rc) 1107 goto out; 1108 1109 rc = tpm2_get_cc_attrs_tbl(chip); 1110 1111 out: 1112 if (rc > 0) 1113 rc = -ENODEV; 1114 return rc; 1115 } 1116 1117 int tpm2_find_cc(struct tpm_chip *chip, u32 cc) 1118 { 1119 int i; 1120 1121 for (i = 0; i < chip->nr_commands; i++) 1122 if (cc == (chip->cc_attrs_tbl[i] & GENMASK(15, 0))) 1123 return i; 1124 1125 return -1; 1126 } 1127