1 // SPDX-License-Identifier: GPL-2.0 2 3 /* 4 * Copyright (C) 2018 James.Bottomley@HansenPartnership.com 5 * 6 * Cryptographic helper routines for handling TPM2 sessions for 7 * authorization HMAC and request response encryption. 8 * 9 * The idea is to ensure that every TPM command is HMAC protected by a 10 * session, meaning in-flight tampering would be detected and in 11 * addition all sensitive inputs and responses should be encrypted. 12 * 13 * The basic way this works is to use a TPM feature called salted 14 * sessions where a random secret used in session construction is 15 * encrypted to the public part of a known TPM key. The problem is we 16 * have no known keys, so initially a primary Elliptic Curve key is 17 * derived from the NULL seed (we use EC because most TPMs generate 18 * these keys much faster than RSA ones). The curve used is NIST_P256 19 * because that's now mandated to be present in 'TCG TPM v2.0 20 * Provisioning Guidance' 21 * 22 * Threat problems: the initial TPM2_CreatePrimary is not (and cannot 23 * be) session protected, so a clever Man in the Middle could return a 24 * public key they control to this command and from there intercept 25 * and decode all subsequent session based transactions. The kernel 26 * cannot mitigate this threat but, after boot, userspace can get 27 * proof this has not happened by asking the TPM to certify the NULL 28 * key. This certification would chain back to the TPM Endorsement 29 * Certificate and prove the NULL seed primary had not been tampered 30 * with and thus all sessions must have been cryptographically secure. 31 * To assist with this, the initial NULL seed public key name is made 32 * available in a sysfs file. 33 * 34 * Use of these functions: 35 * 36 * The design is all the crypto, hash and hmac gunk is confined in this 37 * file and never needs to be seen even by the kernel internal user. To 38 * the user there's an init function tpm2_sessions_init() that needs to 39 * be called once per TPM which generates the NULL seed primary key. 40 * 41 * These are the usage functions: 42 * 43 * tpm2_end_auth_session() kills the session and frees the resources. 44 * Under normal operation this function is done by 45 * tpm_buf_check_hmac_response(), so this is only to be used on 46 * error legs where the latter is not executed. 47 * tpm_buf_append_name() to add a handle to the buffer. This must be 48 * used in place of the usual tpm_buf_append_u32() for adding 49 * handles because handles have to be processed specially when 50 * calculating the HMAC. In particular, for NV, volatile and 51 * permanent objects you now need to provide the name. 52 * tpm_buf_append_hmac_session() which appends the hmac session to the 53 * buf in the same way tpm_buf_append_auth does(). 54 * tpm_buf_fill_hmac_session() This calculates the correct hash and 55 * places it in the buffer. It must be called after the complete 56 * command buffer is finalized so it can fill in the correct HMAC 57 * based on the parameters. 58 * tpm_buf_check_hmac_response() which checks the session response in 59 * the buffer and calculates what it should be. If there's a 60 * mismatch it will log a warning and return an error. If 61 * tpm_buf_append_hmac_session() did not specify 62 * TPM_SA_CONTINUE_SESSION then the session will be closed (if it 63 * hasn't been consumed) and the auth structure freed. 64 */ 65 66 #include "tpm.h" 67 #include <linux/random.h> 68 #include <linux/scatterlist.h> 69 #include <linux/unaligned.h> 70 #include <crypto/kpp.h> 71 #include <crypto/ecdh.h> 72 #include <crypto/sha2.h> 73 #include <crypto/utils.h> 74 75 /* maximum number of names the TPM must remember for authorization */ 76 #define AUTH_MAX_NAMES 3 77 78 #define AES_KEY_BYTES AES_KEYSIZE_128 79 #define AES_KEY_BITS (AES_KEY_BYTES*8) 80 81 /* 82 * This is the structure that carries all the auth information (like 83 * session handle, nonces, session key and auth) from use to use it is 84 * designed to be opaque to anything outside. 85 */ 86 struct tpm2_auth { 87 u32 handle; 88 /* 89 * This has two meanings: before tpm_buf_fill_hmac_session() 90 * it marks the offset in the buffer of the start of the 91 * sessions (i.e. after all the handles). Once the buffer has 92 * been filled it markes the session number of our auth 93 * session so we can find it again in the response buffer. 94 * 95 * The two cases are distinguished because the first offset 96 * must always be greater than TPM_HEADER_SIZE and the second 97 * must be less than or equal to 5. 98 */ 99 u32 session; 100 /* 101 * the size here is variable and set by the size of our_nonce 102 * which must be between 16 and the name hash length. we set 103 * the maximum sha256 size for the greatest protection 104 */ 105 u8 our_nonce[SHA256_DIGEST_SIZE]; 106 u8 tpm_nonce[SHA256_DIGEST_SIZE]; 107 /* 108 * the salt is only used across the session command/response 109 * after that it can be used as a scratch area 110 */ 111 union { 112 u8 salt[EC_PT_SZ]; 113 /* scratch for key + IV */ 114 u8 scratch[AES_KEY_BYTES + AES_BLOCK_SIZE]; 115 }; 116 /* 117 * the session key and passphrase are the same size as the 118 * name digest (sha256 again). The session key is constant 119 * for the use of the session and the passphrase can change 120 * with every invocation. 121 * 122 * Note: these fields must be adjacent and in this order 123 * because several HMAC/KDF schemes use the combination of the 124 * session_key and passphrase. 125 */ 126 u8 session_key[SHA256_DIGEST_SIZE]; 127 u8 passphrase[SHA256_DIGEST_SIZE]; 128 int passphrase_len; 129 struct aes_enckey aes_key; 130 /* saved session attributes: */ 131 u8 attrs; 132 __be32 ordinal; 133 134 /* 135 * memory for three authorization handles. We know them by 136 * handle, but they are part of the session by name, which 137 * we must compute and remember 138 */ 139 u32 name_h[AUTH_MAX_NAMES]; 140 u8 name[AUTH_MAX_NAMES][2 + SHA512_DIGEST_SIZE]; 141 }; 142 143 #ifdef CONFIG_TCG_TPM2_HMAC 144 /* 145 * Name Size based on TPM algorithm (assumes no hash bigger than 255) 146 */ 147 static int name_size(const u8 *name) 148 { 149 u16 hash_alg = get_unaligned_be16(name); 150 151 switch (hash_alg) { 152 case TPM_ALG_SHA1: 153 return SHA1_DIGEST_SIZE + 2; 154 case TPM_ALG_SHA256: 155 return SHA256_DIGEST_SIZE + 2; 156 case TPM_ALG_SHA384: 157 return SHA384_DIGEST_SIZE + 2; 158 case TPM_ALG_SHA512: 159 return SHA512_DIGEST_SIZE + 2; 160 default: 161 pr_warn("tpm: unsupported name algorithm: 0x%04x\n", hash_alg); 162 return -EINVAL; 163 } 164 } 165 166 static int tpm2_read_public(struct tpm_chip *chip, u32 handle, void *name) 167 { 168 u32 mso = tpm2_handle_mso(handle); 169 off_t offset = TPM_HEADER_SIZE; 170 int rc, name_size_alg; 171 struct tpm_buf buf; 172 173 if (mso != TPM2_MSO_PERSISTENT && mso != TPM2_MSO_VOLATILE && 174 mso != TPM2_MSO_NVRAM) { 175 memcpy(name, &handle, sizeof(u32)); 176 return sizeof(u32); 177 } 178 179 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_READ_PUBLIC); 180 if (rc) 181 return rc; 182 183 tpm_buf_append_u32(&buf, handle); 184 185 rc = tpm_transmit_cmd(chip, &buf, 0, "TPM2_ReadPublic"); 186 if (rc) { 187 tpm_buf_destroy(&buf); 188 return tpm_ret_to_err(rc); 189 } 190 191 /* Skip TPMT_PUBLIC: */ 192 offset += tpm_buf_read_u16(&buf, &offset); 193 194 /* 195 * Ensure space for the length field of TPM2B_NAME and hashAlg field of 196 * TPMT_HA (the extra four bytes). 197 */ 198 if (offset + 4 > tpm_buf_length(&buf)) { 199 tpm_buf_destroy(&buf); 200 return -EIO; 201 } 202 203 rc = tpm_buf_read_u16(&buf, &offset); 204 name_size_alg = name_size(&buf.data[offset]); 205 206 if (name_size_alg < 0) { 207 tpm_buf_destroy(&buf); 208 return name_size_alg; 209 } 210 211 if (rc != name_size_alg) { 212 tpm_buf_destroy(&buf); 213 return -EIO; 214 } 215 216 if (offset + rc > tpm_buf_length(&buf)) { 217 tpm_buf_destroy(&buf); 218 return -EIO; 219 } 220 221 memcpy(name, &buf.data[offset], rc); 222 tpm_buf_destroy(&buf); 223 return name_size_alg; 224 } 225 #endif /* CONFIG_TCG_TPM2_HMAC */ 226 227 /** 228 * tpm_buf_append_name() - add a handle area to the buffer 229 * @chip: the TPM chip structure 230 * @buf: The buffer to be appended 231 * @handle: The handle to be appended 232 * @name: The name of the handle (may be NULL) 233 * 234 * In order to compute session HMACs, we need to know the names of the 235 * objects pointed to by the handles. For most objects, this is simply 236 * the actual 4 byte handle or an empty buf (in these cases @name 237 * should be NULL) but for volatile objects, permanent objects and NV 238 * areas, the name is defined as the hash (according to the name 239 * algorithm which should be set to sha256) of the public area to 240 * which the two byte algorithm id has been appended. For these 241 * objects, the @name pointer should point to this. If a name is 242 * required but @name is NULL, then TPM2_ReadPublic() will be called 243 * on the handle to obtain the name. 244 * 245 * As with most tpm_buf operations, success is assumed because failure 246 * will be caused by an incorrect programming model and indicated by a 247 * kernel message. 248 * 249 * Ends the authorization session on failure. 250 */ 251 int tpm_buf_append_name(struct tpm_chip *chip, struct tpm_buf *buf, 252 u32 handle, u8 *name) 253 { 254 #ifdef CONFIG_TCG_TPM2_HMAC 255 enum tpm2_mso_type mso = tpm2_handle_mso(handle); 256 struct tpm2_auth *auth; 257 u16 name_size_alg; 258 int slot; 259 int ret; 260 #endif 261 262 if (!tpm2_chip_auth(chip)) { 263 tpm_buf_append_handle(chip, buf, handle); 264 return 0; 265 } 266 267 #ifdef CONFIG_TCG_TPM2_HMAC 268 slot = (tpm_buf_length(buf) - TPM_HEADER_SIZE) / 4; 269 if (slot >= AUTH_MAX_NAMES) { 270 dev_err(&chip->dev, "too many handles\n"); 271 ret = -EIO; 272 goto err; 273 } 274 auth = chip->auth; 275 if (auth->session != tpm_buf_length(buf)) { 276 dev_err(&chip->dev, "session state malformed"); 277 ret = -EIO; 278 goto err; 279 } 280 tpm_buf_append_u32(buf, handle); 281 auth->session += 4; 282 283 if (mso == TPM2_MSO_PERSISTENT || 284 mso == TPM2_MSO_VOLATILE || 285 mso == TPM2_MSO_NVRAM) { 286 if (!name) { 287 ret = tpm2_read_public(chip, handle, auth->name[slot]); 288 } else { 289 ret = name_size(name); 290 } 291 292 if (ret < 0) 293 goto err; 294 295 name_size_alg = ret; 296 } else { 297 if (name) { 298 dev_err(&chip->dev, "handle 0x%08x does not use a name\n", 299 handle); 300 ret = -EIO; 301 goto err; 302 } 303 } 304 305 auth->name_h[slot] = handle; 306 if (name) 307 memcpy(auth->name[slot], name, name_size_alg); 308 #endif 309 return 0; 310 311 #ifdef CONFIG_TCG_TPM2_HMAC 312 err: 313 tpm2_end_auth_session(chip); 314 return tpm_ret_to_err(ret); 315 #endif 316 } 317 EXPORT_SYMBOL_GPL(tpm_buf_append_name); 318 319 void tpm_buf_append_auth(struct tpm_chip *chip, struct tpm_buf *buf, 320 u8 *passphrase, int passphrase_len) 321 { 322 /* offset tells us where the sessions area begins */ 323 int offset = buf->handles * 4 + TPM_HEADER_SIZE; 324 u32 len = 9 + passphrase_len; 325 326 if (tpm_buf_length(buf) != offset) { 327 /* not the first session so update the existing length */ 328 len += get_unaligned_be32(&buf->data[offset]); 329 put_unaligned_be32(len, &buf->data[offset]); 330 } else { 331 tpm_buf_append_u32(buf, len); 332 } 333 /* auth handle */ 334 tpm_buf_append_u32(buf, TPM2_RS_PW); 335 /* nonce */ 336 tpm_buf_append_u16(buf, 0); 337 /* attributes */ 338 tpm_buf_append_u8(buf, 0); 339 /* passphrase */ 340 tpm_buf_append_u16(buf, passphrase_len); 341 tpm_buf_append(buf, passphrase, passphrase_len); 342 } 343 344 /** 345 * tpm_buf_append_hmac_session() - Append a TPM session element 346 * @chip: the TPM chip structure 347 * @buf: The buffer to be appended 348 * @attributes: The session attributes 349 * @passphrase: The session authority (NULL if none) 350 * @passphrase_len: The length of the session authority (0 if none) 351 * 352 * This fills in a session structure in the TPM command buffer, except 353 * for the HMAC which cannot be computed until the command buffer is 354 * complete. The type of session is controlled by the @attributes, 355 * the main ones of which are TPM2_SA_CONTINUE_SESSION which means the 356 * session won't terminate after tpm_buf_check_hmac_response(), 357 * TPM2_SA_DECRYPT which means this buffers first parameter should be 358 * encrypted with a session key and TPM2_SA_ENCRYPT, which means the 359 * response buffer's first parameter needs to be decrypted (confusing, 360 * but the defines are written from the point of view of the TPM). 361 * 362 * Any session appended by this command must be finalized by calling 363 * tpm_buf_fill_hmac_session() otherwise the HMAC will be incorrect 364 * and the TPM will reject the command. 365 * 366 * As with most tpm_buf operations, success is assumed because failure 367 * will be caused by an incorrect programming model and indicated by a 368 * kernel message. 369 */ 370 void tpm_buf_append_hmac_session(struct tpm_chip *chip, struct tpm_buf *buf, 371 u8 attributes, u8 *passphrase, 372 int passphrase_len) 373 { 374 #ifdef CONFIG_TCG_TPM2_HMAC 375 u8 nonce[SHA256_DIGEST_SIZE]; 376 struct tpm2_auth *auth; 377 u32 len; 378 #endif 379 380 if (!tpm2_chip_auth(chip)) { 381 tpm_buf_append_auth(chip, buf, passphrase, passphrase_len); 382 return; 383 } 384 385 #ifdef CONFIG_TCG_TPM2_HMAC 386 /* The first write to /dev/tpm{rm0} will flush the session. */ 387 attributes |= TPM2_SA_CONTINUE_SESSION; 388 389 /* 390 * The Architecture Guide requires us to strip trailing zeros 391 * before computing the HMAC 392 */ 393 while (passphrase && passphrase_len > 0 && passphrase[passphrase_len - 1] == '\0') 394 passphrase_len--; 395 396 auth = chip->auth; 397 auth->attrs = attributes; 398 auth->passphrase_len = passphrase_len; 399 if (passphrase_len) 400 memcpy(auth->passphrase, passphrase, passphrase_len); 401 402 if (auth->session != tpm_buf_length(buf)) { 403 /* we're not the first session */ 404 len = get_unaligned_be32(&buf->data[auth->session]); 405 if (4 + len + auth->session != tpm_buf_length(buf)) { 406 WARN(1, "session length mismatch, cannot append"); 407 return; 408 } 409 410 /* add our new session */ 411 len += 9 + 2 * SHA256_DIGEST_SIZE; 412 put_unaligned_be32(len, &buf->data[auth->session]); 413 } else { 414 tpm_buf_append_u32(buf, 9 + 2 * SHA256_DIGEST_SIZE); 415 } 416 417 /* random number for our nonce */ 418 get_random_bytes(nonce, sizeof(nonce)); 419 memcpy(auth->our_nonce, nonce, sizeof(nonce)); 420 tpm_buf_append_u32(buf, auth->handle); 421 /* our new nonce */ 422 tpm_buf_append_u16(buf, SHA256_DIGEST_SIZE); 423 tpm_buf_append(buf, nonce, SHA256_DIGEST_SIZE); 424 tpm_buf_append_u8(buf, auth->attrs); 425 /* and put a placeholder for the hmac */ 426 tpm_buf_append_u16(buf, SHA256_DIGEST_SIZE); 427 tpm_buf_append(buf, nonce, SHA256_DIGEST_SIZE); 428 #endif 429 } 430 EXPORT_SYMBOL_GPL(tpm_buf_append_hmac_session); 431 432 #ifdef CONFIG_TCG_TPM2_HMAC 433 434 static int tpm2_create_primary(struct tpm_chip *chip, u32 hierarchy, 435 u32 *handle, u8 *name); 436 437 /* 438 * assume hash sha256 and nonces u, v of size SHA256_DIGEST_SIZE but 439 * otherwise standard tpm2_KDFa. Note output is in bytes not bits. 440 */ 441 static void tpm2_KDFa(u8 *key, u32 key_len, const char *label, u8 *u, 442 u8 *v, u32 bytes, u8 *out) 443 { 444 u32 counter = 1; 445 const __be32 bits = cpu_to_be32(bytes * 8); 446 447 while (bytes > 0) { 448 struct hmac_sha256_ctx hctx; 449 __be32 c = cpu_to_be32(counter); 450 451 hmac_sha256_init_usingrawkey(&hctx, key, key_len); 452 hmac_sha256_update(&hctx, (u8 *)&c, sizeof(c)); 453 hmac_sha256_update(&hctx, label, strlen(label) + 1); 454 hmac_sha256_update(&hctx, u, SHA256_DIGEST_SIZE); 455 hmac_sha256_update(&hctx, v, SHA256_DIGEST_SIZE); 456 hmac_sha256_update(&hctx, (u8 *)&bits, sizeof(bits)); 457 hmac_sha256_final(&hctx, out); 458 459 bytes -= SHA256_DIGEST_SIZE; 460 counter++; 461 out += SHA256_DIGEST_SIZE; 462 } 463 } 464 465 /* 466 * Somewhat of a bastardization of the real KDFe. We're assuming 467 * we're working with known point sizes for the input parameters and 468 * the hash algorithm is fixed at sha256. Because we know that the 469 * point size is 32 bytes like the hash size, there's no need to loop 470 * in this KDF. 471 */ 472 static void tpm2_KDFe(u8 z[EC_PT_SZ], const char *str, u8 *pt_u, u8 *pt_v, 473 u8 *out) 474 { 475 struct sha256_ctx sctx; 476 /* 477 * this should be an iterative counter, but because we know 478 * we're only taking 32 bytes for the point using a sha256 479 * hash which is also 32 bytes, there's only one loop 480 */ 481 __be32 c = cpu_to_be32(1); 482 483 sha256_init(&sctx); 484 /* counter (BE) */ 485 sha256_update(&sctx, (u8 *)&c, sizeof(c)); 486 /* secret value */ 487 sha256_update(&sctx, z, EC_PT_SZ); 488 /* string including trailing zero */ 489 sha256_update(&sctx, str, strlen(str)+1); 490 sha256_update(&sctx, pt_u, EC_PT_SZ); 491 sha256_update(&sctx, pt_v, EC_PT_SZ); 492 sha256_final(&sctx, out); 493 } 494 495 static int tpm_buf_append_salt(struct tpm_buf *buf, struct tpm_chip *chip, 496 struct tpm2_auth *auth) 497 { 498 struct crypto_kpp *kpp; 499 struct kpp_request *req; 500 DECLARE_CRYPTO_WAIT(wait); 501 struct scatterlist s[2], d[1]; 502 struct ecdh p = {0}; 503 u8 encoded_key[EC_PT_SZ], *x, *y; 504 unsigned int buf_len; 505 int rc; 506 507 /* secret is two sized points */ 508 tpm_buf_append_u16(buf, (EC_PT_SZ + 2)*2); 509 /* 510 * we cheat here and append uninitialized data to form 511 * the points. All we care about is getting the two 512 * co-ordinate pointers, which will be used to overwrite 513 * the uninitialized data 514 */ 515 tpm_buf_append_u16(buf, EC_PT_SZ); 516 x = &buf->data[tpm_buf_length(buf)]; 517 tpm_buf_append(buf, encoded_key, EC_PT_SZ); 518 tpm_buf_append_u16(buf, EC_PT_SZ); 519 y = &buf->data[tpm_buf_length(buf)]; 520 tpm_buf_append(buf, encoded_key, EC_PT_SZ); 521 sg_init_table(s, 2); 522 sg_set_buf(&s[0], x, EC_PT_SZ); 523 sg_set_buf(&s[1], y, EC_PT_SZ); 524 525 kpp = crypto_alloc_kpp("ecdh-nist-p256", CRYPTO_ALG_INTERNAL, 0); 526 if (IS_ERR(kpp)) { 527 dev_err(&chip->dev, "crypto ecdh allocation failed\n"); 528 return PTR_ERR(kpp); 529 } 530 531 buf_len = crypto_ecdh_key_len(&p); 532 if (sizeof(encoded_key) < buf_len) { 533 dev_err(&chip->dev, "salt buffer too small needs %d\n", 534 buf_len); 535 rc = -EINVAL; 536 goto err_free_kpp; 537 } 538 crypto_ecdh_encode_key(encoded_key, buf_len, &p); 539 /* this generates a random private key */ 540 crypto_kpp_set_secret(kpp, encoded_key, buf_len); 541 542 /* salt is now the public point of this private key */ 543 req = kpp_request_alloc(kpp, GFP_KERNEL); 544 if (!req) { 545 rc = -ENOMEM; 546 goto err_free_kpp; 547 } 548 kpp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 549 crypto_req_done, &wait); 550 kpp_request_set_input(req, NULL, 0); 551 kpp_request_set_output(req, s, EC_PT_SZ*2); 552 rc = crypto_wait_req(crypto_kpp_generate_public_key(req), &wait); 553 if (rc) 554 goto err_free_req; 555 /* 556 * we're not done: now we have to compute the shared secret 557 * which is our private key multiplied by the tpm_key public 558 * point, we actually only take the x point and discard the y 559 * point and feed it through KDFe to get the final secret salt 560 */ 561 sg_set_buf(&s[0], chip->null_ec_key_x, EC_PT_SZ); 562 sg_set_buf(&s[1], chip->null_ec_key_y, EC_PT_SZ); 563 kpp_request_set_input(req, s, EC_PT_SZ*2); 564 sg_init_one(d, auth->salt, EC_PT_SZ); 565 kpp_request_set_output(req, d, EC_PT_SZ); 566 rc = crypto_wait_req(crypto_kpp_compute_shared_secret(req), &wait); 567 if (rc) 568 goto err_free_req; 569 570 /* 571 * pass the shared secret through KDFe for salt. Note salt 572 * area is used both for input shared secret and output salt. 573 * This works because KDFe fully consumes the secret before it 574 * writes the salt 575 */ 576 tpm2_KDFe(auth->salt, "SECRET", x, chip->null_ec_key_x, auth->salt); 577 578 kpp_request_free(req); 579 crypto_free_kpp(kpp); 580 return 0; 581 582 err_free_req: 583 kpp_request_free(req); 584 585 err_free_kpp: 586 crypto_free_kpp(kpp); 587 return rc; 588 } 589 590 /** 591 * tpm_buf_fill_hmac_session() - finalize the session HMAC 592 * @chip: the TPM chip structure 593 * @buf: The buffer to be appended 594 * 595 * This command must not be called until all of the parameters have 596 * been appended to @buf otherwise the computed HMAC will be 597 * incorrect. 598 * 599 * This function computes and fills in the session HMAC using the 600 * session key and, if TPM2_SA_DECRYPT was specified, computes the 601 * encryption key and encrypts the first parameter of the command 602 * buffer with it. 603 * 604 * Ends the authorization session on failure. 605 */ 606 int tpm_buf_fill_hmac_session(struct tpm_chip *chip, struct tpm_buf *buf) 607 { 608 u32 cc, handles, val; 609 struct tpm2_auth *auth = chip->auth; 610 int i; 611 struct tpm_header *head = (struct tpm_header *)buf->data; 612 off_t offset_s = TPM_HEADER_SIZE, offset_p; 613 u8 *hmac = NULL; 614 u32 attrs; 615 u8 cphash[SHA256_DIGEST_SIZE]; 616 struct sha256_ctx sctx; 617 struct hmac_sha256_ctx hctx; 618 int ret; 619 620 if (!auth) { 621 ret = -EIO; 622 goto err; 623 } 624 625 /* save the command code in BE format */ 626 auth->ordinal = head->ordinal; 627 628 cc = be32_to_cpu(head->ordinal); 629 630 i = tpm2_find_cc(chip, cc); 631 if (i < 0) { 632 dev_err(&chip->dev, "command 0x%08x not found\n", cc); 633 ret = -EIO; 634 goto err; 635 } 636 637 attrs = chip->cc_attrs_tbl[i]; 638 639 handles = (attrs >> TPM2_CC_ATTR_CHANDLES) & GENMASK(2, 0); 640 641 /* 642 * just check the names, it's easy to make mistakes. This 643 * would happen if someone added a handle via 644 * tpm_buf_append_u32() instead of tpm_buf_append_name() 645 */ 646 for (i = 0; i < handles; i++) { 647 u32 handle = tpm_buf_read_u32(buf, &offset_s); 648 649 if (auth->name_h[i] != handle) { 650 dev_err(&chip->dev, "invalid handle 0x%08x\n", handle); 651 ret = -EIO; 652 goto err; 653 } 654 } 655 /* point offset_s to the start of the sessions */ 656 val = tpm_buf_read_u32(buf, &offset_s); 657 /* point offset_p to the start of the parameters */ 658 offset_p = offset_s + val; 659 for (i = 1; offset_s < offset_p; i++) { 660 u32 handle = tpm_buf_read_u32(buf, &offset_s); 661 u16 len; 662 u8 a; 663 664 /* nonce (already in auth) */ 665 len = tpm_buf_read_u16(buf, &offset_s); 666 offset_s += len; 667 668 a = tpm_buf_read_u8(buf, &offset_s); 669 670 len = tpm_buf_read_u16(buf, &offset_s); 671 if (handle == auth->handle && auth->attrs == a) { 672 hmac = &buf->data[offset_s]; 673 /* 674 * save our session number so we know which 675 * session in the response belongs to us 676 */ 677 auth->session = i; 678 } 679 680 offset_s += len; 681 } 682 if (offset_s != offset_p) { 683 dev_err(&chip->dev, "session length is incorrect\n"); 684 ret = -EIO; 685 goto err; 686 } 687 if (!hmac) { 688 dev_err(&chip->dev, "could not find HMAC session\n"); 689 ret = -EIO; 690 goto err; 691 } 692 693 /* encrypt before HMAC */ 694 if (auth->attrs & TPM2_SA_DECRYPT) { 695 u16 len; 696 697 /* need key and IV */ 698 tpm2_KDFa(auth->session_key, SHA256_DIGEST_SIZE 699 + auth->passphrase_len, "CFB", auth->our_nonce, 700 auth->tpm_nonce, AES_KEY_BYTES + AES_BLOCK_SIZE, 701 auth->scratch); 702 703 len = tpm_buf_read_u16(buf, &offset_p); 704 aes_prepareenckey(&auth->aes_key, auth->scratch, AES_KEY_BYTES); 705 aescfb_encrypt(&auth->aes_key, &buf->data[offset_p], 706 &buf->data[offset_p], len, 707 auth->scratch + AES_KEY_BYTES); 708 /* reset p to beginning of parameters for HMAC */ 709 offset_p -= 2; 710 } 711 712 sha256_init(&sctx); 713 /* ordinal is already BE */ 714 sha256_update(&sctx, (u8 *)&head->ordinal, sizeof(head->ordinal)); 715 /* add the handle names */ 716 for (i = 0; i < handles; i++) { 717 enum tpm2_mso_type mso = tpm2_handle_mso(auth->name_h[i]); 718 719 if (mso == TPM2_MSO_PERSISTENT || 720 mso == TPM2_MSO_VOLATILE || 721 mso == TPM2_MSO_NVRAM) { 722 ret = name_size(auth->name[i]); 723 if (ret < 0) 724 goto err; 725 726 sha256_update(&sctx, auth->name[i], ret); 727 } else { 728 __be32 h = cpu_to_be32(auth->name_h[i]); 729 730 sha256_update(&sctx, (u8 *)&h, 4); 731 } 732 } 733 if (offset_s != tpm_buf_length(buf)) 734 sha256_update(&sctx, &buf->data[offset_s], 735 tpm_buf_length(buf) - offset_s); 736 sha256_final(&sctx, cphash); 737 738 /* now calculate the hmac */ 739 hmac_sha256_init_usingrawkey(&hctx, auth->session_key, 740 sizeof(auth->session_key) + 741 auth->passphrase_len); 742 hmac_sha256_update(&hctx, cphash, sizeof(cphash)); 743 hmac_sha256_update(&hctx, auth->our_nonce, sizeof(auth->our_nonce)); 744 hmac_sha256_update(&hctx, auth->tpm_nonce, sizeof(auth->tpm_nonce)); 745 hmac_sha256_update(&hctx, &auth->attrs, 1); 746 hmac_sha256_final(&hctx, hmac); 747 return 0; 748 749 err: 750 tpm2_end_auth_session(chip); 751 return ret; 752 } 753 EXPORT_SYMBOL(tpm_buf_fill_hmac_session); 754 755 /** 756 * tpm_buf_check_hmac_response() - check the TPM return HMAC for correctness 757 * @chip: the TPM chip structure 758 * @buf: the original command buffer (which now contains the response) 759 * @rc: the return code from tpm_transmit_cmd 760 * 761 * If @rc is non zero, @buf may not contain an actual return, so @rc 762 * is passed through as the return and the session cleaned up and 763 * de-allocated if required (this is required if 764 * TPM2_SA_CONTINUE_SESSION was not specified as a session flag). 765 * 766 * If @rc is zero, the response HMAC is computed against the returned 767 * @buf and matched to the TPM one in the session area. If there is a 768 * mismatch, an error is logged and -EINVAL returned. 769 * 770 * The reason for this is that the command issue and HMAC check 771 * sequence should look like: 772 * 773 * rc = tpm_transmit_cmd(...); 774 * rc = tpm_buf_check_hmac_response(&buf, auth, rc); 775 * if (rc) 776 * ... 777 * 778 * Which is easily layered into the current contrl flow. 779 * 780 * Returns: 0 on success or an error. 781 */ 782 int tpm_buf_check_hmac_response(struct tpm_chip *chip, struct tpm_buf *buf, 783 int rc) 784 { 785 struct tpm_header *head = (struct tpm_header *)buf->data; 786 struct tpm2_auth *auth = chip->auth; 787 off_t offset_s, offset_p; 788 u8 rphash[SHA256_DIGEST_SIZE]; 789 u32 attrs, cc; 790 struct sha256_ctx sctx; 791 struct hmac_sha256_ctx hctx; 792 u16 tag = be16_to_cpu(head->tag); 793 int parm_len, len, i, handles; 794 795 if (!auth) 796 return rc; 797 798 cc = be32_to_cpu(auth->ordinal); 799 800 if (auth->session >= TPM_HEADER_SIZE) { 801 WARN(1, "tpm session not filled correctly\n"); 802 goto out; 803 } 804 805 if (rc != 0) 806 /* pass non success rc through and close the session */ 807 goto out; 808 809 rc = -EINVAL; 810 if (tag != TPM2_ST_SESSIONS) { 811 dev_err(&chip->dev, "TPM: HMAC response check has no sessions tag\n"); 812 goto out; 813 } 814 815 i = tpm2_find_cc(chip, cc); 816 if (i < 0) 817 goto out; 818 attrs = chip->cc_attrs_tbl[i]; 819 handles = (attrs >> TPM2_CC_ATTR_RHANDLE) & 1; 820 821 /* point to area beyond handles */ 822 offset_s = TPM_HEADER_SIZE + handles * 4; 823 parm_len = tpm_buf_read_u32(buf, &offset_s); 824 offset_p = offset_s; 825 offset_s += parm_len; 826 /* skip over any sessions before ours */ 827 for (i = 0; i < auth->session - 1; i++) { 828 len = tpm_buf_read_u16(buf, &offset_s); 829 offset_s += len + 1; 830 len = tpm_buf_read_u16(buf, &offset_s); 831 offset_s += len; 832 } 833 /* TPM nonce */ 834 len = tpm_buf_read_u16(buf, &offset_s); 835 if (offset_s + len > tpm_buf_length(buf)) 836 goto out; 837 if (len != SHA256_DIGEST_SIZE) 838 goto out; 839 memcpy(auth->tpm_nonce, &buf->data[offset_s], len); 840 offset_s += len; 841 attrs = tpm_buf_read_u8(buf, &offset_s); 842 len = tpm_buf_read_u16(buf, &offset_s); 843 if (offset_s + len != tpm_buf_length(buf)) 844 goto out; 845 if (len != SHA256_DIGEST_SIZE) 846 goto out; 847 /* 848 * offset_s points to the HMAC. now calculate comparison, beginning 849 * with rphash 850 */ 851 sha256_init(&sctx); 852 /* yes, I know this is now zero, but it's what the standard says */ 853 sha256_update(&sctx, (u8 *)&head->return_code, 854 sizeof(head->return_code)); 855 /* ordinal is already BE */ 856 sha256_update(&sctx, (u8 *)&auth->ordinal, sizeof(auth->ordinal)); 857 sha256_update(&sctx, &buf->data[offset_p], parm_len); 858 sha256_final(&sctx, rphash); 859 860 /* now calculate the hmac */ 861 hmac_sha256_init_usingrawkey(&hctx, auth->session_key, 862 sizeof(auth->session_key) + 863 auth->passphrase_len); 864 hmac_sha256_update(&hctx, rphash, sizeof(rphash)); 865 hmac_sha256_update(&hctx, auth->tpm_nonce, sizeof(auth->tpm_nonce)); 866 hmac_sha256_update(&hctx, auth->our_nonce, sizeof(auth->our_nonce)); 867 hmac_sha256_update(&hctx, &auth->attrs, 1); 868 /* we're done with the rphash, so put our idea of the hmac there */ 869 hmac_sha256_final(&hctx, rphash); 870 if (crypto_memneq(rphash, &buf->data[offset_s], SHA256_DIGEST_SIZE)) { 871 dev_err(&chip->dev, "TPM: HMAC check failed\n"); 872 goto out; 873 } 874 rc = 0; 875 876 /* now do response decryption */ 877 if (auth->attrs & TPM2_SA_ENCRYPT) { 878 /* need key and IV */ 879 tpm2_KDFa(auth->session_key, SHA256_DIGEST_SIZE 880 + auth->passphrase_len, "CFB", auth->tpm_nonce, 881 auth->our_nonce, AES_KEY_BYTES + AES_BLOCK_SIZE, 882 auth->scratch); 883 884 len = tpm_buf_read_u16(buf, &offset_p); 885 aes_prepareenckey(&auth->aes_key, auth->scratch, AES_KEY_BYTES); 886 aescfb_decrypt(&auth->aes_key, &buf->data[offset_p], 887 &buf->data[offset_p], len, 888 auth->scratch + AES_KEY_BYTES); 889 } 890 891 out: 892 if ((auth->attrs & TPM2_SA_CONTINUE_SESSION) == 0) { 893 if (rc) 894 /* manually close the session if it wasn't consumed */ 895 tpm2_flush_context(chip, auth->handle); 896 897 kfree_sensitive(auth); 898 chip->auth = NULL; 899 } else { 900 /* reset for next use */ 901 auth->session = TPM_HEADER_SIZE; 902 } 903 904 return rc; 905 } 906 EXPORT_SYMBOL(tpm_buf_check_hmac_response); 907 908 /** 909 * tpm2_end_auth_session() - kill the allocated auth session 910 * @chip: the TPM chip structure 911 * 912 * ends the session started by tpm2_start_auth_session and frees all 913 * the resources. Under normal conditions, 914 * tpm_buf_check_hmac_response() will correctly end the session if 915 * required, so this function is only for use in error legs that will 916 * bypass the normal invocation of tpm_buf_check_hmac_response(). 917 */ 918 void tpm2_end_auth_session(struct tpm_chip *chip) 919 { 920 struct tpm2_auth *auth = chip->auth; 921 922 if (!auth) 923 return; 924 925 tpm2_flush_context(chip, auth->handle); 926 kfree_sensitive(auth); 927 chip->auth = NULL; 928 } 929 EXPORT_SYMBOL(tpm2_end_auth_session); 930 931 static int tpm2_parse_start_auth_session(struct tpm2_auth *auth, 932 struct tpm_buf *buf) 933 { 934 struct tpm_header *head = (struct tpm_header *)buf->data; 935 u32 tot_len = be32_to_cpu(head->length); 936 off_t offset = TPM_HEADER_SIZE; 937 u32 val; 938 939 /* we're starting after the header so adjust the length */ 940 tot_len -= TPM_HEADER_SIZE; 941 942 /* should have handle plus nonce */ 943 if (tot_len != 4 + 2 + sizeof(auth->tpm_nonce)) 944 return -EINVAL; 945 946 auth->handle = tpm_buf_read_u32(buf, &offset); 947 val = tpm_buf_read_u16(buf, &offset); 948 if (val != sizeof(auth->tpm_nonce)) 949 return -EINVAL; 950 memcpy(auth->tpm_nonce, &buf->data[offset], sizeof(auth->tpm_nonce)); 951 /* now compute the session key from the nonces */ 952 tpm2_KDFa(auth->salt, sizeof(auth->salt), "ATH", auth->tpm_nonce, 953 auth->our_nonce, sizeof(auth->session_key), 954 auth->session_key); 955 956 return 0; 957 } 958 959 static int tpm2_load_null(struct tpm_chip *chip, u32 *null_key) 960 { 961 unsigned int offset = 0; /* dummy offset for null seed context */ 962 u8 name[SHA256_DIGEST_SIZE + 2]; 963 u32 tmp_null_key; 964 int rc; 965 966 rc = tpm2_load_context(chip, chip->null_key_context, &offset, 967 &tmp_null_key); 968 if (rc != -EINVAL) { 969 if (!rc) 970 *null_key = tmp_null_key; 971 goto err; 972 } 973 974 /* Try to re-create null key, given the integrity failure: */ 975 rc = tpm2_create_primary(chip, TPM2_RH_NULL, &tmp_null_key, name); 976 if (rc) 977 goto err; 978 979 /* Return null key if the name has not been changed: */ 980 if (!memcmp(name, chip->null_key_name, sizeof(name))) { 981 *null_key = tmp_null_key; 982 return 0; 983 } 984 985 /* Deduce from the name change TPM interference: */ 986 dev_err(&chip->dev, "null key integrity check failed\n"); 987 tpm2_flush_context(chip, tmp_null_key); 988 989 err: 990 if (rc) { 991 chip->flags |= TPM_CHIP_FLAG_DISABLE; 992 rc = -ENODEV; 993 } 994 return rc; 995 } 996 997 /** 998 * tpm2_start_auth_session() - Create an a HMAC authentication session 999 * @chip: A TPM chip 1000 * 1001 * Loads the ephemeral key (null seed), and starts an HMAC authenticated 1002 * session. The null seed is flushed before the return. 1003 * 1004 * Returns zero on success, or a POSIX error code. 1005 */ 1006 int tpm2_start_auth_session(struct tpm_chip *chip) 1007 { 1008 struct tpm2_auth *auth; 1009 struct tpm_buf buf; 1010 u32 null_key; 1011 int rc; 1012 1013 if (chip->auth) { 1014 dev_dbg_once(&chip->dev, "auth session is active\n"); 1015 return 0; 1016 } 1017 1018 auth = kzalloc_obj(*auth); 1019 if (!auth) 1020 return -ENOMEM; 1021 1022 rc = tpm2_load_null(chip, &null_key); 1023 if (rc) 1024 goto out; 1025 1026 auth->session = TPM_HEADER_SIZE; 1027 1028 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_START_AUTH_SESS); 1029 if (rc) 1030 goto out; 1031 1032 /* salt key handle */ 1033 tpm_buf_append_u32(&buf, null_key); 1034 /* bind key handle */ 1035 tpm_buf_append_u32(&buf, TPM2_RH_NULL); 1036 /* nonce caller */ 1037 get_random_bytes(auth->our_nonce, sizeof(auth->our_nonce)); 1038 tpm_buf_append_u16(&buf, sizeof(auth->our_nonce)); 1039 tpm_buf_append(&buf, auth->our_nonce, sizeof(auth->our_nonce)); 1040 1041 /* append encrypted salt and squirrel away unencrypted in auth */ 1042 rc = tpm_buf_append_salt(&buf, chip, auth); 1043 if (rc) { 1044 tpm2_flush_context(chip, null_key); 1045 tpm_buf_destroy(&buf); 1046 goto out; 1047 } 1048 /* session type (HMAC, audit or policy) */ 1049 tpm_buf_append_u8(&buf, TPM2_SE_HMAC); 1050 1051 /* symmetric encryption parameters */ 1052 /* symmetric algorithm */ 1053 tpm_buf_append_u16(&buf, TPM_ALG_AES); 1054 /* bits for symmetric algorithm */ 1055 tpm_buf_append_u16(&buf, AES_KEY_BITS); 1056 /* symmetric algorithm mode (must be CFB) */ 1057 tpm_buf_append_u16(&buf, TPM_ALG_CFB); 1058 /* hash algorithm for session */ 1059 tpm_buf_append_u16(&buf, TPM_ALG_SHA256); 1060 1061 rc = tpm_ret_to_err(tpm_transmit_cmd(chip, &buf, 0, "StartAuthSession")); 1062 tpm2_flush_context(chip, null_key); 1063 1064 if (rc == TPM2_RC_SUCCESS) 1065 rc = tpm2_parse_start_auth_session(auth, &buf); 1066 1067 tpm_buf_destroy(&buf); 1068 1069 if (rc == TPM2_RC_SUCCESS) { 1070 chip->auth = auth; 1071 return 0; 1072 } 1073 1074 out: 1075 kfree_sensitive(auth); 1076 return rc; 1077 } 1078 EXPORT_SYMBOL(tpm2_start_auth_session); 1079 1080 /* 1081 * A mask containing the object attributes for the kernel held null primary key 1082 * used in HMAC encryption. For more information on specific attributes look up 1083 * to "8.3 TPMA_OBJECT (Object Attributes)". 1084 */ 1085 #define TPM2_OA_NULL_KEY ( \ 1086 TPM2_OA_NO_DA | \ 1087 TPM2_OA_FIXED_TPM | \ 1088 TPM2_OA_FIXED_PARENT | \ 1089 TPM2_OA_SENSITIVE_DATA_ORIGIN | \ 1090 TPM2_OA_USER_WITH_AUTH | \ 1091 TPM2_OA_DECRYPT | \ 1092 TPM2_OA_RESTRICTED) 1093 1094 /** 1095 * tpm2_parse_create_primary() - parse the data returned from TPM_CC_CREATE_PRIMARY 1096 * 1097 * @chip: The TPM the primary was created under 1098 * @buf: The response buffer from the chip 1099 * @handle: pointer to be filled in with the return handle of the primary 1100 * @hierarchy: The hierarchy the primary was created for 1101 * @name: pointer to be filled in with the primary key name 1102 * 1103 * Return: 1104 * * 0 - OK 1105 * * -errno - A system error 1106 * * TPM_RC - A TPM error 1107 */ 1108 static int tpm2_parse_create_primary(struct tpm_chip *chip, struct tpm_buf *buf, 1109 u32 *handle, u32 hierarchy, u8 *name) 1110 { 1111 struct tpm_header *head = (struct tpm_header *)buf->data; 1112 off_t offset_r = TPM_HEADER_SIZE, offset_t; 1113 u16 len = TPM_HEADER_SIZE; 1114 u32 total_len = be32_to_cpu(head->length); 1115 u32 val, param_len, keyhandle; 1116 1117 keyhandle = tpm_buf_read_u32(buf, &offset_r); 1118 if (handle) 1119 *handle = keyhandle; 1120 else 1121 tpm2_flush_context(chip, keyhandle); 1122 1123 param_len = tpm_buf_read_u32(buf, &offset_r); 1124 /* 1125 * param_len doesn't include the header, but all the other 1126 * lengths and offsets do, so add it to parm len to make 1127 * the comparisons easier 1128 */ 1129 param_len += TPM_HEADER_SIZE; 1130 1131 if (param_len + 8 > total_len) 1132 return -EINVAL; 1133 len = tpm_buf_read_u16(buf, &offset_r); 1134 offset_t = offset_r; 1135 if (name) { 1136 /* 1137 * now we have the public area, compute the name of 1138 * the object 1139 */ 1140 put_unaligned_be16(TPM_ALG_SHA256, name); 1141 sha256(&buf->data[offset_r], len, name + 2); 1142 } 1143 1144 /* validate the public key */ 1145 val = tpm_buf_read_u16(buf, &offset_t); 1146 1147 /* key type (must be what we asked for) */ 1148 if (val != TPM_ALG_ECC) 1149 return -EINVAL; 1150 val = tpm_buf_read_u16(buf, &offset_t); 1151 1152 /* name algorithm */ 1153 if (val != TPM_ALG_SHA256) 1154 return -EINVAL; 1155 val = tpm_buf_read_u32(buf, &offset_t); 1156 1157 /* object properties */ 1158 if (val != TPM2_OA_NULL_KEY) 1159 return -EINVAL; 1160 1161 /* auth policy (empty) */ 1162 val = tpm_buf_read_u16(buf, &offset_t); 1163 if (val != 0) 1164 return -EINVAL; 1165 1166 /* symmetric key parameters */ 1167 val = tpm_buf_read_u16(buf, &offset_t); 1168 if (val != TPM_ALG_AES) 1169 return -EINVAL; 1170 1171 /* symmetric key length */ 1172 val = tpm_buf_read_u16(buf, &offset_t); 1173 if (val != AES_KEY_BITS) 1174 return -EINVAL; 1175 1176 /* symmetric encryption scheme */ 1177 val = tpm_buf_read_u16(buf, &offset_t); 1178 if (val != TPM_ALG_CFB) 1179 return -EINVAL; 1180 1181 /* signing scheme */ 1182 val = tpm_buf_read_u16(buf, &offset_t); 1183 if (val != TPM_ALG_NULL) 1184 return -EINVAL; 1185 1186 /* ECC Curve */ 1187 val = tpm_buf_read_u16(buf, &offset_t); 1188 if (val != TPM2_ECC_NIST_P256) 1189 return -EINVAL; 1190 1191 /* KDF Scheme */ 1192 val = tpm_buf_read_u16(buf, &offset_t); 1193 if (val != TPM_ALG_NULL) 1194 return -EINVAL; 1195 1196 /* extract public key (x and y points) */ 1197 val = tpm_buf_read_u16(buf, &offset_t); 1198 if (val != EC_PT_SZ) 1199 return -EINVAL; 1200 memcpy(chip->null_ec_key_x, &buf->data[offset_t], val); 1201 offset_t += val; 1202 val = tpm_buf_read_u16(buf, &offset_t); 1203 if (val != EC_PT_SZ) 1204 return -EINVAL; 1205 memcpy(chip->null_ec_key_y, &buf->data[offset_t], val); 1206 offset_t += val; 1207 1208 /* original length of the whole TPM2B */ 1209 offset_r += len; 1210 1211 /* should have exactly consumed the TPM2B public structure */ 1212 if (offset_t != offset_r) 1213 return -EINVAL; 1214 if (offset_r > param_len) 1215 return -EINVAL; 1216 1217 /* creation data (skip) */ 1218 len = tpm_buf_read_u16(buf, &offset_r); 1219 offset_r += len; 1220 if (offset_r > param_len) 1221 return -EINVAL; 1222 1223 /* creation digest (must be sha256) */ 1224 len = tpm_buf_read_u16(buf, &offset_r); 1225 offset_r += len; 1226 if (len != SHA256_DIGEST_SIZE || offset_r > param_len) 1227 return -EINVAL; 1228 1229 /* TPMT_TK_CREATION follows */ 1230 /* tag, must be TPM_ST_CREATION (0x8021) */ 1231 val = tpm_buf_read_u16(buf, &offset_r); 1232 if (val != TPM2_ST_CREATION || offset_r > param_len) 1233 return -EINVAL; 1234 1235 /* hierarchy */ 1236 val = tpm_buf_read_u32(buf, &offset_r); 1237 if (val != hierarchy || offset_r > param_len) 1238 return -EINVAL; 1239 1240 /* the ticket digest HMAC (might not be sha256) */ 1241 len = tpm_buf_read_u16(buf, &offset_r); 1242 offset_r += len; 1243 if (offset_r > param_len) 1244 return -EINVAL; 1245 1246 /* 1247 * finally we have the name, which is a sha256 digest plus a 2 1248 * byte algorithm type 1249 */ 1250 len = tpm_buf_read_u16(buf, &offset_r); 1251 if (offset_r + len != param_len + 8) 1252 return -EINVAL; 1253 if (len != SHA256_DIGEST_SIZE + 2) 1254 return -EINVAL; 1255 1256 if (memcmp(chip->null_key_name, &buf->data[offset_r], 1257 SHA256_DIGEST_SIZE + 2) != 0) { 1258 dev_err(&chip->dev, "NULL Seed name comparison failed\n"); 1259 return -EINVAL; 1260 } 1261 1262 return 0; 1263 } 1264 1265 /** 1266 * tpm2_create_primary() - create a primary key using a fixed P-256 template 1267 * 1268 * @chip: the TPM chip to create under 1269 * @hierarchy: The hierarchy handle to create under 1270 * @handle: The returned volatile handle on success 1271 * @name: The name of the returned key 1272 * 1273 * For platforms that might not have a persistent primary, this can be 1274 * used to create one quickly on the fly (it uses Elliptic Curve not 1275 * RSA, so even slow TPMs can create one fast). The template uses the 1276 * TCG mandated H one for non-endorsement ECC primaries, i.e. P-256 1277 * elliptic curve (the only current one all TPM2s are required to 1278 * have) a sha256 name hash and no policy. 1279 * 1280 * Return: 1281 * * 0 - OK 1282 * * -errno - A system error 1283 * * TPM_RC - A TPM error 1284 */ 1285 static int tpm2_create_primary(struct tpm_chip *chip, u32 hierarchy, 1286 u32 *handle, u8 *name) 1287 { 1288 int rc; 1289 struct tpm_buf buf; 1290 struct tpm_buf template; 1291 1292 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CREATE_PRIMARY); 1293 if (rc) 1294 return rc; 1295 1296 rc = tpm_buf_init_sized(&template); 1297 if (rc) { 1298 tpm_buf_destroy(&buf); 1299 return rc; 1300 } 1301 1302 /* 1303 * create the template. Note: in order for userspace to 1304 * verify the security of the system, it will have to create 1305 * and certify this NULL primary, meaning all the template 1306 * parameters will have to be identical, so conform exactly to 1307 * the TCG TPM v2.0 Provisioning Guidance for the SRK ECC 1308 * key H template (H has zero size unique points) 1309 */ 1310 1311 /* key type */ 1312 tpm_buf_append_u16(&template, TPM_ALG_ECC); 1313 1314 /* name algorithm */ 1315 tpm_buf_append_u16(&template, TPM_ALG_SHA256); 1316 1317 /* object properties */ 1318 tpm_buf_append_u32(&template, TPM2_OA_NULL_KEY); 1319 1320 /* sauth policy (empty) */ 1321 tpm_buf_append_u16(&template, 0); 1322 1323 /* BEGIN parameters: key specific; for ECC*/ 1324 1325 /* symmetric algorithm */ 1326 tpm_buf_append_u16(&template, TPM_ALG_AES); 1327 1328 /* bits for symmetric algorithm */ 1329 tpm_buf_append_u16(&template, AES_KEY_BITS); 1330 1331 /* algorithm mode (must be CFB) */ 1332 tpm_buf_append_u16(&template, TPM_ALG_CFB); 1333 1334 /* scheme (NULL means any scheme) */ 1335 tpm_buf_append_u16(&template, TPM_ALG_NULL); 1336 1337 /* ECC Curve ID */ 1338 tpm_buf_append_u16(&template, TPM2_ECC_NIST_P256); 1339 1340 /* KDF Scheme */ 1341 tpm_buf_append_u16(&template, TPM_ALG_NULL); 1342 1343 /* unique: key specific; for ECC it is two zero size points */ 1344 tpm_buf_append_u16(&template, 0); 1345 tpm_buf_append_u16(&template, 0); 1346 1347 /* END parameters */ 1348 1349 /* primary handle */ 1350 tpm_buf_append_u32(&buf, hierarchy); 1351 tpm_buf_append_empty_auth(&buf, TPM2_RS_PW); 1352 1353 /* sensitive create size is 4 for two empty buffers */ 1354 tpm_buf_append_u16(&buf, 4); 1355 1356 /* sensitive create auth data (empty) */ 1357 tpm_buf_append_u16(&buf, 0); 1358 1359 /* sensitive create sensitive data (empty) */ 1360 tpm_buf_append_u16(&buf, 0); 1361 1362 /* the public template */ 1363 tpm_buf_append(&buf, template.data, template.length); 1364 tpm_buf_destroy(&template); 1365 1366 /* outside info (empty) */ 1367 tpm_buf_append_u16(&buf, 0); 1368 1369 /* creation PCR (none) */ 1370 tpm_buf_append_u32(&buf, 0); 1371 1372 rc = tpm_transmit_cmd(chip, &buf, 0, 1373 "attempting to create NULL primary"); 1374 1375 if (rc == TPM2_RC_SUCCESS) 1376 rc = tpm2_parse_create_primary(chip, &buf, handle, hierarchy, 1377 name); 1378 1379 tpm_buf_destroy(&buf); 1380 1381 return rc; 1382 } 1383 1384 static int tpm2_create_null_primary(struct tpm_chip *chip) 1385 { 1386 u32 null_key; 1387 int rc; 1388 1389 rc = tpm2_create_primary(chip, TPM2_RH_NULL, &null_key, 1390 chip->null_key_name); 1391 1392 if (rc == TPM2_RC_SUCCESS) { 1393 unsigned int offset = 0; /* dummy offset for null key context */ 1394 1395 rc = tpm2_save_context(chip, null_key, chip->null_key_context, 1396 sizeof(chip->null_key_context), &offset); 1397 tpm2_flush_context(chip, null_key); 1398 } 1399 1400 return rc; 1401 } 1402 1403 /** 1404 * tpm2_sessions_init() - start of day initialization for the sessions code 1405 * @chip: TPM chip 1406 * 1407 * Derive and context save the null primary and allocate memory in the 1408 * struct tpm_chip for the authorizations. 1409 * 1410 * Return: 1411 * * 0 - OK 1412 * * -errno - A system error 1413 * * TPM_RC - A TPM error 1414 */ 1415 int tpm2_sessions_init(struct tpm_chip *chip) 1416 { 1417 int rc; 1418 1419 rc = tpm2_create_null_primary(chip); 1420 if (rc) { 1421 dev_err(&chip->dev, "null key creation failed with %d\n", rc); 1422 return rc; 1423 } 1424 1425 return rc; 1426 } 1427 #endif /* CONFIG_TCG_TPM2_HMAC */ 1428