1 /* 2 * Copyright (C) 2014, 2015 Intel Corporation 3 * 4 * Authors: 5 * Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> 6 * 7 * Maintained by: <tpmdd-devel@lists.sourceforge.net> 8 * 9 * This file contains TPM2 protocol implementations of the commands 10 * used by the kernel internally. 11 * 12 * This program is free software; you can redistribute it and/or 13 * modify it under the terms of the GNU General Public License 14 * as published by the Free Software Foundation; version 2 15 * of the License. 16 */ 17 18 #include "tpm.h" 19 #include <crypto/hash_info.h> 20 #include <keys/trusted-type.h> 21 22 enum tpm2_object_attributes { 23 TPM2_ATTR_USER_WITH_AUTH = BIT(6), 24 }; 25 26 struct tpm2_startup_in { 27 __be16 startup_type; 28 } __packed; 29 30 struct tpm2_self_test_in { 31 u8 full_test; 32 } __packed; 33 34 struct tpm2_pcr_read_in { 35 __be32 pcr_selects_cnt; 36 __be16 hash_alg; 37 u8 pcr_select_size; 38 u8 pcr_select[TPM2_PCR_SELECT_MIN]; 39 } __packed; 40 41 struct tpm2_pcr_read_out { 42 __be32 update_cnt; 43 __be32 pcr_selects_cnt; 44 __be16 hash_alg; 45 u8 pcr_select_size; 46 u8 pcr_select[TPM2_PCR_SELECT_MIN]; 47 __be32 digests_cnt; 48 __be16 digest_size; 49 u8 digest[TPM_DIGEST_SIZE]; 50 } __packed; 51 52 struct tpm2_null_auth_area { 53 __be32 handle; 54 __be16 nonce_size; 55 u8 attributes; 56 __be16 auth_size; 57 } __packed; 58 59 struct tpm2_pcr_extend_in { 60 __be32 pcr_idx; 61 __be32 auth_area_size; 62 struct tpm2_null_auth_area auth_area; 63 __be32 digest_cnt; 64 __be16 hash_alg; 65 u8 digest[TPM_DIGEST_SIZE]; 66 } __packed; 67 68 struct tpm2_get_tpm_pt_in { 69 __be32 cap_id; 70 __be32 property_id; 71 __be32 property_cnt; 72 } __packed; 73 74 struct tpm2_get_tpm_pt_out { 75 u8 more_data; 76 __be32 subcap_id; 77 __be32 property_cnt; 78 __be32 property_id; 79 __be32 value; 80 } __packed; 81 82 struct tpm2_get_random_in { 83 __be16 size; 84 } __packed; 85 86 struct tpm2_get_random_out { 87 __be16 size; 88 u8 buffer[TPM_MAX_RNG_DATA]; 89 } __packed; 90 91 union tpm2_cmd_params { 92 struct tpm2_startup_in startup_in; 93 struct tpm2_self_test_in selftest_in; 94 struct tpm2_pcr_read_in pcrread_in; 95 struct tpm2_pcr_read_out pcrread_out; 96 struct tpm2_pcr_extend_in pcrextend_in; 97 struct tpm2_get_tpm_pt_in get_tpm_pt_in; 98 struct tpm2_get_tpm_pt_out get_tpm_pt_out; 99 struct tpm2_get_random_in getrandom_in; 100 struct tpm2_get_random_out getrandom_out; 101 }; 102 103 struct tpm2_cmd { 104 tpm_cmd_header header; 105 union tpm2_cmd_params params; 106 } __packed; 107 108 struct tpm2_hash { 109 unsigned int crypto_id; 110 unsigned int tpm_id; 111 }; 112 113 static struct tpm2_hash tpm2_hash_map[] = { 114 {HASH_ALGO_SHA1, TPM2_ALG_SHA1}, 115 {HASH_ALGO_SHA256, TPM2_ALG_SHA256}, 116 {HASH_ALGO_SHA384, TPM2_ALG_SHA384}, 117 {HASH_ALGO_SHA512, TPM2_ALG_SHA512}, 118 {HASH_ALGO_SM3_256, TPM2_ALG_SM3_256}, 119 }; 120 121 /* 122 * Array with one entry per ordinal defining the maximum amount 123 * of time the chip could take to return the result. The values 124 * of the SHORT, MEDIUM, and LONG durations are taken from the 125 * PC Client Profile (PTP) specification. 126 */ 127 static const u8 tpm2_ordinal_duration[TPM2_CC_LAST - TPM2_CC_FIRST + 1] = { 128 TPM_UNDEFINED, /* 11F */ 129 TPM_UNDEFINED, /* 120 */ 130 TPM_LONG, /* 121 */ 131 TPM_UNDEFINED, /* 122 */ 132 TPM_UNDEFINED, /* 123 */ 133 TPM_UNDEFINED, /* 124 */ 134 TPM_UNDEFINED, /* 125 */ 135 TPM_UNDEFINED, /* 126 */ 136 TPM_UNDEFINED, /* 127 */ 137 TPM_UNDEFINED, /* 128 */ 138 TPM_LONG, /* 129 */ 139 TPM_UNDEFINED, /* 12a */ 140 TPM_UNDEFINED, /* 12b */ 141 TPM_UNDEFINED, /* 12c */ 142 TPM_UNDEFINED, /* 12d */ 143 TPM_UNDEFINED, /* 12e */ 144 TPM_UNDEFINED, /* 12f */ 145 TPM_UNDEFINED, /* 130 */ 146 TPM_UNDEFINED, /* 131 */ 147 TPM_UNDEFINED, /* 132 */ 148 TPM_UNDEFINED, /* 133 */ 149 TPM_UNDEFINED, /* 134 */ 150 TPM_UNDEFINED, /* 135 */ 151 TPM_UNDEFINED, /* 136 */ 152 TPM_UNDEFINED, /* 137 */ 153 TPM_UNDEFINED, /* 138 */ 154 TPM_UNDEFINED, /* 139 */ 155 TPM_UNDEFINED, /* 13a */ 156 TPM_UNDEFINED, /* 13b */ 157 TPM_UNDEFINED, /* 13c */ 158 TPM_UNDEFINED, /* 13d */ 159 TPM_MEDIUM, /* 13e */ 160 TPM_UNDEFINED, /* 13f */ 161 TPM_UNDEFINED, /* 140 */ 162 TPM_UNDEFINED, /* 141 */ 163 TPM_UNDEFINED, /* 142 */ 164 TPM_LONG, /* 143 */ 165 TPM_MEDIUM, /* 144 */ 166 TPM_UNDEFINED, /* 145 */ 167 TPM_UNDEFINED, /* 146 */ 168 TPM_UNDEFINED, /* 147 */ 169 TPM_UNDEFINED, /* 148 */ 170 TPM_UNDEFINED, /* 149 */ 171 TPM_UNDEFINED, /* 14a */ 172 TPM_UNDEFINED, /* 14b */ 173 TPM_UNDEFINED, /* 14c */ 174 TPM_UNDEFINED, /* 14d */ 175 TPM_LONG, /* 14e */ 176 TPM_UNDEFINED, /* 14f */ 177 TPM_UNDEFINED, /* 150 */ 178 TPM_UNDEFINED, /* 151 */ 179 TPM_UNDEFINED, /* 152 */ 180 TPM_UNDEFINED, /* 153 */ 181 TPM_UNDEFINED, /* 154 */ 182 TPM_UNDEFINED, /* 155 */ 183 TPM_UNDEFINED, /* 156 */ 184 TPM_UNDEFINED, /* 157 */ 185 TPM_UNDEFINED, /* 158 */ 186 TPM_UNDEFINED, /* 159 */ 187 TPM_UNDEFINED, /* 15a */ 188 TPM_UNDEFINED, /* 15b */ 189 TPM_MEDIUM, /* 15c */ 190 TPM_UNDEFINED, /* 15d */ 191 TPM_UNDEFINED, /* 15e */ 192 TPM_UNDEFINED, /* 15f */ 193 TPM_UNDEFINED, /* 160 */ 194 TPM_UNDEFINED, /* 161 */ 195 TPM_UNDEFINED, /* 162 */ 196 TPM_UNDEFINED, /* 163 */ 197 TPM_UNDEFINED, /* 164 */ 198 TPM_UNDEFINED, /* 165 */ 199 TPM_UNDEFINED, /* 166 */ 200 TPM_UNDEFINED, /* 167 */ 201 TPM_UNDEFINED, /* 168 */ 202 TPM_UNDEFINED, /* 169 */ 203 TPM_UNDEFINED, /* 16a */ 204 TPM_UNDEFINED, /* 16b */ 205 TPM_UNDEFINED, /* 16c */ 206 TPM_UNDEFINED, /* 16d */ 207 TPM_UNDEFINED, /* 16e */ 208 TPM_UNDEFINED, /* 16f */ 209 TPM_UNDEFINED, /* 170 */ 210 TPM_UNDEFINED, /* 171 */ 211 TPM_UNDEFINED, /* 172 */ 212 TPM_UNDEFINED, /* 173 */ 213 TPM_UNDEFINED, /* 174 */ 214 TPM_UNDEFINED, /* 175 */ 215 TPM_UNDEFINED, /* 176 */ 216 TPM_LONG, /* 177 */ 217 TPM_UNDEFINED, /* 178 */ 218 TPM_UNDEFINED, /* 179 */ 219 TPM_MEDIUM, /* 17a */ 220 TPM_LONG, /* 17b */ 221 TPM_UNDEFINED, /* 17c */ 222 TPM_UNDEFINED, /* 17d */ 223 TPM_UNDEFINED, /* 17e */ 224 TPM_UNDEFINED, /* 17f */ 225 TPM_UNDEFINED, /* 180 */ 226 TPM_UNDEFINED, /* 181 */ 227 TPM_MEDIUM, /* 182 */ 228 TPM_UNDEFINED, /* 183 */ 229 TPM_UNDEFINED, /* 184 */ 230 TPM_MEDIUM, /* 185 */ 231 TPM_MEDIUM, /* 186 */ 232 TPM_UNDEFINED, /* 187 */ 233 TPM_UNDEFINED, /* 188 */ 234 TPM_UNDEFINED, /* 189 */ 235 TPM_UNDEFINED, /* 18a */ 236 TPM_UNDEFINED, /* 18b */ 237 TPM_UNDEFINED, /* 18c */ 238 TPM_UNDEFINED, /* 18d */ 239 TPM_UNDEFINED, /* 18e */ 240 TPM_UNDEFINED /* 18f */ 241 }; 242 243 #define TPM2_PCR_READ_IN_SIZE \ 244 (sizeof(struct tpm_input_header) + \ 245 sizeof(struct tpm2_pcr_read_in)) 246 247 static const struct tpm_input_header tpm2_pcrread_header = { 248 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 249 .length = cpu_to_be32(TPM2_PCR_READ_IN_SIZE), 250 .ordinal = cpu_to_be32(TPM2_CC_PCR_READ) 251 }; 252 253 /** 254 * tpm2_pcr_read() - read a PCR value 255 * @chip: TPM chip to use. 256 * @pcr_idx: index of the PCR to read. 257 * @ref_buf: buffer to store the resulting hash, 258 * 259 * 0 is returned when the operation is successful. If a negative number is 260 * returned it remarks a POSIX error code. If a positive number is returned 261 * it remarks a TPM error. 262 */ 263 int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) 264 { 265 int rc; 266 struct tpm2_cmd cmd; 267 u8 *buf; 268 269 if (pcr_idx >= TPM2_PLATFORM_PCR) 270 return -EINVAL; 271 272 cmd.header.in = tpm2_pcrread_header; 273 cmd.params.pcrread_in.pcr_selects_cnt = cpu_to_be32(1); 274 cmd.params.pcrread_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1); 275 cmd.params.pcrread_in.pcr_select_size = TPM2_PCR_SELECT_MIN; 276 277 memset(cmd.params.pcrread_in.pcr_select, 0, 278 sizeof(cmd.params.pcrread_in.pcr_select)); 279 cmd.params.pcrread_in.pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7); 280 281 rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 282 "attempting to read a pcr value"); 283 if (rc == 0) { 284 buf = cmd.params.pcrread_out.digest; 285 memcpy(res_buf, buf, TPM_DIGEST_SIZE); 286 } 287 288 return rc; 289 } 290 291 #define TPM2_GET_PCREXTEND_IN_SIZE \ 292 (sizeof(struct tpm_input_header) + \ 293 sizeof(struct tpm2_pcr_extend_in)) 294 295 static const struct tpm_input_header tpm2_pcrextend_header = { 296 .tag = cpu_to_be16(TPM2_ST_SESSIONS), 297 .length = cpu_to_be32(TPM2_GET_PCREXTEND_IN_SIZE), 298 .ordinal = cpu_to_be32(TPM2_CC_PCR_EXTEND) 299 }; 300 301 /** 302 * tpm2_pcr_extend() - extend a PCR value 303 * @chip: TPM chip to use. 304 * @pcr_idx: index of the PCR. 305 * @hash: hash value to use for the extend operation. 306 * 307 * 0 is returned when the operation is successful. If a negative number is 308 * returned it remarks a POSIX error code. If a positive number is returned 309 * it remarks a TPM error. 310 */ 311 int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash) 312 { 313 struct tpm2_cmd cmd; 314 int rc; 315 316 cmd.header.in = tpm2_pcrextend_header; 317 cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx); 318 cmd.params.pcrextend_in.auth_area_size = 319 cpu_to_be32(sizeof(struct tpm2_null_auth_area)); 320 cmd.params.pcrextend_in.auth_area.handle = 321 cpu_to_be32(TPM2_RS_PW); 322 cmd.params.pcrextend_in.auth_area.nonce_size = 0; 323 cmd.params.pcrextend_in.auth_area.attributes = 0; 324 cmd.params.pcrextend_in.auth_area.auth_size = 0; 325 cmd.params.pcrextend_in.digest_cnt = cpu_to_be32(1); 326 cmd.params.pcrextend_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1); 327 memcpy(cmd.params.pcrextend_in.digest, hash, TPM_DIGEST_SIZE); 328 329 rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 330 "attempting extend a PCR value"); 331 332 return rc; 333 } 334 335 #define TPM2_GETRANDOM_IN_SIZE \ 336 (sizeof(struct tpm_input_header) + \ 337 sizeof(struct tpm2_get_random_in)) 338 339 static const struct tpm_input_header tpm2_getrandom_header = { 340 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 341 .length = cpu_to_be32(TPM2_GETRANDOM_IN_SIZE), 342 .ordinal = cpu_to_be32(TPM2_CC_GET_RANDOM) 343 }; 344 345 /** 346 * tpm2_get_random() - get random bytes from the TPM RNG 347 * @chip: TPM chip to use 348 * @out: destination buffer for the random bytes 349 * @max: the max number of bytes to write to @out 350 * 351 * 0 is returned when the operation is successful. If a negative number is 352 * returned it remarks a POSIX error code. If a positive number is returned 353 * it remarks a TPM error. 354 */ 355 int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max) 356 { 357 struct tpm2_cmd cmd; 358 u32 recd; 359 u32 num_bytes; 360 int err; 361 int total = 0; 362 int retries = 5; 363 u8 *dest = out; 364 365 num_bytes = min_t(u32, max, sizeof(cmd.params.getrandom_out.buffer)); 366 367 if (!out || !num_bytes || 368 max > sizeof(cmd.params.getrandom_out.buffer)) 369 return -EINVAL; 370 371 do { 372 cmd.header.in = tpm2_getrandom_header; 373 cmd.params.getrandom_in.size = cpu_to_be16(num_bytes); 374 375 err = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 376 "attempting get random"); 377 if (err) 378 break; 379 380 recd = min_t(u32, be16_to_cpu(cmd.params.getrandom_out.size), 381 num_bytes); 382 memcpy(dest, cmd.params.getrandom_out.buffer, recd); 383 384 dest += recd; 385 total += recd; 386 num_bytes -= recd; 387 } while (retries-- && total < max); 388 389 return total ? total : -EIO; 390 } 391 392 #define TPM2_GET_TPM_PT_IN_SIZE \ 393 (sizeof(struct tpm_input_header) + \ 394 sizeof(struct tpm2_get_tpm_pt_in)) 395 396 static const struct tpm_input_header tpm2_get_tpm_pt_header = { 397 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 398 .length = cpu_to_be32(TPM2_GET_TPM_PT_IN_SIZE), 399 .ordinal = cpu_to_be32(TPM2_CC_GET_CAPABILITY) 400 }; 401 402 /** 403 * Append TPMS_AUTH_COMMAND to the buffer. The buffer must be allocated with 404 * tpm_buf_alloc(). 405 * 406 * @param buf: an allocated tpm_buf instance 407 * @param nonce: the session nonce, may be NULL if not used 408 * @param nonce_len: the session nonce length, may be 0 if not used 409 * @param attributes: the session attributes 410 * @param hmac: the session HMAC or password, may be NULL if not used 411 * @param hmac_len: the session HMAC or password length, maybe 0 if not used 412 */ 413 static void tpm2_buf_append_auth(struct tpm_buf *buf, u32 session_handle, 414 const u8 *nonce, u16 nonce_len, 415 u8 attributes, 416 const u8 *hmac, u16 hmac_len) 417 { 418 tpm_buf_append_u32(buf, 9 + nonce_len + hmac_len); 419 tpm_buf_append_u32(buf, session_handle); 420 tpm_buf_append_u16(buf, nonce_len); 421 422 if (nonce && nonce_len) 423 tpm_buf_append(buf, nonce, nonce_len); 424 425 tpm_buf_append_u8(buf, attributes); 426 tpm_buf_append_u16(buf, hmac_len); 427 428 if (hmac && hmac_len) 429 tpm_buf_append(buf, hmac, hmac_len); 430 } 431 432 /** 433 * tpm2_seal_trusted() - seal a trusted key 434 * @chip_num: A specific chip number for the request or TPM_ANY_NUM 435 * @options: authentication values and other options 436 * @payload: the key data in clear and encrypted form 437 * 438 * Returns < 0 on error and 0 on success. 439 */ 440 int tpm2_seal_trusted(struct tpm_chip *chip, 441 struct trusted_key_payload *payload, 442 struct trusted_key_options *options) 443 { 444 unsigned int blob_len; 445 struct tpm_buf buf; 446 u32 hash; 447 int i; 448 int rc; 449 450 for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) { 451 if (options->hash == tpm2_hash_map[i].crypto_id) { 452 hash = tpm2_hash_map[i].tpm_id; 453 break; 454 } 455 } 456 457 if (i == ARRAY_SIZE(tpm2_hash_map)) 458 return -EINVAL; 459 460 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CREATE); 461 if (rc) 462 return rc; 463 464 tpm_buf_append_u32(&buf, options->keyhandle); 465 tpm2_buf_append_auth(&buf, TPM2_RS_PW, 466 NULL /* nonce */, 0, 467 0 /* session_attributes */, 468 options->keyauth /* hmac */, 469 TPM_DIGEST_SIZE); 470 471 /* sensitive */ 472 tpm_buf_append_u16(&buf, 4 + TPM_DIGEST_SIZE + payload->key_len + 1); 473 474 tpm_buf_append_u16(&buf, TPM_DIGEST_SIZE); 475 tpm_buf_append(&buf, options->blobauth, TPM_DIGEST_SIZE); 476 tpm_buf_append_u16(&buf, payload->key_len + 1); 477 tpm_buf_append(&buf, payload->key, payload->key_len); 478 tpm_buf_append_u8(&buf, payload->migratable); 479 480 /* public */ 481 if (options->policydigest) 482 tpm_buf_append_u16(&buf, 14 + options->digest_len); 483 else 484 tpm_buf_append_u16(&buf, 14); 485 486 tpm_buf_append_u16(&buf, TPM2_ALG_KEYEDHASH); 487 tpm_buf_append_u16(&buf, hash); 488 489 /* policy */ 490 if (options->policydigest) { 491 tpm_buf_append_u32(&buf, 0); 492 tpm_buf_append_u16(&buf, options->digest_len); 493 tpm_buf_append(&buf, options->policydigest, 494 options->digest_len); 495 } else { 496 tpm_buf_append_u32(&buf, TPM2_ATTR_USER_WITH_AUTH); 497 tpm_buf_append_u16(&buf, 0); 498 } 499 500 /* public parameters */ 501 tpm_buf_append_u16(&buf, TPM2_ALG_NULL); 502 tpm_buf_append_u16(&buf, 0); 503 504 /* outside info */ 505 tpm_buf_append_u16(&buf, 0); 506 507 /* creation PCR */ 508 tpm_buf_append_u32(&buf, 0); 509 510 if (buf.flags & TPM_BUF_OVERFLOW) { 511 rc = -E2BIG; 512 goto out; 513 } 514 515 rc = tpm_transmit_cmd(chip, buf.data, PAGE_SIZE, "sealing data"); 516 if (rc) 517 goto out; 518 519 blob_len = be32_to_cpup((__be32 *) &buf.data[TPM_HEADER_SIZE]); 520 if (blob_len > MAX_BLOB_SIZE) { 521 rc = -E2BIG; 522 goto out; 523 } 524 525 memcpy(payload->blob, &buf.data[TPM_HEADER_SIZE + 4], blob_len); 526 payload->blob_len = blob_len; 527 528 out: 529 tpm_buf_destroy(&buf); 530 531 if (rc > 0) { 532 if ((rc & TPM2_RC_HASH) == TPM2_RC_HASH) 533 rc = -EINVAL; 534 else 535 rc = -EPERM; 536 } 537 538 return rc; 539 } 540 541 static int tpm2_load(struct tpm_chip *chip, 542 struct trusted_key_payload *payload, 543 struct trusted_key_options *options, 544 u32 *blob_handle) 545 { 546 struct tpm_buf buf; 547 unsigned int private_len; 548 unsigned int public_len; 549 unsigned int blob_len; 550 int rc; 551 552 private_len = be16_to_cpup((__be16 *) &payload->blob[0]); 553 if (private_len > (payload->blob_len - 2)) 554 return -E2BIG; 555 556 public_len = be16_to_cpup((__be16 *) &payload->blob[2 + private_len]); 557 blob_len = private_len + public_len + 4; 558 if (blob_len > payload->blob_len) 559 return -E2BIG; 560 561 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_LOAD); 562 if (rc) 563 return rc; 564 565 tpm_buf_append_u32(&buf, options->keyhandle); 566 tpm2_buf_append_auth(&buf, TPM2_RS_PW, 567 NULL /* nonce */, 0, 568 0 /* session_attributes */, 569 options->keyauth /* hmac */, 570 TPM_DIGEST_SIZE); 571 572 tpm_buf_append(&buf, payload->blob, blob_len); 573 574 if (buf.flags & TPM_BUF_OVERFLOW) { 575 rc = -E2BIG; 576 goto out; 577 } 578 579 rc = tpm_transmit_cmd(chip, buf.data, PAGE_SIZE, "loading blob"); 580 if (!rc) 581 *blob_handle = be32_to_cpup( 582 (__be32 *) &buf.data[TPM_HEADER_SIZE]); 583 584 out: 585 tpm_buf_destroy(&buf); 586 587 if (rc > 0) 588 rc = -EPERM; 589 590 return rc; 591 } 592 593 static void tpm2_flush_context(struct tpm_chip *chip, u32 handle) 594 { 595 struct tpm_buf buf; 596 int rc; 597 598 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_FLUSH_CONTEXT); 599 if (rc) { 600 dev_warn(chip->pdev, "0x%08x was not flushed, out of memory\n", 601 handle); 602 return; 603 } 604 605 tpm_buf_append_u32(&buf, handle); 606 607 rc = tpm_transmit_cmd(chip, buf.data, PAGE_SIZE, "flushing context"); 608 if (rc) 609 dev_warn(chip->pdev, "0x%08x was not flushed, rc=%d\n", handle, 610 rc); 611 612 tpm_buf_destroy(&buf); 613 } 614 615 static int tpm2_unseal(struct tpm_chip *chip, 616 struct trusted_key_payload *payload, 617 struct trusted_key_options *options, 618 u32 blob_handle) 619 { 620 struct tpm_buf buf; 621 u16 data_len; 622 u8 *data; 623 int rc; 624 625 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_UNSEAL); 626 if (rc) 627 return rc; 628 629 tpm_buf_append_u32(&buf, blob_handle); 630 tpm2_buf_append_auth(&buf, 631 options->policyhandle ? 632 options->policyhandle : TPM2_RS_PW, 633 NULL /* nonce */, 0, 634 0 /* session_attributes */, 635 options->blobauth /* hmac */, 636 TPM_DIGEST_SIZE); 637 638 rc = tpm_transmit_cmd(chip, buf.data, PAGE_SIZE, "unsealing"); 639 if (rc > 0) 640 rc = -EPERM; 641 642 if (!rc) { 643 data_len = be16_to_cpup( 644 (__be16 *) &buf.data[TPM_HEADER_SIZE + 4]); 645 data = &buf.data[TPM_HEADER_SIZE + 6]; 646 647 memcpy(payload->key, data, data_len - 1); 648 payload->key_len = data_len - 1; 649 payload->migratable = data[data_len - 1]; 650 } 651 652 tpm_buf_destroy(&buf); 653 return rc; 654 } 655 656 /** 657 * tpm_unseal_trusted() - unseal a trusted key 658 * @chip_num: A specific chip number for the request or TPM_ANY_NUM 659 * @options: authentication values and other options 660 * @payload: the key data in clear and encrypted form 661 * 662 * Returns < 0 on error and 0 on success. 663 */ 664 int tpm2_unseal_trusted(struct tpm_chip *chip, 665 struct trusted_key_payload *payload, 666 struct trusted_key_options *options) 667 { 668 u32 blob_handle; 669 int rc; 670 671 rc = tpm2_load(chip, payload, options, &blob_handle); 672 if (rc) 673 return rc; 674 675 rc = tpm2_unseal(chip, payload, options, blob_handle); 676 677 tpm2_flush_context(chip, blob_handle); 678 679 return rc; 680 } 681 682 /** 683 * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property 684 * @chip: TPM chip to use. 685 * @property_id: property ID. 686 * @value: output variable. 687 * @desc: passed to tpm_transmit_cmd() 688 * 689 * 0 is returned when the operation is successful. If a negative number is 690 * returned it remarks a POSIX error code. If a positive number is returned 691 * it remarks a TPM error. 692 */ 693 ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, u32 *value, 694 const char *desc) 695 { 696 struct tpm2_cmd cmd; 697 int rc; 698 699 cmd.header.in = tpm2_get_tpm_pt_header; 700 cmd.params.get_tpm_pt_in.cap_id = cpu_to_be32(TPM2_CAP_TPM_PROPERTIES); 701 cmd.params.get_tpm_pt_in.property_id = cpu_to_be32(property_id); 702 cmd.params.get_tpm_pt_in.property_cnt = cpu_to_be32(1); 703 704 rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), desc); 705 if (!rc) 706 *value = cmd.params.get_tpm_pt_out.value; 707 708 return rc; 709 } 710 711 #define TPM2_STARTUP_IN_SIZE \ 712 (sizeof(struct tpm_input_header) + \ 713 sizeof(struct tpm2_startup_in)) 714 715 static const struct tpm_input_header tpm2_startup_header = { 716 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 717 .length = cpu_to_be32(TPM2_STARTUP_IN_SIZE), 718 .ordinal = cpu_to_be32(TPM2_CC_STARTUP) 719 }; 720 721 /** 722 * tpm2_startup() - send startup command to the TPM chip 723 * @chip: TPM chip to use. 724 * @startup_type startup type. The value is either 725 * TPM_SU_CLEAR or TPM_SU_STATE. 726 * 727 * 0 is returned when the operation is successful. If a negative number is 728 * returned it remarks a POSIX error code. If a positive number is returned 729 * it remarks a TPM error. 730 */ 731 int tpm2_startup(struct tpm_chip *chip, u16 startup_type) 732 { 733 struct tpm2_cmd cmd; 734 735 cmd.header.in = tpm2_startup_header; 736 737 cmd.params.startup_in.startup_type = cpu_to_be16(startup_type); 738 return tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 739 "attempting to start the TPM"); 740 } 741 EXPORT_SYMBOL_GPL(tpm2_startup); 742 743 #define TPM2_SHUTDOWN_IN_SIZE \ 744 (sizeof(struct tpm_input_header) + \ 745 sizeof(struct tpm2_startup_in)) 746 747 static const struct tpm_input_header tpm2_shutdown_header = { 748 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 749 .length = cpu_to_be32(TPM2_SHUTDOWN_IN_SIZE), 750 .ordinal = cpu_to_be32(TPM2_CC_SHUTDOWN) 751 }; 752 753 /** 754 * tpm2_shutdown() - send shutdown command to the TPM chip 755 * @chip: TPM chip to use. 756 * @shutdown_type shutdown type. The value is either 757 * TPM_SU_CLEAR or TPM_SU_STATE. 758 */ 759 void tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type) 760 { 761 struct tpm2_cmd cmd; 762 int rc; 763 764 cmd.header.in = tpm2_shutdown_header; 765 cmd.params.startup_in.startup_type = cpu_to_be16(shutdown_type); 766 767 rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), "stopping the TPM"); 768 769 /* In places where shutdown command is sent there's no much we can do 770 * except print the error code on a system failure. 771 */ 772 if (rc < 0) 773 dev_warn(chip->pdev, "transmit returned %d while stopping the TPM", 774 rc); 775 } 776 EXPORT_SYMBOL_GPL(tpm2_shutdown); 777 778 /* 779 * tpm2_calc_ordinal_duration() - maximum duration for a command 780 * @chip: TPM chip to use. 781 * @ordinal: command code number. 782 * 783 * 0 is returned when the operation is successful. If a negative number is 784 * returned it remarks a POSIX error code. If a positive number is returned 785 * it remarks a TPM error. 786 */ 787 unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal) 788 { 789 int index = TPM_UNDEFINED; 790 int duration = 0; 791 792 if (ordinal >= TPM2_CC_FIRST && ordinal <= TPM2_CC_LAST) 793 index = tpm2_ordinal_duration[ordinal - TPM2_CC_FIRST]; 794 795 if (index != TPM_UNDEFINED) 796 duration = chip->vendor.duration[index]; 797 798 if (duration <= 0) 799 duration = 2 * 60 * HZ; 800 801 return duration; 802 } 803 EXPORT_SYMBOL_GPL(tpm2_calc_ordinal_duration); 804 805 #define TPM2_SELF_TEST_IN_SIZE \ 806 (sizeof(struct tpm_input_header) + \ 807 sizeof(struct tpm2_self_test_in)) 808 809 static const struct tpm_input_header tpm2_selftest_header = { 810 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), 811 .length = cpu_to_be32(TPM2_SELF_TEST_IN_SIZE), 812 .ordinal = cpu_to_be32(TPM2_CC_SELF_TEST) 813 }; 814 815 /** 816 * tpm2_continue_selftest() - start a self test 817 * @chip: TPM chip to use 818 * @full: test all commands instead of testing only those that were not 819 * previously tested. 820 * 821 * 0 is returned when the operation is successful. If a negative number is 822 * returned it remarks a POSIX error code. If a positive number is returned 823 * it remarks a TPM error. 824 */ 825 static int tpm2_start_selftest(struct tpm_chip *chip, bool full) 826 { 827 int rc; 828 struct tpm2_cmd cmd; 829 830 cmd.header.in = tpm2_selftest_header; 831 cmd.params.selftest_in.full_test = full; 832 833 rc = tpm_transmit_cmd(chip, &cmd, TPM2_SELF_TEST_IN_SIZE, 834 "continue selftest"); 835 836 /* At least some prototype chips seem to give RC_TESTING error 837 * immediately. This is a workaround for that. 838 */ 839 if (rc == TPM2_RC_TESTING) { 840 dev_warn(chip->pdev, "Got RC_TESTING, ignoring\n"); 841 rc = 0; 842 } 843 844 return rc; 845 } 846 847 /** 848 * tpm2_do_selftest() - run a full self test 849 * @chip: TPM chip to use 850 * 851 * During the self test TPM2 commands return with the error code RC_TESTING. 852 * Waiting is done by issuing PCR read until it executes successfully. 853 * 854 * 0 is returned when the operation is successful. If a negative number is 855 * returned it remarks a POSIX error code. If a positive number is returned 856 * it remarks a TPM error. 857 */ 858 int tpm2_do_selftest(struct tpm_chip *chip) 859 { 860 int rc; 861 unsigned int loops; 862 unsigned int delay_msec = 100; 863 unsigned long duration; 864 struct tpm2_cmd cmd; 865 int i; 866 867 duration = tpm2_calc_ordinal_duration(chip, TPM2_CC_SELF_TEST); 868 869 loops = jiffies_to_msecs(duration) / delay_msec; 870 871 rc = tpm2_start_selftest(chip, true); 872 if (rc) 873 return rc; 874 875 for (i = 0; i < loops; i++) { 876 /* Attempt to read a PCR value */ 877 cmd.header.in = tpm2_pcrread_header; 878 cmd.params.pcrread_in.pcr_selects_cnt = cpu_to_be32(1); 879 cmd.params.pcrread_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1); 880 cmd.params.pcrread_in.pcr_select_size = TPM2_PCR_SELECT_MIN; 881 cmd.params.pcrread_in.pcr_select[0] = 0x01; 882 cmd.params.pcrread_in.pcr_select[1] = 0x00; 883 cmd.params.pcrread_in.pcr_select[2] = 0x00; 884 885 rc = tpm_transmit_cmd(chip, (u8 *) &cmd, sizeof(cmd), NULL); 886 if (rc < 0) 887 break; 888 889 rc = be32_to_cpu(cmd.header.out.return_code); 890 if (rc != TPM2_RC_TESTING) 891 break; 892 893 msleep(delay_msec); 894 } 895 896 return rc; 897 } 898 EXPORT_SYMBOL_GPL(tpm2_do_selftest); 899 900 /** 901 * tpm2_gen_interrupt() - generate an interrupt 902 * @chip: TPM chip to use 903 * 904 * 0 is returned when the operation is successful. If a negative number is 905 * returned it remarks a POSIX error code. If a positive number is returned 906 * it remarks a TPM error. 907 */ 908 int tpm2_gen_interrupt(struct tpm_chip *chip) 909 { 910 u32 dummy; 911 912 return tpm2_get_tpm_pt(chip, 0x100, &dummy, 913 "attempting to generate an interrupt"); 914 } 915 EXPORT_SYMBOL_GPL(tpm2_gen_interrupt); 916 917 /** 918 * tpm2_probe() - probe TPM 2.0 919 * @chip: TPM chip to use 920 * 921 * Send idempotent TPM 2.0 command and see whether TPM 2.0 chip replied based on 922 * the reply tag. 923 */ 924 int tpm2_probe(struct tpm_chip *chip) 925 { 926 struct tpm2_cmd cmd; 927 int rc; 928 929 cmd.header.in = tpm2_get_tpm_pt_header; 930 cmd.params.get_tpm_pt_in.cap_id = cpu_to_be32(TPM2_CAP_TPM_PROPERTIES); 931 cmd.params.get_tpm_pt_in.property_id = cpu_to_be32(0x100); 932 cmd.params.get_tpm_pt_in.property_cnt = cpu_to_be32(1); 933 934 rc = tpm_transmit(chip, (const char *) &cmd, sizeof(cmd)); 935 if (rc < 0) 936 return rc; 937 else if (rc < TPM_HEADER_SIZE) 938 return -EFAULT; 939 940 if (be16_to_cpu(cmd.header.out.tag) == TPM2_ST_NO_SESSIONS) 941 chip->flags |= TPM_CHIP_FLAG_TPM2; 942 943 return 0; 944 } 945 EXPORT_SYMBOL_GPL(tpm2_probe); 946