1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2010 IBM Corporation 4 * Copyright (c) 2019-2021, Linaro Limited 5 * 6 * See Documentation/security/keys/trusted-encrypted.rst 7 */ 8 9 #include <keys/user-type.h> 10 #include <keys/trusted-type.h> 11 #include <keys/trusted_tee.h> 12 #include <keys/trusted_caam.h> 13 #include <keys/trusted_dcp.h> 14 #include <keys/trusted_tpm.h> 15 #include <keys/trusted_pkwm.h> 16 #include <linux/capability.h> 17 #include <linux/err.h> 18 #include <linux/hex.h> 19 #include <linux/init.h> 20 #include <linux/key-type.h> 21 #include <linux/module.h> 22 #include <linux/parser.h> 23 #include <linux/random.h> 24 #include <linux/rcupdate.h> 25 #include <linux/slab.h> 26 #include <linux/static_call.h> 27 #include <linux/string.h> 28 #include <linux/uaccess.h> 29 30 static char *trusted_rng = "default"; 31 module_param_named(rng, trusted_rng, charp, 0); 32 MODULE_PARM_DESC(rng, "Select trusted key RNG"); 33 34 static char *trusted_key_source; 35 module_param_named(source, trusted_key_source, charp, 0); 36 MODULE_PARM_DESC(source, "Select trusted keys source (tpm, tee, caam, dcp or pkwm)"); 37 38 static const struct trusted_key_source trusted_key_sources[] = { 39 #if defined(CONFIG_TRUSTED_KEYS_TPM) 40 { "tpm", &trusted_key_tpm_ops }, 41 #endif 42 #if defined(CONFIG_TRUSTED_KEYS_TEE) 43 { "tee", &trusted_key_tee_ops }, 44 #endif 45 #if defined(CONFIG_TRUSTED_KEYS_CAAM) 46 { "caam", &trusted_key_caam_ops }, 47 #endif 48 #if defined(CONFIG_TRUSTED_KEYS_DCP) 49 { "dcp", &dcp_trusted_key_ops }, 50 #endif 51 #if defined(CONFIG_TRUSTED_KEYS_PKWM) 52 { "pkwm", &pkwm_trusted_key_ops }, 53 #endif 54 }; 55 56 DEFINE_STATIC_CALL_NULL(trusted_key_seal, *trusted_key_sources[0].ops->seal); 57 DEFINE_STATIC_CALL_NULL(trusted_key_unseal, 58 *trusted_key_sources[0].ops->unseal); 59 DEFINE_STATIC_CALL_NULL(trusted_key_get_random, 60 *trusted_key_sources[0].ops->get_random); 61 static void (*trusted_key_exit)(void); 62 static unsigned char migratable; 63 64 enum { 65 Opt_err, 66 Opt_new, Opt_load, Opt_update, 67 }; 68 69 static const match_table_t key_tokens = { 70 {Opt_new, "new"}, 71 {Opt_load, "load"}, 72 {Opt_update, "update"}, 73 {Opt_err, NULL} 74 }; 75 76 /* 77 * datablob_parse - parse the keyctl data and fill in the 78 * payload structure 79 * 80 * On success returns 0, otherwise -EINVAL. 81 */ 82 static int datablob_parse(char **datablob, struct trusted_key_payload *p) 83 { 84 substring_t args[MAX_OPT_ARGS]; 85 long keylen; 86 int ret = -EINVAL; 87 int key_cmd; 88 char *c; 89 90 /* main command */ 91 c = strsep(datablob, " \t"); 92 if (!c) 93 return -EINVAL; 94 key_cmd = match_token(c, key_tokens, args); 95 switch (key_cmd) { 96 case Opt_new: 97 /* first argument is key size */ 98 c = strsep(datablob, " \t"); 99 if (!c) 100 return -EINVAL; 101 ret = kstrtol(c, 10, &keylen); 102 if (ret < 0 || keylen < MIN_KEY_SIZE || keylen > MAX_KEY_SIZE) 103 return -EINVAL; 104 p->key_len = keylen; 105 ret = Opt_new; 106 break; 107 case Opt_load: 108 /* first argument is sealed blob */ 109 c = strsep(datablob, " \t"); 110 if (!c) 111 return -EINVAL; 112 p->blob_len = strlen(c) / 2; 113 if (p->blob_len > MAX_BLOB_SIZE) 114 return -EINVAL; 115 ret = hex2bin(p->blob, c, p->blob_len); 116 if (ret < 0) 117 return -EINVAL; 118 ret = Opt_load; 119 break; 120 case Opt_update: 121 ret = Opt_update; 122 break; 123 case Opt_err: 124 return -EINVAL; 125 } 126 return ret; 127 } 128 129 static struct trusted_key_payload *trusted_payload_alloc(struct key *key) 130 { 131 struct trusted_key_payload *p = NULL; 132 int ret; 133 134 ret = key_payload_reserve(key, sizeof(*p)); 135 if (ret < 0) 136 goto err; 137 p = kzalloc(sizeof(*p), GFP_KERNEL); 138 if (!p) 139 goto err; 140 141 p->migratable = migratable; 142 err: 143 return p; 144 } 145 146 /* 147 * trusted_instantiate - create a new trusted key 148 * 149 * Unseal an existing trusted blob or, for a new key, get a 150 * random key, then seal and create a trusted key-type key, 151 * adding it to the specified keyring. 152 * 153 * On success, return 0. Otherwise return errno. 154 */ 155 static int trusted_instantiate(struct key *key, 156 struct key_preparsed_payload *prep) 157 { 158 struct trusted_key_payload *payload = NULL; 159 size_t datalen = prep->datalen; 160 char *datablob, *orig_datablob; 161 int ret = 0; 162 int key_cmd; 163 size_t key_len; 164 165 if (datalen == 0 || datalen > 32767 || !prep->data) 166 return -EINVAL; 167 168 orig_datablob = datablob = kmalloc(datalen + 1, GFP_KERNEL); 169 if (!datablob) 170 return -ENOMEM; 171 memcpy(datablob, prep->data, datalen); 172 datablob[datalen] = '\0'; 173 174 payload = trusted_payload_alloc(key); 175 if (!payload) { 176 ret = -ENOMEM; 177 goto out; 178 } 179 180 key_cmd = datablob_parse(&datablob, payload); 181 if (key_cmd < 0) { 182 ret = key_cmd; 183 goto out; 184 } 185 186 dump_payload(payload); 187 188 switch (key_cmd) { 189 case Opt_load: 190 ret = static_call(trusted_key_unseal)(payload, datablob); 191 dump_payload(payload); 192 if (ret < 0) 193 pr_info("key_unseal failed (%d)\n", ret); 194 break; 195 case Opt_new: 196 key_len = payload->key_len; 197 ret = static_call(trusted_key_get_random)(payload->key, 198 key_len); 199 if (ret < 0) 200 goto out; 201 202 if (ret != key_len) { 203 pr_info("key_create failed (%d)\n", ret); 204 ret = -EIO; 205 goto out; 206 } 207 208 ret = static_call(trusted_key_seal)(payload, datablob); 209 if (ret < 0) 210 pr_info("key_seal failed (%d)\n", ret); 211 break; 212 default: 213 ret = -EINVAL; 214 } 215 out: 216 kfree_sensitive(orig_datablob); 217 if (!ret) 218 rcu_assign_keypointer(key, payload); 219 else 220 kfree_sensitive(payload); 221 return ret; 222 } 223 224 static void trusted_rcu_free(struct rcu_head *rcu) 225 { 226 struct trusted_key_payload *p; 227 228 p = container_of(rcu, struct trusted_key_payload, rcu); 229 kfree_sensitive(p); 230 } 231 232 /* 233 * trusted_update - reseal an existing key with new PCR values 234 */ 235 static int trusted_update(struct key *key, struct key_preparsed_payload *prep) 236 { 237 struct trusted_key_payload *p; 238 struct trusted_key_payload *new_p; 239 size_t datalen = prep->datalen; 240 char *datablob, *orig_datablob; 241 int ret = 0; 242 243 if (key_is_negative(key)) 244 return -ENOKEY; 245 p = key->payload.data[0]; 246 if (!p->migratable) 247 return -EPERM; 248 if (datalen == 0 || datalen > 32767 || !prep->data) 249 return -EINVAL; 250 251 orig_datablob = datablob = kmalloc(datalen + 1, GFP_KERNEL); 252 if (!datablob) 253 return -ENOMEM; 254 255 new_p = trusted_payload_alloc(key); 256 if (!new_p) { 257 ret = -ENOMEM; 258 goto out; 259 } 260 261 memcpy(datablob, prep->data, datalen); 262 datablob[datalen] = '\0'; 263 ret = datablob_parse(&datablob, new_p); 264 if (ret != Opt_update) { 265 ret = -EINVAL; 266 kfree_sensitive(new_p); 267 goto out; 268 } 269 270 /* copy old key values, and reseal with new pcrs */ 271 new_p->migratable = p->migratable; 272 new_p->key_len = p->key_len; 273 memcpy(new_p->key, p->key, p->key_len); 274 dump_payload(p); 275 dump_payload(new_p); 276 277 ret = static_call(trusted_key_seal)(new_p, datablob); 278 if (ret < 0) { 279 pr_info("key_seal failed (%d)\n", ret); 280 kfree_sensitive(new_p); 281 goto out; 282 } 283 284 rcu_assign_keypointer(key, new_p); 285 call_rcu(&p->rcu, trusted_rcu_free); 286 out: 287 kfree_sensitive(orig_datablob); 288 return ret; 289 } 290 291 /* 292 * trusted_read - copy the sealed blob data to userspace in hex. 293 * On success, return to userspace the trusted key datablob size. 294 */ 295 static long trusted_read(const struct key *key, char *buffer, 296 size_t buflen) 297 { 298 const struct trusted_key_payload *p; 299 char *bufp; 300 int i; 301 302 p = dereference_key_locked(key); 303 if (!p) 304 return -EINVAL; 305 306 if (buffer && buflen >= 2 * p->blob_len) { 307 bufp = buffer; 308 for (i = 0; i < p->blob_len; i++) 309 bufp = hex_byte_pack(bufp, p->blob[i]); 310 } 311 return 2 * p->blob_len; 312 } 313 314 /* 315 * trusted_destroy - clear and free the key's payload 316 */ 317 static void trusted_destroy(struct key *key) 318 { 319 kfree_sensitive(key->payload.data[0]); 320 } 321 322 struct key_type key_type_trusted = { 323 .name = "trusted", 324 .instantiate = trusted_instantiate, 325 .update = trusted_update, 326 .destroy = trusted_destroy, 327 .describe = user_describe, 328 .read = trusted_read, 329 }; 330 EXPORT_SYMBOL_GPL(key_type_trusted); 331 332 static int kernel_get_random(unsigned char *key, size_t key_len) 333 { 334 return get_random_bytes_wait(key, key_len) ?: key_len; 335 } 336 337 static int __init init_trusted(void) 338 { 339 int (*get_random)(unsigned char *key, size_t key_len); 340 int i, ret = 0; 341 342 for (i = 0; i < ARRAY_SIZE(trusted_key_sources); i++) { 343 if (trusted_key_source && 344 strncmp(trusted_key_source, trusted_key_sources[i].name, 345 strlen(trusted_key_sources[i].name))) 346 continue; 347 348 /* 349 * We always support trusted.rng="kernel" and "default" as 350 * well as trusted.rng=$trusted.source if the trust source 351 * defines its own get_random callback. 352 */ 353 get_random = trusted_key_sources[i].ops->get_random; 354 if (trusted_rng && strcmp(trusted_rng, "default")) { 355 if (!strcmp(trusted_rng, "kernel")) { 356 get_random = kernel_get_random; 357 } else if (strcmp(trusted_rng, trusted_key_sources[i].name) || 358 !get_random) { 359 pr_warn("Unsupported RNG. Supported: kernel"); 360 if (get_random) 361 pr_cont(", %s", trusted_key_sources[i].name); 362 pr_cont(", default\n"); 363 return -EINVAL; 364 } 365 } 366 367 if (!get_random) 368 get_random = kernel_get_random; 369 370 ret = trusted_key_sources[i].ops->init(); 371 if (!ret) { 372 static_call_update(trusted_key_seal, trusted_key_sources[i].ops->seal); 373 static_call_update(trusted_key_unseal, trusted_key_sources[i].ops->unseal); 374 static_call_update(trusted_key_get_random, get_random); 375 376 trusted_key_exit = trusted_key_sources[i].ops->exit; 377 migratable = trusted_key_sources[i].ops->migratable; 378 } 379 380 if (!ret || ret != -ENODEV) 381 break; 382 } 383 384 /* 385 * encrypted_keys.ko depends on successful load of this module even if 386 * trusted key implementation is not found. 387 */ 388 if (ret == -ENODEV) 389 return 0; 390 391 return ret; 392 } 393 394 static void __exit cleanup_trusted(void) 395 { 396 if (trusted_key_exit) 397 (*trusted_key_exit)(); 398 } 399 400 late_initcall(init_trusted); 401 module_exit(cleanup_trusted); 402 403 MODULE_DESCRIPTION("Trusted Key type"); 404 MODULE_LICENSE("GPL"); 405