1 /* 2 * Copyright (C) 2014, 2015 Intel Corporation 3 * 4 * Authors: 5 * Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> 6 * 7 * Maintained by: <tpmdd-devel@lists.sourceforge.net> 8 * 9 * This file contains TPM2 protocol implementations of the commands 10 * used by the kernel internally. 11 * 12 * This program is free software; you can redistribute it and/or 13 * modify it under the terms of the GNU General Public License 14 * as published by the Free Software Foundation; version 2 15 * of the License. 16 */ 17 18 #include "tpm.h" 19 #include <keys/trusted-type.h> 20 21 enum tpm2_object_attributes { 22 TPM2_ATTR_USER_WITH_AUTH = BIT(6), 23 }; 24 25 struct tpm2_startup_in { 26 __be16 startup_type; 27 } __packed; 28 29 struct tpm2_self_test_in { 30 u8 full_test; 31 } __packed; 32 33 struct tpm2_pcr_read_in { 34 __be32 pcr_selects_cnt; 35 __be16 hash_alg; 36 u8 pcr_select_size; 37 u8 pcr_select[TPM2_PCR_SELECT_MIN]; 38 } __packed; 39 40 struct tpm2_pcr_read_out { 41 __be32 update_cnt; 42 __be32 pcr_selects_cnt; 43 __be16 hash_alg; 44 u8 pcr_select_size; 45 u8 pcr_select[TPM2_PCR_SELECT_MIN]; 46 __be32 digests_cnt; 47 __be16 digest_size; 48 u8 digest[TPM_DIGEST_SIZE]; 49 } __packed; 50 51 struct tpm2_null_auth_area { 52 __be32 handle; 53 __be16 nonce_size; 54 u8 attributes; 55 __be16 auth_size; 56 } __packed; 57 58 struct tpm2_pcr_extend_in { 59 __be32 pcr_idx; 60 __be32 auth_area_size; 61 struct tpm2_null_auth_area auth_area; 62 __be32 digest_cnt; 63 __be16 hash_alg; 64 u8 digest[TPM_DIGEST_SIZE]; 65 } __packed; 66 67 struct tpm2_get_tpm_pt_in { 68 __be32 cap_id; 69 __be32 property_id; 70 __be32 property_cnt; 71 } __packed; 72 73 struct tpm2_get_tpm_pt_out { 74 u8 more_data; 75 __be32 subcap_id; 76 __be32 property_cnt; 77 __be32 property_id; 78 __be32 value; 79 } __packed; 80 81 struct tpm2_get_random_in { 82 __be16 size; 83 } __packed; 84 85 struct tpm2_get_random_out { 86 __be16 size; 87 u8 buffer[TPM_MAX_RNG_DATA]; 88 } __packed; 89 90 union tpm2_cmd_params { 91 struct tpm2_startup_in startup_in; 92 struct tpm2_self_test_in selftest_in; 93 struct tpm2_pcr_read_in pcrread_in; 94 struct tpm2_pcr_read_out pcrread_out; 95 struct tpm2_pcr_extend_in pcrextend_in; 96 struct tpm2_get_tpm_pt_in get_tpm_pt_in; 97 struct tpm2_get_tpm_pt_out get_tpm_pt_out; 98 struct tpm2_get_random_in getrandom_in; 99 struct tpm2_get_random_out getrandom_out; 100 }; 101 102 struct tpm2_cmd { 103 tpm_cmd_header header; 104 union tpm2_cmd_params params; 105 } __packed; 106 107 /* 108 * Array with one entry per ordinal defining the maximum amount 109 * of time the chip could take to return the result. The values 110 * of the SHORT, MEDIUM, and LONG durations are taken from the 111 * PC Client Profile (PTP) specification. 112 */ 113 static const u8 tpm2_ordinal_duration[TPM2_CC_LAST - TPM2_CC_FIRST + 1] = { 114 TPM_UNDEFINED, /* 11F */ 115 TPM_UNDEFINED, /* 120 */ 116 TPM_LONG, /* 121 */ 117 TPM_UNDEFINED, /* 122 */ 118 TPM_UNDEFINED, /* 123 */ 119 TPM_UNDEFINED, /* 124 */ 120 TPM_UNDEFINED, /* 125 */ 121 TPM_UNDEFINED, /* 126 */ 122 TPM_UNDEFINED, /* 127 */ 123 TPM_UNDEFINED, /* 128 */ 124 TPM_LONG, /* 129 */ 125 TPM_UNDEFINED, /* 12a */ 126 TPM_UNDEFINED, /* 12b */ 127 TPM_UNDEFINED, /* 12c */ 128 TPM_UNDEFINED, /* 12d */ 129 TPM_UNDEFINED, /* 12e */ 130 TPM_UNDEFINED, /* 12f */ 131 TPM_UNDEFINED, /* 130 */ 132 TPM_UNDEFINED, /* 131 */ 133 TPM_UNDEFINED, /* 132 */ 134 TPM_UNDEFINED, /* 133 */ 135 TPM_UNDEFINED, /* 134 */ 136 TPM_UNDEFINED, /* 135 */ 137 TPM_UNDEFINED, /* 136 */ 138 TPM_UNDEFINED, /* 137 */ 139 TPM_UNDEFINED, /* 138 */ 140 TPM_UNDEFINED, /* 139 */ 141 TPM_UNDEFINED, /* 13a */ 142 TPM_UNDEFINED, /* 13b */ 143 TPM_UNDEFINED, /* 13c */ 144 TPM_UNDEFINED, /* 13d */ 145 TPM_MEDIUM, /* 13e */ 146 TPM_UNDEFINED, /* 13f */ 147 TPM_UNDEFINED, /* 140 */ 148 TPM_UNDEFINED, /* 141 */ 149 TPM_UNDEFINED, /* 142 */ 150 TPM_LONG, /* 143 */ 151 TPM_MEDIUM, /* 144 */ 152 TPM_UNDEFINED, /* 145 */ 153 TPM_UNDEFINED, /* 146 */ 154 TPM_UNDEFINED, /* 147 */ 155 TPM_UNDEFINED, /* 148 */ 156 TPM_UNDEFINED, /* 149 */ 157 TPM_UNDEFINED, /* 14a */ 158 TPM_UNDEFINED, /* 14b */ 159 TPM_UNDEFINED, /* 14c */ 160 TPM_UNDEFINED, /* 14d */ 161 TPM_LONG, /* 14e */ 162 TPM_UNDEFINED, /* 14f */ 163 TPM_UNDEFINED, /* 150 */ 164 TPM_UNDEFINED, /* 151 */ 165 TPM_UNDEFINED, /* 152 */ 166 TPM_UNDEFINED, /* 153 */ 167 TPM_UNDEFINED, /* 154 */ 168 TPM_UNDEFINED, /* 155 */ 169 TPM_UNDEFINED, /* 156 */ 170 TPM_UNDEFINED, /* 157 */ 171 TPM_UNDEFINED, /* 158 */ 172 TPM_UNDEFINED, /* 159 */ 173 TPM_UNDEFINED, /* 15a */ 174 TPM_UNDEFINED, /* 15b */ 175 TPM_MEDIUM, /* 15c */ 176 TPM_UNDEFINED, /* 15d */ 177 TPM_UNDEFINED, /* 15e */ 178 TPM_UNDEFINED, /* 15f */ 179 TPM_UNDEFINED, /* 160 */ 180 TPM_UNDEFINED, /* 161 */ 181 TPM_UNDEFINED, /* 162 */ 182 TPM_UNDEFINED, /* 163 */ 183 TPM_UNDEFINED, /* 164 */ 184 TPM_UNDEFINED, /* 165 */ 185 TPM_UNDEFINED, /* 166 */ 186 TPM_UNDEFINED, /* 167 */ 187 TPM_UNDEFINED, /* 168 */ 188 TPM_UNDEFINED, /* 169 */ 189 TPM_UNDEFINED, /* 16a */ 190 TPM_UNDEFINED, /* 16b */ 191 TPM_UNDEFINED, /* 16c */ 192 TPM_UNDEFINED, /* 16d */ 193 TPM_UNDEFINED, /* 16e */ 194 TPM_UNDEFINED, /* 16f */ 195 TPM_UNDEFINED, /* 170 */ 196 TPM_UNDEFINED, /* 171 */ 197 TPM_UNDEFINED, /* 172 */ 198 TPM_UNDEFINED, /* 173 */ 199 TPM_UNDEFINED, /* 174 */ 200 TPM_UNDEFINED, /* 175 */ 201 TPM_UNDEFINED, /* 176 */ 202 TPM_LONG, /* 177 */ 203 TPM_UNDEFINED, /* 178 */ 204 TPM_UNDEFINED, /* 179 */ 205 TPM_MEDIUM, /* 17a */ 206 TPM_LONG, /* 17b */ 207 TPM_UNDEFINED, /* 17c */ 208 TPM_UNDEFINED, /* 17d */ 209 TPM_UNDEFINED, /* 17e */ 210 TPM_UNDEFINED, /* 17f */ 211 TPM_UNDEFINED, /* 180 */ 212 TPM_UNDEFINED, /* 181 */ 213 TPM_MEDIUM, /* 182 */ 214 TPM_UNDEFINED, /* 183 */ 215 TPM_UNDEFINED, /* 184 */ 216 TPM_MEDIUM, /* 185 */ 217 TPM_MEDIUM, /* 186 */ 218 TPM_UNDEFINED, /* 187 */ 219 TPM_UNDEFINED, /* 188 */ 220 TPM_UNDEFINED, /* 189 */ 221 TPM_UNDEFINED, /* 18a */ 222 TPM_UNDEFINED, /* 18b */ 223 TPM_UNDEFINED, /* 18c */ 224 TPM_UNDEFINED, /* 18d */ 225 TPM_UNDEFINED, /* 18e */ 226 TPM_UNDEFINED /* 18f */ 227 }; 228 229 #define TPM2_PCR_READ_IN_SIZE \ 230 (sizeof(struct tpm_input_header) + \ 231 sizeof(struct tpm2_pcr_read_in)) 232 233 static const struct tpm_input_header tpm2_pcrread_header = { 234 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 235 .length = cpu_to_be32(TPM2_PCR_READ_IN_SIZE), 236 .ordinal = cpu_to_be32(TPM2_CC_PCR_READ) 237 }; 238 239 /** 240 * tpm2_pcr_read() - read a PCR value 241 * @chip: TPM chip to use. 242 * @pcr_idx: index of the PCR to read. 243 * @ref_buf: buffer to store the resulting hash, 244 * 245 * 0 is returned when the operation is successful. If a negative number is 246 * returned it remarks a POSIX error code. If a positive number is returned 247 * it remarks a TPM error. 248 */ 249 int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) 250 { 251 int rc; 252 struct tpm2_cmd cmd; 253 u8 *buf; 254 255 if (pcr_idx >= TPM2_PLATFORM_PCR) 256 return -EINVAL; 257 258 cmd.header.in = tpm2_pcrread_header; 259 cmd.params.pcrread_in.pcr_selects_cnt = cpu_to_be32(1); 260 cmd.params.pcrread_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1); 261 cmd.params.pcrread_in.pcr_select_size = TPM2_PCR_SELECT_MIN; 262 263 memset(cmd.params.pcrread_in.pcr_select, 0, 264 sizeof(cmd.params.pcrread_in.pcr_select)); 265 cmd.params.pcrread_in.pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7); 266 267 rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 268 "attempting to read a pcr value"); 269 if (rc == 0) { 270 buf = cmd.params.pcrread_out.digest; 271 memcpy(res_buf, buf, TPM_DIGEST_SIZE); 272 } 273 274 return rc; 275 } 276 277 #define TPM2_GET_PCREXTEND_IN_SIZE \ 278 (sizeof(struct tpm_input_header) + \ 279 sizeof(struct tpm2_pcr_extend_in)) 280 281 static const struct tpm_input_header tpm2_pcrextend_header = { 282 .tag = cpu_to_be16(TPM2_ST_SESSIONS), 283 .length = cpu_to_be32(TPM2_GET_PCREXTEND_IN_SIZE), 284 .ordinal = cpu_to_be32(TPM2_CC_PCR_EXTEND) 285 }; 286 287 /** 288 * tpm2_pcr_extend() - extend a PCR value 289 * @chip: TPM chip to use. 290 * @pcr_idx: index of the PCR. 291 * @hash: hash value to use for the extend operation. 292 * 293 * 0 is returned when the operation is successful. If a negative number is 294 * returned it remarks a POSIX error code. If a positive number is returned 295 * it remarks a TPM error. 296 */ 297 int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash) 298 { 299 struct tpm2_cmd cmd; 300 int rc; 301 302 cmd.header.in = tpm2_pcrextend_header; 303 cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx); 304 cmd.params.pcrextend_in.auth_area_size = 305 cpu_to_be32(sizeof(struct tpm2_null_auth_area)); 306 cmd.params.pcrextend_in.auth_area.handle = 307 cpu_to_be32(TPM2_RS_PW); 308 cmd.params.pcrextend_in.auth_area.nonce_size = 0; 309 cmd.params.pcrextend_in.auth_area.attributes = 0; 310 cmd.params.pcrextend_in.auth_area.auth_size = 0; 311 cmd.params.pcrextend_in.digest_cnt = cpu_to_be32(1); 312 cmd.params.pcrextend_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1); 313 memcpy(cmd.params.pcrextend_in.digest, hash, TPM_DIGEST_SIZE); 314 315 rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 316 "attempting extend a PCR value"); 317 318 return rc; 319 } 320 321 #define TPM2_GETRANDOM_IN_SIZE \ 322 (sizeof(struct tpm_input_header) + \ 323 sizeof(struct tpm2_get_random_in)) 324 325 static const struct tpm_input_header tpm2_getrandom_header = { 326 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 327 .length = cpu_to_be32(TPM2_GETRANDOM_IN_SIZE), 328 .ordinal = cpu_to_be32(TPM2_CC_GET_RANDOM) 329 }; 330 331 /** 332 * tpm2_get_random() - get random bytes from the TPM RNG 333 * @chip: TPM chip to use 334 * @out: destination buffer for the random bytes 335 * @max: the max number of bytes to write to @out 336 * 337 * 0 is returned when the operation is successful. If a negative number is 338 * returned it remarks a POSIX error code. If a positive number is returned 339 * it remarks a TPM error. 340 */ 341 int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max) 342 { 343 struct tpm2_cmd cmd; 344 u32 recd; 345 u32 num_bytes; 346 int err; 347 int total = 0; 348 int retries = 5; 349 u8 *dest = out; 350 351 num_bytes = min_t(u32, max, sizeof(cmd.params.getrandom_out.buffer)); 352 353 if (!out || !num_bytes || 354 max > sizeof(cmd.params.getrandom_out.buffer)) 355 return -EINVAL; 356 357 do { 358 cmd.header.in = tpm2_getrandom_header; 359 cmd.params.getrandom_in.size = cpu_to_be16(num_bytes); 360 361 err = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 362 "attempting get random"); 363 if (err) 364 break; 365 366 recd = min_t(u32, be16_to_cpu(cmd.params.getrandom_out.size), 367 num_bytes); 368 memcpy(dest, cmd.params.getrandom_out.buffer, recd); 369 370 dest += recd; 371 total += recd; 372 num_bytes -= recd; 373 } while (retries-- && total < max); 374 375 return total ? total : -EIO; 376 } 377 378 #define TPM2_GET_TPM_PT_IN_SIZE \ 379 (sizeof(struct tpm_input_header) + \ 380 sizeof(struct tpm2_get_tpm_pt_in)) 381 382 static const struct tpm_input_header tpm2_get_tpm_pt_header = { 383 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 384 .length = cpu_to_be32(TPM2_GET_TPM_PT_IN_SIZE), 385 .ordinal = cpu_to_be32(TPM2_CC_GET_CAPABILITY) 386 }; 387 388 /** 389 * Append TPMS_AUTH_COMMAND to the buffer. The buffer must be allocated with 390 * tpm_buf_alloc(). 391 * 392 * @param buf: an allocated tpm_buf instance 393 * @param nonce: the session nonce, may be NULL if not used 394 * @param nonce_len: the session nonce length, may be 0 if not used 395 * @param attributes: the session attributes 396 * @param hmac: the session HMAC or password, may be NULL if not used 397 * @param hmac_len: the session HMAC or password length, maybe 0 if not used 398 */ 399 static void tpm2_buf_append_auth(struct tpm_buf *buf, u32 session_handle, 400 const u8 *nonce, u16 nonce_len, 401 u8 attributes, 402 const u8 *hmac, u16 hmac_len) 403 { 404 tpm_buf_append_u32(buf, 9 + nonce_len + hmac_len); 405 tpm_buf_append_u32(buf, session_handle); 406 tpm_buf_append_u16(buf, nonce_len); 407 408 if (nonce && nonce_len) 409 tpm_buf_append(buf, nonce, nonce_len); 410 411 tpm_buf_append_u8(buf, attributes); 412 tpm_buf_append_u16(buf, hmac_len); 413 414 if (hmac && hmac_len) 415 tpm_buf_append(buf, hmac, hmac_len); 416 } 417 418 /** 419 * tpm2_seal_trusted() - seal a trusted key 420 * @chip_num: A specific chip number for the request or TPM_ANY_NUM 421 * @options: authentication values and other options 422 * @payload: the key data in clear and encrypted form 423 * 424 * Returns < 0 on error and 0 on success. 425 */ 426 int tpm2_seal_trusted(struct tpm_chip *chip, 427 struct trusted_key_payload *payload, 428 struct trusted_key_options *options) 429 { 430 unsigned int blob_len; 431 struct tpm_buf buf; 432 int rc; 433 434 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CREATE); 435 if (rc) 436 return rc; 437 438 tpm_buf_append_u32(&buf, options->keyhandle); 439 tpm2_buf_append_auth(&buf, TPM2_RS_PW, 440 NULL /* nonce */, 0, 441 0 /* session_attributes */, 442 options->keyauth /* hmac */, 443 TPM_DIGEST_SIZE); 444 445 /* sensitive */ 446 tpm_buf_append_u16(&buf, 4 + TPM_DIGEST_SIZE + payload->key_len + 1); 447 448 tpm_buf_append_u16(&buf, TPM_DIGEST_SIZE); 449 tpm_buf_append(&buf, options->blobauth, TPM_DIGEST_SIZE); 450 tpm_buf_append_u16(&buf, payload->key_len + 1); 451 tpm_buf_append(&buf, payload->key, payload->key_len); 452 tpm_buf_append_u8(&buf, payload->migratable); 453 454 /* public */ 455 tpm_buf_append_u16(&buf, 14); 456 457 tpm_buf_append_u16(&buf, TPM2_ALG_KEYEDHASH); 458 tpm_buf_append_u16(&buf, TPM2_ALG_SHA256); 459 tpm_buf_append_u32(&buf, TPM2_ATTR_USER_WITH_AUTH); 460 tpm_buf_append_u16(&buf, 0); /* policy digest size */ 461 tpm_buf_append_u16(&buf, TPM2_ALG_NULL); 462 tpm_buf_append_u16(&buf, 0); 463 464 /* outside info */ 465 tpm_buf_append_u16(&buf, 0); 466 467 /* creation PCR */ 468 tpm_buf_append_u32(&buf, 0); 469 470 if (buf.flags & TPM_BUF_OVERFLOW) { 471 rc = -E2BIG; 472 goto out; 473 } 474 475 rc = tpm_transmit_cmd(chip, buf.data, PAGE_SIZE, "sealing data"); 476 if (rc) 477 goto out; 478 479 blob_len = be32_to_cpup((__be32 *) &buf.data[TPM_HEADER_SIZE]); 480 if (blob_len > MAX_BLOB_SIZE) { 481 rc = -E2BIG; 482 goto out; 483 } 484 485 memcpy(payload->blob, &buf.data[TPM_HEADER_SIZE + 4], blob_len); 486 payload->blob_len = blob_len; 487 488 out: 489 tpm_buf_destroy(&buf); 490 491 if (rc > 0) 492 rc = -EPERM; 493 494 return rc; 495 } 496 497 static int tpm2_load(struct tpm_chip *chip, 498 struct trusted_key_payload *payload, 499 struct trusted_key_options *options, 500 u32 *blob_handle) 501 { 502 struct tpm_buf buf; 503 unsigned int private_len; 504 unsigned int public_len; 505 unsigned int blob_len; 506 int rc; 507 508 private_len = be16_to_cpup((__be16 *) &payload->blob[0]); 509 if (private_len > (payload->blob_len - 2)) 510 return -E2BIG; 511 512 public_len = be16_to_cpup((__be16 *) &payload->blob[2 + private_len]); 513 blob_len = private_len + public_len + 4; 514 if (blob_len > payload->blob_len) 515 return -E2BIG; 516 517 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_LOAD); 518 if (rc) 519 return rc; 520 521 tpm_buf_append_u32(&buf, options->keyhandle); 522 tpm2_buf_append_auth(&buf, TPM2_RS_PW, 523 NULL /* nonce */, 0, 524 0 /* session_attributes */, 525 options->keyauth /* hmac */, 526 TPM_DIGEST_SIZE); 527 528 tpm_buf_append(&buf, payload->blob, blob_len); 529 530 if (buf.flags & TPM_BUF_OVERFLOW) { 531 rc = -E2BIG; 532 goto out; 533 } 534 535 rc = tpm_transmit_cmd(chip, buf.data, PAGE_SIZE, "loading blob"); 536 if (!rc) 537 *blob_handle = be32_to_cpup( 538 (__be32 *) &buf.data[TPM_HEADER_SIZE]); 539 540 out: 541 tpm_buf_destroy(&buf); 542 543 if (rc > 0) 544 rc = -EPERM; 545 546 return rc; 547 } 548 549 static void tpm2_flush_context(struct tpm_chip *chip, u32 handle) 550 { 551 struct tpm_buf buf; 552 int rc; 553 554 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_FLUSH_CONTEXT); 555 if (rc) { 556 dev_warn(chip->pdev, "0x%08x was not flushed, out of memory\n", 557 handle); 558 return; 559 } 560 561 tpm_buf_append_u32(&buf, handle); 562 563 rc = tpm_transmit_cmd(chip, buf.data, PAGE_SIZE, "flushing context"); 564 if (rc) 565 dev_warn(chip->pdev, "0x%08x was not flushed, rc=%d\n", handle, 566 rc); 567 568 tpm_buf_destroy(&buf); 569 } 570 571 static int tpm2_unseal(struct tpm_chip *chip, 572 struct trusted_key_payload *payload, 573 struct trusted_key_options *options, 574 u32 blob_handle) 575 { 576 struct tpm_buf buf; 577 u16 data_len; 578 u8 *data; 579 int rc; 580 581 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_UNSEAL); 582 if (rc) 583 return rc; 584 585 tpm_buf_append_u32(&buf, blob_handle); 586 tpm2_buf_append_auth(&buf, TPM2_RS_PW, 587 NULL /* nonce */, 0, 588 0 /* session_attributes */, 589 options->blobauth /* hmac */, 590 TPM_DIGEST_SIZE); 591 592 rc = tpm_transmit_cmd(chip, buf.data, PAGE_SIZE, "unsealing"); 593 if (rc > 0) 594 rc = -EPERM; 595 596 if (!rc) { 597 data_len = be16_to_cpup( 598 (__be16 *) &buf.data[TPM_HEADER_SIZE + 4]); 599 data = &buf.data[TPM_HEADER_SIZE + 6]; 600 601 memcpy(payload->key, data, data_len - 1); 602 payload->key_len = data_len - 1; 603 payload->migratable = data[data_len - 1]; 604 } 605 606 tpm_buf_destroy(&buf); 607 return rc; 608 } 609 610 /** 611 * tpm_unseal_trusted() - unseal a trusted key 612 * @chip_num: A specific chip number for the request or TPM_ANY_NUM 613 * @options: authentication values and other options 614 * @payload: the key data in clear and encrypted form 615 * 616 * Returns < 0 on error and 0 on success. 617 */ 618 int tpm2_unseal_trusted(struct tpm_chip *chip, 619 struct trusted_key_payload *payload, 620 struct trusted_key_options *options) 621 { 622 u32 blob_handle; 623 int rc; 624 625 rc = tpm2_load(chip, payload, options, &blob_handle); 626 if (rc) 627 return rc; 628 629 rc = tpm2_unseal(chip, payload, options, blob_handle); 630 631 tpm2_flush_context(chip, blob_handle); 632 633 return rc; 634 } 635 636 /** 637 * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property 638 * @chip: TPM chip to use. 639 * @property_id: property ID. 640 * @value: output variable. 641 * @desc: passed to tpm_transmit_cmd() 642 * 643 * 0 is returned when the operation is successful. If a negative number is 644 * returned it remarks a POSIX error code. If a positive number is returned 645 * it remarks a TPM error. 646 */ 647 ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, u32 *value, 648 const char *desc) 649 { 650 struct tpm2_cmd cmd; 651 int rc; 652 653 cmd.header.in = tpm2_get_tpm_pt_header; 654 cmd.params.get_tpm_pt_in.cap_id = cpu_to_be32(TPM2_CAP_TPM_PROPERTIES); 655 cmd.params.get_tpm_pt_in.property_id = cpu_to_be32(property_id); 656 cmd.params.get_tpm_pt_in.property_cnt = cpu_to_be32(1); 657 658 rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), desc); 659 if (!rc) 660 *value = cmd.params.get_tpm_pt_out.value; 661 662 return rc; 663 } 664 665 #define TPM2_STARTUP_IN_SIZE \ 666 (sizeof(struct tpm_input_header) + \ 667 sizeof(struct tpm2_startup_in)) 668 669 static const struct tpm_input_header tpm2_startup_header = { 670 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 671 .length = cpu_to_be32(TPM2_STARTUP_IN_SIZE), 672 .ordinal = cpu_to_be32(TPM2_CC_STARTUP) 673 }; 674 675 /** 676 * tpm2_startup() - send startup command to the TPM chip 677 * @chip: TPM chip to use. 678 * @startup_type startup type. The value is either 679 * TPM_SU_CLEAR or TPM_SU_STATE. 680 * 681 * 0 is returned when the operation is successful. If a negative number is 682 * returned it remarks a POSIX error code. If a positive number is returned 683 * it remarks a TPM error. 684 */ 685 int tpm2_startup(struct tpm_chip *chip, u16 startup_type) 686 { 687 struct tpm2_cmd cmd; 688 689 cmd.header.in = tpm2_startup_header; 690 691 cmd.params.startup_in.startup_type = cpu_to_be16(startup_type); 692 return tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 693 "attempting to start the TPM"); 694 } 695 EXPORT_SYMBOL_GPL(tpm2_startup); 696 697 #define TPM2_SHUTDOWN_IN_SIZE \ 698 (sizeof(struct tpm_input_header) + \ 699 sizeof(struct tpm2_startup_in)) 700 701 static const struct tpm_input_header tpm2_shutdown_header = { 702 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 703 .length = cpu_to_be32(TPM2_SHUTDOWN_IN_SIZE), 704 .ordinal = cpu_to_be32(TPM2_CC_SHUTDOWN) 705 }; 706 707 /** 708 * tpm2_shutdown() - send shutdown command to the TPM chip 709 * @chip: TPM chip to use. 710 * @shutdown_type shutdown type. The value is either 711 * TPM_SU_CLEAR or TPM_SU_STATE. 712 */ 713 void tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type) 714 { 715 struct tpm2_cmd cmd; 716 int rc; 717 718 cmd.header.in = tpm2_shutdown_header; 719 cmd.params.startup_in.startup_type = cpu_to_be16(shutdown_type); 720 721 rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), "stopping the TPM"); 722 723 /* In places where shutdown command is sent there's no much we can do 724 * except print the error code on a system failure. 725 */ 726 if (rc < 0) 727 dev_warn(chip->pdev, "transmit returned %d while stopping the TPM", 728 rc); 729 } 730 EXPORT_SYMBOL_GPL(tpm2_shutdown); 731 732 /* 733 * tpm2_calc_ordinal_duration() - maximum duration for a command 734 * @chip: TPM chip to use. 735 * @ordinal: command code number. 736 * 737 * 0 is returned when the operation is successful. If a negative number is 738 * returned it remarks a POSIX error code. If a positive number is returned 739 * it remarks a TPM error. 740 */ 741 unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal) 742 { 743 int index = TPM_UNDEFINED; 744 int duration = 0; 745 746 if (ordinal >= TPM2_CC_FIRST && ordinal <= TPM2_CC_LAST) 747 index = tpm2_ordinal_duration[ordinal - TPM2_CC_FIRST]; 748 749 if (index != TPM_UNDEFINED) 750 duration = chip->vendor.duration[index]; 751 752 if (duration <= 0) 753 duration = 2 * 60 * HZ; 754 755 return duration; 756 } 757 EXPORT_SYMBOL_GPL(tpm2_calc_ordinal_duration); 758 759 #define TPM2_SELF_TEST_IN_SIZE \ 760 (sizeof(struct tpm_input_header) + \ 761 sizeof(struct tpm2_self_test_in)) 762 763 static const struct tpm_input_header tpm2_selftest_header = { 764 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 765 .length = cpu_to_be32(TPM2_SELF_TEST_IN_SIZE), 766 .ordinal = cpu_to_be32(TPM2_CC_SELF_TEST) 767 }; 768 769 /** 770 * tpm2_continue_selftest() - start a self test 771 * @chip: TPM chip to use 772 * @full: test all commands instead of testing only those that were not 773 * previously tested. 774 * 775 * 0 is returned when the operation is successful. If a negative number is 776 * returned it remarks a POSIX error code. If a positive number is returned 777 * it remarks a TPM error. 778 */ 779 static int tpm2_start_selftest(struct tpm_chip *chip, bool full) 780 { 781 int rc; 782 struct tpm2_cmd cmd; 783 784 cmd.header.in = tpm2_selftest_header; 785 cmd.params.selftest_in.full_test = full; 786 787 rc = tpm_transmit_cmd(chip, &cmd, TPM2_SELF_TEST_IN_SIZE, 788 "continue selftest"); 789 790 /* At least some prototype chips seem to give RC_TESTING error 791 * immediately. This is a workaround for that. 792 */ 793 if (rc == TPM2_RC_TESTING) { 794 dev_warn(chip->pdev, "Got RC_TESTING, ignoring\n"); 795 rc = 0; 796 } 797 798 return rc; 799 } 800 801 /** 802 * tpm2_do_selftest() - run a full self test 803 * @chip: TPM chip to use 804 * 805 * During the self test TPM2 commands return with the error code RC_TESTING. 806 * Waiting is done by issuing PCR read until it executes successfully. 807 * 808 * 0 is returned when the operation is successful. If a negative number is 809 * returned it remarks a POSIX error code. If a positive number is returned 810 * it remarks a TPM error. 811 */ 812 int tpm2_do_selftest(struct tpm_chip *chip) 813 { 814 int rc; 815 unsigned int loops; 816 unsigned int delay_msec = 100; 817 unsigned long duration; 818 struct tpm2_cmd cmd; 819 int i; 820 821 duration = tpm2_calc_ordinal_duration(chip, TPM2_CC_SELF_TEST); 822 823 loops = jiffies_to_msecs(duration) / delay_msec; 824 825 rc = tpm2_start_selftest(chip, true); 826 if (rc) 827 return rc; 828 829 for (i = 0; i < loops; i++) { 830 /* Attempt to read a PCR value */ 831 cmd.header.in = tpm2_pcrread_header; 832 cmd.params.pcrread_in.pcr_selects_cnt = cpu_to_be32(1); 833 cmd.params.pcrread_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1); 834 cmd.params.pcrread_in.pcr_select_size = TPM2_PCR_SELECT_MIN; 835 cmd.params.pcrread_in.pcr_select[0] = 0x01; 836 cmd.params.pcrread_in.pcr_select[1] = 0x00; 837 cmd.params.pcrread_in.pcr_select[2] = 0x00; 838 839 rc = tpm_transmit_cmd(chip, (u8 *) &cmd, sizeof(cmd), NULL); 840 if (rc < 0) 841 break; 842 843 rc = be32_to_cpu(cmd.header.out.return_code); 844 if (rc != TPM2_RC_TESTING) 845 break; 846 847 msleep(delay_msec); 848 } 849 850 return rc; 851 } 852 EXPORT_SYMBOL_GPL(tpm2_do_selftest); 853 854 /** 855 * tpm2_gen_interrupt() - generate an interrupt 856 * @chip: TPM chip to use 857 * 858 * 0 is returned when the operation is successful. If a negative number is 859 * returned it remarks a POSIX error code. If a positive number is returned 860 * it remarks a TPM error. 861 */ 862 int tpm2_gen_interrupt(struct tpm_chip *chip) 863 { 864 u32 dummy; 865 866 return tpm2_get_tpm_pt(chip, 0x100, &dummy, 867 "attempting to generate an interrupt"); 868 } 869 EXPORT_SYMBOL_GPL(tpm2_gen_interrupt); 870 871 /** 872 * tpm2_probe() - probe TPM 2.0 873 * @chip: TPM chip to use 874 * 875 * Send idempotent TPM 2.0 command and see whether TPM 2.0 chip replied based on 876 * the reply tag. 877 */ 878 int tpm2_probe(struct tpm_chip *chip) 879 { 880 struct tpm2_cmd cmd; 881 int rc; 882 883 cmd.header.in = tpm2_get_tpm_pt_header; 884 cmd.params.get_tpm_pt_in.cap_id = cpu_to_be32(TPM2_CAP_TPM_PROPERTIES); 885 cmd.params.get_tpm_pt_in.property_id = cpu_to_be32(0x100); 886 cmd.params.get_tpm_pt_in.property_cnt = cpu_to_be32(1); 887 888 rc = tpm_transmit(chip, (const char *) &cmd, sizeof(cmd)); 889 if (rc < 0) 890 return rc; 891 else if (rc < TPM_HEADER_SIZE) 892 return -EFAULT; 893 894 if (be16_to_cpu(cmd.header.out.tag) == TPM2_ST_NO_SESSIONS) 895 chip->flags |= TPM_CHIP_FLAG_TPM2; 896 897 return 0; 898 } 899 EXPORT_SYMBOL_GPL(tpm2_probe); 900