1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2010 IBM Corporation 4 * Copyright (c) 2019-2021, Linaro Limited 5 * 6 * See Documentation/security/keys/trusted-encrypted.rst 7 */ 8 9 #include <keys/user-type.h> 10 #include <keys/trusted-type.h> 11 #include <keys/trusted_tee.h> 12 #include <keys/trusted_caam.h> 13 #include <keys/trusted_dcp.h> 14 #include <keys/trusted_tpm.h> 15 #include <linux/capability.h> 16 #include <linux/err.h> 17 #include <linux/hex.h> 18 #include <linux/init.h> 19 #include <linux/key-type.h> 20 #include <linux/module.h> 21 #include <linux/parser.h> 22 #include <linux/random.h> 23 #include <linux/rcupdate.h> 24 #include <linux/slab.h> 25 #include <linux/static_call.h> 26 #include <linux/string.h> 27 #include <linux/uaccess.h> 28 29 static char *trusted_rng = "default"; 30 module_param_named(rng, trusted_rng, charp, 0); 31 MODULE_PARM_DESC(rng, "Select trusted key RNG"); 32 33 static char *trusted_key_source; 34 module_param_named(source, trusted_key_source, charp, 0); 35 MODULE_PARM_DESC(source, "Select trusted keys source (tpm, tee, caam or dcp)"); 36 37 static const struct trusted_key_source trusted_key_sources[] = { 38 #if defined(CONFIG_TRUSTED_KEYS_TPM) 39 { "tpm", &trusted_key_tpm_ops }, 40 #endif 41 #if defined(CONFIG_TRUSTED_KEYS_TEE) 42 { "tee", &trusted_key_tee_ops }, 43 #endif 44 #if defined(CONFIG_TRUSTED_KEYS_CAAM) 45 { "caam", &trusted_key_caam_ops }, 46 #endif 47 #if defined(CONFIG_TRUSTED_KEYS_DCP) 48 { "dcp", &dcp_trusted_key_ops }, 49 #endif 50 }; 51 52 DEFINE_STATIC_CALL_NULL(trusted_key_seal, *trusted_key_sources[0].ops->seal); 53 DEFINE_STATIC_CALL_NULL(trusted_key_unseal, 54 *trusted_key_sources[0].ops->unseal); 55 DEFINE_STATIC_CALL_NULL(trusted_key_get_random, 56 *trusted_key_sources[0].ops->get_random); 57 static void (*trusted_key_exit)(void); 58 static unsigned char migratable; 59 60 enum { 61 Opt_err, 62 Opt_new, Opt_load, Opt_update, 63 }; 64 65 static const match_table_t key_tokens = { 66 {Opt_new, "new"}, 67 {Opt_load, "load"}, 68 {Opt_update, "update"}, 69 {Opt_err, NULL} 70 }; 71 72 /* 73 * datablob_parse - parse the keyctl data and fill in the 74 * payload structure 75 * 76 * On success returns 0, otherwise -EINVAL. 77 */ 78 static int datablob_parse(char **datablob, struct trusted_key_payload *p) 79 { 80 substring_t args[MAX_OPT_ARGS]; 81 long keylen; 82 int ret = -EINVAL; 83 int key_cmd; 84 char *c; 85 86 /* main command */ 87 c = strsep(datablob, " \t"); 88 if (!c) 89 return -EINVAL; 90 key_cmd = match_token(c, key_tokens, args); 91 switch (key_cmd) { 92 case Opt_new: 93 /* first argument is key size */ 94 c = strsep(datablob, " \t"); 95 if (!c) 96 return -EINVAL; 97 ret = kstrtol(c, 10, &keylen); 98 if (ret < 0 || keylen < MIN_KEY_SIZE || keylen > MAX_KEY_SIZE) 99 return -EINVAL; 100 p->key_len = keylen; 101 ret = Opt_new; 102 break; 103 case Opt_load: 104 /* first argument is sealed blob */ 105 c = strsep(datablob, " \t"); 106 if (!c) 107 return -EINVAL; 108 p->blob_len = strlen(c) / 2; 109 if (p->blob_len > MAX_BLOB_SIZE) 110 return -EINVAL; 111 ret = hex2bin(p->blob, c, p->blob_len); 112 if (ret < 0) 113 return -EINVAL; 114 ret = Opt_load; 115 break; 116 case Opt_update: 117 ret = Opt_update; 118 break; 119 case Opt_err: 120 return -EINVAL; 121 } 122 return ret; 123 } 124 125 static struct trusted_key_payload *trusted_payload_alloc(struct key *key) 126 { 127 struct trusted_key_payload *p = NULL; 128 int ret; 129 130 ret = key_payload_reserve(key, sizeof(*p)); 131 if (ret < 0) 132 goto err; 133 p = kzalloc(sizeof(*p), GFP_KERNEL); 134 if (!p) 135 goto err; 136 137 p->migratable = migratable; 138 err: 139 return p; 140 } 141 142 /* 143 * trusted_instantiate - create a new trusted key 144 * 145 * Unseal an existing trusted blob or, for a new key, get a 146 * random key, then seal and create a trusted key-type key, 147 * adding it to the specified keyring. 148 * 149 * On success, return 0. Otherwise return errno. 150 */ 151 static int trusted_instantiate(struct key *key, 152 struct key_preparsed_payload *prep) 153 { 154 struct trusted_key_payload *payload = NULL; 155 size_t datalen = prep->datalen; 156 char *datablob, *orig_datablob; 157 int ret = 0; 158 int key_cmd; 159 size_t key_len; 160 161 if (datalen == 0 || datalen > 32767 || !prep->data) 162 return -EINVAL; 163 164 orig_datablob = datablob = kmalloc(datalen + 1, GFP_KERNEL); 165 if (!datablob) 166 return -ENOMEM; 167 memcpy(datablob, prep->data, datalen); 168 datablob[datalen] = '\0'; 169 170 payload = trusted_payload_alloc(key); 171 if (!payload) { 172 ret = -ENOMEM; 173 goto out; 174 } 175 176 key_cmd = datablob_parse(&datablob, payload); 177 if (key_cmd < 0) { 178 ret = key_cmd; 179 goto out; 180 } 181 182 dump_payload(payload); 183 184 switch (key_cmd) { 185 case Opt_load: 186 ret = static_call(trusted_key_unseal)(payload, datablob); 187 dump_payload(payload); 188 if (ret < 0) 189 pr_info("key_unseal failed (%d)\n", ret); 190 break; 191 case Opt_new: 192 key_len = payload->key_len; 193 ret = static_call(trusted_key_get_random)(payload->key, 194 key_len); 195 if (ret < 0) 196 goto out; 197 198 if (ret != key_len) { 199 pr_info("key_create failed (%d)\n", ret); 200 ret = -EIO; 201 goto out; 202 } 203 204 ret = static_call(trusted_key_seal)(payload, datablob); 205 if (ret < 0) 206 pr_info("key_seal failed (%d)\n", ret); 207 break; 208 default: 209 ret = -EINVAL; 210 } 211 out: 212 kfree_sensitive(orig_datablob); 213 if (!ret) 214 rcu_assign_keypointer(key, payload); 215 else 216 kfree_sensitive(payload); 217 return ret; 218 } 219 220 static void trusted_rcu_free(struct rcu_head *rcu) 221 { 222 struct trusted_key_payload *p; 223 224 p = container_of(rcu, struct trusted_key_payload, rcu); 225 kfree_sensitive(p); 226 } 227 228 /* 229 * trusted_update - reseal an existing key with new PCR values 230 */ 231 static int trusted_update(struct key *key, struct key_preparsed_payload *prep) 232 { 233 struct trusted_key_payload *p; 234 struct trusted_key_payload *new_p; 235 size_t datalen = prep->datalen; 236 char *datablob, *orig_datablob; 237 int ret = 0; 238 239 if (key_is_negative(key)) 240 return -ENOKEY; 241 p = key->payload.data[0]; 242 if (!p->migratable) 243 return -EPERM; 244 if (datalen == 0 || datalen > 32767 || !prep->data) 245 return -EINVAL; 246 247 orig_datablob = datablob = kmalloc(datalen + 1, GFP_KERNEL); 248 if (!datablob) 249 return -ENOMEM; 250 251 new_p = trusted_payload_alloc(key); 252 if (!new_p) { 253 ret = -ENOMEM; 254 goto out; 255 } 256 257 memcpy(datablob, prep->data, datalen); 258 datablob[datalen] = '\0'; 259 ret = datablob_parse(&datablob, new_p); 260 if (ret != Opt_update) { 261 ret = -EINVAL; 262 kfree_sensitive(new_p); 263 goto out; 264 } 265 266 /* copy old key values, and reseal with new pcrs */ 267 new_p->migratable = p->migratable; 268 new_p->key_len = p->key_len; 269 memcpy(new_p->key, p->key, p->key_len); 270 dump_payload(p); 271 dump_payload(new_p); 272 273 ret = static_call(trusted_key_seal)(new_p, datablob); 274 if (ret < 0) { 275 pr_info("key_seal failed (%d)\n", ret); 276 kfree_sensitive(new_p); 277 goto out; 278 } 279 280 rcu_assign_keypointer(key, new_p); 281 call_rcu(&p->rcu, trusted_rcu_free); 282 out: 283 kfree_sensitive(orig_datablob); 284 return ret; 285 } 286 287 /* 288 * trusted_read - copy the sealed blob data to userspace in hex. 289 * On success, return to userspace the trusted key datablob size. 290 */ 291 static long trusted_read(const struct key *key, char *buffer, 292 size_t buflen) 293 { 294 const struct trusted_key_payload *p; 295 char *bufp; 296 int i; 297 298 p = dereference_key_locked(key); 299 if (!p) 300 return -EINVAL; 301 302 if (buffer && buflen >= 2 * p->blob_len) { 303 bufp = buffer; 304 for (i = 0; i < p->blob_len; i++) 305 bufp = hex_byte_pack(bufp, p->blob[i]); 306 } 307 return 2 * p->blob_len; 308 } 309 310 /* 311 * trusted_destroy - clear and free the key's payload 312 */ 313 static void trusted_destroy(struct key *key) 314 { 315 kfree_sensitive(key->payload.data[0]); 316 } 317 318 struct key_type key_type_trusted = { 319 .name = "trusted", 320 .instantiate = trusted_instantiate, 321 .update = trusted_update, 322 .destroy = trusted_destroy, 323 .describe = user_describe, 324 .read = trusted_read, 325 }; 326 EXPORT_SYMBOL_GPL(key_type_trusted); 327 328 static int kernel_get_random(unsigned char *key, size_t key_len) 329 { 330 return get_random_bytes_wait(key, key_len) ?: key_len; 331 } 332 333 static int __init init_trusted(void) 334 { 335 int (*get_random)(unsigned char *key, size_t key_len); 336 int i, ret = 0; 337 338 for (i = 0; i < ARRAY_SIZE(trusted_key_sources); i++) { 339 if (trusted_key_source && 340 strncmp(trusted_key_source, trusted_key_sources[i].name, 341 strlen(trusted_key_sources[i].name))) 342 continue; 343 344 /* 345 * We always support trusted.rng="kernel" and "default" as 346 * well as trusted.rng=$trusted.source if the trust source 347 * defines its own get_random callback. 348 */ 349 get_random = trusted_key_sources[i].ops->get_random; 350 if (trusted_rng && strcmp(trusted_rng, "default")) { 351 if (!strcmp(trusted_rng, "kernel")) { 352 get_random = kernel_get_random; 353 } else if (strcmp(trusted_rng, trusted_key_sources[i].name) || 354 !get_random) { 355 pr_warn("Unsupported RNG. Supported: kernel"); 356 if (get_random) 357 pr_cont(", %s", trusted_key_sources[i].name); 358 pr_cont(", default\n"); 359 return -EINVAL; 360 } 361 } 362 363 if (!get_random) 364 get_random = kernel_get_random; 365 366 ret = trusted_key_sources[i].ops->init(); 367 if (!ret) { 368 static_call_update(trusted_key_seal, trusted_key_sources[i].ops->seal); 369 static_call_update(trusted_key_unseal, trusted_key_sources[i].ops->unseal); 370 static_call_update(trusted_key_get_random, get_random); 371 372 trusted_key_exit = trusted_key_sources[i].ops->exit; 373 migratable = trusted_key_sources[i].ops->migratable; 374 } 375 376 if (!ret || ret != -ENODEV) 377 break; 378 } 379 380 /* 381 * encrypted_keys.ko depends on successful load of this module even if 382 * trusted key implementation is not found. 383 */ 384 if (ret == -ENODEV) 385 return 0; 386 387 return ret; 388 } 389 390 static void __exit cleanup_trusted(void) 391 { 392 if (trusted_key_exit) 393 (*trusted_key_exit)(); 394 } 395 396 late_initcall(init_trusted); 397 module_exit(cleanup_trusted); 398 399 MODULE_DESCRIPTION("Trusted Key type"); 400 MODULE_LICENSE("GPL"); 401